CentOS Linux Kernel Update 2.6.32-504.30.3 Released

CentOS 6 Linux kernel 2.6.32-504.30.3 has recently been released. Update type(s): security Resolved CVEs: CVE-2011-5321 CVE-2015-1593 CVE-2015-2830 CVE-2015-2922 CVE-2015-3636 A NULL pointer dereference flaw was found in the way the Linux kernel's virtual console implementation handled reference counting when accessing pseudo-terminal device files (/dev/pts/*). A local, unprivileged attacker could use this flaw to crash the system. (CVE-2011-5321, Moderate) * It was found that ... Read More...

CentOS Linux Kernel Update 2.6.32-504.23.4 Released

CentOS 6 Linux kernel 2.6.32-504.16.2 was released on 09 June. Update type(s): security, bugfix and enhancement Resolved CVEs: CVE-2014-9419 CVE-2014-9420 CVE-2014-9585 CVE-2015-1805 CVE-2015-3331 * It was found that the Linux kernel's implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access operation, potentially resulting in ... Read More...

CentOS Linux Kernel Update 2.6.32-504.16.2 Released

CentOS 6 Linux kernel 2.6.32-504.16.2 was released on 22 April. Update type(s): security Resolved CVEs: CVE-2014-3215 CVE-2014-3690 CVE-2014-7825 CVE-2014-7826 CVE-2014-8171 CVE-2014-8884 CVE-2014-9529 CVE-2014-9584 CVE-2015-1421 * A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root binaries that relied on the fact that the setuid() ... Read More...

CentOS Linux Kernel Update 2.6.32-504.8.1 Released

CentOS 6 Linux kernel 2.6.32-504.8.1 has recently been released. Update type(s): security, bug fix Resolved CVEs: CVE-2014-4656 CVE-2014-7841 * A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change (ASCONF). A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger ... Read More...