CentOS Linux Kernel Update 2.6.32-431.20.5 Released

Posted by Curtis K in Administration, CentOS 6, News, Security Jul, 26 2014 No Comments

CentOS 6 Linux kernel 2.6.32-431.20.5 has just been released.

Update type(s): security

Resolved CVEs:

CVE-2014-4699
CVE-2014-4943

* It was found that the Linux kernel’s ptrace subsystem allowed a traced
process’ instruction pointer to be set to a non-canonical memory address
without forcing the non-sysret code path when returning to user space.
A local, unprivileged user could use this flaw to crash the system or,
potentially, escalate their privileges on the system. (CVE-2014-4699,
Important)

Note: The CVE-2014-4699 issue only affected systems using an Intel CPU.

* A flaw was found in the way the pppol2tp_setsockopt() and
pppol2tp_getsockopt() functions in the Linux kernel’s PPP over L2TP
implementation handled requests with a non-SOL_PPPOL2TP socket option
level. A local, unprivileged user could use this flaw to escalate their
privileges on the system. (CVE-2014-4943, Important)

Full details can be found here.

Updating the Kernel

You can either initiate a full yum update:

yum update
Alternatively, just update the kernel packages:
yum update "kernel-*"

As this update has just been released, your preferred CentOS yum mirror may not have the update yet. In this case. you may need to wait a few hours for the update to become available. Cached repo data can also prevent new updates from being found. To clear your yum cache, run:

yum clean all
Tags With:
Share This Post

About Author: Curtis K

Hi! My name is Curtis, and I am the author of CentOS Blog. Please feel free to comment with any suggestions, feedback or questions!