CentOS Linux Kernel Update 2.6.32-504.1.3 Released

CentOS 6 Linux kernel 2.6.32-504.1.3 has recently been released.

Update type(s): security, bug fix

Resolved CVEs:


* A race condition flaw was found in the way the Linux kernel’s KVM
subsystem handled PIT (Programmable Interval Timer) emulation. A guest user
who has access to the PIT I/O ports could use this flaw to crash the host.
(CVE-2014-3611, Important)

* A memory corruption flaw was found in the way the USB ConnectTech
WhiteHEAT serial driver processed completion commands sent via USB Request
Blocks buffers. An attacker with physical access to the system could use
this flaw to crash the system or, potentially, escalate their privileges on
the system. (CVE-2014-3185, Moderate)

* It was found that the Linux kernel’s KVM subsystem did not handle the VM
exits gracefully for the invept (Invalidate Translations Derived from EPT)
and invvpid (Invalidate Translations Based on VPID) instructions. On hosts
with an Intel processor and invept/invppid VM exit support, an unprivileged
guest user could use these instructions to crash the guest. (CVE-2014-3645,
CVE-2014-3646, Moderate)


Full details can be found here.

Updating the Kernel

You can either initiate a full yum update:

yum update
Alternatively, just update the kernel packages:
yum update "kernel-*"

Note: As this update has just been released, your preferred CentOS yum mirror may not have the update yet. In this case. you may need to wait a few hours for the update to become available. Cached repo data can also prevent new updates from being found. To clear your yum cache, run:

yum clean all
Scan to Donate Bitcoin
Like this? Donate Bitcoin to at:
Bitcoin 1HqhvrfNCiZYFWhkfwKUryMCt2fQVmWpjS
Share This Post

About Author: Curtis K

Hi! My name is Curtis, and I am the author of CentOS Blog. Please feel free to comment with any suggestions, feedback or questions!

  • Mahdi Fakhrabadi

    Thanks For Good News.

    can you help me how can i subscription for new posts in centosblog ?


    • centosblog

      Hi Mahdi. Sorry for the late reply – you can subscribe to RSS feed here: https://www.centosblog.com/feed or you can follow us on Twitter – @centos_blog 🙂

  • Anant Raman

    Does the yum update of the kernel require a reboot to be effective?

    • centosblog

      Hi Anant – yes, in order for the new kernel to be loaded you need to restart. I believe that reboot-free kernel upgrades are coming to RHEL/CentOS from the kpatch project in future.

      • Anant Raman

        I have 20+ node Hadoop Cluster based on CentOS 6.5. I wanted to be absolutely sure. I have tested it out with a few 1 node clusters first. It worked. Thank you!