CentOS Linux Kernel Update 2.6.32-504.30.3 Released

CentOS 6 Linux kernel 2.6.32-504.30.3 has recently been released.

Update type(s): security

Resolved CVEs:

CVE-2011-5321
CVE-2015-1593
CVE-2015-2830
CVE-2015-2922
CVE-2015-3636

A NULL pointer dereference flaw was found in the way the Linux kernel’s
virtual console implementation handled reference counting when accessing
pseudo-terminal device files (/dev/pts/*). A local, unprivileged attacker
could use this flaw to crash the system. (CVE-2011-5321, Moderate)

* It was found that the Linux kernel’s ping socket implementation did not
properly handle socket unhashing during spurious disconnects, which could
lead to a use-after-free flaw. On x86-64 architecture systems, a local user
able to create ping sockets could use this flaw to crash the system.
On non-x86-64 architecture systems, a local user able to create ping
sockets could use this flaw to escalate their privileges on the system.
(CVE-2015-3636, Moderate)

* An integer overflow flaw was found in the way the Linux kernel randomized
the stack for processes on certain 64-bit architecture systems, such as
x86-64, causing the stack entropy to be reduced by four. (CVE-2015-1593,
Low)

* A flaw was found in the way the Linux kernel’s 32-bit emulation
implementation handled forking or closing of a task with an ‘int80’ entry.
A local user could potentially use this flaw to escalate their privileges
on the system. (CVE-2015-2830, Low)

* It was found that the Linux kernel’s TCP/IP protocol suite implementation
for IPv6 allowed the Hop Limit value to be set to a smaller value than the
default one. An attacker on a local network could use this flaw to prevent
systems on that network from sending or receiving network packets.
(CVE-2015-2922, Low)

 

Full details can be found here.

Updating the Kernel

You can either initiate a full yum update:

yum update
Alternatively, just update the kernel packages:
yum update "kernel-*"

Cached repo data can also prevent new updates from being found. To clear your yum cache, run:

yum clean all
Scan to Donate Bitcoin
Like this? Donate Bitcoin to at:
Bitcoin 14M4a7UHEX61VoHkyjj4dxbUBNGGz3hmhM
Donate
Share This Post

About Author: Curtis K

Hi! My name is Curtis, and I am the creator of CentOS Blog. Please feel free to comment any suggestions, feedback or questions on my posts!