CentOS Linux Kernel Update 2.6.32-504.8.1 Released

CentOS 6 Linux kernel 2.6.32-504.8.1 has recently been released.

Update type(s): security, bug fix

Resolved CVEs:


* A flaw was found in the way the Linux kernel’s SCTP implementation
validated INIT chunks when performing Address Configuration Change
(ASCONF). A remote attacker could use this flaw to crash the system by
sending a specially crafted SCTP packet to trigger a NULL pointer
dereference on the system. (CVE-2014-7841, Important)

* An integer overflow flaw was found in the way the Linux kernel’s Advanced
Linux Sound Architecture (ALSA) implementation handled user controls.
A local, privileged user could use this flaw to crash the system.
(CVE-2014-4656, Moderate)

Full details can be found here.


Updating the Kernel

You can either initiate a full yum update:

yum update
Alternatively, just update the kernel packages:
yum update "kernel-*"

Cached repo data can also prevent new updates from being found. To clear your yum cache, run:

yum clean all
Share This Post

About Author: Curtis K

Hi! My name is Curtis, and I am the author of CentOS Blog. Please feel free to comment with any suggestions, feedback or questions!