CentOS 6 Linux kernel 2.6.32-504.8.1 has recently been released.
Update type(s): security, bug fix
* A flaw was found in the way the Linux kernel’s SCTP implementation
validated INIT chunks when performing Address Configuration Change
(ASCONF). A remote attacker could use this flaw to crash the system by
sending a specially crafted SCTP packet to trigger a NULL pointer
dereference on the system. (CVE-2014-7841, Important)
* An integer overflow flaw was found in the way the Linux kernel’s Advanced
Linux Sound Architecture (ALSA) implementation handled user controls.
A local, privileged user could use this flaw to crash the system.
Full details can be found here.
Updating the Kernel
You can either initiate a full yum update:
yum update "kernel-*"
Cached repo data can also prevent new updates from being found. To clear your yum cache, run:
yum clean all