CentOS Linux Kernel Update 2.6.32-504.8.1 Released

CentOS 6 Linux kernel 2.6.32-504.8.1 has recently been released.

Update type(s): security, bug fix

Resolved CVEs:

CVE-2014-4656
CVE-2014-7841

* A flaw was found in the way the Linux kernel’s SCTP implementation
validated INIT chunks when performing Address Configuration Change
(ASCONF). A remote attacker could use this flaw to crash the system by
sending a specially crafted SCTP packet to trigger a NULL pointer
dereference on the system. (CVE-2014-7841, Important)

* An integer overflow flaw was found in the way the Linux kernel’s Advanced
Linux Sound Architecture (ALSA) implementation handled user controls.
A local, privileged user could use this flaw to crash the system.
(CVE-2014-4656, Moderate)

Full details can be found here.

 

Updating the Kernel

You can either initiate a full yum update:

yum update
Alternatively, just update the kernel packages:
yum update "kernel-*"

Cached repo data can also prevent new updates from being found. To clear your yum cache, run:

yum clean all
Scan to Donate Bitcoin
Like this? Donate Bitcoin to at:
Bitcoin 14M4a7UHEX61VoHkyjj4dxbUBNGGz3hmhM
Donate
Share This Post

About Author: Curtis K

Hi! My name is Curtis, and I am the creator of CentOS Blog. Please feel free to comment any suggestions, feedback or questions on my posts!