14 DAY TRIAL // Following the recent stable and Beta kernel releases for the CloudLinux 7 operating system series, CloudLinux's Mykola Naugolnyi announced earlier the availability of a new stable kernel update for CloudLinux 6 users.
The new, updated kernel version 2.6.32-673.26.1.lve1.4.25 is out as of April 6, 2017, and it appears to patch a Linux kernel vulnerability discovered in the udp.c file, which affects kernel versions smaller than 4.5, including the Linux 2.6 kernel running on CloudLinux 6 and CloudLinux 5 Hybrid operating systems.
"udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag," reads the CVE-2016-10229 entry over at MITRE.
Here's how to update your CloudLinux 6 and CloudLinux 5 Hybrid installations
Those of you who use either the CloudLinux 6 or CloudLinux 5 Hybrid operating systems on your infrastructures can now update to kernel version 2.6.32-673.26.1.lve1.4.25, which is already available for download from the stable, production-ready repository of the operating system, using the below commands.
To update, run the command that corresponds to your CloudLinux installation in a terminal emulator or the virtual console. The new kernel update will replace kernel version 2.6.32-673.26.1.lve1.4.24 and previous releases. If you don't use CloudLinux KernelCare livepatching technologies, keep in mind that you must reboot your machines for the new kernel build to take effect.
For CloudLinux 6:
yum install kernel-2.6.32-673.26.1.lve1.4.25.el6 kmod-lve-1.4-25.el6
For CloudLinux 5 Hybrid:
yum install kernel-2.6.32-673.26.1.lve1.4.25.el5h kmod-lve-1.4-25.el5h