Users are urged to update their system as soon as possible

May 18, 2017 23:18 GMT  ·  By

Mykola Naugolnyi from CloudLinux announced the availability of a new, updated and improved kernel for users of the CloudLinux 7 operating system in the Beta channels.

Updated to version 3.10.0-614.10.2.lve1.4.48, the new CloudLinux 7 kernel can be downloaded from the updates-testing repository, and it looks like it adds a fix for a security issue (CVE-2017-7895) that was patched upstream for Red Hat Enterprise Linux 7 series of operating systems, among other supported releases that were also affected.

"The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly have unspecified other impact via crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c," reads the security advisory marked by Red Hat as important.

Here's how to update your CloudLinux 7 system to the new Beta kernel

Also fixed in this new Beta kernel is a NULL pointer dereferencing in the task scheduler, a panic that could occur while waiting for Lightweight Virtual Environment (LVE) to be initialized, as well as a kernel panic on netlink_lookup. It also addresses a bug to avoid running out of container IDs. More details are provided in the bug reports attached to the announcement.

If you're using the Beta kernel on your CloudLinux 7 operating system, you should update your installation at your earliest convenience. To do that, you need to fire up a terminal emulator or switch to the virtual console and run the following commands. Once everything was installed, you need to reboot your computer for the new kernel version to take effect.

yum clean all --enablerepo=cloudlinux-updates-testing
yum install kernel-3.10.0-614.10.2.lve1.4.48.el7 kmod-lve-1.4-48.el7 --enablerepo=cloudlinux-updates-testing