Addresses two security vulnerabilities and two bugs

Sep 18, 2019 18:50 GMT  ·  By

The Red Hat Enterprise Linux 6 and CentOS Linux 6 operating system series have receive an important Linux kernel security update that addresses two critical vulnerabilities and other issues.

Marked by the Red Hat Product Security team as having a security impact of "Important," the new Linux kernel security update is here to patch a memory corruption (CVE-2018-9568) that occurred due to incorrect socket cloning and a NULL pointer dereference (CVE-2019-11810) discovered in drivers/scsi/megaraid/megaraid_sas_base.c, which could lead to a denial of service.

Also fixed in this update are two bugs affecting the performance of the Linux kernel on Red Hat Enterprise Linux 6 and CentOS Linux 6 systems, namely a fragmented packets timing out issue and the backport TCP follow-up for small buffers. These two bugs can be corrected if you install the new kernel versions for your  operating system.

Users are urged to update their systems immediately

If you're using the Red Hat Enterprise Linux 6 or CentOS Linux 6 operating system series, you are urged to update the Linux kernel packages to kernel-2.6.32-754.22.1.el6.i686.rpm on 32-bit machines or kernel-2.6.32-754.22.1.el6.x86_64.rpm on 64-bit machines. Please keep in mind to reboot your systems after installing the new Linux kernel versions for all the changes to take affect.

The Linux kernel security update affects Red Hat Enterprise Linux Server 6 (x86_64 and i386), Red Hat Enterprise Linux Workstation 6 (x86_64 and i386), Red Hat Enterprise Linux Desktop 6 (x86_64 and i386), Red Hat Enterprise Linux for IBM z Systems 6 (s390x), Red Hat Enterprise Linux for Power, big endian 6 (ppc64), Red Hat Enterprise Linux for Scientific Computing 6 (x86_64), and CentOS Linux 6 (x86_64 and i386).