CentOS 6 ELS: kernel gradual rollout completed
A new CentOS 6 kernel within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production repository.
CHANGELOG
kernel-2.6.32-754.35.8.el6
- ELSCVE-666: CVE-2021-34693: can: bcm: fix infoleak in struct bcm_msg_head
- ELSCVE-705: CVE-2021-38160: virtio_console: Assure used length from device is limited
- ELSCVE-769: CVE-2014-4508: x86_32, entry: Do syscall exit work on badsys (CVE-2014-4508)
- ELSCVE-844: CVE-2021-3573: Bluetooth: use correct lock to prevent UAF of hdev object
- ELSCVE-503: CVE-2021-32399: bluetooth: eliminate the potential race condition when removing the HCI controller
- ELSCVE-451: CVE-2021-37159: hso: fix a use after free condition
- ELSCVE-387: CVE-2021-38205: net: xilinx_emaclite: Do not print real IOMEM pointer
- ELSCVE-547: CVE-2021-3178: nfsd4: readdirplus shouldn’t return parent of export
- ELSCVE-547: nfsd: fix compose_entry_fh() failure exits
- ELSCVE-547: nfsd: make local functions static
- ELSCVE-682: CVE-2021-20265: af_unix: fix struct pid memory leak
- ELSCVE-531: CVE-2021-20292: drm/ttm/nouveau: don’t call tt destroy callback on alloc failure.
- ELSCVE-543: CVE-2021-28972: PCI: rpadlpar: Fix potential drc_name corruption in store functions
- ELSCVE-575: CVE-2021-3612: Input: joydev – prevent use of not validated data in JSIOCSBTNMAP ioctl
- ELSCVE-575: Input: joydev – prevent potential read overflow in ioctl
- ELSCVE-575: Input: joydev – fix possible ERR_PTR() dereferencing
- ELSCVE-575: Input: joydev – use memdup_user() to duplicate memory from user-space
UPDATE COMMAND
yum update kernel-*