CVE-2021-33909 Archives

UBUNTU 16.04 ELS with the fix for the CVE-2021-33909 released

Posted on August 12, 2021March 24, 2022 by TuxCare Team

An updated Ubuntu 16.04 ELS with the fix for the CVE-2021-33909 is now available for download from our production repository.

Continue reading “UBUNTU 16.04 ELS with the fix for the CVE-2021-33909 released”

CentOS 6 ELS: CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 gradual rollout completed

Posted on July 30, 2021March 24, 2022 by TuxCare Team

A new updated CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production repository.

Continue reading “CentOS 6 ELS: CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 gradual rollout completed”

CentOS 6 ELS: CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 gradual rollout

Posted on July 23, 2021March 24, 2022 by TuxCare Team

A new updated CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 within CentOS 6 ELS has been scheduled for gradual rollout from our production repository.

Continue reading “CentOS 6 ELS: CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 gradual rollout”

Patches for CVE-2021-33909 are being delivered [UPDATE #3 27/07]

Posted on July 21, 2021March 8, 2022 by TuxCare Team

CVE-2021-33909 was disclosed on the 20th of July. It describes a vulnerability in the Linux filesystem layer that can lead to local privilege elevation when successfully exploited. The vulnerable code was apparently introduced in a commit dating from July 2014 (Linux 3.16). Every distribution running this or any subsequent version is vulnerable to this problem, with Proof-of-Concept code for several common distributions already created.

TuxCare’s KernelCare is finalising patches for all supported and affected distributions, and subscribers will start to receive these very soon.

[UPDATE] Patches are now being delivered for the following Linux distributions:

CloudLinux 6h and 7
OEL 6, 7 and 8
RHEL 6, 7 and 8
CentOS 6, 6-plus, 7 and 8
AlmaLinux 8
Ubuntu Bionic, Focal and Xenial
SL 6
openVZ

[UPDATE #2] The following distributions also have patches being delivered now:

CloudLinux 8
Debian 8, 9
OEL6-uek4, OEL7-uek4, OEL7-uek5, OEL7-uek6, OEL8-uek6

[UPDATE #3] The following distributions are now also being delivered:

Debian 10, Debian 10-cloud

Continue reading “Patches for CVE-2021-33909 are being delivered [UPDATE #3 27/07]”