CVE-2021-33909 Archives - TuxCare

CentOS 6 ELS: CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 gradual rollout completed

A new updated CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production repository.

Continue reading “CentOS 6 ELS: CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 gradual rollout completed”

CentOS 6 ELS: CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 gradual rollout

A new updated CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 within CentOS 6 ELS has been scheduled for gradual rollout from our production repository.

Continue reading “CentOS 6 ELS: CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 gradual rollout”

Patches for CVE-2021-33909 are being delivered [UPDATE #3 27/07]

CVE-2021-33909 was disclosed on the 20th of July. It describes a vulnerability in the Linux filesystem layer that can lead to local privilege elevation when successfully exploited. The vulnerable code was apparently introduced in a commit dating from July 2014 (Linux 3.16). Every distribution running this or any subsequent version is vulnerable to this problem, with Proof-of-Concept code for several common distributions already created.

TuxCare’s KernelCare is finalising patches for all supported and affected distributions, and subscribers will start to receive these very soon.

[UPDATE] Patches are now being delivered for the following Linux distributions:

  • CloudLinux 6h and 7
  • OEL 6, 7 and 8
  • RHEL 6, 7 and 8
  • CentOS 6, 6-plus, 7 and 8
  • AlmaLinux 8
  • Ubuntu Bionic, Focal and Xenial
  • SL 6
  • openVZ

[UPDATE #2] The following distributions also have patches being delivered now:

  • CloudLinux 8
  • Debian 8, 9
  • OEL6-uek4, OEL7-uek4, OEL7-uek5, OEL7-uek6, OEL8-uek6

[UPDATE #3] The following distributions are now also being delivered:

  • Debian 10, Debian 10-cloud

Continue reading “Patches for CVE-2021-33909 are being delivered [UPDATE #3 27/07]”

Resources

State of Enterprise Linux Cybersecurity ... Read More State of Enterprise Linux Cybersecurity ...
Dangerous remotely exploitable vulnerability ... Read More Dangerous remotely exploitable vulnerability ...
Securing confidential research data ... Read More Securing confidential research data ...
State of Enterprise Vulnerability Detection ... Read More State of Enterprise Vulnerability Detection ...
Demand for Rapid Risk Elimination for ... Read More Demand for Rapid Risk Elimination for ...
TuxCare Free Raspberry Pi Patching Read More TuxCare Free Raspberry Pi Patching