CentOS 6 ELS: CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 gradual rollout completed

A new updated CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production repository.

Continue reading “CentOS 6 ELS: CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 gradual rollout completed”

CentOS 6 ELS: CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 gradual rollout

A new updated CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 within CentOS 6 ELS has been scheduled for gradual rollout from our production repository.

Continue reading “CentOS 6 ELS: CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 gradual rollout”

Patches for CVE-2021-33909 are being delivered [UPDATE #3 27/07]

CVE-2021-33909 was disclosed on the 20th of July. It describes a vulnerability in the Linux filesystem layer that can lead to local privilege elevation when successfully exploited. The vulnerable code was apparently introduced in a commit dating from July 2014 (Linux 3.16). Every distribution running this or any subsequent version is vulnerable to this problem, with Proof-of-Concept code for several common distributions already created.

TuxCare’s KernelCare is finalising patches for all supported and affected distributions, and subscribers will start to receive these very soon.

[UPDATE] Patches are now being delivered for the following Linux distributions:

  • CloudLinux 6h and 7
  • OEL 6, 7 and 8
  • RHEL 6, 7 and 8
  • CentOS 6, 6-plus, 7 and 8
  • AlmaLinux 8
  • Ubuntu Bionic, Focal and Xenial
  • SL 6
  • openVZ

[UPDATE #2] The following distributions also have patches being delivered now:

  • CloudLinux 8
  • Debian 8, 9
  • OEL6-uek4, OEL7-uek4, OEL7-uek5, OEL7-uek6, OEL8-uek6

[UPDATE #3] The following distributions are now also being delivered:

  • Debian 10, Debian 10-cloud

Continue reading “Patches for CVE-2021-33909 are being delivered [UPDATE #3 27/07]”