The latest critical vulnerability CVE-2021-3347 was found in Linux Kernel up to 5.10.11, has been addressed by us here at CloudLinux.
And we are ready to announce that CloudLinux 6 and CentOS 6 kernels are now available for update from our repository with the fix for the CVE-2021-3347 vulnerability.
The issue that was found allowing local users to execute code in the kernel, that can lead to a memory corruption vulnerability. The vulnerability was named CVE-2021-3347 and has the CWE definition as CWE-416. Possible impact - affect confidentiality, integrity, and availability. The exploitation is easy and can be initiated remotely through a single authentication. More info can be found at openwall.com.
Our team is working on fixes for other versions of CloudLinux OS, please stay tuned.