To get ongoing information related to the Zombieload2 vulnerabilities, follow our KernelCare blog.
Update
To secure your CloudLinux 7 and CloudLinux 6 hybrid servers, you should proceed as we did with the previous MDS vulnerability: update microcode along with the kernel update.
For CloudLinux 7, run the command:
yum upgrade -y microcode_ctl && yum install kernel-3.10.0-962.3.2.lve1.5.27.el7 |
For CloudLinux 6 Hybrid, run the command:
yum upgrade -y microcode_ctl && yum install kernel-3.10.0-962.3.2.lve1.5.27.el6h |
Changelog
- CLKRN-542: fix CVE-2019–0155, CVE-2019–0154, CVE-2019-11135, CVE-2018–12207
- CLKRN-539: CVE-2019-15098: ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()
- CLKRN-539: x86/speculation/mds: apply more accurate check on the hypervisor platform
- CLKRN-539: hpet: fix division by zero in hpet_time_div()
- CLKRN-539: sched/numa: Move task_numa_free() to __put_task_struct()
- CLKRN-539: sched/fair: Don't free p->numa_faults with concurrent readers
- CLKRN-539: tty/ldsem, locking/rwsem: Add missing ACQUIRE to read_failed sleep loop
- CLKRN-539: tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR
- CLKRN-539: sched/fair: don't assign runtime for throttled cfs_rq
- CLKRN-539: signal/pid_namespace: fix reboot_pid_ns to use send_sig not force_sig
- CLKRN-539: crypto: talitos - check AES key size
- CLKRN-539: crypto: ghas - fix unaligned memory access in ghash_setkey()
- CLKRN-539: x86/ptrace: fix possible spectre-v1 in ptrace_get_debugreg()
- KMODLVE-292: preserve task's original umask when entering LVE
