CentOS7 users need to update: Linux Kernel patch released

Based on the freely released source of Red Hat Enterprise Linux 7, the CentOS 7 branch inherits the feature of always getting the latest kernel security updates. Today, the system team released a very important patch to promptly fix four recently discovered vulnerabilities, and recommended users to install the patch as soon as possible and upgrade to kernel-3.10.0-514.10.2.el7.

According to the RHSA-2017:0386-1 security advisory, one of the vulnerabilities fixed by this kernel patch is Linux Kernel KVM (Kernel-based Virtual Machine) deployment (CVE-2016-8630), where undefined instructions are executed and simulated Sometimes it will cause 32-bit (x86) applications to crash, allowing attackers to compromise the host kernel.

The second security vulnerability (CVE-2016-8655) i is the network subsystem of the Linux Kernel, which allows local attackers to use CAP_NET_RAW to open raw packet sockets and gain root privileges. The third security vulnerability (CVE-2016-9083) is the VFIO deployment of the Linux Kernel, which allows attackers to cause memory overflow errors. The last one (CVE-2016-9084) can be combined with the third one to attack the victim system.

The above is the detailed content of CentOS7 users need to update: Linux Kernel patch released. For more information, please follow other related articles on the PHP Chinese website!