Red Hat Enterprise Linux 6 and CentOS 6 Receive Important Kernel Security Update

Marked by the Red Hat Product Security as having a security impact of “Important,” the new Linux kernel security patch addresses a buffer overflow flaw (CVE-2019-14835) discovered in Linux kernel’s vhost (virtual host) functionality, which apparently could allow a privileged guest user to escalate his/her privileges on the host system by passing descriptors with invalid length during migration. The security flaw is known to affect all supported Red Hat Enterprise Linux 6 variants, including Red Hat Enterprise Linux Server 6 (x86_64 and i386), Red Hat Enterprise Linux Workstation 6 (x86_64 and i386), Red Hat Enterprise Linux Desktop 6 (x86_64 and i386), Red Hat Enterprise Linux for IBM z Systems 6, Red Hat Enterprise Linux for Power, big endian 6, and Red Hat Enterprise Linux for Scientific Computing 6, as well as CentOS Linux 6 systems.