CentOS being derived from the freely distributed sources of Red Hat Enterprise Linux, it always receives the latest security fixes from upstream. The updated kernel packages for CentOS 7 are here to patch a total of four vulnerabilities discovered lately and patched by Red Hat. These are a race condition flaw (CVE-2017-2636, reported by Alexander Popov) in Linux kernel’s N_HLDC driver, which could allow an unprivileged local user to gain root access by setting the HDLC line discipline on a TTY device, as well as a flaw (CVE-2017-2618) in the way Linux kernel handles the clearing of SELinux attributes on /proc/pid/attr files, which could lead to a system crash.
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis