CloudLinux 7 and CloudLinux 6 Users Get New Kernel That Patches CVE-2017-7895

The updated kernel is available for download right now from the production repository of the CloudLinux 7, CloudLinux 6 Hybrid, and CloudLinux 6 operating systems, versioned 3.10.0-427.36.1.lve1.4.47. It replaces kernel 3.10.0-427.36.1.lve1.4.44 on CloudLinux 7 and Hybrid, as well as kernel 2.6.32-673.26.1.lve1.4.25 on CloudLinux 6. These new CloudLinux kernels appear to include a fix for a recently discovered security issue in the upstream kernel packages of the Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 6 operating system where an NFSv3 server couldn’t properly handle payload bounds checking of WRITE requests. The issue is marked by Red Hat as “Important” and was reported by Ari Kauppi.