---

CloudLinux 7 Kernel Update Patches 5-Year-Old Privilege-Escalation Vulnerability

CloudLinux’s Mykola Naugolnyi informs those who use the enterprise-ready, Red Hat Enterprise Linux-based CloudLinux 7 operating system on their infrastructures that an updated kernel version, tagged as build 3.10.0-427.18.2.lve1.4.27 is out and fully patched against the five-year-old privilege-escalation vulnerability found recently. Security researcher Philip Pettersson is the one that discovered the flaw, which is a race condition in Linux kernel’s raw packet sockets implementation in the networking subsystem, which could have allowed an unprivileged local attacker capable of opening a raw packet socket to elevate their privileges on the vulnerable system.