CentOS has received an important security update that upgrades Linux kernel. The new update is available for both 32-bit (i686) and 64-bit (x86) architecture.
The security update patches CVE-2017-6074 and CVE-2017-2634. The first vulnerability is hidden under Linux’s datagram congestion control protocol (DCCP) that enables root access to the unprivileged local user to alter the kernel memory. The second bug was also discovered in kernel’s DCCP implementation. It could cause memory corruptions by leveraging IPv4-only inet_sk_rebuild_header() function and allow a remote attacker to crash the vulnerable system.
CentOS developer and maintainer Johnny Hughes has disabled the DCCP kernel module at load time using the kernel blacklist method. The disabled module reduces further exposure to other possible issues.
CentOS 5 users are recommended to update their system at the earliest. Once installed, the machine needs to be rebooted to implement the fixes.