03 March 2017 Reading time: 1 minute

Linux kernel vulnerability discovered


Linux kernel vulnerability have been discovered recently (CVE-2017-6074).

It can be exploited to gain kernel code execution from an unprivileged processes. For example an attacker can overwrite the content of an object in kernel by using some of the kernel heap spraying techniques.

Thanks to this vulnerability an abuser can get access to the kernel of your OS and launch a malicious code causing a wide range of potential damage: from sending spam to complete server failure.

In order to protect your server it’s necessary to update an OS to the newest version that fixes the vulnerability. Updating OS kernel requires server reboot what means an additional downtime of your server. In order to avoid downtime and solve the issue on the fly we highly recommend to use KernelCare. The given application running in the background allows to install the latest patch without rebooting a server.

If you have a KernelCare installed, all the necessary patches are downloaded and applied already. However if you don’t use KernelCare by this moment - we recommend to install it according to our documentation. If you have any questions please contact our support.