Search Engine: Elastic

Article ID: 129683, created on Oct 24, 2016, last review on Oct 24, 2016

Symptoms

CVE-2016-5195 is a local privilege escalation vulnerability, reported recently for Linux kernels above version 2.6.22. More information could be obtained on vulnerability HUB page.

Affected versions

CloudLinux version 7 is affected, CloudLinux versions 5, 6 are affected partially (only several types of exploit are working on them).

Resolution

CloudLinux released updated kernel for their major versions. To fix the vulnerability permanently, install new kernel version using the following commands:

  • CloudLinuxOS 7 kernel version 3.10.0-427.10.1.lve1.4.22.el7 or higher:

    # yum install kernel-3.10.0-427.10.1.lve1.4.22.el7 kmod-lve-1.4-22.el7
    
  • CloudLinuxOS 6 kernel version 2.6.32-673.26.1.lve1.4.18.el6 or higher:

    # yum install kernel-2.6.32-673.26.1.lve1.4.18.el6 kmod-lve-1.4-18.el6
    
  • CloudLinuxOS 5 in Hybrid Kernel mode version 2.6.32-673.26.1.lve1.4.18.el5h or higher:

    # yum install kernel-2.6.32-673.26.1.lve1.4.18.el5h kmod-lve-1.4-18.el5h
    

Email subscription for changes to this article
Save as PDF