Critical Kernel flaw discovered – Update your server
Linux Kernel flaw that has existed for over 10 years in the code has been discovered by Andrey Konovalov, a security researcher at Google. The
DCCP (Datagram Congestion Control Protocol) implementation causes this flaw that can lead to kernel code execution from unprivileged processes. DCCP is a message-oriented transport layer protocol and enables the access to congestion-control mechanisms.
The good news first, the vulnerability is not executable remotely but requires a local account. The bad news is that a user can use the flaw to crash the system or escalate his privileges to get administrative access.
Andrey posted a detailed description about the bug:
Use KernelCare for automatic, rebootless updatesKernelCare by CloudLinux will update your servers automatically without having to reboot the system. It ensures that your kernel is always up to date with all security updates and helps to lower operating costs for server management. Keep your servers updated with the KernelCare Plesk extension that deploys kernel security patches, installed as soon as they are released to maintain the safest Linux environment! Stay up-to-date and Plesky!
How useful was this post?
Click on a heart to rate it!
Average rating / 5. Vote count:
Oh no, sorry about that!
Let us know how we can do better below
Thanks for your feedback!