Just the other day I was talking about using ksplice again and then just after these 2 new CVEs hit that are pretty significant. So, another quick # uptrack-upgrade and I don't have to worry about these CVEs any more. Sure beats all those rebooting 'other' Linux OS servers.
[root@vm1-phx opc]# uname -a
Linux vm1-phx 4.1.12-112.16.4.el7uek.x86_64 #2 SMP Mon Mar 12 23:57:12 PDT 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@vm1-phx opc]# uptrack-uname -a
Linux vm1-phx 4.1.12-124.14.3.el7uek.x86_64 #2 SMP Mon Apr 30 18:03:45 PDT 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@vm1-phx opc]# uptrack-upgrade
The following steps will be taken:
Install [92m63il8] CVE-2018-8897: Denial-of-service in KVM breakpoint handling.
Install [3rt72vtm] CVE-2018-1087: KVM guest breakpoint privilege escalation.
Go ahead [y/N]? y
Installing [92m63il8] CVE-2018-8897: Denial-of-service in KVM breakpoint handling.
Installing [3rt72vtm] CVE-2018-1087: KVM guest breakpoint privilege escalation.
Your kernel is fully up to date.
Effective kernel version is 4.1.12-124.14.5.el7uek
↧