KernelCare ptrace security update
KernelCare has released an udpdate to address for local privilege escalation (CVE-2014-4699). CentOS 6, RHEL 6, CL 6 & OpenVZ can now be patched against CVE-2014-4699. The patched kernels are yet to be available from the vendors. Yet, due to the nature of the issue, they wanted to release the patch as soon as possible
Systems with AUTO_UPDATE=True (DEFAULT) in /etc/sysconfig/kcare/kcare.conf will automatically update, and no action is needed for them.
You can manually update the server by running:
# /usr/bin/kcarectl –update
CVE-2014-4699 ptrace privilege escalation, Enforce RIP <= TASK_SIZE_MAX
Denial of service attacks as well as local privilege escalation are possible in some cases on x86_64 systems due to missing validation of the RIP value