May 16th, 2014
The new memory-corruption vulnerability, allows unprivileged users to crash or execute malicious code on vulnerable systems and gain root privileges. The flaw resides in the n_tty_write function controlling the Linux pseudo tty device.
While the vulnerability can be exploited only by someone with an existing account, the requirement may not be hard to satisfy in hosting facilities that provide shared servers so an upgrade is mandatory.
This issue affects the versions of the Linux kernel packages as shipped with Red Hat Enterprise Linux / CentOS 6 prior to version kernel-2.6.32-358.6.2.el6
If you would like to have this vulerability patched or ensure your server is not affected, please purchase a 1x Hour of Support plan.