New Vulnerabilities (CVE-2016-4581) have been detected in CentOS/RHEL/CloudLinux 7
Distributions have yet to patch CVE-2016-4581 in CentOS/RHEL/CloudLinux 7 kernels and the vulnerability is already known to be used in attacks against hosting providers to crash servers.

About the vulnerability:

fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted series of mount system calls.

What can I do:

If you are a QuickHostUK Managed Hosting customer this has already been patched. If you are not a QuickHostUK Managed Hosting customer please ensure you have also taken the appropriate actions to secure your own servers.

Alternatively, we can handle this for you with our adhoc management scheme, which for this occurrence would be £10 /month per server and would cover all future security patches automatically.

Please contact us if you wish to utilise this service or if you have any questions.