As many of you have likely seen a serious Linux kernel vulnerability, aka Dirty COW, (CVE-2016-5195) was disclosed earlier this morning. This vulnerability impacts nearly every major Linux based OS, including RHEL and therefore our operating system CloudLinux. The vulnerability allows for an attacker to trigger a race condition in the memory management code which can then lead to a local privilege escalation.
Your websites, hosting accounts, and VPS plans are fully protected from this vulnerability. While most major vendors and systems are still being patched against Dirty COW we’ve already protected ourselves against this vulnerability thanks for our friends are KernelCare. Within hours of this vulnerability being disclosed we’ve applied a hotfix to protect our systems and your websites against this exploit. This patch was applied without requiring a system reboot, a unique feature that allows us to patch serious kernel level vulnerabilities without requiring downtime.
If you’re looking for additional resources regarding this vulnerability consider the following:
Details about the Dirty COW vulnerability
Official CVE designation and National Vulnerability Database entry