centos 更新kernel

1. 漏洞地址

http://www.securityfocus.com/bid/93793
https://www.cactus.org.cn/2016/10/upgrade-centos-kernel-to-fix-dirty-cow-cve-2016-5195.html
https://access.redhat.com/security/vulnerabilities/DirtyCow

2. 查询kernel版本

[root@ssl01 ~]# uname -a
Linux ssl01 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

3. 检查漏洞

[root@web-node01 ~]# ./rh-cve-2016-5195_5.sh
Your kernel is 2.6.32-431.el6.x86_64 which IS vulnerable.
Red Hat recommends that you update your kernel. Alternatively, you can apply partial
mitigation described at https://access.redhat.com/security/vulnerabilities/2706661 .

4. 更新kernel版本

[root@web-node01 ~]# yum update kernel -y

5. 查看kernel版本

[root@web-node01 ~]# uname -a
Linux web-node01 2.6.32-696.1.1.el6.x86_64 #1 SMP Tue Apr 11 17:13:24 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

6. 检测

[root@web-node01 ~]# ./rh-cve-2016-5195_5.sh
Your kernel is 2.6.32-696.1.1.el6.x86_64 which is NOT vulnerable.