Skip to main content

We are currently experiencing a higher than average ticket volume and as such our responses may be delayed. If your cPanel license is purchased through a partner or a hosting provider you may receive faster support by reaching out to your provider first.

We're currently improving our systems to provide you with a new, more unified login experience.

Kernel vulnerability CVE-2020-14386

Rex Hatt
  • Updated

Details

On 2 September 2020, vulnerability CVE-2020-14386 was made public, disclosing a memory corruption problem with the Linux kernel.  More details on this can be found at the following URL:

 

https://access.redhat.com/security/cve/cve-2020-14386

 

Currently this only effects RHEL8 systems so if you are using CentOS 7 or RHEL 7 you are not vulnerable.

 

Additionally, if you are running the KernelCare software on your system, there is already a patch available, with more details here:

 

https://blog.kernelcare.com/patch-cve-2020-14386-without-reboot-with-kernelcare

 

Testing

If you are using RHEL8 or CentOS 8 you can run the following command to confirm if your system is vulnerable:

 

# sysctl user.max_user_namespaces
user.max_user_namespaces = 15000

 

Any value reported here other than "0" would indicate the system is vulnerable.  Until an updated kernel is available, setting that value to "0" will effectively mitigate the issue.

Related articles