• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Issue Can kernel be updated in Centos without breaking Plesk.

P

Paul Larson

Basic Pleskian
A Centos/Plesk server of ours failed a PCI compliance test. The vulnerability cites a Linux 4.4 kernel, yet I'm running 3.1.

Server Details:
  • CentOS Linux release 7.8.2003 (Core)
  • 18.0.29.3 Plesk Obsidian 18.0
  • CentOS Linux release 7.8.2003 (Core)

Derived from Red Hat Enterprise Linux 7.8 (Source)


NAME="CentOS Linux"

Question: Could I update the kernel to a 4.4+ version w/o breaking Plesk?

I see no way to remediate the CVE without updating the kernel.

I found this HowTo for updating the Kernel within CentOs, but not sure if this could harm Plesk.

phoenixnap.com

How to Upgrade the Linux Kernel on CentOS 7 | PhoenixNAP KB

Learn the best way to upgrade the Linux Kernel in CentOS. An updated kernel improves your system's security, functionality, and speeds up your system.
phoenixnap.com

PCI Failure details
CVE Title:
CPE Based Vulnerabilities for Linux 4.4
Impact:
One or more vulnerabilities have been found that affect this service. Please see the relevant CVEs for more details.

Resolution:
Apply the latest vendor patches to your operating system: Linux 4.4

Summary

7.1

CVE Score
CVE-2018-10938 7.1
CVE-2016-2143 6.9
CVE-2016-2854 4.6
CVE-2017-7273 4.6
CVE-2016-2853 4.4
Click to expand...
 

Attachments

  • Screen Shot 2020-09-10 at 9.19.29 AM.png
    Screen Shot 2020-09-10 at 9.19.29 AM.png
    124.4 KB · Views: 4
If you are updating the kernel from the official OS vendor repository, then it is safe for Plesk.
 
You must log in or register to reply here.

Similar threads

P
Question PCI Compliance, remediate Linux 4.4 CVE-2018, etc
Replies
2
Views
784
Paul Larson
P
Back
Top