CentOS Security Update for kernel (CESA-2018:3651)

[claysql]

My security team ran a scan of my servers and it found that I need to install CVE-2018-14633 and CVE-2018-14646. I tried doing this via yum but it appears that this is not possible. How do I update/install CVEs?

[TrevorH]

By running yum update to update everything. There is no security related metadata in the CentOS yum repos to allow yum-plugin-security to operate.

[hunter86_bg]

You can check Red Hat's CVE-2018-14633
So , you just need to update to the latest patches and reboot.

[claysql]

CentOS does not have official errata: the CentOS upstream repos do not have an UPDATEINFO.XML

So I followed the steps at http://updateinfo.cefs.steve-meier.de

[sgwestrip]

It is disappointing that in a world where security/data protection etc. is ever more important we still do not have UPDATEINFO.XML in the officical CentOS repos

[hunter86_bg]

In such case, you can donate some of your time and provide a solution that will match the Red Hat's solution.

[TrevorH]

And in any case, since about 90% of updates that are released outside of point release times are ALL security related, just running yum update is good enough.