There is a kernel security issue that allows unprivileged (normal) users to gain root access on CentOS-6.4 x86_64 machines. The upstream bugzilla entry is here:
There is a *TESTING* kernel that should mitigate this issue available here:
Signing Key: http://mirror.CentOS.org/CentOS/RPM-GPG-KEY-CentOS-Testing-6
This kernel is the current CentOS-6.4 kernel with this one patch added and recompiled:
Note: This is signed by the CentOS-6 test key and it is provided as a best effort option to mitigate the above security issue while waiting for an upstream solution. It has been tested by our QA Team, but it is
*NOT* an official CentOS package and needs to be fully tested for fitness by each user before used in production.
Please see this mailing list thread:
And/or this Forum thread:
For more details.
Thanks, Johnny Hughes