The following kernel has been built while waiting for upstream to release a new kernel that addresses CVE-2013-2224:
Please see this upstream bug for details:
Note: This kernel has been minimally tested and is provided as is for people who do not want to wait for the official kernel. It is the standard CentOS kernel with one added patch (
This kernel needs to be tested for fitness by each user before being placed in production. It is a best effort to mitigate an issue that can cause local user escalation to root while waiting for upstream to fix and QA the official kernel. Use at your own risk.
Thanks, Johnny Hughes