This fix should be out now for ClearOS 7 Community and Business. We are having some difficulty with 6 but it should be coming soon.

Please apply this update and then reboot your system. If you are running an older kernel the system will not automatically boot so it is important that you reboot after the kernel is applied. The correct kernel should be:

kernel-3.10.0-514.21.2.v7.x86_64

If you run a 'uname -a' in ClearOS 7 and you do not see 3.10.0-514.21.2.v7.x86_64 or later then the fix is NOT yet applied to your system for the 'Stack Clash' vulnerability.

Thanks for your help guys.

The fix has been posted to the updates for Community and should be on their way. However, we still need this specifically tested and because a reboot is required for it to go into effect, we suggest (nay, implore) you to run a reboot after it is installed for two reasons:

1) So that you can give us feedback related to your environment and experience and let us know if there are problems
2) Most importantly, so you are protected from this flaw by the update.

Installed and rebooted the system.
No issues found.

Been running the new kernel for about 12h now and there are no obvious issues and the boot logs are fine.

BTW reading the bug report, I'm a bit sceptical about the "fix". It does not read as a true fix; it just seems to lessen the probability of the issue happening.

Dave - the command you posted produces an inconsistent system - it does not install kernel components such as kernel-abi-whitelists kernel-headers kernel-tools kernel-doc etc for those that have them installed, whereas the following does... (note the asterisk)

yum --enablerepo=clearos-updates-testing update kernel*

Installed the new kernel and associated kernel components on ClearoS 7.2 and on both 32 / 64 bit ClearOS 6.9 systems. All three came up OK and are running..

Will report any problems - none so far...

Let me know your results.