CentOS 6 and RHEL 6 Get Important Kernel Security Update for FragmentSmack Flaw

In Summary :

CentOS maintainer Johnny Hughes and Red Hat announced the availability of an important Linux kernel security update for the CentOS Linux 6 and Red Hat Enterprise Linux 6 operating system series that addresses two vulnerabilities.

According to the RHSA-2018:2846 and CESA-2018:2846 security advisories, the new kernel security update is marked as "Important" by Red Hat's security team as it patches two security vulnerabilities (CVE-2018-5391 and CVE-2018-14634) discovered in the Linux kernel packages for the Red Hat Enterprise Linux 6 and CentOS Linux 6 operating system series.

The first security flaw addressed in this important kernel update is CVE-2018-5391, a security vulnerability known as FragmentSmack and discovered in the way Linux kernel handled reassembly of fragmented IPv6 and IPv4 packets, which could allow a remote attacker to cause a denial of service on the vulnerable systems by sending specially crafted packets, leading to a CPU saturation.

The second security flaw patched by this latest kernel update for CentOS Linux 6 and Red Hat Enterprise Linux 6 operating system series is an integer overflow (CVE-2018-14634) discovered in Linux kernel's create_elf_tables function. Besides these two vulnerabilities, the new kernel patch also includes numerous bug fixes, including a bug crashing Dell PowerEdge 1950 systems. [...]

kindly refer the following link as follow up :
https://news.softpedia.com/news/centos-6-and-rhel-6-get-important-kernel-security-update-for-fragmentsmack-flaw-523163.shtml