I have been reading about the Linux kernel Dirty Pipeline CVE which is a privelege escalation for an untrusted user on a VPS.
The vulnerability was fixed in Linux 5.16.11, 5.15.25 and 5.10.102.
I have Debian 11 VPS. Debian 11 runs kernel 5.10. So it is affected.
Upgraded linux-image packages have hit bullseye-security (in my case, linux-image-5.10.0-11-amd64, version 5.10.92-2, with a date-stamp of 2022-02-28).
However, if I have no untrusted users on my VPS, do I really need to update the kernel?
Will updating the kernel cause problems for my Hestia CP?
Will I need to restart the VPS for the kernel update to take effect?
Thanks for your advice in this matter.