If you launch an instance from the official CentOS or RHEL 7.x AMI on AWS, you will be running kernel 3.1 as of this writing. That’s not a good idea. You can easily take advantage of improved security features of newer kernels that are already available in a stable release. The renowned Linux kernel maintainer Greg Kroah-Hartman released the Linux Kernel 4.14.15, which includes important fixes for Spectre & Meltdown. Here is how to update your Linux kernel from 3.1 to 4.16.11 in place.
Step 1. Import the repo key
First, import the GPG key for the repository:
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
Step 2. Install the repository
Install the repository that holds your new kernel:
yum install http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
Before you enable the new repo, you can peek inside its configuration file to see what it will be doing:
nano /etc/yum.repos.d/elrepo.repo
Step 3. Enable the repository
Enable the repository with this command:
yum --enablerepo=elrepo-kernel install kernel-ml
Step 4. Install the RPM of your new kernel
To install your new kernel for CentOS/RHEL 7.03, run this command:
yum install http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
Step 5. List all available kernels
List all kernels that are available to the grub bootloader on your system:
awk -F\' '$1=="menuentry " {print $2}' /etc/grub2.cfg
Step 6. Select the new kernel
From the list of available kernels, select the new kernel:
grub2-set-default 0
The number 0 denotes the first kernel in the list.
Step 7. Save the new configuration and reboot
Save your new configuration:
grub2-mkconfig -o /boot/grub2/grub.cfg
Reboot.