Kernel security update: Virtuozzo ReadyKernel patch 70.0 for Virtuozzo Infrastructure Platform 2.5

Issue date: 2019-01-24

Applies to: Virtuozzo Infrastructure Platform 2.5

Virtuozzo Advisory ID: VZA-2019-002

1. Overview

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to the Virtuozzo Infrastructure Platform kernel 3.10.0-862.20.2.vz7.73.24 (2.5).

2. Security Fixes

  • [Moderate] A flaw was found in the implementation of ebtables in the Linux kernel. A local attacker in a container could exploit it to consume large amounts of memory, eventually causing denial of service on the host. (PSBM-90803)

3. Bug Fixes

  • Kernel crash (access out of bounds) in SyS_mincore(). (PSBM-90329)

4. Installing the Update

Download, install, and immediately apply the patch to the current kernel by running ‘readykernel update’.

5. References

The JSON file with the list of new and updated packages is available at https://docs.virtuozzo.com/vza/VZA-2019-002.json.