Important kernel security update: Virtuozzo ReadyKernel patch 18.0 for kernels 3.10.0-327.18.2.vz7.15.2 (Virtuozzo 7.0.0), 3.10.0-327.36.1.vz7.18.7 (Virtuozzo 7.0.1), and 3.10.0-327.36.1.vz7.20.18 (Virtuozzo 7.0.3)¶
Issue date: 2017-04-12
Applies to: Virtuozzo 7.0
Virtuozzo Advisory ID: VZA-2017-028
1. Overview¶
The cumulative Virtuozzo ReadyKernel patch updated with security fixes as well as stability bug fixes. The patch applies to Virtuozzo versions 7.0.0, 7.0.1, and 7.0.3.
2. Security Fixes¶
[Important] Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline. (CVE-2017-2636)
[Low] Kernel crash in cgroup_show_path() while running rkt in a container. (PSBM-52369)
3. Bug Fixes¶
Kernel crash due to a race between attach and invalidate page when running Virtuozzo 7 as a VM guest. (PSBM-63197)
Kernel crash in synchronize_mapping_faults_vma() when pfcache is active. (PSBM-44587)
4. Installing the Update¶
Download, install, and instantly apply the patch to the current kernel by running ‘readykernel update’.
5. References¶
https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-15.2-18.0-1.vl7/
https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-18.7-18.0-1.vl7/
https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-20.18-18.0-1.vl7/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2636
The JSON file with the list of new and updated packages is available at http://docs.virtuozzo.com/vza/VZA-2017-028.json.