Kernel security update: CVE-2017-7472 and other; Virtuozzo ReadyKernel patch 19.1 for Virtuozzo 7.0.x¶
Issue date: 2017-04-20
Applies to: Virtuozzo 7.0
Virtuozzo Advisory ID: VZA-2017-029
The cumulative Virtuozzo ReadyKernel patch updated with security fixes. The patch applies to Virtuozzo kernels 3.10.0-327.18.2.vz7.15.2 (Virtuozzo 7.0.0), 3.10.0-327.36.1.vz7.18.7 (Virtuozzo 7.0.1), and 3.10.0-327.36.1.vz7.20.18 (Virtuozzo 7.0.3).
2. Security Fixes¶
[Moderate] It was found that keyctl_set_reqkey_keyring() function leaked thread keyring which could allow an unprivileged local user to exhaust kernel memory. (CVE-2017-7472)
[Moderate] net/sctp/socket.c in the Linux kernel through 4.10.1 did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. (CVE-2017-6353)
[Moderate] Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 could allow local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peeled off an association in a certain buffer-full state. (CVE-2017-5986)
[Moderate] Andrey Konovalov discovered that signed integer overflows existed in the setsockopt() system call when handling the SO_SNDBUFFORCE and SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability could use this to cause a denial of service (system crash or memory corruption). (CVE-2016-9793)
[Moderate] A vulnerability was discovered in the handling of pid namespaces in the kernel. A privileged user inside a container could trigger a kernel crash (NULL pointer dereference in proc_flush_task()) using a sequence of system calls including wait4(). (PSBM-56705)
3. Installing the Update¶
Download, install, and instantly apply the patch to the current kernel by running ‘readykernel update’.
The JSON file with the list of new and updated packages is available at http://docs.virtuozzo.com/vza/VZA-2017-029.json.