Prev Next

Kernel security update: CVE-2017-7472; new kernel 2.6.32-042stab123.2, Virtuozzo 6.0 Update 12 Hotfix 8 (6.0.12-3765)¶

Issue date: 2017-04-27

Applies to: Virtuozzo 6.0

Virtuozzo Advisory ID: VZA-2017-031

1. Overview¶

This update provides a new kernel 2.6.32-042stab123.2 for Virtuozzo 6.0. The new kernel is based on the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.el6 and provides a security fix and stability bug fixes.

2. Security Fixes¶

[Moderate] It was found that keyctl_set_reqkey_keyring() function leaked thread keyring which could allow an unprivileged local user to exhaust kernel memory. (CVE-2017-7472)

3. Bug Fixes¶

net/packet: fix overflow in check for tp_frame_nr.
net/packet: fix overflow in check for tp_reserve.

4. Installing the Update¶

Install the update by running ‘yum update’.

5. References¶

https://www.redhat.com/security/data/cve/CVE-2017-7472.html

The JSON file with the list of new and updated packages is available at http://docs.virtuozzo.com/vza/VZA-2017-031.json.

Nov 18, 2024

Edit Print

Prev Next