Kernel security update: Virtuozzo ReadyKernel patch 23.0 for Virtuozzo 7.0.4¶
Issue date: 2017-06-22
Applies to: Virtuozzo 7.0
Virtuozzo Advisory ID: VZA-2017-053
1. Overview¶
The cumulative Virtuozzo ReadyKernel patch updated with a security fix and stability bug fixes. The patch applies to Virtuozzo kernel 3.10.0-514.16.1.vz7.30.10 (Virtuozzo 7.0.4).
2. Security Fixes¶
[Moderate] A vulnerability was found in the signal handling in the Linux kernel. A local unprivileged user could cause a kernel crash (general protection fault) in the cleanup_timers() function by using the rt_tgsigqueueinfo() system call with a specially crafted set of arguments. (PSBM-67221)
3. Bug Fixes¶
Kernel crash (NULL pointer dereference) in list_lru_destroy() in certain conditions. (PSBM-67300)
Kernel could enter an endless loop in try_charge() and deadlock on memcgroup reached memory limits. (PSBM-67076)
4. Installing the Update¶
Download, install, and instantly apply the patch to the current kernel by running ‘readykernel update’.
5. References¶
The JSON file with the list of new and updated packages is available at http://docs.virtuozzo.com/vza/VZA-2017-053.json.