Kernel security update: CVE-2017-7542 and other; Virtuozzo ReadyKernel patch 27.0 for Virtuozzo 7.0.5¶
Issue date: 2017-08-04
Applies to: Virtuozzo 7.0
Virtuozzo Advisory ID: VZA-2017-069
The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernels 3.10.0-514.26.1.vz7.33.22 (Virtuozzo 7.0.5).
2. Security Fixes¶
[Moderate] Integer overflow vulnerability in ip6_find_1stfragopt() function was found. Local attacker that has privileges to open raw sockets can cause infinite loop inside ip6_find_1stfragopt() function. (CVE-2017-7542)
[Moderate] Kernel memory corruption due to a buffer overflow was found in brcmf_cfg80211_mgmt_tx() function in Linux kernels from v3.9-rc1 to v4.13-rc1. The vulnerability can be triggered by sending a crafted NL80211_CMD_FRAME packet via netlink. An unprivileged local user could use this flaw to induce kernel memory corruption on the system, leading to a crash. (CVE-2017-7541)
3. Bug Fixes¶
Kernel crash in rpc_abort_task() in certain conditions. (PSBM-69434)
4. Installing the Update¶
Download, install, and instantly apply the patch to the current kernel by running ‘readykernel update’.
The JSON file with the list of new and updated packages is available at http://docs.virtuozzo.com/vza/VZA-2017-069.json.