Important kernel security update: CVE-2017-1000111 and other; Virtuozzo ReadyKernel patch 29.1 for Virtuozzo 7.0.5¶
Issue date: 2017-08-18
Applies to: Virtuozzo 7.0
Virtuozzo Advisory ID: VZA-2017-073
The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernel 3.10.0-514.26.1.vz7.33.22 (Virtuozzo 7.0.5).
2. Security Fixes¶
[Important] A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket (requires the CAP_NET_RAW capability) could use this flaw to elevate their privileges on the system. (CVE-2017-1000111)
[Important] Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload (UFO) code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. (CVE-2017-1000112)
3. Bug Fixes¶
If transparent huge pages were enabled, certain processes could enter an infinite loop in __get_user_pages() and become unkillable preventing the container from stopping. (PSBM-70151)
Ploop could use inconsistent values for iblock and the corresponding delta for IO because of a race over map->levels. This could result in incorrect read and write operations for ploop devices. (PSBM-70063)
It was found that memcg_numa_isolate_pages() used unsafe operations with lists, which could lead to kernel crashes in memcg_numa_migrate_write() during NUMA balancing. (PSBM-69999)
It was found that wrong memory pages were invalidated in tcache in certain situations. That caused kernel crashes (‘bad page state’) in free_pages_prepare(). (PSBM-69852)
4. Installing the Update¶
Download, install, and instantly apply the patch to the current kernel by running ‘readykernel update’.
The JSON file with the list of new and updated packages is available at http://docs.virtuozzo.com/vza/VZA-2017-073.json.