Important kernel security update: CVE-2017-1000111 and other; Virtuozzo ReadyKernel patch 29.1 for Virtuozzo 7.0.5

Issue date: 2017-08-18

Applies to: Virtuozzo 7.0

Virtuozzo Advisory ID: VZA-2017-073

1. Overview

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernel 3.10.0-514.26.1.vz7.33.22 (Virtuozzo 7.0.5).

2. Security Fixes

  • [Important] A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket (requires the CAP_NET_RAW capability) could use this flaw to elevate their privileges on the system. (CVE-2017-1000111)

  • [Important] Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload (UFO) code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. (CVE-2017-1000112)

3. Bug Fixes

  • If transparent huge pages were enabled, certain processes could enter an infinite loop in __get_user_pages() and become unkillable preventing the container from stopping. (PSBM-70151)

  • Ploop could use inconsistent values for iblock and the corresponding delta for IO because of a race over map->levels[]. This could result in incorrect read and write operations for ploop devices. (PSBM-70063)

  • It was found that memcg_numa_isolate_pages() used unsafe operations with lists, which could lead to kernel crashes in memcg_numa_migrate_write() during NUMA balancing. (PSBM-69999)

  • It was found that wrong memory pages were invalidated in tcache in certain situations. That caused kernel crashes (‘bad page state’) in free_pages_prepare(). (PSBM-69852)

4. Installing the Update

Download, install, and instantly apply the patch to the current kernel by running ‘readykernel update’.