Kernel security update: Virtuozzo ReadyKernel patch 33.1 for Virtuozzo 7.0.x¶
Issue date: 2017-10-05
Applies to: Virtuozzo 7.0
Virtuozzo Advisory ID: VZA-2017-091
The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernels 3.10.0-327.18.2.vz7.15.2 (Virtuozzo 7.0.0), 3.10.0-327.36.1.vz7.18.7 (Virtuozzo 7.0.1), 3.10.0-327.36.1.vz7.20.18 (Virtuozzo 7.0.3), 3.10.0-514.16.1.vz7.30.10 (Virtuozzo 7.0.4), 3.10.0-514.16.1.vz7.30.15 (Virtuozzo 7.0.4 HF3), and 3.10.0-514.26.1.vz7.33.22 (Virtuozzo 7.0.5).
2. Security Fixes¶
[Moderate] It was discovered that the key management subsystem of the Linux kernel could perform incorrect update operations on uninstantiated keys. A local unprivileged user could exploit this flaw to cause a NULL pointer dereference in the kernel and crash it. (PSBM-73342)
3. Bug Fixes¶
autofs: unbalanced pid get/put operation in the error path in autofs4_fill_super(). (PSBM-71536)
4. Installing the Update¶
Download, install, and instantly apply the patch to the current kernel by running ‘readykernel update’.
The JSON file with the list of new and updated packages is available at http://docs.virtuozzo.com/vza/VZA-2017-091.json.