Kernel security update: CVE-2016-8399 and other; Virtuozzo ReadyKernel patch 35.2 for Virtuozzo 7.0.0, 7.0.1, and 7.0.3¶
Issue date: 2017-10-23
Applies to: Virtuozzo 7.0
Virtuozzo Advisory ID: VZA-2017-097
1. Overview¶
The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernels 3.10.0-327.18.2.vz7.15.2 (Virtuozzo 7.0.0), 3.10.0-327.36.1.vz7.18.7 (Virtuozzo 7.0.1), 3.10.0-327.36.1.vz7.20.18 (Virtuozzo 7.0.3).
2. Security Fixes¶
[Moderate] A flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto(). (CVE-2016-8399)
[Moderate] It was found that in the Linux kernel through v4.14-rc5, bio_map_user_iov() and bio_unmap_user() in ‘block/bio.c’ do unbalanced pages refcounting if IO vector has small consecutive buffers belonging to the same page. bio_add_pc_page() merges them into one, but the page reference is never dropped, causing a memory leak and possible system lockup due to out-of-memory condition. (CVE-2017-12190)
3. Bug Fixes¶
It was discovered that the value of task->pids[type].pid was actually read twice in __task_pid_nr_ns() rather than only once, due to compiler optimizations. As a result, a race condition could happen and that value could become NULL between these reads, leading to a kernel crash (NULL pointer dereference). (PSBM-75247)
It was discovered that a specially crafted sequence of system calls could cause a kernel crash (general protection fault) in rt6_ifdown(). (PSBM-75641)
4. Installing the Update¶
Download, install, and instantly apply the patch to the current kernel by running ‘readykernel update’.
5. References¶
https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-15.2-35.2-1.vl7/
https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-18.7-35.2-1.vl7/
https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-20.18-35.2-1.vl7/
The JSON file with the list of new and updated packages is available at http://docs.virtuozzo.com/vza/VZA-2017-097.json.