Important kernel security update: Virtuozzo ReadyKernel patch 40.0 for Virtuozzo 7.0.5

Issue date: 2017-12-18

Applies to: Virtuozzo 7.0

Virtuozzo Advisory ID: VZA-2017-116

1. Overview

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernel 3.10.0-514.26.1.vz7.33.22 (Virtuozzo 7.0.5).

2. Security Fixes

  • [Important] Potential use-after-free in the processing of namespaces. (PSBM-78904)

3. Bug Fixes

  • The kernel could consider a container stopped before the resources of that container, for example, VEIP addresses, have been released. As a result, the system could fail to restart the container. (PSBM-78078)

  • A warning about FR_PENDING bit was printed by request_end() because fuse_request_send_background() did not clear that bit. (PSBM-78342)

4. Installing the Update

Download, install, and instantly apply the patch to the current kernel by running ‘readykernel update’.

5. References

The JSON file with the list of new and updated packages is available at http://docs.virtuozzo.com/vza/VZA-2017-116.json.