Kernel security update: CVE-2018-5803; Virtuozzo ReadyKernel patch 52.0 for Virtuozzo 7.0.3, 7.0.4, 7.0.4 HF3, 7.0.5, and 7.0.6¶
Issue date: 2018-05-30
Applies to: Virtuozzo 7.0
Virtuozzo Advisory ID: VZA-2018-035
The cumulative Virtuozzo ReadyKernel patch was updated with a security fix. The patch applies to Virtuozzo 7.0 kernels 3.10.0-327.42.0.vz7.20.18 (7.0.3), 3.10.0-514.16.1.vz7.30.10 (7.0.4), 3.10.0-514.16.1.vz7.30.15 (7.0.4 HF3), 3.10.0-514.26.1.vz7.33.22 (7.0.5), and 3.10.0-693.1.1.vz7.37.30 (7.0.6).
2. Security Fixes¶
[Moderate] It was found that _sctp_make_chunk() function did not check if the chunk length for INIT and INIT_ACK packets was within the allowed limits. A local attacker could exploit this to trigger a kernel crash. (CVE-2018-5803)
3. Installing the Update¶
Download, install, and instantly apply the patch to the current kernel by running ‘readykernel update’.
The JSON file with the list of new and updated packages is available at http://docs.virtuozzo.com/vza/VZA-2018-035.json.