Important kernel security update: Virtuozzo ReadyKernel patch 68.2 for Virtuozzo 7.0.4 HF3 to 7.0.8 HF1¶
Issue date: 2018-12-17
Applies to: Virtuozzo 7.0
Virtuozzo Advisory ID: VZA-2018-088
The cumulative Virtuozzo ReadyKernel patch was updated with a security fix. The patch applies to all supported Virtuozzo kernels.
2. Security Fixes¶
[Important] Transforming an IPv6 socket to an IPv4 and then transforming it back to a listening socket could result in a kernel memory corruption. An unprivileged user on the host or in a container could exploit this to crash the kernel. (CVE-2018-9568)
3. Installing the Update¶
Download, install, and immediately apply the patch to the current kernel by running ‘readykernel update’.
The JSON file with the list of new and updated packages is available at https://docs.virtuozzo.com/vza/VZA-2018-088.json.