Product update: Virtuozzo 6.0 Update 12 Hotfix 41 (6.0.12-3741)

Issue date: 2019-05-20

Applies to: Virtuozzo 6.0

Virtuozzo Advisory ID: VZA-2019-040

1. Overview

This update provides hypervisor-related fixes for the Microarchitectural Store Buffer Data (MDS) vulnerability as well as a stability fix.

2. Security Fixes

  • [Important] The Microarchitectural Store Buffer Data (MDS) is a series of hardware vulnerabilities which allow speculative execution attacks on Intel processors. A malicious application or guest virtual machine can use this flaw to gain access to data stored in internal CPU buffers, bypassing security restrictions. For more details, visit the Virtuozzo Blog. (PSBM-94407)

3. Bug Fixes

  • Guest tools installation could fail on Ubuntu with 4.4.0-145 kernel due to an issue in get_user_pages. (PSBM-93867)

4. Installing the Update

Install the update by running ‘yum update’. If you use CPU pools, additional actions are required to mitigate the MDS vulnerability: for a custom CPU pool, run ‘cpupools recalc ‘; if you use the default CPU pool, move your nodes to a custom CPU pool as described in chapter 9 of the Virtuozzo User’s Guide.