Important kernel security update: Virtuozzo ReadyKernel patch 110.0 for Virtuozzo Hybrid Server 7.0, Virtuozzo Infrastructure Platform 2.5, 3.0, Virtuozzo Hybrid Infrastructure 3.5

Issue date: 2020-06-20

Affected products: Virtuozzo Hybrid Infrastructure 3.5, Virtuozzo Hybrid Server 7.0, Virtuozzo Infrastructure Platform 2.5, Virtuozzo Infrastructure Platform 3.0

Virtuozzo Advisory ID: VZA-2020-048

1. Overview

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.0, Virtuozzo Infrastructure Platform, and Virtuozzo Hybrid Infrastructure. NOTE: No more patches are planned for the kernel 3.10.0-862.20.2.vz7.73.24, support for which ends with this update.

2. Security Fixes

  • [Important] [3.10.0-862.20.2.vz7.73.24 to 3.10.0-1062.12.1.vz7.131.10] netlabel: kernel crash (null pointer dereference) while processing a specially crafted CIPSO packet. A NULL pointer dereference was found in the implementation of SELinux. The issue occurs while importing the Commercial IP Security Option (CIPSO) protocol category bitmap into SELinux extensible bitmap. Parsing of a specially crafted CIPSO packet sent by a remote attacker could lead to a kernel crash (remote DoS). (CVE-2020-10711)

  • [Moderate] [3.10.0-862.20.2.vz7.73.24 to 3.10.0-1127.8.2.vz7.151.14] af_packet: potential soft lockup in case of certain errors when using TPACKET_V3. It was found that if TPACKET_V3 was used and the kernel failed to obtain certain settings from a relevant network device, the retirement timer could be set incorrectly in the implementation AF_PACKET protocol. This could result in soft lockups and excessive CPU usage. (CVE-2019-20812)

  • [Moderate] [3.10.0-862.20.2.vz7.73.24 to 3.10.0-1127.8.2.vz7.151.14] Core dumps of some processes could contain uninitialized kernel data. It was discovered that core dumps of userspace processes could contain copies of uninitialized kernel memory areas in certain cases. Although it is difficult for an attacker to control what data is in these areas, this issue, in theory, could be used to obtain sensitive information from the kernel. (CVE-2020-10732)

  • [Moderate] [3.10.0-862.20.2.vz7.73.24 to 3.10.0-1062.12.1.vz7.131.10] crypto/authenc: kernel crash in crypto_ahash_setkey() when payload of a key is longer than 4 bytes and is not aligned. An out-of-bounds read was found in the implementation of IPsec cryptographic algorithms (‘authenc’ module). When payload of a key was longer than 4 bytes but was not properly aligned, crypto_authenc_extractkeys() function could try to read data from a wrong location. This could lead to a kernel crash in crypto_ahash_setkey(). (CVE-2020-10769)

3. Bug Fixes

  • [3.10.0-862.20.2.vz7.73.24 to 3.10.0-1127.8.2.vz7.151.14] ploop: kernel crash (division by zero) in purge_lru_warn(). (PSBM-104867)

4. Installing the Update

Download, install, and immediately apply the patch to the current kernel by running ‘readykernel update’.