Kernel security update: Virtuozzo ReadyKernel patch 113.10 for Virtuozzo Hybrid Server 7.0¶
Issue date: 2020-08-06
Applies to: Virtuozzo Hybrid Server 7.0
Virtuozzo Advisory ID: VZA-2020-056
The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to the kernels 3.10.0-1062.12.1.vz7.131.10 (Virtuozzo Hybrid Server 7.0.13), 3.10.0-1127.8.2.vz7.151.14 (Virtuozzo Hybrid Server 7.0.14).
2. Security Fixes¶
[Moderate] [3.10.0-1062.12.1.vz7.131.10 to 3.10.0-1127.8.2.vz7.151.14] Possible use-after-free error due to a race condition in cdev_get(). It was discovered that use-after-free condition was possible in cdev_get() if multiple processes simultaneously accessed a character device in a certain way. A local attacker could potentially exploit this to crash the kernel. (CVE-2020-0305)
3. Bug Fixes¶
[3.10.0-1062.12.1.vz7.131.10 to 3.10.0-1127.8.2.vz7.151.14] File system of a container becomes read-only, __ext4_handle_dirty_metadata() reports error 28. (PSBM-105850)
[3.10.0-1062.12.1.vz7.131.10 to 3.10.0-1127.8.2.vz7.151.14] memcg: the limit on page cache (memory.cache.limit_in_bytes) could be exceeded significantly in certain cases. (PSBM-106384)
4. Installing the Update¶
Download, install, and immediately apply the patch to the current kernel by running ‘readykernel update’.
The JSON file with the list of new and updated packages is available at https://docs.virtuozzo.com/vza/VZA-2020-056.json.