Virtuozzo ReadyKernel patch 124.1 for Virtuozzo Hybrid Server 7.0, 7.5, Virtuozzo Infrastructure Platform 3.0, and Virtuozzo Hybrid Infrastructure 3.5, 4.0

Issue date: 2021-03-19

Applies to: Virtuozzo Hybrid Infrastructure 3.5, Virtuozzo Hybrid Infrastructure 4.0, Virtuozzo Hybrid Server 7.0, Virtuozzo Hybrid Server 7.5, Virtuozzo Infrastructure Platform 3.0

Virtuozzo Advisory ID: VZA-2021-015

1. Overview

This update fixes an issue in the ReadyKernel patch v124.0 (PSBM-127243).

After the release of that version, it was found that it refused to load on certain customer nodes if UNIX domain sockets were used there to pass large amounts of data between processes. This was because the fix for CVE-2021-20265 (“Memory leak in the implementation of unix sockets”) needed to update kernel function unix_stream_read_generic() and that function was running almost all the time.

It is unsafe to patch currently running functions, so the ReadyKernel tools refused to load the update (ReadyKernel updates are loaded and applied as a whole).

We have removed the offending patch in version 124.1. The remaining fixes from ReadyKernel patch v124.0 are still available in v124.1.

The patch applies to all supported kernels of Virtuozzo Hybrid Server, Virtuozzo Infrastructure Platform, and Virtuozzo Hybrid Infrastructure.

2. Installing the Update

Download, install, and immediately apply the patch to the current kernel by running ‘readykernel update’.