The Hotfix 2 for Virtuozzo 7.0 Update 7 provides a new kernel 3.10.0-693.21.1.vz7.46.7 that introduces stability and usability bug fixes. In addition, this kernel was recompiled by the updated gcc with retpolines support. Retpolines are a technique used by the kernel to reduce overhead of mitigating Spectre Variant 2 attacks described in CVE-2017-5715.
Vulnerability id: PSBM-81572
Loadavg reported incorrect values for containers with CPU CGroups.
Vulnerability id: PSBM-81798
IPv6 routing tables incorrectly handled routing rules for throw routes.
Vulnerability id: PSBM-82766
Container could stay mounted after ‘shutdown -h now’ had been run inside it.
Vulnerability id: PSBM-82984, PSBM-83102, PSBM-83474
Fixed nodes crashing in various circumstances.
Vulnerability id: PSBM-83282
prlctl could stop working on node due to dispatcher using too many file descriptors.
Vulnerability id: PSBM-83335
Improved performance of inode extents shrinking in cases when many shrinkers are working on a single superblock simultaneously.
Vulnerability id: PSBM-83405
VA Agent could crash due to a segmentation fault.