Ubuntu本地提权漏洞(CVE-2017-16995)

Since commit f1174f77b50c "bpf/verifier: rework value tracking", the eBPF range tracking is security-relevant for the verification of eBPF code provided by unprivileged users. Therefore, any tiny slip-up in the arithmetic range tracking now turns into an arbitrary read+write in the full kernel...

Virtuozzo 7 : readykernel-patch (VZA-2017-098)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - Linux kernel built with the KVM virtualisation support CONFIGKVM, with nested virtualisation nVMX feature enabled...