Updated kernel-vserver package fixes security vulnerabilities

Updated kernel-vserver provides upstream 3.10.51 kernel and fixes the following security issues: Array index error in the aioreadeventsring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value...

CVE-2014-4171

mm/shmem.c in the Linux kernel through 3.15.1 does not properly implement the interaction between range notification and hole punching, which allows local users to cause a denial of service imutex hold by using the mmap system call to access a hole, as demonstrated by interfering with intended...

Null pointer dereference

mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcommit is enabled and CONFIGSECURITY is disabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service NULL pointer dereference and knfsd crash or possibly have...

CVE-2008-3534

CVE-2008-3534 affects the Linux kernel tmpfs implementation (shmem.c: shmem_delete_inode). A local attacker could crash the system by a specific sequence of file create/remove/overwrite operations, linked to allocation of “useless pages” and improper maintenance of i_blocks. Public advisories con...