Virtuozzo Linux Errata and Bugfix Advisory 2019:2227

Upstream security update. Follow RHBA-2019:2227 for details...

Product update: Virtuozzo 7.0 Update 9 (7.0.9-534)

The Update 9 for Virtuozzo 7.0 provides new features as well as security, stability, and usability bug fixes. Vulnerability id: CVE-2018-14634, PSBM-88914 An integer overflow flaw was found in createelftables. An unprivileged local user with access to SUID or otherwise privileged binary could use...

Product update: Virtuozzo Infrastructure Platform 2.5 Update 7 (2.5.0-1650)

This update mitigates the Microarchitectural Store Buffer Data MDS vulnerability and provides a performance bug fix. Vulnerability id: VSTOR-23200 The Microarchitectural Store Buffer Data MDS is a series of hardware vulnerabilities which allow speculative execution attacks on Intel processors. A...

Important kernel security update: New kernel 2.6.32-042stab141.3; Virtuozzo 6.0 Update 12 Hotfix 48 (6.0.12-3753)

This update provides a new kernel 2.6.32-042stab141.3 for Virtuozzo 6.0 based on the RHEL 6.10 kernel 2.6.32-754.24.3.el6. The new kernel inherits security fixes. Vulnerability id: CVE-2018-12207 hw: Machine Check Error on Page Size Change IFU Vulnerability id: CVE-2019-0155 hw: Intel GPU blitter...

Important kernel security update: New kernel 2.6.32-042stab145.3 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab145.3 for Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0. It is based on the RHEL 6.10 kernel 2.6.32-754.30.2.el6 and inherits security and stability fixes from it. The new kernel also provides internal stability fixes. Vulnerability i...

Important kernel security update: Virtuozzo ReadyKernel patch 18.0 for kernels 3.10.0-327.18.2.vz7.15.2 (Virtuozzo 7.0.0), 3.10.0-327.36.1.vz7.18.7 (Virtuozzo 7.0.1), and 3.10.0-327.36.1.vz7.20.18 (Virtuozzo 7.0.3)

The cumulative Virtuozzo ReadyKernel patch updated with security fixes as well as stability bug fixes. The patch applies to Virtuozzo versions 7.0.0, 7.0.1, and 7.0.3. Vulnerability id: CVE-2017-2636 Race condition in drivers/tty/nhdlc.c in the Linux kernel through 4.10.1 allows local users to ga...

Important kernel security update: New kernel 2.6.32-042stab142.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab142.1 for Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0. It is based on the RHEL 6.10 kernel 2.6.32-754.27.1.el6 and inherits security and stability fixes from it. The new kernel also provides internal stability fixes. Vulnerability i...

Important kernel security update: CVE-2018-3620 and other issues; new kernel 3.10.0-862.11.6.vz7.64.7; Virtuozzo 7.0 Update 8 Hotfix 1 (7.0.8-507)

This update provides a new kernel for Virtuozzo 7.0 that is a rebase to the Red Hat Enterprise Linux 7.5 kernel 3.10.0-862.11.6.el7. The new kernel inherits a number of security fixes from the RHEL kernel and introduces internal stability fixes. Vulnerability id: CVE-2017-13215 A flaw was found i...

Kernel update: Virtuozzo ReadyKernel patch 94.2 for Virtuozzo 7.0

The cumulative Virtuozzo ReadyKernel patch was updated with a stability fix. The patch applies to the kernels 3.10.0-693.21.1.vz7.48.2 Virtuozzo 7.0.7 HF3, 3.10.0-862.9.1.vz7.63.3 Virtuozzo 7.0.8, 3.10.0-862.11.6.vz7.64.7 Virtuozzo 7.0.8 HF1. NOTE: No more patches are planned for the kernel...

Important kernel security update: Virtuozzo ReadyKernel patch 110.0 for Virtuozzo Hybrid Server 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0 and Virtuozzo Hybrid Infrastructure 3.5

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.0 and Virtuozzo Infrastructure Platform. Vulnerability id: CVE-2020-10711 3.10.0-862.20.2.vz7.73.24 to 3.10.0-1062.12.1.vz7.131.10...

Kernel security update: Virtuozzo ReadyKernel patch 113.10 for Virtuozzo Hybrid Server 7.0

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to the kernels 3.10.0-1062.12.1.vz7.131.10 Virtuozzo Hybrid Server 7.0.13, 3.10.0-1127.8.2.vz7.151.14 Virtuozzo Hybrid Server 7.0.14. Vulnerability id: CVE-2020-0305...

Virtuozzo Hybrid Infrastructure 4.6 Update 1

This update provides new features, as well as bug fixes and improvements. Vulnerability id: VSTOR-45315 The MDS service may be unstable under a high load condition. Vulnerability id: VSTOR-43126 A deadlock is possible between atomic and non-atomic commands in the iSCSI kernel module. Vulnerabilit...

Important kernel security update: New kernel 2.6.32-042stab140.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab140.1 for Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0 based on the RHEL 6.10 kernel 2.6.32-754.18.2.el6. The new kernel inherits security fixes from the RHEL kernel and features internal fixes. Vulnerability id: CVE-2019-5489 A new...

Important kernel security update: CVE-2018-10675 and other issues; new kernel 2.6.32-042stab131.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab131.1 for Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0 that is a rebase to the Red Hat Enterprise Linux 6.10 kernel 2.6.32-754.el6. The new kernel introduces security and stability fixes. Vulnerability id: CVE-2018-10675 The...

Product update: Virtuozzo Hybrid Server 7.5 (7.5.0-586)

Virtuozzo Hybrid Server 7.5 formerly Update 15 introduces new features and provides a security fix as well as stability and usability bug fixes. It also introduces a new kernel 3.10.0-1127.18.2.vz7.163.46. Vulnerability id: PSBM-105768 It was found that an unprivileged user could manage VMs locat...

[Important] [Security] Virtuozzo ReadyKernel Patch 154.2 for Virtuozzo Hybrid Server 7.5

The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.5. Vulnerability id: CVE-2022-2588 3.10.0-1160.41.1.vz7.183.5 to 3.10.0-1160.80.1.vz7.191.4 Use-after-free in the clsroute filter. Vulnerability id:...

Important kernel security update: New kernel 2.6.32-042stab144.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab144.1 for Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0. It is based on the RHEL 6.10 kernel 2.6.32-754.29.2.el6 and inherits security and stability fixes from it. The new kernel also provides internal security and stability fixes...

Kernel security update: Virtuozzo ReadyKernel patch 54.0 for Virtuozzo 7.0.4 to 7.0.7 (excl. hotfixes)

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo 7.0 kernels 3.10.0-514.16.1.vz7.30.10 7.0.4, 3.10.0-514.16.1.vz7.30.15 7.0.4 HF3, 3.10.0-514.26.1.vz7.33.22 7.0.5, 3.10.0-693.1.1.vz7.37.30 7.0.6, 3.10.0-693.11.6.vz7.40.4 7.0....

Kernel security update: CVE-2017-18017 and other; new kernel 2.6.32-042stab128.2 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0 kernel 2.6.32-042stab128.2 that is a rebase to the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.23.1.el6. This kernel was recompiled by the updated gcc with retpolines support. Retpolines are a technique use...

Kernel update: Virtuozzo ReadyKernel patch 94.0 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 3.0

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to the kernels 3.10.0-957.12.2.vz7.96.21 Virtuozzo 7.0.11 and Virtuozzo Infrastructure Platform 3.0, 3.10.0-1062.4.2.vz7.116.6 Virtuozzo 7.0.12, 3.10.0-1062.4.2.vz7.116.7 Virtuozzo 7.0.12 HF1...

[Important] [Security] Virtuozzo ReadyKernel patch 146.1 for Virtuozzo Hybrid Server 7.5

The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.5. Vulnerability id: PSBM-141642 3.10.0-1160.21.1.vz7.174.13 to 3.10.0-1160.53.1.vz7.185.3 Calling kfreeskb from hardware interrupt may cause deadloc...

Product update: Virtuozzo 7.0 Update 13 Hotfix 2 (7.0.13-305)

The Hotfix 2 for Virtuozzo 7.0 Update 13 provides stability and usability bug fixes. Vulnerability id: PSBM-102741 Ability to check and fix containers with broken BAT. Vulnerability id: PSBM-102751 Under certain conditions, MDS could crash...

Virtuozzo Hybrid Server 7.5 Update 6 (7.5.6-87)

Virtuozzo Hybrid Server 7.5 Update 6 introduces new features and provides stability, usability, and security bug fixes. Additionally, it provides a new kernel 3.10.0-1160.105.1.vz7.214.3. Vulnerability id: PSBM-151015, PSBM-153331 A critical security issue in container suspend/resume in the...

[Important] [Security] Virtuozzo ReadyKernel patch 122.0 for Virtuozzo Hybrid Server 7.0, Virtuozzo Infrastructure Platform 3.0, and Virtuozzo Hybrid Infrastructure 3.5, 4.0

The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to the kernels 3.10.0-957.12.2.vz7.96.21 Virtuozzo Hybrid Server 7.0.11 and Virtuozzo Infrastructure Platform 3.0, 3.10.0-1062.4.2.vz7.116.7 Virtuozzo Hybrid Server 7.0.12 HF1 and Virtuozzo Hybrid...

Important kernel security update: New kernel 2.6.32-042stab141.3 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab141.3 for Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0 based on the RHEL 6.10 kernel 2.6.32-754.24.3.el6. The new kernel inherits security fixes. Vulnerability id: CVE-2018-12207 hw: Machine Check Error on Page Size Change IFU...

[Important] [Security] New kernel 2.6.32-042stab146.1; Virtuozzo 6.0 Update 12 Hotfix 54 (6.0.12-3761)

This update provides a new kernel 2.6.32-042stab146.1 for Virtuozzo 6.0. It is based on the RHEL 6.10 kernel 2.6.32-754.41.2.el6 and inherits security and stability fixes from it. The new kernel also provides an internal stability fix. Vulnerability id: CVE-2021-3347 Kernel: Use after free via PI...

[Important] [Security] Virtuozzo ReadyKernel patch 140.0 for Virtuozzo Hybrid Server 7.0, 7.5

The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.x. NOTE: No more updates are planned for the kernel 3.10.0-1127.8.2.vz7.151.14. Vulnerability id: CVE-2021-4028 3.10.0-1127.8.2.vz7.158.8 to...

Important kernel security update: Virtuozzo ReadyKernel patch 91.0 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0

The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to the kernels 3.10.0-693.21.1.vz7.48.2 Virtuozzo 7.0.7 HF3, 3.10.0-862.9.1.vz7.63.3 Virtuozzo 7.0.8, 3.10.0-862.11.6.vz7.64.7 Virtuozzo 7.0.8 HF1, 3.10.0-862.20.2.vz7.73.24 Virtuozzo 7.0.9 and Virtuozzo...

Important kernel security update: Virtuozzo ReadyKernel patch 117.0 for Virtuozzo Hybrid Server 7.0, Virtuozzo Infrastructure Platform 3.0, and Virtuozzo Hybrid Infrastructure 3.5, 4.0

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.0, Virtuozzo Infrastructure Platform, and Virtuozzo Hybrid Infrastructure. IMPORTANT: If bcache is used, manually unloading this or a...

Important kernel security update: New kernel 2.6.32-042stab142.1; Virtuozzo 6.0 Update 12 Hotfix 50 (6.0.12-3755)

This update provides a new kernel 2.6.32-042stab142.1 for Virtuozzo 6.0. It is based on the RHEL 6.10 kernel 2.6.32-754.27.1.el6 and inherits security and stability fixes from it. The new kernel also provides internal stability fixes. Vulnerability id: CVE-2019-14821 Kernel: KVM: OOB memory acces...

Virtuozzo Hybrid Infrastructure 4.6 (4.6.0-208)

In this release, Virtuozzo Hybrid Infrastructure provides a wide range of new features that enhance service providers' operability. The improvements cover compute services, object storage, monitoring, security, localization, and the user interface. Additionally, this release delivers stability...

Product update: Virtuozzo 7.0 Update 13 (7.0.13-298)

The Update 13 for Virtuozzo 7.0 introduces new features and provides stability and usability bug fixes. It also introduces a new kernel 3.10.0-1062.12.1.vz7.131.10. Vulnerability id: PSBM-95072 'pstorage-target' files are left over after successful migrations of VMs on Virtuozzo Storage from...

Important kernel security update: New kernel 2.6.32-042stab145.3; Virtuozzo 6.0 Update 12 Hotfix 52 (6.0.12-3759)

This update provides a new kernel 2.6.32-042stab145.3 for Virtuozzo 6.0. It is based on the RHEL 6.10 kernel 2.6.32-754.30.2.el6 and inherits security and stability fixes from it. The new kernel also provides internal stability fixes. Vulnerability id: CVE-2020-0543 hw: Special Register Buffer Da...

Kernel security update: Virtuozzo ReadyKernel patch 98.0 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0, 3.5

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to the kernels 3.10.0-862.9.1.vz7.63.3 Virtuozzo 7.0.8, 3.10.0-862.11.6.vz7.64.7 Virtuozzo 7.0.8 HF1, 3.10.0-862.20.2.vz7.73.24 Virtuozzo 7.0.9 and Virtuozzo Infrastructure Platform 2.5,...

[Important] [Security] Virtuozzo ReadyKernel patch 125.0 for Virtuozzo Hybrid Server 7.0, 7.5, Virtuozzo Infrastructure Platform 3.0, and Virtuozzo Hybrid Infrastructure 3.5, 4.0

The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7, Virtuozzo Infrastructure Platform, and Virtuozzo Hybrid Infrastructure. NOTE: No more ReadyKernel updates are planned for the kernel...

Virtuozzo Linux Errata and Security Advisory 2020:5002 Moderate

Upstream security update. Follow RHSA-2020:5002 for details...

Product update: Virtuozzo Hybrid Infrastructure 4.0 Update 1

This update provides a new feature, as well as bug fixes and improvements. Vulnerability id: VSTOR-38583 A non-admin user is unable to create volumes from the command line. Vulnerability id: VSTOR-38785 Enabled geo-replication on Backup Gateway with an S3 backend may result in a deadlock...

Kernel security update: Virtuozzo ReadyKernel patch 54.0 for Virtuozzo 7.0.7 HF2 and 7.0.7 HF3

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo 7.0 kernels 3.10.0-693.21.1.vz7.46.7 7.0.7 HF2 and 3.10.0-693.21.1.vz7.48.2 7.0.7 HF3. Vulnerability id: CVE-2018-1120 By mmaping a FUSE-backed file onto a process's memory...

[Important] [Security] Virtuozzo ReadyKernel patch 139.0 for Virtuozzo Hybrid Server 7.0, 7.5

The cumulative Virtuozzo ReadyKernel patch was updated with a security fix. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.x. Vulnerability id: CVE-2021-0920 3.10.0-1127.8.2.vz7.151.14 to 3.10.0-1160.53.1.vz7.185.3 Potential use-after-free in the 'recv' operation of UNIX...

[Important] [Security] Fix for a vulnerability in sudo, CVE-2021-3156, for Virtuozzo Hybrid Server 7.x and Virtuozzo 6

The update fixes the vulnerability in sudo registered as CVE-2021-3156. The new sudo packages are available for Virtuozzo Hybrid Server 7.x and Virtuozzo 6. Vulnerability id: CVE-2021-3156 A flaw was found in sudo. A heap-based buffer overflow was found in the way sudo parses command line...

Important kernel security update: New kernel 2.6.32-042stab139.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab139.1 for Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0 based on the RHEL 6.10 kernel 2.6.32-754.15.3.el6. The new kernel inherits security fixes for SACK-related issues in the TCP stack as well as a few improvements for the MDS...

Important kernel security update: Virtuozzo ReadyKernel patch 97.0 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0, 3.5

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to the kernels 3.10.0-862.9.1.vz7.63.3 Virtuozzo 7.0.8, 3.10.0-862.11.6.vz7.64.7 Virtuozzo 7.0.8 HF1, 3.10.0-862.20.2.vz7.73.24 Virtuozzo 7.0.9 and Virtuozzo Infrastructure Platform 2.5,...

Important kernel security update: Fixes for Meltdown and Spectre exploits; new kernel 2.6.32-042stab127.2 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0 kernel 2.6.32-042stab127.2 that is a rebase to the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.18.7.el6. The rebase fixes an industry-wide issue that was found in the way many modern microprocessor designs...

Product release: Virtuozzo Hybrid Infrastructure 4.0 (4.0.0-734)

In this release, Virtuozzo Hybrid Infrastructure provides a wide range of new features that enhance the end-user experience and service providers' interoperability. The improvements cover networking, storage core, appliance, object storage, monitoring, performance charts, and localization...

Important kernel security update: New kernel 2.6.32-042stab144.1; Virtuozzo 6.0 Update 12 Hotfix 51 (6.0.12-3757)

This update provides a new kernel 2.6.32-042stab144.1 for Virtuozzo 6.0. It is based on the RHEL 6.10 kernel 2.6.32-754.29.2.el6 and inherits security and stability fixes from it. The new kernel also provides internal security and stability fixes. Vulnerability id: CVE-2020-10711 Kernel: NetLabel...

Important kernel security update: New kernel 2.6.32-042stab138.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab138.1 for Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0 based on the RHEL 6.10 kernel 2.6.32-754.14.2.el6. The new kernel inherits security fixes for the Microarchitectural Store Buffer Data MDS vulnerability from the RHEL kernel...

Important kernel security update: CVE-2018-5391 and other issues; new kernel 2.6.32-042stab134.3 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab134.3 for Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0. The new kernel introduces security and stability fixes. Vulnerability id: CVE-2018-5391 A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of...

[Important] [Security] Virtuozzo ReadyKernel patch 122.0 for Virtuozzo Hybrid Server 7.5

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to the kernel 3.10.0-1127.18.2.vz7.163.46 Virtuozzo Hybrid Server 7.5. Vulnerability id: CVE-2020-29661 Incorrect locking in TTY subsystem could lead to use-after-free conditions and cause...

Virtuozzo Linux Errata and Bugfix Advisory 2020:5019

Upstream security update. Follow RHBA-2020:5019 for details...

Kernel update: Virtuozzo ReadyKernel patch 94.1 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0

The cumulative Virtuozzo ReadyKernel patch was updated with a stability fix. The patch applies to the kernels 3.10.0-862.20.2.vz7.73.24 Virtuozzo 7.0.9 and Virtuozzo Infrastructure Platform 2.5, 3.10.0-862.20.2.vz7.73.29 Virtuozzo 7.0.9 and Virtuozzo Infrastructure Platform 2.5,...