Critical kernel security update: vulnerability fixes CVE-2016-7910, CVE-2016-7911 (and other), new kernel 2.6.32-042stab120.11


This update provides a new Virtuozzo 6.0 kernel 2.6.32-042stab120.11 based on the Red Hat Enterprise Linux 6.8 kernel 2.6.32-642.6.1.el6. The new kernel provides security and stability fixes. **Vulnerability id:** CVE-2016-1583 Stack overflow via ecryptfs and /proc/$pid/environ. It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a recursion by mapping /proc/environ. An unprivileged, local user could potentially use this flaw to escalate their privileges on the system. **Vulnerability id:** CVE-2016-6828 Use after free in tcp_xmit_retransmit_queue. A use after free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection. **Vulnerability id:** CVE-2016-7910 block: fix use-after-free in seq file. Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed. **Vulnerability id:** CVE-2016-7911 block: fix use-after-free in sys_ioprio_get(). Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.

Affected Package

OS OS Version Package Name Package Version
Virtuozzo 6.0 parallels-server-bm-release 6.0.11-3488
Virtuozzo 6.0 vzkernel 2.6.32-042stab120.11
Virtuozzo 6.0 vzkernel-devel 2.6.32-042stab120.11
Virtuozzo 6.0 vzkernel-firmware 2.6.32-042stab120.11
Virtuozzo 6.0 vzmodules 2.6.32-042stab120.11
Virtuozzo 6.0 vzmodules-devel 2.6.32-042stab120.11