Lucene search

K
virtuozzoVirtuozzoVZA-2017-007
HistoryFeb 21, 2017 - 12:00 a.m.

Kernel security update: Virtuozzo ReadyKernel patch 11.0 for kernel 3.10.0-327.36.1.vz7.20.18 (Virtuozzo 7.0.3)

2017-02-2100:00:00
help.virtuozzo.com
26

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

10.1%

The cumulative Virtuozzo ReadyKernel patch updated with security fixes as well as a usability bug fix. The patch applies to Virtuozzo 7.0.3.
Vulnerability id: CVE-2016-9806
A double free vulnerability was found in netlink_dump, which could cause a denial of service or possibly other unspecified impact.

Vulnerability id: CVE-2016-8645
It was discovered that the Linux kernel since 3.6-rc1 with β€˜net.ipv4.tcp_fastopen’ set to 1 can hit BUG() statement in tcp_collapse() function after making a number of certain syscalls leading to a possible system crash.

Vulnerability id: PSBM-57511
A flaw was found in the way nfnetlink validated length of batch messages that could allow a user logged in to a container as root to cause a general protection fault and crash the host.

Vulnerability id: PSBM-57499
A flaw was found in the way nfnetlink handled errors while processing batch messages that could allow a user logged in to a container as root to trigger use after free and crash the host.

Vulnerability id: CVE-2016-3070
A security flaw was found in the Linux kernel that an attempt to move page mapped by AIO ring buffer to the other node triggers NULL pointer dereference at trace_writeback_dirty_page(), because aio_fs_backing_dev_info.dev is 0.

OSVersionArchitecturePackageVersionFilename
Virtuozzo7.0x86_64readykernel-patch-20.18<Β 11.0-1.vl7readykernel-patch-20.18-11.0-1.vl7.x86_64.rpm

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

10.1%