CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
5.1%
This update provides the new Virtuozzo 6.0 kernel 2.6.32-042stab120.20 based on the Red Hat Enterprise Linux 6.8 kernel 2.6.32-642.6.1.el6. The new kernel provides a security fix.
Vulnerability id: CVE-2017-2647
A flaw was discovered in the Linux kernel’s key subsystem. Invoking the request_key() system call with a specially crafted set of arguments could result in a NULL-pointer dereference inside the search_keyring() function. A local unprivileged user could use this vulnerability to crash the system. The vulnerability could be exploited from inside containers.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Virtuozzo | 6.0 | x86_64 | parallels-server-bm-release | < 6.0.12-3673 | parallels-server-bm-release-6.0.12-3673.x86_64.rpm |
Virtuozzo | 6.0 | x86_64 | vzkernel | < 2.6.32-042stab120.20 | vzkernel-2.6.32-042stab120.20.x86_64.rpm |
Virtuozzo | 6.0 | x86_64 | vzkernel-devel | < 2.6.32-042stab120.20 | vzkernel-devel-2.6.32-042stab120.20.x86_64.rpm |
Virtuozzo | 6.0 | noarch | vzkernel-firmware | < 2.6.32-042stab120.20 | vzkernel-firmware-2.6.32-042stab120.20.noarch.rpm |
Virtuozzo | 6.0 | x86_64 | vzmodules | < 2.6.32-042stab120.20 | vzmodules-2.6.32-042stab120.20.x86_64.rpm |
Virtuozzo | 6.0 | x86_64 | vzmodules-devel | < 2.6.32-042stab120.20 | vzmodules-devel-2.6.32-042stab120.20.x86_64.rpm |
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
5.1%