9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.954 High
EPSS
Percentile
99.3%
The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernels 3.10.0-327.18.2.vz7.15.2 (Virtuozzo 7.0.0), 3.10.0-327.42.0.vz7.18.7 (Virtuozzo 7.0.1), and 3.10.0-327.42.0.vz7.20.18 (Virtuozzo 7.0.3).
Vulnerability id: CVE-2017-8824
A vulnerability was found in DCCP socket handling code. dccp_disconnect() set the socket state to DCCP_CLOSED but did not properly free some of the resources associated with that socket. This could result in a use-after-free and could potentially allow an attacker to escalate their privileges.
Vulnerability id: CVE-2017-16939
The Linux kernel is vulnerable to a use-after-free issue. It could occur while closing a xfrm netlink socket, in xfrm_dump_policy_done. A user/process could use this flaw to potentially escalate their privileges on a system.
Vulnerability id: CVE-2017-15129
The function get_net_ns_by_id() does not check the net.count value when processing a peer network, which could lead to double free and memory corruption. An unprivileged local user could use this vulnerability to crash the system.
Vulnerability id: CVE-2017-18017
If the system uses iptables and there are iptables rules with TCPMSS action there, a remote attacker could cause a denial of service (use-after-free in tcpmss_mangle_packet function leading to memory corruption) or possibly have unspecified other impact by sending specially crafted network packets.
Vulnerability id: CVE-2017-1000405
A flaw was found in the patches used to fix the ‘Dirty COW’ vulnerability (CVE-2016-5195). An attacker, able to run local code, could exploit a race condition in transparent huge pages to modify usually read-only huge pages.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Virtuozzo | 7.0 | x86_64 | readykernel-patch-15.2 | < 42.0-1.vl7 | readykernel-patch-15.2-42.0-1.vl7.x86_64.rpm |
Virtuozzo | 7.0 | x86_64 | readykernel-patch-18.7 | < 42.0-1.vl7 | readykernel-patch-18.7-42.0-1.vl7.x86_64.rpm |
Virtuozzo | 7.0 | x86_64 | readykernel-patch-20.18 | < 42.0-1.vl7 | readykernel-patch-20.18-42.0-1.vl7.x86_64.rpm |
access.redhat.com/security/cve/CVE-2017-1000405
access.redhat.com/security/cve/CVE-2017-15129
access.redhat.com/security/cve/CVE-2017-16939
access.redhat.com/security/cve/CVE-2017-18017
access.redhat.com/security/cve/CVE-2017-8824
readykernel.com/patch/Virtuozzo-7/readykernel-patch-15.2-42.0-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-18.7-42.0-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-20.18-42.0-1.vl7/
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.954 High
EPSS
Percentile
99.3%