The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to all supported Virtuozzo kernels. NOTE: No more patches are planned for kernel 3.10.0-327.18.2.vz7.15.2, support for which ends with this update. Vulnerability id: CVE-2018-5344 It was found that release() operation for the loop devices had insufficient protection for the device structures against the accesses from the concurrent open() operations. A local attacker could use specially arranged concurrent operations with a loop device to cause a denial of service (kernel crash due to a use-after-free error).
Vulnerability id: PSBM-80839 It was discovered that some operations with files in a container could lead to denial of service on the host due to extensive memory consumption.