Kernel security update: CVE-2018-5344 and other; Virtuozzo ReadyKernel patch 43.0 for Virtuozzo 7.0.x

2018-02-02T00:00:00
ID VZA-2018-007
Type virtuozzo
Reporter Virtuozzo
Modified 2018-02-02T00:00:00

Description

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to all supported Virtuozzo kernels. NOTE: No more patches are planned for kernel 3.10.0-327.18.2.vz7.15.2, support for which ends with this update. Vulnerability id: CVE-2018-5344 It was found that release() operation for the loop devices had insufficient protection for the device structures against the accesses from the concurrent open() operations. A local attacker could use specially arranged concurrent operations with a loop device to cause a denial of service (kernel crash due to a use-after-free error).

Vulnerability id: PSBM-80839 It was discovered that some operations with files in a container could lead to denial of service on the host due to extensive memory consumption.