Important kernel security update: CVE-2018-1068; Virtuozzo ReadyKernel patch 47.0 for Virtuozzo 7.0.7

2018-03-22T00:00:00
ID VZA-2018-015
Type virtuozzo
Reporter Virtuozzo
Modified 2018-03-22T00:00:00

Description

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to the Virtuozzo 7.0 kernel 3.10.0-693.17.1.vz7.43.10 (7.0.7). Vulnerability id: CVE-2018-1068 It was discovered that the implementation of ebtables in the kernel did not properly validate the offsets received from the user space. A local user with enough privileges in the user and network namespaces could use that to trigger an out-of-bounds write to the kernel address space.