Kernel update: new kernel 3.10.0-693.21.1.vz7.46.7, Virtuozzo 7.0 Update 7 Hotfix 2 (7.0.7-453)

2018-04-2800:00:00

help.virtuozzo.com

5.6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

0.975 High

EPSS

Percentile

100.0%

JSON

The Hotfix 2 for Virtuozzo 7.0 Update 7 provides a new kernel 3.10.0-693.21.1.vz7.46.7 that introduces stability and usability bug fixes. In addition, this kernel was recompiled by the updated gcc with retpolines support. Retpolines are a technique used by the kernel to reduce overhead of mitigating Spectre Variant 2 attacks described in CVE-2017-5715.
Vulnerability id: PSBM-81572
Loadavg reported incorrect values for containers with CPU CGroups.

Vulnerability id: PSBM-81798
IPv6 routing tables incorrectly handled routing rules for throw routes.

Vulnerability id: PSBM-82766
Container could stay mounted after ‘shutdown -h now’ had been run inside it.

Vulnerability id: PSBM-82984, PSBM-83102, PSBM-83474
Fixed nodes crashing in various circumstances.

Vulnerability id: PSBM-83282
prlctl could stop working on node due to dispatcher using too many file descriptors.

Vulnerability id: PSBM-83335
Improved performance of inode extents shrinking in cases when many shrinkers are working on a single superblock simultaneously.

Vulnerability id: PSBM-83405
VA Agent could crash due to a segmentation fault.

OSVersionArchitecturePackageVersionFilename
Virtuozzo7.0x86_64anaconda< 21.48.22.121-3.vz7.58.3anaconda-21.48.22.121-3.vz7.58.3.x86_64.rpm
Virtuozzo7.0x86_64anaconda-core< 21.48.22.121-3.vz7.58.3anaconda-core-21.48.22.121-3.vz7.58.3.x86_64.rpm
Virtuozzo7.0x86_64anaconda-dracut< 21.48.22.121-3.vz7.58.3anaconda-dracut-21.48.22.121-3.vz7.58.3.x86_64.rpm
Virtuozzo7.0x86_64anaconda-gui< 21.48.22.121-3.vz7.58.3anaconda-gui-21.48.22.121-3.vz7.58.3.x86_64.rpm
Virtuozzo7.0x86_64anaconda-tui< 21.48.22.121-3.vz7.58.3anaconda-tui-21.48.22.121-3.vz7.58.3.x86_64.rpm
Virtuozzo7.0x86_64anaconda-widgets< 21.48.22.121-3.vz7.58.3anaconda-widgets-21.48.22.121-3.vz7.58.3.x86_64.rpm
Virtuozzo7.0x86_64anaconda-widgets-devel< 21.48.22.121-3.vz7.58.3anaconda-widgets-devel-21.48.22.121-3.vz7.58.3.x86_64.rpm
Virtuozzo7.0noarchhastart< 1.0.21-1.vz7hastart-1.0.21-1.vz7.noarch.rpm
Virtuozzo7.0x86_64libprlsdk< 7.0.214.1-1.vz7libprlsdk-7.0.214.1-1.vz7.x86_64.rpm
Virtuozzo7.0x86_64libprlsdk-devel< 7.0.214.1-1.vz7libprlsdk-devel-7.0.214.1-1.vz7.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
Virtuozzo	7.0	x86_64	anaconda	< 21.48.22.121-3.vz7.58.3	anaconda-21.48.22.121-3.vz7.58.3.x86_64.rpm
Virtuozzo	7.0	x86_64	anaconda-core	< 21.48.22.121-3.vz7.58.3	anaconda-core-21.48.22.121-3.vz7.58.3.x86_64.rpm
Virtuozzo	7.0	x86_64	anaconda-dracut	< 21.48.22.121-3.vz7.58.3	anaconda-dracut-21.48.22.121-3.vz7.58.3.x86_64.rpm
Virtuozzo	7.0	x86_64	anaconda-gui	< 21.48.22.121-3.vz7.58.3	anaconda-gui-21.48.22.121-3.vz7.58.3.x86_64.rpm
Virtuozzo	7.0	x86_64	anaconda-tui	< 21.48.22.121-3.vz7.58.3	anaconda-tui-21.48.22.121-3.vz7.58.3.x86_64.rpm
Virtuozzo	7.0	x86_64	anaconda-widgets	< 21.48.22.121-3.vz7.58.3	anaconda-widgets-21.48.22.121-3.vz7.58.3.x86_64.rpm
Virtuozzo	7.0	x86_64	anaconda-widgets-devel	< 21.48.22.121-3.vz7.58.3	anaconda-widgets-devel-21.48.22.121-3.vz7.58.3.x86_64.rpm
Virtuozzo	7.0	noarch	hastart	< 1.0.21-1.vz7	hastart-1.0.21-1.vz7.noarch.rpm
Virtuozzo	7.0	x86_64	libprlsdk	< 7.0.214.1-1.vz7	libprlsdk-7.0.214.1-1.vz7.x86_64.rpm
Virtuozzo	7.0	x86_64	libprlsdk-devel	< 7.0.214.1-1.vz7	libprlsdk-devel-7.0.214.1-1.vz7.x86_64.rpm