Kernel security update: Virtuozzo ReadyKernel patch 49.0 for Virtuozzo 7.0.1, 7.0.3, 7.0.5, 7.0.6, and 7.0.6 HF3

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo 7.0 kernels 3.10.0-327.42.0.vz7.18.7 (7.0.1), 3.10.0-327.42.0.vz7.20.18 (7.0.3), 3.10.0-514.26.1.vz7.33.22 (7.0.5), 3.10.0-693.1.1.vz7.37.30 (7.0.6), and 3.10.0-693.11.6.vz7.40.4 (7.0.6 HF3). NOTE: No more patches are planned for kernel 3.10.0-327.47.0.vz7.18.7, support for which ends with this update.
Vulnerability id: CVE-2017-17448
It was discovered that nfnl_cthelper_list structure was accessible to any user with CAP_NET_ADMIN capability in a network namespace. An unprivileged local user could exploit that to affect netfilter conntrack helpers on the host.

Vulnerability id: CVE-2017-17449
It was discovered that a nlmon link inside a child network namespace was not restricted to that namespace. An unprivileged local user could exploit that to monitor system-wide netlink activity.

Vulnerability id: CVE-2017-17450
It was discovered that xt_osf_fingers data structure was accessible from any network namespace. This allowed unprivileged local users to bypass intended access restrictions and modify the system-wide OS fingerprint list used by specific iptables rules.

Vulnerability id: CVE-2017-17807
The KEYS subsystem omitted an access-control check when writing a key to the default keyring of the current task, allowing a local user to bypass security checks for the keyring. This compromised the validity of the keyring for those who relied on it.

Vulnerability id: PSBM-83692
If ‘dccp_ipv6’ module was loaded on the host, a local unprivileged user could trigger a kernel crash in dccp_write_xmit() or inet_csk_get_port() using a specially crafted sequence of system calls.