7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
38.6%
This update provides a new kernel 2.6.32-042stab131.1 for Virtuozzo 6.0 that is a rebase to the Red Hat Enterprise Linux 6.10 kernel 2.6.32-754.el6. The new kernel introduces security and stability fixes.
Vulnerability id: CVE-2018-10675
The do_get_mempolicy() function in ‘mm/mempolicy.c’ in the Linux kernel allows local users to hit a use-after-free bug via crafted system calls and thus cause a denial of service (DoS) or possibly have unspecified other impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
Vulnerability id: CVE-2012-6701
It was found that AIO interface didn’t use the proper rw_verify_area() helper function with extended functionality, for example, mandatory locking on the file. Also rw_verify_area() makes extended checks, for example, that the size of the access doesn’t cause overflow of the provided offset limits. This integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec.
Vulnerability id: CVE-2015-8830
Integer overflow in the aio_setup_single_vector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression.
Vulnerability id: CVE-2016-8650
A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key.
Vulnerability id: CVE-2017-2671
A race condition leading to a NULL pointer dereference was found in the Linux kernel’s Link Layer Control implementation. A local attacker with access to ping sockets could use this flaw to crash the system.
Vulnerability id: CVE-2017-6001
It was found that the original fix for CVE-2016-6786 was incomplete. There exist a race between two concurrent sys_perf_event_open() calls when both try and move the same pre-existing software group into a hardware context.
Vulnerability id: CVE-2017-7616
Incorrect error handling in the set_mempolicy() and mbind() compat syscalls in ‘mm/mempolicy.c’ in the Linux kernel allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.
Vulnerability id: CVE-2017-7889
The mm subsystem in the Linux kernel through 4.10.10 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.
Vulnerability id: CVE-2017-12190
It was found that in the Linux kernel through v4.14-rc5, bio_map_user_iov() and bio_unmap_user() in ‘block/bio.c’ do unbalanced pages refcounting if IO vector has small consecutive buffers belonging to the same page. bio_add_pc_page() merges them into one, but the page reference is never dropped, causing a memory leak and possible system lockup due to out-of-memory condition.
Vulnerability id: CVE-2017-18203
The Linux kernel, before version 4.14.3, is vulnerable to a denial of service in drivers/md/dm.c:dm_get_from_kobject() which can be caused by local users leveraging a race condition with __dm_destroy() during creation and removal of DM devices. Only privileged local users (with CAP_SYS_ADMIN capability) can directly perform the ioctl operations for dm device creation and removal and this would typically be outside the direct control of the unprivileged attacker.
Vulnerability id: CVE-2018-5803
An error in the “_sctp_make_chunk()” function (net/sctp/sm_make_chunk.c) when handling SCTP, packet length can be exploited by a malicious local user to cause a kernel crash and a DoS.
Vulnerability id: CVE-2018-7757
Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel allows local users to cause a denial of service (kernel memory exhaustion) via multiple read accesses to files in the /sys/class/sas_phy directory.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Virtuozzo | 6.0 | x86_64 | parallels-server-bm-release | < 6.0.12-3709 | parallels-server-bm-release-6.0.12-3709.x86_64.rpm |
Virtuozzo | 6.0 | x86_64 | vzkernel | < 2.6.32-042stab131.1 | vzkernel-2.6.32-042stab131.1.x86_64.rpm |
Virtuozzo | 6.0 | x86_64 | vzkernel-devel | < 2.6.32-042stab131.1 | vzkernel-devel-2.6.32-042stab131.1.x86_64.rpm |
Virtuozzo | 6.0 | noarch | vzkernel-firmware | < 2.6.32-042stab131.1 | vzkernel-firmware-2.6.32-042stab131.1.noarch.rpm |
Virtuozzo | 6.0 | x86_64 | vzmodules | < 2.6.32-042stab131.1 | vzmodules-2.6.32-042stab131.1.x86_64.rpm |
Virtuozzo | 6.0 | x86_64 | vzmodules-devel | < 2.6.32-042stab131.1 | vzmodules-devel-2.6.32-042stab131.1.x86_64.rpm |
access.redhat.com/errata/RHSA-2018:1854
www.redhat.com/security/data/cve/CVE-2012-6701.html
www.redhat.com/security/data/cve/CVE-2015-8830.html
www.redhat.com/security/data/cve/CVE-2016-8650.html
www.redhat.com/security/data/cve/CVE-2017-12190.html
www.redhat.com/security/data/cve/CVE-2017-18203.html
www.redhat.com/security/data/cve/CVE-2017-2671.html
www.redhat.com/security/data/cve/CVE-2017-6001.html
www.redhat.com/security/data/cve/CVE-2017-7616.html
www.redhat.com/security/data/cve/CVE-2017-7889.html
www.redhat.com/security/data/cve/CVE-2018-10675.html
www.redhat.com/security/data/cve/CVE-2018-5803.html
www.redhat.com/security/data/cve/CVE-2018-7757.html
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
38.6%