Kernel update: Virtuozzo ReadyKernel patch 60.0 for Virtuozzo 7.0.8 HF1

2018-09-07T00:00:00
ID VZA-2018-067
Type virtuozzo
Reporter Virtuozzo
Modified 2018-09-07T00:00:00

Description

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to Virtuozzo 7.0.8 HF1. Vulnerability id: PSBM-73001 sunrpc: potential kernel crash (use after free) in svc_process_common().

Vulnerability id: PSBM-87649 Potential out-of-bounds read in fuse_dev_splice_write().

Vulnerability id: PSBM-87877 It was found that rpc_get_hdr() function from 'fuse_kio_pcs' module did not return valid values in 'msg_size' in some cases. As a result, the processes using large FUSE KIO messages could get stuck in an unkillable state.

Vulnerability id: PSBM-88082 File systems: insufficient error handling in sget() could lead to excessive memory consumption.