The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to Virtuozzo 7.0.8 and 7.0.8 HF1. Vulnerability id: PSBM-87836 It was discovered that a container with NFS mounts could keep the files /var/lib/nfs/rpc_pipefs/nfs/clntX open, even if no NFS server was running there. As a result, CRIU reported errors when the users tried to migrate the container.
Vulnerability id: PSBM-88561 It was found that the implementation of ploop did not handle errors reported by kthread_create() properly. This could lead to a kernel crash in dio_open().
Vulnerability id: PSBM-88577 If an error occurred during execution of xfrm_net_init() when a new network namespace was created, xfrm_policy_lock could remain uninitialized. As a result, soft lockup could happen in xfrm_policy_flush() if it tried to acquire the lock after that.