7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
25.6%
The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to all supported Virtuozzo kernels.
Vulnerability id: CVE-2018-14634
An integer overflow flaw was found in create_elf_tables(). An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system.
Vulnerability id: CVE-2017-1000365
The Linux kernel imposes a size limit on the memory needed to store the arguments and environment variables of a process, 1/4 of the maximum stack size (RLIMIT_STACK). However, the pointers to these data were not taken into account, which allowed attackers to bypass the limit and even exhaust the stack of the process.
bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-1000365
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14634
readykernel.com/patch/Virtuozzo-7/readykernel-patch-30.10-62.2-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-30.15-62.2-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-33.22-62.2-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-37.30-62.2-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-40.4-62.2-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-43.10-62.2-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-46.7-62.2-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-48.2-62.2-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-63.3-62.2-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-64.7-62.2-1.vl7/
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
25.6%