Kernel security update: Virtuozzo ReadyKernel patch 98.0 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0, 3.5

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to the kernels 3.10.0-862.9.1.vz7.63.3 (Virtuozzo 7.0.8), 3.10.0-862.11.6.vz7.64.7 (Virtuozzo 7.0.8 HF1), 3.10.0-862.20.2.vz7.73.24 (Virtuozzo 7.0.9 and Virtuozzo Infrastructure Platform 2.5), 3.10.0-862.20.2.vz7.73.29 (Virtuozzo 7.0.9 and Virtuozzo Infrastructure Platform 2.5), 3.10.0-957.10.1.vz7.85.17 (Virtuozzo 7.0.10), 3.10.0-957.12.2.vz7.86.2 (Virtuozzo 7.0.10 HF1), 3.10.0-957.12.2.vz7.96.21 (Virtuozzo 7.0.11 and Virtuozzo Infrastructure Platform 3.0), 3.10.0-1062.4.2.vz7.116.7 (Virtuozzo 7.0.12 HF1 and Virtuozzo Infrastructure Platform 3.5). NOTE: No more patches are planned for the kernel 3.10.0-862.9.1.vz7.63.3, support for which ends with this update.
Vulnerability id: CVE-2019-15538
[3.10.0-862.9.1.vz7.63.3 to 3.10.0-1062.4.2.vz7.116.7] xfs: potential denial of service caused by missing unlock operation in xfs_setattr_nonsize(). It was discovered that xfs_setattr_nonsize() would not unlock ‘ILOCK’ lock if the user or group were out of their disk quota. As a result, any subsequent operation, which needed to take ‘ILOCK’, would get stuck, leading to a denial of service.