Lucene search

K
virtuozzoVirtuozzoVZA-2020-036
HistoryMay 21, 2020 - 12:00 a.m.

Important kernel security update: New kernel 2.6.32-042stab144.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

2020-05-2100:00:00
help.virtuozzo.com
93

0.012 Low

EPSS

Percentile

85.2%

This update provides a new kernel 2.6.32-042stab144.1 for Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0. It is based on the RHEL 6.10 kernel 2.6.32-754.29.2.el6 and inherits security and stability fixes from it. The new kernel also provides internal security and stability fixes.
Vulnerability id: CVE-2020-10711
Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic.

Vulnerability id: CVE-2019-17666
kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow.

Vulnerability id: CVE-2019-17133
kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c.

Vulnerability id: CVE-2020-11565
kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c.

Vulnerability id: CVE-2020-8648
kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c.

Vulnerability id: CVE-2019-17055
kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol.

Vulnerability id: CVE-2019-15916
kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service.

Vulnerability id: CVE-2017-1000371
kernel: offset2lib allows for the stack guard page to be jumped over.