Important kernel security update: Virtuozzo ReadyKernel patch 110.0 for Virtuozzo Hybrid Server 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0 and Virtuozzo Hybrid Infrastructure 3.5

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.0 and Virtuozzo Infrastructure Platform.
Vulnerability id: CVE-2020-10711
[3.10.0-862.20.2.vz7.73.24 to 3.10.0-1062.12.1.vz7.131.10] netlabel: kernel crash (null pointer dereference) while processing a specially crafted CIPSO packet. A NULL pointer dereference was found in the implementation of SELinux. The issue occurs while importing the Commercial IP Security Option (CIPSO) protocol category bitmap into SELinux extensible bitmap. Parsing of a specially crafted CIPSO packet sent by a remote attacker could lead to a kernel crash (remote DoS).

Vulnerability id: CVE-2019-20812
[3.10.0-862.20.2.vz7.73.24 to 3.10.0-1127.8.2.vz7.151.14] af_packet: potential soft lockup in case of certain errors when using TPACKET_V3. It was found that if TPACKET_V3 was used and the kernel failed to obtain certain settings from a relevant network device, the retirement timer could be set incorrectly in the implementation AF_PACKET protocol. This could result in soft lockups and excessive CPU usage.

Vulnerability id: CVE-2020-10732
[3.10.0-862.20.2.vz7.73.24 to 3.10.0-1127.8.2.vz7.151.14] Core dumps of some processes could contain uninitialized kernel data. It was discovered that core dumps of userspace processes could contain copies of uninitialized kernel memory areas in certain cases. Although it is difficult for an attacker to control what data is in these areas, this issue, in theory, could be used to obtain sensitive information from the kernel.

Vulnerability id: CVE-2020-10769
[3.10.0-862.20.2.vz7.73.24 to 3.10.0-1062.12.1.vz7.131.10] crypto/authenc: kernel crash in crypto_ahash_setkey() when payload of a key is longer than 4 bytes and is not aligned. An out-of-bounds read was found in the implementation of IPsec cryptographic algorithms (‘authenc’ module). When payload of a key was longer than 4 bytes but was not properly aligned, crypto_authenc_extractkeys() function could try to read data from a wrong location. This could lead to a kernel crash in crypto_ahash_setkey().