5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
9.0%
This update fixes an issue in the ReadyKernel patch v124.0 (PSBM-127243). After the release of that version, it was found that it refused to load on certain customer nodes if UNIX domain sockets were used there to pass large amounts of data between processes. This was because the fix for CVE-2021-20265 (“Memory leak in the implementation of unix sockets”) needed to update kernel function unix_stream_read_generic() and that function was running almost all the time. It is unsafe to patch currently running functions, so the ReadyKernel tools refused to load the update (ReadyKernel updates are loaded and applied as a whole). We have removed the offending patch in version 124.1. The remaining fixes from ReadyKernel patch v124.0 are still available in v124.1. The patch applies to all supported kernels of Virtuozzo Hybrid Server, Virtuozzo Infrastructure Platform, and Virtuozzo Hybrid Infrastructure.
access.redhat.com/security/cve/cve-2021-20265
help.virtuozzo.com/s/article/VZA-2021-014
readykernel.com/patch/Virtuozzo-7/readykernel-patch-116.7-124.1-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-131.10-124.1-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-151.14-124.1-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-158.8-124.1-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-163.46-124.1-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-96.21-124.1-1.vl7/
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
9.0%