Lucene search

K
virtuozzoVirtuozzoVZA-2021-040
HistoryAug 03, 2021 - 12:00 a.m.

[Important] [Security] New kernel 2.6.32-042stab146.1; Virtuozzo 6.0 Update 12 Hotfix 54 (6.0.12-3761)

2021-08-0300:00:00
docs.virtuozzo.com
62

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.4%

This update provides a new kernel 2.6.32-042stab146.1 for Virtuozzo 6.0. It is based on the RHEL 6.10 kernel 2.6.32-754.41.2.el6 and inherits security and stability fixes from it. The new kernel also provides an internal stability fix.
Vulnerability id: CVE-2021-3347
Kernel: Use after free via PI futex state.

Vulnerability id: CVE-2019-11487
Kernel: Count overflow in FUSE request leading to use-after-free issues.

Vulnerability id: CVE-2020-12362
Kernel: Integer overflow in Intel® Graphics Drivers.

Vulnerability id: CVE-2021-27364
Kernel: out-of-bounds read in libiscsi module.

Vulnerability id: CVE-2021-27365
Kernel: heap buffer overflow in the iSCSI subsystem.

Vulnerability id: CVE-2020-29661
Kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free.

Vulnerability id: CVE-2021-33909
Kernel: size_t-to-int conversion vulnerability in the filesystem layer.

Vulnerability id: CVE-2014-4508
Kernel: x86_32: BUG in syscall auditing.

Vulnerability id: CVE-2019-14896
Kernel: heap-based buffer overflow in lbs_ibss_join_existing function in drivers/net/wireless/marvell/libertas/cfg.c.

Vulnerability id: CVE-2021-20265
Kernel: increase slab leak leads to DoS.

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.4%