Article ID: 118571, created on Nov 12, 2013, last review on May 9, 2014

  • Applies to:
  • Virtuozzo containers for Linux 4.7
-----------------------------------------------------------------------
Synopsis:          A new Parallels Virtuozzo Containers 4.7 kernel update
                   addressing security, performance, and stability issues.
Product:           Parallels Virtuozzo Containers 4.7
Keywords:          'bugfix' 'stability' 'security'

-----------------------------------------------------------------------

This document provides information on the new Parallels Virtuozzo Containers 4.7
kernel, version 2.6.32-042stab083.2.

--------------------------------------------------------------------------------
CONTENTS

1. About This Update
2. Update Description
3. Obtaining the New Kernel
4. References

--------------------------------------------------------------------------------

1. ABOUT THIS UPDATE

The current update for the Parallels Virtuozzo Containers 4.7 kernel provides a
new kernel based on the Red Hat Enterprise Linux 6.4 kernel
(2.6.32-358.23.2.el6). The updated kernel includes a number of security,
performance, and stability fixes.

--------------------------------------------------------------------------------

2. UPDATE DESCRIPTION

This update includes the following fixes and improvements:

* The elapsed wall clock time for processes inside a Container could be shown
  incorrectly after vzreboot or online migration operations. (PSBM-22925)

* The ipc_rcu_putref function in ipc/util.c in the Linux kernel before 3.10
  does not properly manage a reference count, which allows local users to
  cause a denial of service (memory consumption or system crash) via a crafted
  application. (PSBM-23024, CVE-2013-4483)

* Under certain circumstances, ploop disks larger than 2TB could fail, either
  failing internal disk allocation operations or returning an error at the ploop
  image mounting stage. (PSBM-22961)

* A Hardware Node lockup followed by a crash triggered by the NMI watchdog
  could occur due to a locking bug in the kernel statistics accounting code.
  (PSBM-23293)
--------------------------------------------------------------------------------

3. OBTAINING THE NEW KERNEL

You can download and install this kernel update using the vzup2date utility
included in the Parallels Virtuozzo Containers 4.7 distribution set.

--------------------------------------------------------------------------------

4. REFERENCES

https://rhn.redhat.com/errata/RHSA-2013-1436.html

https://www.redhat.com/security/data/cve/CVE-2013-4162.html
https://www.redhat.com/security/data/cve/CVE-2013-4299.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4483

--------------------------------------------------------------------------------
Copyright (c) 1999-2013 Parallels IP Holdings GmbH and its affiliates. All
rights reserved.

0c05f0c76fec3dd785e9feafce1099a9 2897d76d56d2010f4e3a28f864d69223 d02f9caf3e11b191a38179103495106f e8e50b42231236b82df27684e7ec0beb

Email subscription for changes to this article
Save as PDF