Article ID: 120650, created on Mar 21, 2014, last review on May 10, 2014

  • Applies to:
  • Virtuozzo hypervisor 5.0
--------------------------------------------------------------------------------
Synopsis:          A new Parallels Server Bare Metal 5.0 kernel
  update addressing a security issue.
Issue date:        2014-03-22
Product:           Parallels Server Bare Metal 5.0
Keywords:          'bugfix' 'security'
 
--------------------------------------------------------------------------------
 
This document provides information on the new Parallels Server Bare Metal 5.0 kernel, version 2.6.32-042stab085.20.
 
--------------------------------------------------------------------------------
CONTENTS
 
1. About This Update
2. Update Description
3. Obtaining the New Kernel
 
--------------------------------------------------------------------------------
 
1. ABOUT THIS UPDATE
 
The current update for the Parallels Server Bare Metal 5.0 kernel provides a new kernel based on the Red Hat Enterprise Linux 6.5 kernel (2.6.32-431.1.2.el6). The updated kernel includes a security fix.
 
--------------------------------------------------------------------------------
 
2. UPDATE DESCRIPTION
 
This update includes the following fix:
 
* A bug in the VFS lookup code could cause a kernel panic.  (PSBM-25537)
 
* A bug in the nf_conntrack_dccp code could result in copying the data into an  actual buffer that sits on the stack.
 
  A remote attacker could use this flaw (with a possibly malformed DCCP packet) to crash the system or, potentially, escalate their privileges on the system.  (PSBM-25685)
 
--------------------------------------------------------------------------------
 
3. OBTAINING THE NEW KERNEL
 
You can download and install this kernel update using the vzup2date utility included in the Parallels Server Bare Metal 5.0 distribution set.
 
--------------------------------------------------------------------------------
Copyright (c) 1999-2014 Parallels IP Holdings GmbH and its affiliates.
All rights reserved.
 

c662da62f00df94fd77ba7a2c9eff4b4 2897d76d56d2010f4e3a28f864d69223 a26b38f94253cdfbf1028d72cf3a498b

Email subscription for changes to this article
Save as PDF