Article ID: 120651, created on Mar 21, 2014, last review on May 11, 2014

  • Applies to:
  • Virtuozzo 6.0
--------------------------------------------------------------------------------
Synopsis:          A new Parallels Cloud Server 6.0 kernel update
addressing a  security issue.
Issue date:    2014-03-22
Product:           Parallels Cloud Server 6.0
Keywords:          'bugfix' 'security'
 
--------------------------------------------------------------------------------
 
This document provides information on the new Parallels Cloud Server 6.0
kernel, version 2.6.32-042stab085.20.
 
--------------------------------------------------------------------------------
CONTENTS
 
1. About This Update
2. Update Description
3. Obtaining the New Kernel
 
--------------------------------------------------------------------------------
 
1. ABOUT THIS UPDATE
 
The current update for the Parallels Cloud Server 6.0 kernel provides a
new kernel based on the Red Hat Enterprise Linux 6.5 kernel
(2.6.32-431.1.2.el6).  The updated kernel includes a security fix.
 
--------------------------------------------------------------------------------
 
2. UPDATE DESCRIPTION
 
This update includes the following fix:
 
* A bug in the VFS lookup code could cause a kernel panic. (PSBM-25537)
 
* A bug in the nf_conntrack_dccp code could result in copying the data
into an actual buffer that sits on the stack.
 
  A remote attacker could use this flaw (with a possibly malformed DCCP
  packet) to crash the system or, potentially, escalate their privileges
  on the system.  (PSBM-25685)
 
--------------------------------------------------------------------------------
 
3. OBTAINING THE NEW KERNEL
 
You can download and install this kernel update using the yum utility
included in the Parallels Cloud Server 6.0 distribution set.
 
--------------------------------------------------------------------------------
Copyright (c) 1999-2014 Parallels IP Holdings GmbH and its affiliates.
All rights reserved.
 

c62e8726973f80975db0531f1ed5c6a2 2897d76d56d2010f4e3a28f864d69223 0dd5b9380c7d4884d77587f3eb0fa8ef

Email subscription for changes to this article
Save as PDF