Article ID: 122312, created on Jul 9, 2014, last review on Jul 9, 2014

  • Applies to:
  • Virtuozzo hypervisor 5.0
Synopsis:          A Parallels Server Bare Metal 5.0 kernel update
                   introducing a security fix.
Product:           Parallels Server Bare Metal 5.0
Keywords:          'security'
1. What's Included in This Update
This update includes a new Parallels Server Bare Metal 5.0 kernel (2.6.32-042stab092.2) based on the Red Hat Enterprise Linux 6.5 kernel (2.6.32-431.20.3.el6). The new kernel introduces a security fix.
2. Bug Fixes
- A critical issue in the Linux kernel's ptrace subsystem code could allow unprivileged local Container users to crash the host system and likely gain host system's root privileges. (#PSBM-27973)
  On Intel CPUs, sysret to non-canonical address causes a fault on the sysret instruction itself after the stack pointer is set to a user mode value but before the CPL is changed. Systems running on AMD CPUs are not vulnerable to this issue as sysret on AMD CPUs does not generate a fault before the CPL change.
  It was found that certain Linux kernel's ptrace subsystem code paths allow the tracer to set tracee's instruction pointer to non-canonical address which is later used on tracee's return to user mode via the sysret instruction, effectively bypassing the hardening introduced via the fixes for CVE-2005-1764 (introduced guard page between the end of the user-mode accessible virtual address space and the beginning of the non-canonical) and CVE-2006-0744 (system call handler hardening).
3. Obtaining the Update
You can download and install the update using the vzup2date utility included in the Parallels Server Bare Metal 5.0 distribution set.
4. References
Copyright (c) 1999-2014 Parallels IP Holdings GmbH and its affiliates. All rights reserved.

c662da62f00df94fd77ba7a2c9eff4b4 2897d76d56d2010f4e3a28f864d69223 a26b38f94253cdfbf1028d72cf3a498b

Email subscription for changes to this article
Save as PDF