Issue date: 2015-06-19
1. What's Included in This Update
This update includes a new Parallels Server Bare Metal 5.0 kernel (2.6.32-042stab108.5) based on the Red Hat Enterprise Linux 6.6 kernel (2.6.32-504.16.2.el6). The new kernel introduces stability and security fixes.
2. Bug Fixes
An information leak flaw was found in the way the Linux kernel changed certain segment registers and thread-local storage (TLS) during a context switch. A local, unprivileged user could use this flaw to leak the user space TLS base address of an arbitrary process. (CVE-2014-9419)
It was found that the Linux kernel's ISO file system implementation did not correctly limit the traversal of Rock Ridge extension Continuation Entries (CE). An attacker with physical access to the system could use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service. (CVE-2014-9420)
An information leak flaw was found in the way the Linux kernel's Virtual Dynamic Shared Object (vDSO) implementation performed address randomization. A local, unprivileged user could use this flaw to leak kernel memory addresses to user-space. (CVE-2014-9585)
It was found that the Linux kernel's implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access operation, potentially resulting in memory corruption due to an I/O vector array overrun. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2015-1805)
A flaw was found in the way the Linux kernel's file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a container could use this flaw to escape the bind mount and, potentially, escalate their privileges on the system. (CVE-2015-2925) An owner of a simfs-based container could use this flaw to get access to files on host. VZFS and ploop containers are not affected. (#OVZ-3256)
A buffer overflow flaw was found in the way the Linux kernel's Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use this flaw to crash, or potentially escalate their privileges on, a system over a connection with an active AES-GCM mode IPSec security association. (CVE-2015-3331)
Under certain network workload, a container checkpoint/restore operation could result in conntrack duplication which could prevent online migration of the container. (#PSBM-32411)
CPT image compatibility was broken in 042stab108.x kernels. As a result, a received but nondelivered TCP packet saved into the CPT image could, under certain circumstances, lose TCP flags during restore on 042stab108.x kernels. Incorrect processing of restored packets and could result in unexpected kernel warnings or issues with userspace applications. (#PSBM-33549, #OVZ-3237)
- Container restore could lead to host crash if tar inside the container incorrectly restored tty device files. (#PSBM-32795)
3. Obtaining the Update
You can download and install the update using the vzup2date utility included in the Parallels Server Bare Metal 5.0 distribution set.
Copyright (c) 1999-2015 Parallels IP Holdings GmbH and its affiliates. All rights reserved.