Article ID: 125926, created on Jun 17, 2015, last review on Sep 13, 2015

  • Applies to:
  • Virtuozzo 6.0

Issue date: 2015-06-19

1. What's Included in This Update

This update includes a new Virtuozzo (formerly Parallels Cloud Server) 6.0 kernel (2.6.32-042stab108.5) based on the Red Hat Enterprise Linux 6.6 kernel (2.6.32-504.16.2.el6). The new kernel introduces stability and security fixes.

2. Bug Fixes

  • An information leak flaw was found in the way the Linux kernel changed certain segment registers and thread-local storage (TLS) during a context switch. A local, unprivileged user could use this flaw to leak the user space TLS base address of an arbitrary process. (CVE-2014-9419)

  • It was found that the Linux kernel's ISO file system implementation did not correctly limit the traversal of Rock Ridge extension Continuation Entries (CE). An attacker with physical access to the system could use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service. (CVE-2014-9420)

  • An information leak flaw was found in the way the Linux kernel's Virtual Dynamic Shared Object (vDSO) implementation performed address randomization. A local, unprivileged user could use this flaw to leak kernel memory addresses to user-space. (CVE-2014-9585)

  • It was found that the Linux kernel's implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access operation, potentially resulting in memory corruption due to an I/O vector array overrun. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2015-1805)

  • A flaw was found in the way the Linux kernel's file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a container could use this flaw to escape the bind mount and, potentially, escalate their privileges on the system. (CVE-2015-2925) An owner of a simfs-based container could use this flaw to get access to files on host. VZFS and ploop containers are not affected. (#OVZ-3256)

  • A buffer overflow flaw was found in the way the Linux kernel's Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use this flaw to crash, or potentially escalate their privileges on, a system over a connection with an active AES-GCM mode IPSec security association. (CVE-2015-3331)

  • Under certain network workload, a container checkpoint/restore operation could result in conntrack duplication which could prevent online migration of the container. (#PSBM-32411)

  • CPT image compatibility was broken in 042stab108.x kernels. As a result, a received but nondelivered TCP packet saved into the CPT image could, under certain circumstances, lose TCP flags during restore on 042stab108.x kernels. Incorrect processing of restored packets and could result in unexpected kernel warnings or issues with userspace applications. (#PSBM-33549, #OVZ-3237)

  • Container restore could lead to host crash if tar inside the container incorrectly restored tty device files. (#PSBM-32795)

3. Obtaining the Update

You can download and install the update using the yum utility included in the Virtuozzo (formerly Parallels Cloud Server) 6.0 distribution.

4. References

https://rhn.redhat.com/errata/RHSA-2015-1081.html

https://access.redhat.com/security/cve/CVE-2014-9419

https://access.redhat.com/security/cve/CVE-2014-9420

https://access.redhat.com/security/cve/CVE-2014-9585

https://access.redhat.com/security/cve/CVE-2015-1805

https://access.redhat.com/security/cve/CVE-2015-2925

https://access.redhat.com/security/cve/CVE-2015-3331


Copyright (c) 1999-2015 Parallels IP Holdings GmbH and its affiliates. All rights reserved.

Search Words

stability

security

bugfix

c62e8726973f80975db0531f1ed5c6a2 2897d76d56d2010f4e3a28f864d69223 0dd5b9380c7d4884d77587f3eb0fa8ef

Email subscription for changes to this article
Save as PDF