Article ID: 9264, created on Nov 3, 2010, last review on May 7, 2014

  • Applies to:
  • Virtuozzo for Linux 3.x

Release notes

 --------------------------------------------------------------------------------
Synopsis:          New Virtuozzo 3.0 kernel provides security updates, driver
                   updates, and some other important fixes.
Issue date:        2010-10-29
Product:           Virtuozzo 3.0
Keywords:          security updates, driver update, stability fixes
--------------------------------------------------------------------------------

This document provides information on the new Virtuozzo 3.0 kernel, version
2.6.9-023stab053.2.

В© 1999-2010 Parallels Holdings, Ltd. and its affiliates. All rights reserved.

--------------------------------------------------------------------------------

TABLE OF CONTENTS

1. About This Release
2. Updates Description
3. Obtaining New Kernel
4. Installing New Kernel
5. Required RPMs
6. Reference List

--------------------------------------------------------------------------------

1. ABOUT THIS RELEASE

The current update for the Virtuozzo 3.0 kernel provides a new kernel based on
the Red Hat 4 kernel (2.6.9-89.31.1.EL). The updated kernel includes a
number of security updates, driver updates, and important stability fixes.

--------------------------------------------------------------------------------

2. UPDATES DESCRIPTION

The updated Virtuozzo 3.0 kernel includes fixes for the following security
vulnerabilities fixed in the 2.6.9-89.0.25.EL to 2.6.9-89.31.1.EL Red Hat
kernels:

- A flaw was found in the kernel's Unidirectional Lightweight Encapsulation
  (ULE) implementation. A remote attacker could send a specially-crafted ISO
  MPEG-2 Transport Stream (TS) frame to a target system, resulting in a denial
  of service. (CVE-2010-1086, Important)

- A use-after-free flaw was found in tcp_rcv_state_process() in the kernel's
  TCP/IP protocol suite implementation. If a system using IPv6 had the
  IPV6_RECVPKTINFO option set on a listening socket, a remote attacker could
  send an IPv6 packet to that system, causing a kernel panic.  (CVE-2010-1188,
  Important)

- A divide-by-zero flaw was found in azx_position_ok() in the Intel High
  Definition Audio driver, snd-hda-intel. A local, unprivileged user could
  trigger this flaw to cause a denial of service. (CVE-2010-1085, Moderate)

- An information leak flaw was found in the kernel's USB implementation.
  Certain USB errors could result in an uninitialized kernel buffer being sent
  to user-space. An attacker with physical access to a target system could use
  this flaw to cause an information leak. (CVE-2010-1083, Low)

- A NULL pointer dereference flaw was found in the Linux kernel NFSv4
  implementation. Several of the NFSv4 file locking functions failed to check
  whether a file had been opened on the server before performing locking
  operations on it. A local, unprivileged user on a system with an NFSv4 share
  mounted could possibly use this flaw to cause a kernel panic (denial of
  service) or escalate their privileges. (CVE-2009-3726, Important)

- A race condition between finding a keyring by name and destroying a freed
  keyring was found in the Linux kernel key management facility. A local,
  unprivileged user could use this flaw to cause a kernel panic (denial of
  service) or escalate their privileges. (CVE-2010-1437, Important)

- A flaw was found in the CIFSSMBWrite() function in the Linux kernel Common
  Internet File System (CIFS) implementation. A remote attacker could send a
  specially-crafted SMB response packet to a target CIFS client, resulting in a
  kernel panic (denial of service). (CVE-2010-2248, Important)

- Buffer overflow flaws were found in the Linux kernel's implementation of the
  server-side External Data Representation (XDR) for the Network File System
  (NFS) version 4. An attacker on the local network could send a
  specially-crafted large compound request to the NFSv4 server, which could
  possibly result in a kernel panic (denial of service) or, potentially, code
  execution. (CVE-2010-2521, Important)

- When an application has a stack overflow, the stack could silently overwrite
  another memory mapped area instead of a segmentation fault occurring, which
  could cause an application to execute arbitrary code, possibly leading to
  privilege escalation. It is known that the X Window System server can be used
  to trigger this flaw. (CVE-2010-2240, Important)

- The compat_alloc_user_space() function in the Linux kernel 32/64-bit
  compatibility layer implementation was missing sanity checks. This function
  could be abused in other areas of the Linux kernel if its length argument can
  be controlled from user-space. On 64-bit systems, a local, unprivileged user
  could use this flaw to escalate their privileges. (CVE-2010-3081, Important)

- Information leak flaws were found in the Linux kernel Traffic Control Unit
  implementation. A local attacker could use these flaws to cause the kernel to
  leak kernel memory to user-space, possibly leading to the disclosure of
  sensitive information. (CVE-2010-2942, Moderate)

- A flaw was found in the tcf_act_police_dump() function in the Linux kernel
  network traffic policing implementation. A data structure in
  tcf_act_police_dump() was not initialized properly before being copied to
  user-space. A local, unprivileged user could use this flaw to cause an
  information leak. (CVE-2010-3477, Moderate)

- A missing upper bound integer check was found in the sys_io_submit() function
  in the Linux kernel asynchronous I/O implementation. A local, unprivileged
  user could use this flaw to cause an information leak.  (CVE-2010-3067, Low)


We highly recommend that all Virtuozzo 3.0 users update their kernel to the
latest version.

--------------------------------------------------------------------------------

3. OBTAINING NEW KERNEL

You can download and install the kernel update by using the vzup2date utility
included in the Virtuozzo 3.0 distribution set.

--------------------------------------------------------------------------------

4. INSTALLING NEW KERNEL

To install the update, perform the following operations:

I. Use the "rpm -ihv" command to install the new kernel and Virtuozzo modules.

# rpm -ivh vzkernel-smp-2.6.9-023stab053.2.i686.rpm \
vzmodules-smp-2.6.9-023stab053.2.i686.rpm
Preparing...                ################################# [100%]
    1:vzkernel-smp           ################################# [50%]
    2:vzmodules-smp          ################################# [100%]

    Please DO NOT USE the "rpm -Uhv" command to install the kernel. Otherwise,
    all the kernels previously installed on your system may be removed from
    the Hardware Node.

II. You can adjust your boot loader configuration file to have the new kernel
    loaded by default. If you use the LILO bootloader, please do not forget to
    execute the 'lilo' command to write the changes to the boot sector:

     # lilo
     Added Virtuozzo2 *
     Added Virtuozzo1
     Added linux
     Added linux-up

III. Reboot your computer with the "shutdown -r now" command to boot the new
     kernel.

--------------------------------------------------------------------------------

5. REQUIRED RPMS

Depending on the kind of processor on your Hardware Node, the following RPM
packages are included in the kernel update:

x86 kernels:

- Uniprocessor:
   vzkernel-2.6.9-023stab053.2.i686.rpm
   vzmodules-2.6.9-023stab053.2.i686.rpm

- SMP:
   vzkernel-smp-2.6.9-023stab053.2.i686.rpm
   vzmodules-smp-2.6.9-023stab053.2.i686.rpm

- Enterprise:
   vzkernel-enterprise-2.6.9-023stab053.2.i686.rpm
   vzmodules-enterprise-2.6.9-023stab053.2.i686.rpm

- Enterprise with the 4GB split feature disabled:
   vzkernel-entnosplit-2.6.9-023stab053.2.i686.rpm
   vzmodules-entnosplit-2.6.9-023stab053.2.i686.rpm


x86_64 kernels:

- Uniprocessor:
   vzkernel-2.6.9-023stab053.2.x86_64.rpm
   vzmodules-2.6.9-023stab053.2.x86_64.rpm

- SMP:
   vzkernel-smp-2.6.9-023stab053.2.x86_64.rpm
   vzmodules-smp-2.6.9-023stab053.2.x86_64.rpm

--------------------------------------------------------------------------------

6. REFERENCE LIST

The following references have been used in this document:

https://rhn.redhat.com/errata/RHSA-2010-0394.html
https://rhn.redhat.com/errata/RHSA-2010-0474.html
https://rhn.redhat.com/errata/RHSA-2010-0606.html
https://rhn.redhat.com/errata/RHSA-2010-0676.html
https://rhn.redhat.com/errata/RHSA-2010-0718.html
https://rhn.redhat.com/errata/RHSA-2010-0779.html

https://www.redhat.com/security/data/cve/CVE-2010-1086.html
https://www.redhat.com/security/data/cve/CVE-2010-1188.html
https://www.redhat.com/security/data/cve/CVE-2010-1085.html
https://www.redhat.com/security/data/cve/CVE-2010-1083.html
https://www.redhat.com/security/data/cve/CVE-2009-3726.html
https://www.redhat.com/security/data/cve/CVE-2010-1437.html
https://www.redhat.com/security/data/cve/CVE-2010-2248.html
https://www.redhat.com/security/data/cve/CVE-2010-2521.html
https://www.redhat.com/security/data/cve/CVE-2010-2240.html
https://www.redhat.com/security/data/cve/CVE-2010-3081.html
https://www.redhat.com/security/data/cve/CVE-2010-2942.html
https://www.redhat.com/security/data/cve/CVE-2010-3477.html
https://www.redhat.com/security/data/cve/CVE-2010-3067.html

9b9439294978ca011521bd467a069524 d02f9caf3e11b191a38179103495106f e8e50b42231236b82df27684e7ec0beb 2897d76d56d2010f4e3a28f864d69223

Email subscription for changes to this article
Save as PDF