Kernel security update: Virtuozzo ReadyKernel patch 113.0 for Virtuozzo Server 7.0, Virtuozzo Infrastructure Platform 2.5, 3.0 and Virtuozzo Infrastructure 3.5

Issue date: 2020-08-06

Applies to: Virtuozzo Infrastructure 3.5, Virtuozzo Server 7.0, Virtuozzo Infrastructure Platform 2.5, Virtuozzo Infrastructure Platform 3.0

Virtuozzo Advisory ID: VZA-2020-055

1. Overview

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to the kernels 3.10.0-862.20.2.vz7.73.29 (Virtuozzo Server 7.0.9 and Virtuozzo Infrastructure Platform 2.5), 3.10.0-957.10.1.vz7.85.17 (Virtuozzo Server 7.0.10), 3.10.0-957.12.2.vz7.86.2 (Virtuozzo Server 7.0.10 HF1), 3.10.0-957.12.2.vz7.96.21 (Virtuozzo Server 7.0.11 and Virtuozzo Infrastructure Platform 3.0), 3.10.0-1062.4.2.vz7.116.7 (Virtuozzo Server 7.0.12 HF1 and Virtuozzo Infrastructure 3.5).

2. Security Fixes

[Moderate] [3.10.0-957.10.1.vz7.85.17 to 3.10.0-1062.4.2.vz7.116.7] Possible use-after-free error due to a race condition in cdev_get(). It was discovered that use-after-free condition was possible in cdev_get() if multiple processes simultaneously accessed a character device in a certain way. A local attacker could potentially exploit this to crash the kernel. (CVE-2020-0305)

3. Bug Fixes

[3.10.0-862.20.2.vz7.73.29 to 3.10.0-1062.4.2.vz7.116.7] File system of a container becomes read-only, __ext4_handle_dirty_metadata() reports error 28. (PSBM-105850)

4. Installing the Update

Download, install, and immediately apply the patch to the current kernel by running ‘readykernel update’.

5. References

The JSON file with the list of new and updated packages is available at JSON file.