Kernel security update: CVE-2017-11600 and other; Virtuozzo ReadyKernel patch 27.0 for Virtuozzo 7.0.4 and 7.0.4 HF3

Issue date: 2017-08-04

Applies to: Virtuozzo 7.0

Virtuozzo Advisory ID: VZA-2017-068

1. Overview

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernels 3.10.0-514.16.1.vz7.30.10 (Virtuozzo 7.0.4) and 3.10.0-514.16.1.vz7.30.15 (Virtuozzo 7.0.4 HF3).

2. Security Fixes

[Moderate] A vulnerability was found in the handling of xfrm Netlink messages. A privileged user inside a container could cause a denial of service (kernel crash) by sending a crafted Netlink message with type XFRM_MSG_MIGRATE to the kernel. (CVE-2017-11600)
[Moderate] Integer overflow vulnerability in ip6_find_1stfragopt() function was found. Local attacker that has privileges to open raw sockets can cause infinite loop inside ip6_find_1stfragopt() function. (CVE-2017-7542)
[Moderate] Kernel memory corruption due to a buffer overflow was found in brcmf_cfg80211_mgmt_tx() function in Linux kernels from v3.9-rc1 to v4.13-rc1. The vulnerability can be triggered by sending a crafted NL80211_CMD_FRAME packet via netlink. An unprivileged local user could use this flaw to induce kernel memory corruption on the system, leading to a crash. (CVE-2017-7541)

3. Bug Fixes

Division by zero in dcache_is_low(). (PSBM-69018)
It was discovered that lseek(SEEK_DATA) and lseek(SEEK_HOLE) returned incorrect values on ext4 filesystem in some cases, causing corruption of QCOW2 disk images used by VMs. (PSBM-68292)
venet: netdevice structures were not always freed (memory leak). (PSBM-65033)

4. Installing the Update

Download, install, and instantly apply the patch to the current kernel by running ‘readykernel update’.

5. References

The JSON file with the list of new and updated packages is available at JSON file.