Welcome, Guest Login

Support Center

Parallels Cloud Server 6.0 Update 3 Hotfix 5 (6.0.0-1332)

Last Updated: Sep 08, 2016 12:53PM UTC
--------------------------------------------------------------------------------
Synopsis:          New Parallels Cloud Server 6.0 kernel provides
                   an update with a fix for an important stability issue.
Issue date:        2013-08-01
Product:           Parallels Cloud Server 6.0
Keywords:          'bugfix' 'stability' 'security'
 
--------------------------------------------------------------------------------
 
This document provides information on the new Parallels Cloud Server 6.0 kernel,
version 2.6.32-042stab079.4.
 
--------------------------------------------------------------------------------
TABLE OF CONTENTS
 
1. About This Release
2. Updates Description
3. Obtaining New Kernel
4. References
 
--------------------------------------------------------------------------------
 
1. ABOUT THIS RELEASE
 
The current update for the Parallels Cloud Server 6.0 kernel provides a new
kernel based on the Red Hat Enterprise Linux 6.4 kernel (2.6.32-358.14.1.el6).
The updated kernel includes a number of security, performance, and stability
fixes.
 
--------------------------------------------------------------------------------
 
2. UPDATES DESCRIPTION
 
This update contains fixes for the following issues:
 
* Information leak flaws in the ploop and quota kernel code could allow a local,
  unprivileged user to leak kernel memory to user space. (PSBM-20690,
  CVE-2013-2239)

* A kernel BUG could be triggered in nf_nat_setup_info() function under certain
  circumstances. (PCLIN-31920)
 
* Creation of nested pid namespaces inside Containers was disabled. (PSBM-20670)
 
* "Holy Crap X" debug messages previously printed by the checkpoint code were
  substituted with user friendly reports.
 
* The issues with Parallels Virtuozzo Containers 4.7 kernel compilation with gcc
  4.5 compiler were eliminated.
 
* The ARAT feature bit is now set for AMD CPUs. This improves performance on AMD
  Opteron 62xx-based systems.
 
* The NFS server kernel code was enhanced to return file system superblock time
  granulaty on FSINFO request. This enhancement provides a performance boost
  because inodes are not revalidated most of the time. The performance increase
  can be gained only if the NFS server node runs the Parallels Virtuozzo
  Containers 4.7 kernel and the filesystem exported by the NFS server resides on
  an ext4 filesystem. (PCLIN-31863)
 
* The tcpsndbuf resource counter leak was eliminated. It produced messages like
  "Ub 17843 helds 13080 in tcpsndbuf on put" on Container stops. The issue was
  not a real memory leak, just a counter malfunction. (PCLIN-31931)
 
* The online permission restrictions for devices provided to Containers were
  corrected. (PSBM-19097)
 
* Collisions of inode numbers could cause kernel panic on node reboot, if the
  node used the Rebootless Kernel Update feature. (PCLIN-31948)
 
* A new per-node 'fs.ve-mount-nr' sysctl was introduced. It allows customizing
  the per-Container limit for allowed mount points (4096 by default).

* The issue with license synchronization between different compoments of
  Parallels products was fixed. (PSBM-20179)
 
* A Confainer could fail to restart because of an issue in the
  synchronize_mapping_faults() function which could cause a deadlock.
  (PSBM-20812)
 
* The number of processes which reside in the uninterruptible sleep state could
  be reported incorrectly if a Container was suspended with stopped processes
  inside. This issue did not affect the real node load, but indirectly affected
  the loadaverage reported by the system. (PSBM-21154)
 
* The kernel scheduler optimizations done with the assumption that there were no
  nested Containers improved the overall node performance especially in case of
  Containers with CPU limits configured, residing on NFS volumes. (PSBM-20273)
 
 
Parallels would like to thank Jonathan Salwan of Sysdream Security Laboratory
for reporting CVE-2013-2239.
 
--------------------------------------------------------------------------------
 
3. OBTAINING NEW KERNEL
 
You can download and install this kernel update using the yum utility included
in the Parallels Cloud Server 6.0 distribution set.
 
--------------------------------------------------------------------------------
 
4. REFERENCES
 
https://rhn.redhat.com/errata/RHSA-2013-1051.html

 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2239
 
https://www.redhat.com/security/data/cve/CVE-2012-6548.html
https://www.redhat.com/security/data/cve/CVE-2013-0914.html
https://www.redhat.com/security/data/cve/CVE-2013-1848.html
https://www.redhat.com/security/data/cve/CVE-2013-2128.html
https://www.redhat.com/security/data/cve/CVE-2013-2634.html
https://www.redhat.com/security/data/cve/CVE-2013-2635.html
https://www.redhat.com/security/data/cve/CVE-2013-2852.html
https://www.redhat.com/security/data/cve/CVE-2013-3222.html
https://www.redhat.com/security/data/cve/CVE-2013-3224.html
https://www.redhat.com/security/data/cve/CVE-2013-3225.html
https://www.redhat.com/security/data/cve/CVE-2013-3301.html
 
--------------------------------------------------------------------------------
Copyright (c) 1999-2013 Parallels IP Holdings GmbH and its affiliates. All
rights reserved.

Open a new case
















  • You can call our Support Team:

     +1 855-466-6670  Toll-free
     +1 425-689-7142  US
     +44 203-389-8331  UK
     +49 8914-379-4365  DE
     +7 499-609-2754  RU
e13d0138f9baaceff06b8753a609e5c0@virtuozzo.desk-mail.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete