Welcome, Guest Login

Support Center

Virtuozzo 6.0 Update 11 Hotfix 16 (6.0.11-3483)

Last Updated: Oct 11, 2016 09:05AM UTC

Issue date:        2016-10-10

1. What's Included in This Update

This update includes a new Virtuozzo 6.0 kernel 2.6.32-042stab120.2 which is a rebase to the Red Hat Enterprise Linux 6.8 kernel 2.6.32-642.6.1.el6. The new kernel inherits security and stability fixes from the RHEL kernel and also contains a number of internal stability fixes.

2. Bug Fixes

- Uninitialized variable in request_key handling causes kernel crash in error handling path (CVE-2016-4470)
- infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system. (CVE-2016-4565)
- Heap buffer overflow in hiddev driver. This flaw could allow a local attacker to corrupt kernel memory, possibly escalating their privileges or crashing the system. (CVE-2016-5829)
- Under certain conditions, free or top run inside a container could show that zero memory was used. (PSBM-42024)
- FUSE improvements. (PSBM-49057, PSBM-49825)
- cpt: Containers with deleted sockets on tmpfs file system could not be resumed after suspend. (PSBM-49584)
- Ploop improvements. (PSBM-47696, PSBM-49747)
- ext4: Parallel mounting of multiple disks with lazy initialization takes too long. (PSBM-49847)
- Added per-container limit on the number of available network namespaces. (PSBM-53183)
- drbd: Out of memory error when invoking fence-peer handler. (OVZ-6777)

3. Obtaining the Update

You can download and install the update using the yum utility included in the Virtuozzo 6.0 distribution.

4. References

https://rhn.redhat.com/errata/RHBA-2016-1185.html
https://rhn.redhat.com/errata/RHSA-2016-1406.html
https://rhn.redhat.com/errata/RHSA-2016-1664.html
https://rhn.redhat.com/errata/RHSA-2016-2006.html 
https://www.redhat.com/security/data/cve/CVE-2016-4470.html
https://www.redhat.com/security/data/cve/CVE-2016-4565.html
https://www.redhat.com/security/data/cve/CVE-2016-5829.html

--------------------------------------------------------------------------------
Copyright (c) 1999-2016 Parallels IP Holdings GmbH and its affiliates. All rights reserved.

Open a new case
















  • You can call our Support Team:

     +1 855-466-6670  Toll-free
     +1 425-689-7142  US
     +44 203-389-8331  UK
     +49 8914-379-4365  DE
     +7 499-609-2754  RU
e13d0138f9baaceff06b8753a609e5c0@virtuozzo.desk-mail.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete