Issue date: 2017-03-20
Affected products: Virtuozzo 6.0
Virtuozzo Advisory ID: VZA-2017-019
This update provides the new Virtuozzo 6.0 kernel 2.6.32-042stab120.20 based on the Red Hat Enterprise Linux 6.8 kernel 2.6.32-642.6.1.el6. The new kernel provides a security fix.
2. Security Fixes
- [Moderate] A flaw was discovered in the Linux kernel's key subsystem. Invoking the request_key() system call with a specially crafted set of arguments could result in a NULL-pointer dereference inside the search_keyring() function. A local unprivileged user could use this vulnerability to crash the system. The vulnerability could be exploited from inside containers. (CVE-2017-2647)
3. Installing the Update
Install the update by running 'yum update'.
The JSON file with the list of new and updated packages is available at http://docs.virtuozzo.com/vza/VZA-2017-019.json.