Welcome, Guest Login

Support Center

Kernel security update: CVE-2017-12193; Virtuozzo ReadyKernel patch 37.1 for Virtuozzo 7.0.5

Last Updated: Dec 06, 2017 01:15PM UTC

Issue date: 2017-11-10

Affected products: Virtuozzo 7.0

Virtuozzo Advisory ID: VZA-2017-102

1. Overview

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernel 3.10.0-514.26.1.vz7.33.22 (Virtuozzo 7.0.5).

2. Security Fixes

  • [Moderate] A flaw was found in the implementation of associative arrays in the Linux kernel. A null pointer dereference could happen in assoc_array_apply_edit() due to incorrect node splitting. (CVE-2017-12193)

3. Bug Fixes

  • sysinfo() returns 0 for uptime if called from a VZ7 container. (PSBM-62094)
  • Kernel crash (NULL pointer dereference) in fuse_dev_alloc(). (PSBM-75073)
  • Each resize issues invalidate_inode_pages2(), which triggers ultra slow synchronous writeback of all dirty pages. (PSBM-76437)

4. Installing the Update

Download, install, and instantly apply the patch to the current kernel by running 'readykernel update'.

5. References

The JSON file with the list of new and updated packages is available at http://docs.virtuozzo.com/vza/VZA-2017-102.json.

Open a new case
















  • You can call our Support Team:

     +1 855-466-6670  Toll-free
     +1 425-689-7142  US
     +44 203-389-8331  UK
     +49 8914-379-4365  DE
     +7 499-609-2754  RU
e13d0138f9baaceff06b8753a609e5c0@virtuozzo.desk-mail.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete