readykernel-patch-37.30-41.1-1.vl7

Kernel warnings about memory allocation failures in vznetstat.

Migrating large memory ranges may take a while. With no resched points available, it caused soft lockups in isolate_lru_page().

sctp_do_peeloff() function in the Linux kernel before 4.14 did not check whether the intended netns was used in a peel-off action, which allowed local users to cause a denial of service (use-after-free in sctp_cmp_addr_exact() resulting in system crash) or possibly have unspecified other impact via crafted system calls.

The kernel could consider a container stopped before the resources of that container, for example, VEIP addresses, have been released. As a result, the system could fail to restart the container.

A warning about FR_PENDING bit was printed by request_end() because fuse_request_send_background() did not clear that bit.

Potential use-after-free in the processing of namespaces.

When there were more than two users of a page, __tcache_page_tree_delete() failed to freeze it. The page would never be invalidated and tcache_node->nr_pages would never be decremented. A kernel warning would be output as a result.

Many of the issues that BUG_ON()s were supposed to catch in tcache were not serious enough to crash the kernel. A warning will now be output in such cases instead.

A vulnerability was found in the kernel virtualization module (KVM) for the Intel processors. A guest system could flood the I/O port 0x80 with write requests, which could crash the host kernel, resulting in DoS.

A vulnerability was found in DCCP socket handling code. dccp_disconnect() set the socket state to DCCP_CLOSED but did not properly free some of the resources associated with that socket. This could result in a use-after-free and could potentially allow an attacker to escalate their privileges.

A flaw was found in the patches used to fix the 'Dirty COW' vulnerability (CVE-2016-5195). An attacker, able to run local code, can exploit a race condition in transparent huge pages to modify usually read-only huge pages.

The Linux kernel is vulnerable to a use-after-free issue. It could occur while closing a xfrm netlink socket, in xfrm_dump_policy_done. A user/process could use this flaw to potentially escalate their privileges on a system.

Vstorage service hung in wait_iff_congested() in some cases. The problem was twofold. First, excessive COMMIT operations made by releasepage() in NFS resulted in performance degradation. Second, the non-optimal implementation of splice() operation in FUSE decreased performance as well.