-
CVE-2018-1068
ebtables: out-of-bounds write via userland offsets in ebt_entry struct.
It was discovered that the implementation of ebtables in the kernel did not properly validate the offsets received from the user space. A local user with enough privileges in the user and network namespaces could use that to trigger an out-of-bounds write to the kernel address space.
https://bugzilla.redhat.com/show_bug.cgi?id=1552048
-
PSBM-82021
Potential kernel hang (lockup) during destruction of cgroups.
'memory' and 'memsw' counters could be overcharged when the limit of 'kmem' counter was reached. This would result in a kernel lockup during destruction of cgroups.
-
PSBM-81939
Potential kernel hang (endless loop) in try_charge().
-
PSBM-81600
Ploop: some IO requests were not marked as completed in case of errors.
-
PSBM-81488
High cpu usage in isolate_freepages_block().
vstorage-mount spent a lot of time in isolate_freepages_block() in some cases, causing performance issues.
-
PSBM-81509
Memcg swpin/swpout stats were calculated incorrectly.
-
PSBM-81264
Memory cgroups were not released when starting/stopping a container with Docker.
Memory cgroups were not correctly released during start/stop of a container with Docker. If the node had a significant amount of containers with Docker, this could lead to stopped containers not starting again.
-
PSBM-80340
Hard lockups happened when the kernel was processing SAK (Secure Attention Key).
-
PSBM-81033
Docker v17.11 and newer failed to start in a container.
Starting from v17.11, Docker checks is all cgroups are mounted and refuses to start if some cgroups are not. Some of Virtuozzo-specific cgroups were visible in the containers and were not mounted there, which prevented Docker from starting properly.
-
PSBM-81090
Kernel crash in mem_cgroup_iter().
-
PSBM-80839
Potential denial of service due to extensive memory consumption.
It was discovered that some operations with files in a container could lead to denial of service on the host due to extensive memory consumption.
-
CVE-2018-5344
loop: potential data race between open() and release() leading to use-after-free.
It was found that release() operation for the loop devices has insufficient protection for the device structures against the accesses from the concurrent open() operations. A local attacker can use specially arranged concurrent operations with a loop device to cause a denial of service (kernel crash due to a use-after-free error).
https://bugzilla.redhat.com/show_bug.cgi?id=1533909
-
CVE-2017-18017
netfilter: Use-after-free in tcpmss_mangle_packet().
If the system uses iptables and there are iptables rules with TCPMSS action there, a remote attacker may cause a denial of service (use-after-free in tcpmss_mangle_packet function leading to memory corruption) or possibly have unspecified other impact by sending specially crafted network packets.
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-18017