readykernel-patch-63.3-59.0-1.vl7

Distribution:
Virtuozzo 7
Kernel Update Version:
3.10.0-862.9.1.vz7.63.3
Release Date:
2018-08-27 10:46:01
  • PSBM-87859

    Kernel bug: scheduling while atomic in scsi_register_device_handler().

  • PSBM-73001

    sunrpc: potential kernel crash (use after free) in svc_process_common().

  • PSBM-87649

    Potential out-of-bounds read in fuse_dev_splice_write().

  • PSBM-87670

    Attempts to start a container fail with errors like 'cannot create directory /sys/fs/cgroup/beancounter/{something}'.

  • PSBM-87281

    'libvirtd' service was unresponsive because 'cgroup_mutex' was held for a long time.

  • PSBM-87858

    Haproxy processes are getting stuck in D state in lock_sock().

  • PSBM-87877

    Processes could get stuck in an unkillable state when using large FUSE KIO messages.

    It was found that rpc_get_hdr() function from 'fuse_kio_pcs' module did not return valid values in 'msg_size' in some cases. As a result, the processes using large FUSE KIO messages could get stuck in an unkillable state.
  • PSBM-87338

    Containers failed to start due to memory allocation failure in ip_set_net_init().

    Kernel module 'ip_set' tried to allocate physically contiguous memory areas for its array of pointers to 'ip_set' structures in ip_set_net_init(). If large enough maximum number of IP sets was requested from the user space, memory allocation would fail. Containers would fail to start as a result.
  • CVE-2017-18344

    Out-of-bounds access in show_timer() function.

    The implementation of timer_create system call in the Linux kernel before 4.14.8 doesn't properly validate the sigevent::sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE).
    https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-18344