[Announce] Kernel RHEL6 042stab123.3

Vasily Averin vvs at openvz.org
Thu May 18 08:01:13 PDT 2017


OpenVZ project released an updated RHEL6 based kernel.
Read below for more information. Everyone is advised to update.

Changes and Download
====================
(since 042stab123.2)

* [Important] The NFSv2 and NFSv3 server implementations in the Linux
kernel through 4.10.13 lack certain checks for the end of a buffer.
A remote attacker could trigger a pointer-arithmetic error or possibly
have unspecified other impact via crafted requests related
to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895)

* [Important] The NFSv2/NFSv3 server in the nfsd subsystem in the Linux
kernel through 4.10.11 allowed remote attackers to cause a denial of service
(system crash) via a long RPC reply, related to net/sunrpc/svc.c,
fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c. (CVE-2017-7645)

* Node with containers running over an NFS share could crash during container
resize operations. A degradation in 042stab123.x kernels. (PSBM-65555)

* Under certain rare conditions, if host resources were lacking, starting
a container with NFS support could crash the host. All 042stab kernels
were affected. (PSBM-65550) 

For more info and downloads, see:
https://openvz.org/Download/kernel/rhel6/042stab123.3


See also
========
https://www.redhat.com/security/data/cve/CVE-2017-7897.html
https://www.redhat.com/security/data/cve/CVE-2017-7645.html


Bug reporting
=============
Use http://bugs.openvz.org/ to report any bugs found.

Regards,
    OpenVZ team


More information about the Announce mailing list