[Announce] Kernel RHEL6 042stab125.5
Vasily Averin
vvs at openvz.org
Tue Oct 24 10:00:37 MSK 2017
OpenVZ project released an updated RHEL6 based kernel.
Read below for more information. Everyone is advised to update.
Changes and Download
====================
(since 042stab125.3)
* [Moderate] A flaw was found in the implementation of associative arrays where
the add_key systemcall and KEYCTL_UPDATE operations allowed for a NULL payload
with a nonzero length. When accessing the payload within this length parameters
value, an unprivileged user could trivially cause a NULL pointer dereference
(kernel oops). (CVE-2017-15274)
* Improved the hash function for IPv6 neighbours to increase system responsiveness
under IPv6 flooding attacks. (PSBM-73496)
* Stopping NFS server inside a container could cause the host to crash. (PSBM-74832)
For more info and downloads, see:
https://openvz.org/Download/kernel/rhel6/042stab125.5
See also
========
https://www.redhat.com/security/data/cve/CVE-2017-15274.html
Bug reporting
=============
Use http://bugs.openvz.org/ to report any bugs found.
Regards,
OpenVZ team
More information about the Announce
mailing list