[Announce] Kernel RHEL6 042stab144.1

Vasily Averin vvs at openvz.org
Mon May 25 09:09:12 MSK 2020 

OpenVZ project released an updated RHEL6 based kernel.
Read below for more information. Everyone is advised to update.

Changes and Download
====================
(since 042stab142.1)

* Rebase to RHEL6u10 kernel 2.6.32-754.29.2.el6
* [Important] Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic. (CVE-2020-10711)
* [Important] kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow. (CVE-2019-17666)
* [Important] kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c. (CVE-2019-17133)
* [Moderate] kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c. (CVE-2020-11565)
* [Moderate] kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c. (CVE-2020-8648)
* [Moderate] kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol. (CVE-2019-17055)
* [Moderate] kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service. (CVE-2019-15916)
* [Low] kernel: offset2lib allows for the stack guard page to be jumped over. (CVE-2017-1000371)
* Do not force memory reclaim during per-netns memory allocation for conntrack hash table. (PSBM-102730)

=== See also ===
https://access.redhat.com/errata/RHSA-2020:0790
https://access.redhat.com/errata/RHSA-2020:1524
https://access.redhat.com/errata/RHSA-2020:2103
https://www.redhat.com/security/data/cve/CVE-2017-1000371.html
https://www.redhat.com/security/data/cve/CVE-2019-15916.html
https://www.redhat.com/security/data/cve/CVE-2019-17055.html
https://www.redhat.com/security/data/cve/CVE-2019-17133.html
https://www.redhat.com/security/data/cve/CVE-2019-17666.html
https://www.redhat.com/security/data/cve/CVE-2020-8648.html
https://www.redhat.com/security/data/cve/CVE-2020-10711.html
https://www.redhat.com/security/data/cve/CVE-2020-11565.html

For more info and downloads, see:
https://openvz.org/Download/kernel/rhel6/042stab144.1

Bug reporting
=============
Use http://bugs.openvz.org/ to report any bugs found.

Regards,
    OpenVZ team

More information about the Announce mailing list