From khorenko at virtuozzo.com  Tue Feb 12 09:58:05 2019
From: khorenko at virtuozzo.com (Konstantin Khorenko)
Date: Tue, 12 Feb 2019 06:58:05 +0000
Subject: [Users] [NEW KERNEL] vzkernel-3.10.0-862.20.2.vz7.73.27 (with fix
 for CVE-2019-5736)
Message-ID: <c78db090-cebd-2da0-6952-2485b83c32fa@virtuozzo.com>

Hi All,

guess you are aware of recent security vulnerability CVE-2019-5736:
potential breakage of container isolation via symlinks to /proc/self/exe.

https://virtuozzosupport.force.com/s/article/000017636

We've built full vzkernel for OpenVZ users:
https://download.openvz.org/virtuozzo/factory/x86_64/os/Packages/v/vzkernel-3.10.0-862.20.2.vz7.73.27.x86_64.rpm

The kernel is based on stable kernel released as a part of Virtuozzo Infrastructure Platform product:
https://www.virtuozzo.com/products/virtuozzo-infrastructure-platform.html
http://repo.virtuozzo.com/vz-platform/releases/2.5/x86_64/os/Packages/v/

+ includes fixes provided via ReadyKernel for this kernel up to now:
https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-73.24-72.0-1.vl7/

The kernel is based on stable kernel and passed basic validation.

--
Best regards,

Konstantin Khorenko,
Virtuozzo Linux Kernel Team