On 09/26/2018 02:28 PM, Vasily Averin wrote: > Dear José Manuel, > thank you for this notification. > We know about this problem. > For Vz6 I'm waiting for new RHEL6 kernel with fix, > I expect it should be released today-tomorrow, > otherwise I'll backport the fixes from RHEL7 kernel. > openvz6 kernel will be released right after release of vz6 kernel. > > For Vz7 we're preparing ReadyKernel livepatch.
ReadyKernel patches version 62.2-1.vl7 was published, announce and description on readykernel.com will be updated tomorrow morning. > On 09/26/2018 12:57 PM, José Manuel Giner wrote: >> We need a patch for OpenVZ kernel >> >> A serious security vulnerability has been found within the Linux Kernel >> nicknamed "Mutagen Astronomy" that affects CentOS, RHEL and possible others. >> This exploit would allow an attacker to exploit a flaw in any SUID-root >> binary to easily obtain full root privileges. >> >> It is recommended that users take the necessary precautions immediately. >> RedHat has already released mitigation instructions referenced below. >> >> Reference(s): >> ------------ >> >> https://access.redhat.com/security/cve/cve-2018-14634 >> >> https://www.qualys.com/2018/09/25/cve-2018-14634/mutagen-astronomy-integer-overflow-linux-create_elf_tables-cve-2018-14634.txt >> >> -- >> José Manuel Giner >> >> >> _______________________________________________ >> Users mailing list >> [email protected] >> https://lists.openvz.org/mailman/listinfo/users >> _______________________________________________ Users mailing list [email protected] https://lists.openvz.org/mailman/listinfo/users
