CU-2.6.32-042stab084.14 Virtuozzo containers 4.7 Core Update

Created:

2016-11-16 13:15:13 UTC

Modified:

2017-04-24 11:41:41 UTC

0

Was this article helpful?


Have more questions?

Submit a request

CU-2.6.32-042stab084.14 Virtuozzo containers 4.7 Core Update

Applicable to:

  • Plesk for Linux
-----------------------------------------------------------------------
Synopsis: A new Parallels Virtuozzo Containers 4.7 kernel
update addressing security issues.
Product: Parallels Virtuozzo Containers 4.7
Keywords: 'security'

--------------------------------------------------------------------------------

This document provides information on the new Parallels Virtuozzo Containers 4.7
kernel, version 2.6.32-042stab084.14.

--------------------------------------------------------------------------------
CONTENTS

1. About This Update
2. Update Description
3. Obtaining the New Kernel
4. References

--------------------------------------------------------------------------------

1. ABOUT THIS UPDATE

The current update for the Parallels Virtuozzo Containers 4.7 kernel provides a
new kernel based on the Red Hat Enterprise Linux 6.4 kernel
(2.6.32-358.23.2.el6). The updated kernel includes a number of security fixes.

--------------------------------------------------------------------------------

2. UPDATE DESCRIPTION

This update includes the following fixes and improvements:

* A flaw was found in the way the Linux kernel's TCP/IP protocol suite
implementation handled sending of certain UDP packets over sockets that used
the UDP_CORK option when the UDP Fragmentation Offload (UFO) feature was
enabled on the output device. A local, unprivileged user could use this flaw
to cause a denial of service or, potentially, escalate their privileges on
the system. (CVE-2013-4470)

* An information leak flaw in the Linux kernel could allow a local, unprivileged
user to leak kernel memory to user space. (CVE-2013-2141)

--------------------------------------------------------------------------------

3. OBTAINING THE NEW KERNEL

You can download and install this kernel update using the vzup2date utility
included in the Parallels Virtuozzo Containers 4.7 distribution set.

--------------------------------------------------------------------------------

4. REFERENCES

https://rhn.redhat.com/errata/RHSA-2013-1801.html

https://www.redhat.com/security/data/cve/CVE-2013-2141.html
https://www.redhat.com/security/data/cve/CVE-2013-4470.html

--------------------------------------------------------------------------------
Copyright (c) 1999-2013 Parallels IP Holdings GmbH and its affiliates. All
rights reserved.
Have more questions? Submit a request
Please sign in to leave a comment.