Dear José Manuel, thank you for this notification. We know about this problem. For Vz6 I'm waiting for new RHEL6 kernel with fix, I expect it should be released today-tomorrow, otherwise I'll backport the fixes from RHEL7 kernel. openvz6 kernel will be released right after release of vz6 kernel.
For Vz7 we're preparing ReadyKernel livepatch. We think about release of fixed kernel for OpenVz7 however final decision is decision is not yet accepted. In any case you can try to mitigate the problem by using systemtap script taken from corresponding Red Hat bug: https://bugzilla.redhat.com/show_bug.cgi?id=1624498#c10 Thank you, Vasily Averin On 09/26/2018 12:57 PM, José Manuel Giner wrote: > We need a patch for OpenVZ kernel > > A serious security vulnerability has been found within the Linux Kernel > nicknamed "Mutagen Astronomy" that affects CentOS, RHEL and possible others. > This exploit would allow an attacker to exploit a flaw in any SUID-root > binary to easily obtain full root privileges. > > It is recommended that users take the necessary precautions immediately. > RedHat has already released mitigation instructions referenced below. > > Reference(s): > ------------ > > https://access.redhat.com/security/cve/cve-2018-14634 > > https://www.qualys.com/2018/09/25/cve-2018-14634/mutagen-astronomy-integer-overflow-linux-create_elf_tables-cve-2018-14634.txt > > -- > José Manuel Giner > > > _______________________________________________ > Users mailing list > Users@openvz.org > https://lists.openvz.org/mailman/listinfo/users > _______________________________________________ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
