Between Tuesday, May 28 and Thursday, May 30, the NOC Team will be performing a reboot of our environment. The nature of this reboot is to finalize the application of the latest, patched kernel to address a critical security issue.
On most host nodes, we anticipate less than 10 minutes of downtime, and they will make every effort to minimize the impact this will have on our service. Due to the critical nature of this vulnerability and the requirement of expediency, we can not reschedule this maintenance window, nor can we provide a more precise reboot time.
This update contains fixes for the following security issue:
A flaw was found in the way perf array index was sanitized. A local unprivileged user can use this flaw to increase their privileges on the system.
For more information about this vulnerability, please visit parallels.com. Sipylus will be actively monitoring our host machine for the duration of the maintenance. For updates on the status of the maintenance specific to your node, please contact us.
CVE-2013-2094
Synopsis: New Parallels Virtuozzo Containers 4.7 kernel
provides an update with a fix for critical security issue.
Product: Parallels Virtuozzo Containers 4.7
Keywords: “security”
———————————————————————–
This document provides information on the new Parallels Virtuozzo Containers 4.7 kernel, version 2.6.32-042stab076.8.
——————————————————————————–
TABLE OF CONTENTS
1. About This Release
2. Updates Description
3. Obtaining New Kernel
4. References
——————————————————————————–
1. ABOUT THIS RELEASE
The current update for the Parallels Virtuozzo Containers 4.7 kernel provides
a new kernel based on the Red Hat Enterprise Linux 6.3 kernel
(2.6.32-279.22.1.el6). The updated kernel includes a fix for a critical security
issue.
——————————————————————————–
2. UPDATES DESCRIPTION
This update contains fixes for the following security issue:
* A flaw was found in the way theperf array index was sanitized.
A local unprivileged user could use this flaw to increase their privileges
on the system. (CVE-2013-2094)
——————————————————————————–
3. OBTAINING NEW KERNEL
You can download and install this kernel update using the “vzup2date” utility
included in the Parallels Virtuozzo Containers 4.7 distribution set.