7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.018 Low
EPSS
Percentile
88.2%
The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to the kernels 3.10.0-862.9.1.vz7.63.3 (Virtuozzo 7.0.8), 3.10.0-862.11.6.vz7.64.7 (Virtuozzo 7.0.8 HF1), 3.10.0-862.20.2.vz7.73.24 (Virtuozzo 7.0.9 and Virtuozzo Infrastructure Platform 2.5), 3.10.0-862.20.2.vz7.73.29 (Virtuozzo 7.0.9 and Virtuozzo Infrastructure Platform 2.5), 3.10.0-957.10.1.vz7.85.17 (Virtuozzo 7.0.10), 3.10.0-957.12.2.vz7.86.2 (Virtuozzo 7.0.10 HF1), 3.10.0-957.12.2.vz7.96.21 (Virtuozzo 7.0.11 and Virtuozzo Infrastructure Platform 3.0), 3.10.0-1062.4.2.vz7.116.7 (Virtuozzo 7.0.12 HF1 and Virtuozzo Infrastructure Platform 3.5). NOTE: No more patches are planned for the kernel 3.10.0-862.9.1.vz7.63.3, support for which ends with this update.
Vulnerability id: CVE-2019-15538
[3.10.0-862.9.1.vz7.63.3 to 3.10.0-1062.4.2.vz7.116.7] xfs: potential denial of service caused by missing unlock operation in xfs_setattr_nonsize(). It was discovered that xfs_setattr_nonsize() would not unlock ‘ILOCK’ lock if the user or group were out of their disk quota. As a result, any subsequent operation, which needed to take ‘ILOCK’, would get stuck, leading to a denial of service.
access.redhat.com/security/cve/cve-2019-15538
readykernel.com/patch/Virtuozzo-7/readykernel-patch-116.7-98.0-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-63.3-98.0-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-64.7-98.0-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-73.24-98.0-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-73.29-98.0-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-85.17-98.0-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-86.2-98.0-1.vl7/
readykernel.com/patch/Virtuozzo-7/readykernel-patch-96.21-98.0-1.vl7/
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.018 Low
EPSS
Percentile
88.2%