[Important] [Security] Virtuozzo ReadyKernel Patch 165.1 for Virtuozzo Hybrid Server 7.5

2023-12-1900:00:00

docs.virtuozzo.com

virtuozzo readykernel

patch 165.1

security fixes

virtuozzo hybrid server 7.5

vulnerability id

vstor-78331

cve-2023-45871

3.10.0-1160.53.1.vz7.185.3

3.10.0-1160.90.1.vz7.200.7

ext4/mfsync

igb driver

buffer size

7.5 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

19.9%

JSON

The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.5.
Vulnerability id: VSTOR-78331
[3.10.0-1160.53.1.vz7.185.3 to 3.10.0-1160.90.1.vz7.200.7] ext4/mfsync: A BUG_ON occurred if a wrong set of files was provided.

Vulnerability id: CVE-2023-45871
[3.10.0-1160.53.1.vz7.185.3 to 3.10.0-1160.90.1.vz7.200.7] An issue in the IGB driver caused a buffer size to be inadequate for frames larger than the MTU.

OSVersionArchitecturePackageVersionFilename
Virtuozzo Hybrid Server7.5x86_64readykernel-patch-185.3< 165.1-1.vl7readykernel-patch-185.3-165.1-1.vl7.x86_64.rpm
Virtuozzo Hybrid Server7.5x86_64readykernel-patch-191.4< 165.1-1.vl7readykernel-patch-191.4-165.1-1.vl7.x86_64.rpm
Virtuozzo Hybrid Server7.5x86_64readykernel-patch-200.7< 165.1-1.vl7readykernel-patch-200.7-165.1-1.vl7.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
Virtuozzo Hybrid Server	7.5	x86_64	readykernel-patch-185.3	< 165.1-1.vl7	readykernel-patch-185.3-165.1-1.vl7.x86_64.rpm
Virtuozzo Hybrid Server	7.5	x86_64	readykernel-patch-191.4	< 165.1-1.vl7	readykernel-patch-191.4-165.1-1.vl7.x86_64.rpm
Virtuozzo Hybrid Server	7.5	x86_64	readykernel-patch-200.7	< 165.1-1.vl7	readykernel-patch-200.7-165.1-1.vl7.x86_64.rpm