amuck-landowner

New OpenVZ/RHEL6 kernel 042stab094.7 addresses CT breakout

Geek

Technolojesus
Verified Provider
FYI for those still not yet patched.  :)

-John

https://openvz.org/Download/kernel/rhel6/042stab094.7

Since 042stab093.5:

  • [security] fix access to the host filesystem from inside a container (#PSBM-29594)
  • ms/net/ipv4: dst_entry leak in ip_send_reply() (#2672, PSBM-29405)
  • cpt: Fix nfct->use leak in undump_expect_list()
  • cpt: save and restore the bounding set of capabilities (PSBM-29230)
  • ms/module: remove rmmod wait option (PSBM-27580)
  • net: tcp/ipv4 - don't panic the kernel if socket has no waiter (PSBM-27040)
  • cpt/net: dump and restore net.ipv4.conf.<device>.<option> (#2965, PSBM-28501)
  • ms/hrtimer: Prevent remote enqueue of leftmost timers
  • ms/hrtimer: Set expiry time before
  • ms/hrtimer: Backport CLOCK_BOOTTIME feature, needed for latest systemd (#2937)
  • fs/aio: aio_nr & aio_max_nr variables virtualization (PSBM-27188)
  • fs/aio: introduce aio_nr & aio_max_nr per-CT sysctls (PSBM-27188)
  • fs/inotify: fix memory leak (#3068)
  • cpt: aio_max_nr migration support (PSBM-27188)
  • ploop: add a separate queue for discard bio-s (v2) (PSBM-27676)
  • ploop: update i_size on preallocation (#3030)
  • mm: shmem -- Do not account @max_blocks in container's system shared memory (PSBM-23408)
  • ip_venetstat_init: fix access to ve_list without proper locking
  • ms/fs: dentry leak in simple_fill_super() failure exit (PSBM-28653)
  • ms/net: cbq: incorrectly low bandwidth setting blocks limited (PSBM-28459)
  • fs/ext4: self-deadlock in wait_flush_aiodio_work()/ext4_end_io_dio()
  • kernel: kill invalid BUG_ON in next_thread (PSBM-29067, #2895)
  • kmod: Allow ts_* (text search) modules autoloading (PSBM-28358)
  • cpt: fix unsafe helper dereference in dump_one_ct (PSBM-28841)
  • sched: make allowance for vcpu rate in /proc/stat (PSBM-28500)
  • ploop: Fix file->f_count leak in raw_complete_snapshot()
  • ploop: print warning on "disk full" condition (#3045)
  • ms/net: sock_queue_err_skb() dont mess with sk_forward_alloc (PSBM-29156)
  • arch/x86_64: increase kernel stack size up to 16K on debug kernels (PSBM-28515)
  • ploop: check error from freeze_bdev (PSBM-28460)
See also
 
Top
amuck-landowner