Virtuozzo 7 : readykernel-patch (VZA-2019-068)

high Nessus Plugin ID 133458

Synopsis

The remote Virtuozzo host is missing a security update.

Description

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities :

- tcp: integer overflow while processing SACK blocks allows remote denial of service. An integer overflow was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. While processing SACK segments, the Linux kernel's socket buffer (SKB) data structure becomes fragmented. Each fragment is about TCP maximum segment size (MSS) bytes. To efficiently process SACK blocks, the Linux kernel merges multiple fragmented SKBs into one, potentially overflowing the variable holding the number of segments. A remote attacker could use this flaw to crash the Linux kernel by sending a crafted sequence of SACK segments on a TCP connection with small value of TCP MSS, resulting in a denial of service.

- nfs: NULL pointer dereference due to an anomalized NFS message sequence. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence.
This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

Note that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the readykernel patch.

See Also

https://virtuozzosupport.force.com/s/article/VZA-2019-068

http://www.nessus.org/u?f75313dd

http://www.nessus.org/u?a6382ef0

http://www.nessus.org/u?fce0b0f5

http://www.nessus.org/u?1193994a

http://www.nessus.org/u?d0f897ef

http://www.nessus.org/u?3f4cb69c

http://www.nessus.org/u?7e46c367

http://www.nessus.org/u?a97adc25

http://www.nessus.org/u?34a0ef2a

Plugin Details

Severity: High

ID: 133458

File Name: Virtuozzo_VZA-2019-068.nasl

Version: 1.5

Type: local

Published: 2/4/2020

Updated: 3/28/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2019-11477

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:virtuozzo:virtuozzo:7, p-cpe:/a:virtuozzo:virtuozzo:readykernel

Required KB Items: Host/local_checks_enabled, Host/Virtuozzo/release, Host/Virtuozzo/rpm-list, Host/readykernel-info

Exploit Ease: No known exploits are available

Patch Publication Date: 8/20/2019

Reference Information

CVE: CVE-2018-16871, CVE-2019-11477