Virtuozzo 6 : parallels-server-bm-release / etc (VZA-2018-017)
Critical Nessus Plugin ID 108596
SynopsisThe remote Virtuozzo host is missing multiple security updates.
DescriptionAccording to the versions of the parallels-server-bm-release / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities :
- In the Linux kernel through 4.14.13, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size() function in 'net/rds/rdma.c') and thus to a system panic.
- The rds_cmsg_atomic() function in 'net/rds/rdma.c' mishandles cases where page pinning fails or an invalid address is supplied by a user. This can lead to a NULL pointer dereference in rds_atomic_free_op() and thus to a system panic.
- The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.
Note that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected parallels-server-bm-release / etc packages.