Virtuozzo and CVE-2014-0196 Vulnerability?!?

Discussion in 'General Discussion' started by futureweb, May 14, 2014.

  1. futureweb

    futureweb Tera Poster

    Messages:
    390
    Hello,

    wanted to ask if Virtuozzo 4.7 is also in danger of CVE-2014-0196 Vulnerability ... did not finy any information so far ...
    And if yes - when will a patch be available?!?

    Thank you
    Andreas Schnederle-Wagner
     
  2. MaikB

    MaikB Odin Team

    Messages:
    11
    Hello,

    Situation with RHEL6 kernels differs from situation in mainstream. In both cases the problem exists. However mainstream have "open door", it can easly exploited and lead to kernel crash/memory corruption/privilege escalation. But in RHEL6 this door is closed, problem still exists, but it's not yet possible to exploit it to crash the node. Moreover as soon as Red Hat will publish a proper fix for their kernels we will immediately include them and publish updates for all RHEL6 based versions. More information can be found here:

    https://access.redhat.com/security/cve/CVE-2014-0196
    https://bugzilla.redhat.com/show_bug.cgi?id=1094232

    --Maik
     
  3. futureweb

    futureweb Tera Poster

    Messages:
    390
    Hi Maik,

    thank you for the Information!

    Andreas
     

Share This Page