Since 042stab140.1:

  • Kernel could crash with "BUG at net/ipv4/tcp_output.c" message in tcp_retransmit_skb(). (PSBM-97313)
  • Firewalld failed to start in a CentOS 7.7 container due to a firewalld patch that changed how 'nf_conntrack' was loaded. This heuristic can be disabled per-host by using 'sysctl kernel.ve_smnfct_enabled'. (PSBM-98041)
  • Kernel could crash after failed migration or CPT restore with "BUG at kernel/cgroup.c" message in cgroup_rmdir(). (PSBM-98407, OVZ-6774, OVZ-6957, OVZ-7101)