594
edits
Changes
Created page with "== Changes == Since {{kernel link|rhel6-testing|042stab117.6}}: * The fix for CVE-2016-5696. An attacker with knowledge of a connections client IP, server IP, and server port..."
== Changes ==
Since {{kernel link|rhel6-testing|042stab117.6}}:
* The fix for CVE-2016-5696. An attacker with knowledge of a connections client IP, server IP, and server port can abuse the challenge ACK mechanism and remotely inject or control a TCP stream contents in a connection between a Linux device and its connected client/server. All 042stab kernels are affected. (PSBM-50954)
* Node can crash and reboot due to a crash in nfsd_inetaddr_event on container stop if the NFS server has been started on host. 042stab117.x kernels are affected. (PSBM-49999)
* cpt: Crash after restore of Unix sockets with in-flight file descriptors. The issue can result in node crash after suspended containers are resumed. All 042stab kernels are affected. (PSBM-51254, PSBM-51351)
* CISCO UCS eNIC driver wraps untagged traffic into vlan0. The node and virtual environments may experience network connectivity issues after rebooting the system to the kernel 2.6.32-042stab112.15 or newer, or after upgrading the Cisco UCS firmware if said kernel or newer is already used. The issue occurs if Cisco UCS hardware is used and eNIC driver version 2.1.1.67 (shipped by default with said kernel) is in use by one of the adapters VMs are bridged to. Kernels 042stab112.15 and newer are affected. (PSBM-51149)
* Memory corruption during dump of containers with shared tmpfs mounts can lead to node crash or soft lockup on any mount-related operation on node or inside containers. This is a special case of a more global issue with similar symptoms (PSBM-47639) that was fixed in kernel 042stab117.2. All 042stab kernels are affected. (OVZ-6779)
* aacraid: Crash in aac_intr_normal(). Kernels 042stab112.15 and newer are affected. PSBM-49814)
* cpt: Unable to restore container with a bridge inside. All 042stab117.x kernels up to 042stab117.10 are affected (PSBM-50893)
* Ext4: a bug in the extent tree height calculation code could lead to a file system corruption on particular workloads. 042stab117.x kernels up to 042stab117.8 are affected (PSBM-50339)
=== See also ===
https://access.redhat.com/security/cve/CVE-2016-5696
https://help.virtuozzo.com/customer/portal/articles/2549710
Since {{kernel link|rhel6-testing|042stab117.6}}:
* The fix for CVE-2016-5696. An attacker with knowledge of a connections client IP, server IP, and server port can abuse the challenge ACK mechanism and remotely inject or control a TCP stream contents in a connection between a Linux device and its connected client/server. All 042stab kernels are affected. (PSBM-50954)
* Node can crash and reboot due to a crash in nfsd_inetaddr_event on container stop if the NFS server has been started on host. 042stab117.x kernels are affected. (PSBM-49999)
* cpt: Crash after restore of Unix sockets with in-flight file descriptors. The issue can result in node crash after suspended containers are resumed. All 042stab kernels are affected. (PSBM-51254, PSBM-51351)
* CISCO UCS eNIC driver wraps untagged traffic into vlan0. The node and virtual environments may experience network connectivity issues after rebooting the system to the kernel 2.6.32-042stab112.15 or newer, or after upgrading the Cisco UCS firmware if said kernel or newer is already used. The issue occurs if Cisco UCS hardware is used and eNIC driver version 2.1.1.67 (shipped by default with said kernel) is in use by one of the adapters VMs are bridged to. Kernels 042stab112.15 and newer are affected. (PSBM-51149)
* Memory corruption during dump of containers with shared tmpfs mounts can lead to node crash or soft lockup on any mount-related operation on node or inside containers. This is a special case of a more global issue with similar symptoms (PSBM-47639) that was fixed in kernel 042stab117.2. All 042stab kernels are affected. (OVZ-6779)
* aacraid: Crash in aac_intr_normal(). Kernels 042stab112.15 and newer are affected. PSBM-49814)
* cpt: Unable to restore container with a bridge inside. All 042stab117.x kernels up to 042stab117.10 are affected (PSBM-50893)
* Ext4: a bug in the extent tree height calculation code could lead to a file system corruption on particular workloads. 042stab117.x kernels up to 042stab117.8 are affected (PSBM-50339)
=== See also ===
https://access.redhat.com/security/cve/CVE-2016-5696
https://help.virtuozzo.com/customer/portal/articles/2549710