ChangesEdit
Since 042stab075.2:
- [security] A flaw was found in the way the xen_iret() function in the Linux kernel used the DS (the CPU's Data Segment) register. A local, unprivileged user in a 32-bit, para-virtualized Xen hypervisor guest could use this flaw to crash the guest or, potentially, escalate their privileges. (CVE-2013-0228, Important)
- [security] A flaw was found in the way file permission checks for the "/dev/cpu/[x]/msr" files were performed in restricted root environments (for example, when using a capability-based security model). A local user with the ability to write to these files could use this flaw to escalate their privileges to kernel level, for example, by writing to the SYSENTER_EIP_MSR register. (CVE-2013-0268, Important)
- [nfs] redundant clear_inode() led to a memory corruption, which led to the kernel panic (PSBM-18863)
- [sunrpc] forgotten socket write lock in case rpc_task exists early, this caused all operations on NFS volume to hang (PCLIN-31604)
- [tmpfs] avoid the crash by not releasing the mempolicy if shmem_parse_options() doesn't create a new mpol by remounting without mpol= mount option (PSBM-18650)
- [ext4] container should not be able to remount ploop with mount option 'errors=panic'
- [fs] forbid filesystem mount options (on remount inside a CT) if white list was not provided
- [cpt] 64bit child process of 32bit parent should report x86_64 arch even after vzreboot/online migration. This fixes Plesk functioning in particular after vzreboot/online migration (PSBM-18085)
- [cpt] if parent process has PER_LINUX32 and child has 0, it should stay the same way after cpt/rst. Before this fix cpt/rst cycle made PER_LINUX32 in both processes
- [pfcache] hide mount options 'pfcache_csum' and 'pfcache' inside a CT. They are useless inside a CT anyway and produces kernel warnings on remounts (PSBM-18807)
- [nfs/quota] fixed crash on a kernel compiled without NFS quota
- [scheduler] the effective cpulimit could be sometimes lower than assigned (PSBM-17399)
- [fs/nfsd] fixed mnt_{get/drop} balance, the imbalance could cause random memory corruptions (#2506)