Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 528932 - sys-kernel/openvz-sources-2.6.32.93.5: Fix access to the host filesystem from inside a container (#PSBM-29594)
Summary: sys-kernel/openvz-sources-2.6.32.93.5: Fix access to the host filesystem from...
Status: RESOLVED OBSOLETE
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: https://openvz.org/Download/kernel/rh...
Whiteboard: B4 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2014-11-11 16:18 UTC by Tiago Sousa
Modified: 2016-02-24 12:43 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tiago Sousa 2014-11-11 16:18:16 UTC
From http://kb.sp.parallels.com/en/123301:

«A vulnerability in the RHEL6-based kernel discovered during internal security audit could allow access to the host filesystem from inside a Container. Only the kernels from 2.6.32-042stab057.1 to 2.6.32-042stab093.5 are affected. Kernel update is highly recommended. (#PSBM-29594)»

The problem is fixed in 042stab094.7: https://openvz.org/Download/kernel/rhel6/042stab094.7

This is a critical vulnerability, please update ebuilds ASAP.

Reproducible: Always
Comment 1 Tiago Sousa 2015-01-02 22:06:24 UTC
The ebuild has been bumped to openvz-sources-2.6.32.94.7, so I guess this can be closed. I'm not doing it because of the notice which claims the Security Team will take care of that. Thanks!
Comment 2 Aaron Bauman (RETIRED) gentoo-dev 2016-02-20 04:21:00 UTC
This bug is old.  No vulnerable versions in tree.