CVE-2014-3153 / vzkernel 042stab090.3

onlime said:
Hi
Any plans when you are going to release an updated kernel with CVE-2014-3153 fixed? CVE-2014-3153 is pretty nasty.
According to OpenVZ this was fixed on 2014-06-06 in kernel 042stab090.3, https://twitter.com/_openvz_/status/474989972663988224
Click to expand...

I already assembled that kernel:

http://download1.proxmox.com/debian...ve-headers-2.6.32-30-pve_2.6.32-128_amd64.deb

but unfortunately, the security fix introduce some unexpected errors, see:

https://bugzilla.openvz.org/show_bug.cgi?id=2994
 
Thanks Dietmar,
So your recommendation is to rather wait for this to be fixed? It sounds like futex calls are completely broken. Personally I don't care about Gnome/X11 but am afraid futex is used elsewhere.
Best Regards,
Philip
 
onlime said:
So your recommendation is to rather wait for this to be fixed? It sounds like futex calls are completely broken. Personally I don't care about Gnome/X11 but am afraid futex is used elsewhere.
Best Regards,
Click to expand...

I am also afraid that futex is broken on the host side.
 
Thanks Dietmar!
I just noticed you already released 2.6.32-30-pve in pve-no-subscription repository. I have tested the kernel on one server and it's working fine.
Can you tell me when you're going to push this kernel into the Proxmox pve-enterprise repository. As this is security relevant, I'd prefer if it gets pushed sooner rather than later.
Best regards, Philip
 
dietmar said:
We will test a few more days, and move it next week.
Click to expand...

FYI: I'm running kernel 2.6.32-30-pve already since last Saturday (2014-06-21) on 10 different Proxmox VE host nodes, at two webhosting companies, without any issues! We are running 100% OpenVZ containers, no KVM so far.
Thanks for your great support.
Best regards, Philip
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back