[PVE-User] CVE-2013-2224 - 2.6.32+ IP_RETOPTS Buffer Poisoning DoS

Martin Maurer martin at proxmox.com
Tue Jul 2 18:04:59 CEST 2013


Hi,

we just uploaded a new kernel with the fix to our pvetest repo.

- pve-kernel-2.6.32 (2.6.32-105) 
  * update to vzkernel-2.6.32-042stab078.26.src.rpm (fix CVE-2013-2224)
 
 if you just want this kernel (and not switching to pvetest), you can download and install the kernel and firmware manually:
 
> wget http://download.proxmox.com/debian/dists/wheezy/pvetest/binary-amd64/pve-firmware_1.0-23_all.deb http://download.proxmox.com/debian/dists/wheezy/pvetest/binary-amd64/pve-kernel-2.6.32-21-pve_2.6.32-105_amd64.deb
 
 > dpkg -i pve-firmware_1.0-23_all.deb pve-kernel-2.6.32-21-pve_2.6.32-105_amd64.deb

Note, this is for Proxmox VE 3.x only. Pls test.

Best Regards,

Martin Maurer

martin at proxmox.com
http://www.proxmox.com

> -----Original Message-----
> From: pve-user-bounces at pve.proxmox.com [mailto:pve-user-
> bounces at pve.proxmox.com] On Behalf Of Alexandre DERUMIER
> Sent: Dienstag, 02. Juli 2013 01:53
> To: Hien Phan
> Cc: pve-user at pve.proxmox.com
> Subject: Re: [PVE-User] CVE-2013-2224 - 2.6.32+ IP_RETOPTS Buffer
> Poisoning DoS
> 
> >>I've just tested this vuln and confirmed it works on my Proxmox 2.3 ,
> >>my node completely crashed.
> 
> Thanks for the report, it's fixed in
> 
> http://openvz.org/Download/kernel/rhel6/042stab078.27
> 
> We need to update proxmox kernel as soon as possible. (Dietmar is on the
> road for 2 weeks,so it'll take a little time)
> 
> 
> ----- Mail original -----
> 
> De: "Hien Phan" <phanquochien at gmail.com>
> À: pve-user at pve.proxmox.com
> Envoyé: Lundi 1 Juillet 2013 16:36:56
> Objet: [PVE-User] CVE-2013-2224 - 2.6.32+ IP_RETOPTS Buffer Poisoning DoS
> 
> Hello,
> 
> I've just tested this vuln and confirmed it works on my Proxmox 2.3 , my
> node completely crashed.
> 
> --
> Best regards,
> Phan Quoc Hien
> _______________________________________________
> pve-user mailing list
> pve-user at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
> _______________________________________________
> pve-user mailing list
> pve-user at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user


More information about the pve-user mailing list