We received an e-mail from the OpenVZ.org developers about a new kernel update that addressed a critical exploit that allows VPS clients to perform a Denial of Service attack against other VPSs on the same node as them and possibly resulting in a memory leak on the server. Per OpenVZ.org, we have been advised to update our nodes so we will be rebooting all of our OpenVZ nodes shortly.
We apologize for the recent wave of unscheduled reboots due to the increased amount of kernel exploits found in the wild. Uptime is a priority for us but security is critical to assure continuation of our services and the protection of our clients. We hope our clients understand the severity of such patches and reboots, especially in a shared environment such as our OpenVZ nodes. We also apologize for not sending out e-mail notifications prior to or after the reboots, this is mainly to prevent people from using the exploit in our environment before everybody is safely patched (we attempt to reboot one node at a time to avoid interrupting any services where clients load balance between multiple locations) and we also do not want to protect other VPS providers who are unable to update their kernels in a timely fashion thus we try to avoid ever publishing any information directly pertaining to the exploit or implementation via e-mail or announcement.
-The Secure Dragon Staff
Çərşənbə, İyul 23, 2014
