This post is just to help catch anyone who has not already gotten an email from us about our current emergency maintenance.
Earlier this morning one of our pen testers came across a vulnerability in our OpenVZ Kernel which allows a container to escalate permissions to the root user on the host node.
Original email:
Hello,
We are performing emergency maintenance on ALL of our OpenVZ node servers, meaning EVERY OpenVZ server will be affected.
The kernel we operate on needs to be upgraded as soon as possible. But unfortunately this requires us to reboot each node server.
It should take no longer than 5 minutes per server. We are performing this maintenance NOW.
We apologise for the inconvenience caused, and the short notice. This was unavoidable.
If you have any questions, feel free to open a ticket.
Best Regards, BlueVM Support https://bluevm.com