OracleVM 3.1 : kernel-uek (OVMSA-2012-0042)

high Nessus Plugin ID 79484

Synopsis

The remote OracleVM host is missing one or more security updates.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

- Fix bug number for commit 'cciss: Update HPSA_BOUNDARY' (Joe Jin) [Orabug: 14681166]

- cciss: Update HPSA_BOUNDARY. (Joe Jin) [Orabug:
14319765]

- KVM: introduce kvm_for_each_memslot macro (Maxim Uvarov) [Bugdb: 13966]

- dl2k: Clean up rio_ioctl (Jeff Mahoney) [Orabug:
14126896] (CVE-2012-2313)

- NFSv4: include bitmap in nfsv4 get acl data (Andy Adamson) (CVE-2011-4131)

- KVM: Fix buffer overflow in kvm_set_irq (Avi Kivity) [Bugdb: 13966] (CVE-2012-2137)

- net: sock: validate data_len before allocating skb in sock_alloc_send_pskb (Jason Wang) [Bugdb: 13966] (CVE-2012-2136)

- mm: pmd_read_atomic: fix 32bit PAE pmd walk vs pmd_populate SMP race condition (Andrea Arcangeli) [Bugdb: 13966] (CVE-2012-2373)

- KVM: lock slots_lock around device assignment (Alex Williamson) [Bugdb: 13966] (CVE-2012-2121)

- KVM: unmap pages from the iommu when slots are removed (Maxim Uvarov) [Bugdb: 13966] (CVE-2012-2121)

- fcaps: clear the same personality flags as suid when fcaps are used (Eric Paris) [Bugdb: 13966] (CVE-2012-2123)

- tilegx: enable SYSCALL_WRAPPERS support (Chris Metcalf) (CVE-2009-0029)

- drm/i915: fix integer overflow in i915_gem_do_execbuffer (Xi Wang) [Orabug: 14107456] (CVE-2012-2384)

- drm/i915: fix integer overflow in i915_gem_execbuffer2 (Xi Wang) [Orabug: 14107445] (CVE-2012-2383)

- [dm] do not forward ioctls from logical volumes to the underlying device (Joe Jin) (CVE-2011-4127)

- [block] fail SCSI passthrough ioctls on partition devices (Joe Jin) (CVE-2011-4127)

- [block] add and use scsi_blk_cmd_ioctl (Joe Jin) [Orabug: 14056755] (CVE-2011-4127)

- KVM: Ensure all vcpus are consistent with in-kernel irqchip settings (Avi Kivity) [Bugdb: 13871] (CVE-2012-1601)

- regset: Return -EFAULT, not -EIO, on host-side memory fault (H. Peter Anvin) (CVE-2012-1097)

- regset: Prevent null pointer reference on readonly regsets (H. Peter Anvin) (CVE-2012-1097)

- cifs: fix dentry refcount leak when opening a FIFO on lookup (Jeff Layton) (CVE-2012-1090)

- mm: thp: fix pmd_bad triggering in code paths holding mmap_sem read mode (Andrea Arcangeli) (CVE-2012-1179)

- ext4: fix undefined behavior in ext4_fill_flex_info (Xi Wang) (CVE-2009-4307)

- ocfs2: clear unaligned io flag when dio fails (Junxiao Bi) [Orabug: 14063941]

- aio: make kiocb->private NUll in init_sync_kiocb (Junxiao Bi) [Orabug: 14063941]

- igb: Fix for Alt MAC Address feature on 82580 and later devices (Carolyn Wyborny) [Orabug: 14258706]

- igb: Alternate MAC Address Updates for Func2&3 (Akeem G.
Abodunrin) [Orabug: 14258706]

- igb: Alternate MAC Address EEPROM Updates (Akeem G.
Abodunrin) [Orabug: 14258706]

- cciss: only enable cciss_allow_hpsa when for ol5 (Joe Jin) [Orabug: 14106006]

- Revert 'cciss: remove controllers supported by hpsa' (Joe Jin) [Orabug: 14106006]

- [scsi] hpsa: add all support devices for ol5 (Joe Jin) [Orabug: 14106006]

- Disable VLAN 0 tagging for none VLAN traffic (Adnan Misherfi) [Orabug: 14406424]

- x86: Add Xen kexec control code size check to linker script (Daniel Kiper)

- drivers/xen: Export vmcoreinfo through sysfs (Daniel Kiper)

- x86/xen/enlighten: Add init and crash kexec/kdump hooks (Maxim Uvarov)

- x86/xen: Add kexec/kdump makefile rules (Daniel Kiper)

- x86/xen: Add x86_64 kexec/kdump implementation (Daniel Kiper)

- x86/xen: Add placeholder for i386 kexec/kdump implementation (Daniel Kiper)

- x86/xen: Register resources required by kexec-tools (Daniel Kiper)

- x86/xen: Introduce architecture dependent data for kexec/kdump (Daniel Kiper)

- xen: Introduce architecture independent data for kexec/kdump (Daniel Kiper)

- x86/kexec: Add extra pointers to transition page table PGD, PUD, PMD and PTE (Daniel Kiper)

- kexec: introduce kexec_ops struct (Daniel Kiper)

- SPEC: replace DEFAULTKERNEL from kernel-ovs to kernel-uek

Solution

Update the affected kernel-uek / kernel-uek-firmware packages.

See Also

http://www.nessus.org/u?5b90bca1

Plugin Details

Severity: High

ID: 79484

File Name: oraclevm_OVMSA-2012-0042.nasl

Version: 1.11

Type: local

Published: 11/26/2014

Updated: 1/4/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:kernel-uek, p-cpe:/a:oracle:vm:kernel-uek-firmware, cpe:/o:oracle:vm_server:3.1

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 10/22/2012

Vulnerability Publication Date: 1/15/2009

Reference Information

CVE: CVE-2009-0029, CVE-2009-4307, CVE-2011-4127, CVE-2011-4131, CVE-2012-1090, CVE-2012-1097, CVE-2012-1179, CVE-2012-1601, CVE-2012-2121, CVE-2012-2123, CVE-2012-2136, CVE-2012-2137, CVE-2012-2313, CVE-2012-2373, CVE-2012-2383, CVE-2012-2384

BID: 50655, 51176, 52197, 52274, 52533, 53162, 53166, 53488, 53614, 53721, 53965, 53971, 54063

CWE: 189, 20