OracleVM 3.2 : xen (OVMSA-2013-0011)

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.

Synopsis :

The remote OracleVM host is missing one or more security updates.

Description :

The remote OracleVM system is missing necessary patches to address
critical security updates :

- oxenstored incorrect handling of certain Xenbus ring
states Xen Security Advisory 38 (CVE-2013-0215) Patch
xsa38.patch The oxenstored daemon (the ocaml version of
the xenstore daemon) does not correctly handle unusual
or malicious contents in the xenstore ring. A malicious
guest can exploit this to cause oxenstored to read past
the end of the ring (and very likely crash) or to
allocate large amounts of RAM. Signed-off-by Chuck
Anderson (CVE-2013-0215)

- ACPI: acpi_table_parse should return handler's error
code Currently, the error code returned by
acpi_table_parse's handler is ignored. This patch will
propagate handler's return value to acpi_table_parse's
caller. AMD,IOMMU: Clean up old entries in remapping
tables when creating new interrupt mapping. When
changing the affinity of an IRQ associated with a passed
through PCI device, clear previous mapping. In addition,
because some BIOSes may incorrectly program IVRS entries
for IOAPIC try to check for entry's consistency.
Specifically, if conflicting entries are found disable
IOMMU if per-device remapping table is used. If entries
refer to bogus IOAPIC IDs disable IOMMU unconditionally
AMD,IOMMU: Disable IOMMU if SATA Combined mode is on
AMD's SP5100 chipset can be placed into SATA Combined
mode that may cause prevent dom0 from booting when IOMMU
is enabled and per-device interrupt remapping table is
used. While SP5100 erratum 28 requires BIOSes to disable
this mode, some may still use it. This patch checks
whether this mode is on and, if per-device table is in
use, disables IOMMU. AMD,IOMMU: Make per-device
interrupt remapping table default Using global interrupt
remapping table may be insecure, as described by XSA-36.
This patch makes per-device mode default. This is XSA-36
/ CVE-2013-0153. (CVE-2013-0153)

See also :

Solution :

Update the affected xen / xen-devel / xen-tools packages.

Risk factor :

Medium / CVSS Base Score : 4.7
CVSS Temporal Score : 4.1
Public Exploit Available : false

Family: OracleVM Local Security Checks

Nessus Plugin ID: 79500 ()

Bugtraq ID: 57742

CVE ID: CVE-2013-0153

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now