OracleVM 2.2 : xen (OVMSA-2016-0012)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote OracleVM host is missing one or more security updates.

Description :

The remote OracleVM system is missing necessary patches to address
critical security updates :

- XSA-125: Limit XEN_DOMCTL_memory_mapping hypercall to
only process up to 64 GFNs (or less) (Jan Beulich)
[20732412] (CVE-2015-2752)

- XSA-126: xen: limit guest control of PCI command
register (Jan Beulich) [20739399] (CVE-2015-2756)

- XSA-128: xen: properly gate host writes of modified PCI
CFG contents (Jan Beulich) [21157440] (CVE-2015-4103)

- XSA-129: xen: don't allow guest to control MSI mask
register (Jan Beulich) [21158692] (CVE-2015-4104)

- XSA-130: xen/MSI-X: disable logging by default (Jan
Beulich) [21159408] (CVE-2015-4105)

- XSA-131: [PATCH 1/8] xen/MSI: don't open-code
pass-through of enable bit modifications (Jan Beulich)
[21164529] (CVE-2015-4106)

- XSA-131: [PATCH 2/8] xen/pt: consolidate PM capability
emu_mask [21164529] (CVE-2015-4106)

- XSA-131: [PATCH 3/8] xen/pt: correctly handle PM status
bit [21164529] (CVE-2015-4106)

- XSA-131: [PATCH 4/8] xen/pt: split out calculation of
throughable mask in PCI config space handling [21164529]
(CVE-2015-4106)

- XSA-131: [PATCH 5/8] xen/pt: mark all PCIe capability
bits read-only [21164529] (CVE-2015-4106)

- XSA-131: [PATCH 6/8] xen/pt: mark reserved bits in PCI
config space fields [21164529] (CVE-2015-4106)

- XSA-131: [PATCH 7/8] xen/pt: add a few PCI config space
field descriptions [21164529] (CVE-2015-4106)

- XSA-131: [PATCH 8/8] xen/pt: unknown PCI config space
fields should be read-only [21164529] (CVE-2015-4106)

See also :

http://www.nessus.org/u?8b4a9eaa

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 5.8
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: OracleVM Local Security Checks

Nessus Plugin ID: 88737 ()

Bugtraq ID: 72577
73448
74947
74948
74949
74950

CVE ID: CVE-2015-2752
CVE-2015-2756
CVE-2015-4103
CVE-2015-4104
CVE-2015-4105
CVE-2015-4106

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now