OracleVM 3.4 : xen (OVMSA-2016-0088) (Bunker Buster)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote OracleVM host is missing one or more security updates.

Description :

The remote OracleVM system is missing necessary patches to address
critical security updates :

- BUILDINFO:
commit=aff08b43b1a504aa14a0fce65302ccf515b69fdf

- Remove unsafe bits from the mod_l?_entry fastpath
(Andrew Cooper) (CVE-2016-6258)

- x86/mm: fully honor PS bits in guest page table walks
(Jan Beulich) (CVE-2016-4480) (CVE-2016-4480)

- libxl: Document ~/serial/ correctly (Ian Jackson)
(CVE-2016-4962)

- libxl: Cleanup: Have libxl__alloc_vdev use /libxl (Ian
Jackson) (CVE-2016-4962)

- libxl: Do not trust frontend for nic in getinfo (Ian
Jackson) (CVE-2016-4962)

- libxl: Do not trust frontend for nic in
libxl_devid_to_device_nic (Ian Jackson) (CVE-2016-4962)

- libxl: Do not trust frontend for vtpm in getinfo (Ian
Jackson) (CVE-2016-4962)

- libxl: Do not trust frontend for vtpm list (Ian Jackson)
(CVE-2016-4962)

- libxl: Do not trust frontend for disk in getinfo (Ian
Jackson) (CVE-2016-4962)

- libxl: Do not trust frontend for disk eject event (Ian
Jackson) (CVE-2016-4962)

- libxl: Do not trust frontend in libxl__device_nextid
(Ian Jackson) (CVE-2016-4962)

- libxl: Do not trust frontend in libxl__devices_destroy
(Ian Jackson) (CVE-2016-4962)

- libxl: Provide libxl__backendpath_parse_domid (Ian
Jackson) (CVE-2016-4962)

- libxl: Record backend/frontend paths in /libxl/$DOMID
(Ian Jackson) (CVE-2016-4962)

- x86: limit GFNs to 32 bits for shadowed superpages. (Tim
Deegan) (CVE-2016-3960)

- x86: fix information leak on AMD CPUs (Jan Beulich)
(CVE-2016-3158) (CVE-2016-3159) (CVE-2016-3158)
(CVE-2016-3159) (CVE-2016-3158) (CVE-2016-3159)

- x86: enforce consistent cachability of MMIO mappings
(Jan Beulich) (CVE-2016-2270) (CVE-2016-2270)

See also :

https://oss.oracle.com/pipermail/oraclevm-errata/2016-July/000503.html

Solution :

Update the affected xen / xen-tools packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.3
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: OracleVM Local Security Checks

Nessus Plugin ID: 92600 ()

Bugtraq ID:

CVE ID: CVE-2016-2270
CVE-2016-3158
CVE-2016-3159
CVE-2016-3960
CVE-2016-4480
CVE-2016-4962
CVE-2016-6258

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now