OracleVM 3.4 : xen (OVMSA-2016-0164)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.

Synopsis :

The remote OracleVM host is missing one or more security updates.

Description :

The remote OracleVM system is missing necessary patches to address
critical security updates :


- pygrub: Properly quote results, when returning them to
the caller: (Ian Jackson) [Orabug: 25094263]
(CVE-2016-9379) (CVE-2016-9380)

- x86emul: fix huge bit offset handling (Jan Beulich)
[Orabug: 25088366] (CVE-2016-9383)

- x86/PV: writes of %fs and %gs base MSRs require
canonical addresses (Jan Beulich) [Orabug: 25087576]

- x86/HVM: don't load LDTR with VM86 mode attrs during
task switch (Jan Beulich) [Orabug: 25087539]

- x86/hvm: Fix the handling of non-present segments
(Andrew Cooper) [Orabug: 25087515] (CVE-2016-9386)


- move TLB-flush filtering out into populate_physmap
during vm creation (Dongli Zhang) [Orabug: 24951888]

- replace tlbflush check and operation with inline
functions (Dongli Zhang) [Orabug: 24951888]

- x86/hvm: extend HVM cpuid leaf with vcpu id (Paul
Durrant) - x86/hvm: add HVM-specific hypervisor CPUID
leaf (Boris Ostrovsky) - xend: soft_reset support.
(Konrad Rzeszutek Wilk) - (lib)xl: soft reset support
(Vitaly Kuznetsov) - tools/libxl: Save and restore
EMULATOR_XENSTORE_DATA content (Andrew Cooper) - libxl:
introduce libxl__device_model_xs_path (Wei Liu) - libxl:
add LIBXL_DEVICE_MODEL_SAVE_FILE (Vitaly Kuznetsov) -
libxc: support XEN_DOMCTL_soft_reset operation (Vitaly
Kuznetsov) - arch-specific hooks for domain_soft_reset
(Vitaly Kuznetsov) - flask: DOMCTL_soft_reset support
(Vitaly Kuznetsov) - introduce XEN_DOMCTL_soft_reset
(Vitaly Kuznetsov) - evtchn: make evtchn_reset ready for
soft reset (Vitaly Kuznetsov) - evtchn: make
EVTCHNOP_reset suitable for kexec (Vitaly Kuznetsov) -
xl: introduce enum domain_restart_type (Vitaly
Kuznetsov) - libxl: support SHUTDOWN_soft_reset shutdown
reason (Vitaly Kuznetsov) - introduce
SHUTDOWN_soft_reset shutdown reason (Vitaly Kuznetsov) -
x86emul: honor guest CR0.TS and CR0.EM (Jan Beulich)
[Orabug: 24697001] (CVE-2016-7777)

See also :

Solution :

Update the affected xen / xen-tools packages.

Risk factor :

High / CVSS Base Score : 7.2
CVSS Temporal Score : 5.3
Public Exploit Available : false

Family: OracleVM Local Security Checks

Nessus Plugin ID: 95278 ()

Bugtraq ID:

CVE ID: CVE-2016-7777

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now