This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote OracleVM host is missing one or more security updates.
The remote OracleVM system is missing necessary patches to address
critical security updates :
- From: Jan Beulich Subject: x86emul: CMPXCHG8B ignores
operand size prefix Otherwise besides mis-handling the
instruction, the comparison failure case would result in
uninitialized stack data being handed back to the guest
in rDX:rAX (32 bits leaked for 32-bit guests, 96 bits
for 64-bit ones). This is XSA-200.
See also :
Update the affected xen / xen-tools packages.
Risk factor :
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now