OracleVM 3.4 : microcode_ctl (OVMSA-2018-0011) (Spectre)

Medium Nessus Plugin ID 106121

Synopsis

The remote OracleVM host is missing a security update.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

- Enable early microcode load to allow updating Broadwell model 79

- Make sure 'modprobe microcode' is not executed on Broadwell model 79

- Run dracut upon microcode update

- Add updated Intel 20180108 microcode for CPUIDs:
(CVE-2017-5715) 306c3 (06-3c-03 rev 0x23, Haswell) 306d4 (06-3d-04 rev 0x28, Broadwell) 306f2 (06-3f-02 rev 0x3b, Haswell) 306f4 (06-3f-04 rev 0x10, Haswell) 306e4 (06-3e-04 rev 0x42a, Ivy Bridge) 40651 (06-45-01 rev 0x21, Haswell) 40661 (06-46-01 rev 0x18, Haswell) 40671 (06-47-01 rev 0x1b, Broadwell) 406e3 (06-4e-03 rev 0xc2, Skylake) 406f1 (06-4f-01 rev 0xb000025, Broadwell) 50654 (06-55-04 rev 0x200003c, Skylake) 50662 (06-56-02 rev 0x14, Broadwell) 50663 (06-56-03 rev 0x7000011, Broadwell) 506e3 (06-5e-03 rev 0xc2, Skylake) 706a1 (06-7a-01 rev 0x22) 806e9 (06-8e-09 rev 0x80, Kaby Lake) 806ea (06-8e-0a rev 0x80) 906e9 (06-9e-09 rev 0x80, Kaby Lake) 906ea (06-9e-0a rev 0x80) 906eb (06-9e-0b rev 0x80)

- Use right upstream source for revert

- Resolves: #1533978

- Revert Microcode from Intel and AMD for Side Channel attack

- Resolves: #1533978

Solution

Update the affected microcode_ctl package.

See Also

http://www.nessus.org/u?0b7e3546

Plugin Details

Severity: Medium

ID: 106121

File Name: oraclevm_OVMSA-2018-0011.nasl

Version: 3.5

Type: local

Published: 2018/01/18

Modified: 2018/07/24

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 4.7

Temporal Score: 3.7

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

CVSS v3.0

Base Score: 5.6

Temporal Score: 5.1

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:microcode_ctl, cpe:/o:oracle:vm_server:3.4

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2018/01/17

Reference Information

CVE: CVE-2017-5715

IAVA: 2018-A-0020