OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0284)

medium Nessus Plugin ID 119292

Language:

Synopsis

The remote OracleVM host is missing one or more security updates.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

- Revert commit 8bd274934987 ('block: fix bdi vs gendisk lifetime mismatch') (Ashish Samant) [Orabug: 28968102]

- KVM/x86: Add IBPB support (Ashok Raj) [Orabug: 28703712]

- x86/intel/spectre_v2: Remove unnecessary retp_compiler test (Boris Ostrovsky) [Orabug: 28814570]

- x86/intel/spectre_v4: Deprecate spec_store_bypass_disable=userspace (Boris Ostrovsky) [Orabug: 28814570]

- x86/speculation: x86_spec_ctrl_set needs to be called unconditionally (Boris Ostrovsky) [Orabug: 28814570]

- x86/speculation: Drop unused DISABLE_IBRS_CLOBBER macro (Boris Ostrovsky) [Orabug: 28814570]

- x86/intel/spectre_v4: Keep SPEC_CTRL_SSBD when IBRS is in use (Boris Ostrovsky) [Orabug: 28814570]

- net: net_failover: fix typo in net_failover_slave_register (Liran Alon) [Orabug:
28122104]

- virtio_net: Extend virtio to use VF datapath when available (Sridhar Samudrala) [Orabug: 28122104]

- virtio_net: Introduce VIRTIO_NET_F_STANDBY feature bit (Sridhar Samudrala) [Orabug: 28122104]

- net: Introduce net_failover driver (Sridhar Samudrala) [Orabug: 28122104]

- net: Introduce generic failover module (Sridhar Samudrala) [Orabug: 28122104]

- net: introduce lower state changed info structure for LAG lowers (Jiri Pirko) [Orabug: 28122104]

- net: introduce change lower state notifier (Jiri Pirko) [Orabug: 28122104]

- net: add info struct for LAG changeupper (Jiri Pirko) [Orabug: 28122104]

- net: add possibility to pass information about upper device via notifier (Jiri Pirko) [Orabug: 28122104]

- net: Check CHANGEUPPER notifier return value (Ido Schimmel) [Orabug: 28122104]

- net: introduce change upper device notifier change info (Jiri Pirko)

- x86/bugs: rework x86_spec_ctrl_set to make its changes explicit (Daniel Jordan) [Orabug: 28271063]

- x86/bugs: rename ssbd_ibrs_selected to ssbd_userspace_selected (Daniel Jordan) [Orabug:
28271063]

- x86/bugs: always use x86_spec_ctrl_base or _priv when setting spec ctrl MSR (Daniel Jordan) [Orabug: 28271063]

- xen-blkfront: fix kernel panic with negotiate_mq error path (Manjunath Patil) [Orabug: 28798861]

- scsi: lpfc: Correct MDS diag and nvmet configuration (James Smart)

- scsi: virtio_scsi: let host do exception handling (Paolo Bonzini)

- net/rds: Fix endless RNR situation (Venkat Venkatsubra) [Orabug: 28857027]

- scsi: sg: allocate with __GFP_ZERO in sg_build_indirect (Alexander Potapenko) [Orabug: 28892656] (CVE-2018-1000204)

- cdrom: fix improper type cast, which can leat to information leak. (Young_X) [Orabug: 28929767] (CVE-2018-16658) (CVE-2018-10940) (CVE-2018-18710)

Solution

Update the affected kernel-uek / kernel-uek-firmware packages.

Plugin Details

Severity: Medium

ID: 119292

File Name: oraclevm_OVMSA-2018-0284.nasl

Version: 1.4

Type: local

Family: OracleVM Local Security Checks

Published: 11/30/2018

Updated: 5/31/2022

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 6.3

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:M/Au:S/C:C/I:N/A:N

CVSS Score Source: CVE-2018-1000204

CVSS v3

Risk Factor: Medium

Base Score: 6.1

Temporal Score: 5.3

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:kernel-uek, p-cpe:/a:oracle:vm:kernel-uek-firmware, cpe:/o:oracle:vm_server:3.4

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 11/29/2018

Vulnerability Publication Date: 5/9/2018

Reference Information

CVE: CVE-2018-1000204, CVE-2018-10940, CVE-2018-16658, CVE-2018-18710

Detections

Analytics

OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0284)

medium Nessus Plugin ID 119292

Synopsis

Description

Solution

See Also

Plugin Details

Risk Information

VPR

CVSS v2

CVSS v3

Vulnerability Information

Reference Information