Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4509)

high Nessus Plugin ID 121201
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote Oracle Linux host is missing one or more security updates.

Description

Description of changes:

[4.14.35-1844.1.3.el7uek]
- net: rds: fix rds_ib_sysctl_max_recv_allocation error (Zhu Yanjun) [Orabug: 29003422] - nfs: don't dirty kernel pages read by direct-io (Dave Kleikamp) [Orabug: 29122062] - KVM: X86: Fix scan ioapic use-before-initialization (Wanpeng Li) [Orabug: 29026132] {CVE-2018-19407}
- hugetlb: take PMD sharing into account when flushing tlb/caches (Mike Kravetz) [Orabug: 28951436] - mm: migration: fix migration of huge PMD shared pages (Mike Kravetz) [Orabug: 28951436] - mm/mmu_notifier: avoid double notification when it is useless (J&eacute r&ocirc me Glisse) [Orabug: 28951436]

[4.14.35-1844.1.2.el7uek]
- ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c (Hui Peng) [Orabug: 29042979] {CVE-2018-19824}
- arm64/kernel: kaslr: reduce module randomization range to 4 GB (Ard Biesheuvel) [Orabug: 28954789] - xfs: enhance dinode verifier (Eric Sandeen) [Orabug: 28997653] {CVE-2018-10322}
- xfs: move inode fork verifiers to xfs_dinode_verify (Darrick J. Wong) [Orabug: 28997653] {CVE-2018-10322}
- Revert 'xfs: move inode fork verifiers to xfs_dinode_verify' (Shan Hai) [Orabug: 28997653] - Revert 'xfs: enhance dinode verifier' (Shan Hai) [Orabug: 28997653]

[4.14.35-1844.1.1.el7uek]
- arm64: disable /dev/port on 64 bit ARM (Eric Saint-Etienne) [Orabug: 28961247] - crypto: ccp - add timeout support in the SEV command (Brijesh Singh) [Orabug: 29029018] - crypto: ccp - Add GET_ID SEV command (Janakarajan Natarajan) [Orabug: 29029018] - crypto: ccp - Add DOWNLOAD_FIRMWARE SEV command (Janakarajan Natarajan) [Orabug: 29029018]
- net: phy: mdio-bcm-unimac: fix potential NULL dereference in unimac_mdio_probe() (Wei Yongjun) [Orabug: 27677743] {CVE-2018-8043}
- vti6: remove !skb->ignore_df check from vti6_xmit() (Alexey Kodanev) [Orabug: 28940590] - A/A failback does not work in concert with ibacm (H&aring kon Bugge) [Orabug: 28972800] - ACPICA: Reference Counts: increase max to 0x4000 for large servers (Erik Schmauss) [Orabug: 29019053]

[4.14.35-1844.1.0.el7uek]
- wil6210: missing length check in wmi_set_ie (Lior David) [Orabug: 28951264] {CVE-2018-5848}
- [PATCH UEK5 u1 v3] dtrace: add DTRACEACT_PCAP for packet capture for later pcap_dump() (Alan Maguire) [Orabug: 28951771] - floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (Andy Whitcroft) {CVE-2018-7755} {CVE-2018-7755}
- [PATCH UEK5 u1 v2] dtrace: fix ip provider inconsistencies between IPv4/IPv6 (Alan Maguire) [Orabug: 28956807] - x86/speculation: Make enhanced IBRS the default spectre v2 mitigation (Alejandro Jimenez) [Orabug: 28992002] - x86/speculation: Enable enhanced IBRS usage (Alejandro Jimenez) [Orabug: 28992002] - x86/speculation: functions for supporting enhanced IBRS (Alejandro Jimenez) [Orabug: 28992002] - Add forward declaration of tlb_flush, required for asm-generic. (Jack Vogel) [Orabug: 28866513] - x86/mm: Page size aware flush_tlb_mm_range() (Peter Zijlstra) [Orabug: 28866513] - mm/memory: Move mmu_gather and TLB invalidation code into its own file (Peter Zijlstra) [Orabug: 28866513]
- asm-generic/tlb: Track which levels of the page tables have been cleared (Will Deacon) [Orabug: 28866513] - asm-generic/tlb: Track freeing of page-table directories in struct mmu_gather (Peter Zijlstra) [Orabug: 28866513] - mm: mmu_notifier fix for tlb_end_vma (Nicholas Piggin) [Orabug: 28866513] - mm: update comment describing tlb_gather_mmu (Mike Rapoport) [Orabug: 28866513]

Solution

Update the affected unbreakable enterprise kernel packages.

See Also

https://oss.oracle.com/pipermail/el-errata/2019-January/008369.html

Plugin Details

Severity: High

ID: 121201

File Name: oraclelinux_ELSA-2019-4509.nasl

Version: 1.8

Type: local

Agent: unix

Published: 1/16/2019

Updated: 2/24/2020

Dependencies: ssh_get_info.nasl, linux_alt_patch_detect.nasl

Risk Information

CVSS Score Source: CVE-2018-5848

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:kernel-uek, p-cpe:/a:oracle:linux:kernel-uek-debug, p-cpe:/a:oracle:linux:kernel-uek-debug-devel, p-cpe:/a:oracle:linux:kernel-uek-devel, p-cpe:/a:oracle:linux:kernel-uek-doc, p-cpe:/a:oracle:linux:kernel-uek-tools, cpe:/o:oracle:linux:7

Required KB Items: Host/local_checks_enabled, Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 1/15/2019

Vulnerability Publication Date: 3/8/2018

Reference Information

CVE: CVE-2018-10322, CVE-2018-19407, CVE-2018-19824, CVE-2018-5848, CVE-2018-7755, CVE-2018-8043