New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 7.7
Synopsis
The remote OracleVM host is missing one or more security updates.
Description
The remote OracleVM system is missing necessary patches to address critical security updates :
- x86/speculation/mds: Check for the right microcode before setting mitigation (Kanth Ghatraju) [Orabug:
29797118]
- vxlan: test dev->flags & IFF_UP before accessing vxlan->dev->dev_addr (Venkat Venkatsubra) [Orabug:
29710939]
- vxlan: test dev->flags & IFF_UP before calling gro_cells_receive (Eric Dumazet) [Orabug: 29710939]
- nvme: allow timed-out ios to retry (James Smart) [Orabug: 29301607]
- rds: Introduce a pool of worker threads for connection management (Hå kon Bugge) [Orabug: 29391909]
- rds: Use rds_conn_path cp_wq when applicable (Hå kon Bugge) [Orabug: 29391909]
- rds: ib: Implement proper cm_id compare (Hå kon Bugge) [Orabug: 29391909]
- Revert 'net/rds: prevent RDS connections using stale ARP entries' (Hå kon Bugge) [Orabug: 29391909]
- rds: ib: Flush ARP cache when needed (Hå kon Bugge) [Orabug: 29391909]
- rds: Add simple heuristics to determine connect delay (Hå kon Bugge) [Orabug: 29391909]
- rds: Fix one-sided connect (Hå kon Bugge) [Orabug:
29391909]
- rds: Consolidate and align ftrace related to connection management (Hå kon Bugge) [Orabug: 29391909]
- rds: ib: Fix gratuitous ARP storm (Hå kon Bugge) [Orabug: 29391909]
- IB/mlx4: Increase the timeout for CM cache (Hå kon Bugge) [Orabug: 29391909]
- kvm/speculation: Allow KVM guests to use SSBD even if host does not (Alejandro Jimenez) [Orabug: 29423804]
- x86/speculation: Keep enhanced IBRS on when spec_store_bypass_disable=on is used (Alejandro Jimenez) [Orabug: 29423804]
- x86/speculation: Clean up enhanced IBRS checks in bugs_64.c (Alejandro Jimenez) [Orabug: 29423804]
- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (Andrea Arcangeli) [Orabug: 29510356]
- bnxt_en: Reset device on RX buffer errors. (Michael Chan) [Orabug: 29651238]
- x86/mitigations: Fix the test for Xen PV guest (Boris Ostrovsky) [Orabug: 29774291]
- x86/speculation/mds: Fix verw usage to use memory operand (Kanth Ghatraju) [Orabug: 29791036] (CVE-2018-12127) (CVE-2018-12130)
Solution
Update the affected kernel-uek / kernel-uek-firmware packages.