OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0024)

high Nessus Plugin ID 125754
New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.

VPR Score: 8.4


The remote OracleVM host is missing one or more security updates.


The remote OracleVM system is missing necessary patches to address critical security updates :

- hugetlbfs: don't retry when pool page allocations start to fail (Mike Kravetz) [Orabug: 29324267]

- x86/speculation: RSB stuffing with retpoline on Skylake+ cpus (William Roche) [Orabug: 29660924]

- x86/speculation: reformatting RSB overwrite macro (William Roche) [Orabug: 29660924]

- x86/speculation: Dynamic enable and disable of RSB stuffing with IBRS&!SMEP (William Roche) [Orabug:

- x86/speculation: STUFF_RSB dynamic enable (William Roche) [Orabug: 29660924]

- int3 handler better address space detection on interrupts (William Roche) [Orabug: 29660924]

- repairing out-of-tree build functionality (Mark Nicholson) [Orabug: 29755100]

- ext4: fix false negatives*and* false positives in ext4_check_descriptors (Shuning Zhang) [Orabug:

- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (Shuning Zhang) [Orabug: 29233739]

- Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer (Marcel Holtmann) [Orabug: 29526426] (CVE-2019-3459)

- Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt (Marcel Holtmann) [Orabug: 29526426] (CVE-2019-3459)

- HID: debug: fix the ring buffer implementation (Vladis Dronov) [Orabug: 29629481] (CVE-2019-3819) (CVE-2019-3819)

- scsi: target: iscsi: Use hex2bin instead of a re-implementation (Vincent Pelletier) [Orabug: 29778875] (CVE-2018-14633) (CVE-2018-14633)

- scsi: libsas: fix a race condition when smp task timeout (Jason Yan) [Orabug: 29783225] (CVE-2018-20836)

- scsi: megaraid_sas: return error when create DMA pool failed (Jason Yan) [Orabug: 29783254] (CVE-2019-11810)

- Bluetooth: hidp: fix buffer overflow (Young Xiao) [Orabug: 29786786] (CVE-2011-1079) (CVE-2019-11884)

- x86/speculation/mds: Add 'mitigations=' support for MDS (Kanth Ghatraju) [Orabug: 29791046]

- net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock. (Mao Wenan) [Orabug: 29802785] (CVE-2019-11815)


Update the affected kernel-uek / kernel-uek-firmware packages.

See Also

Plugin Details

Severity: High

ID: 125754

File Name: oraclevm_OVMSA-2019-0024.nasl

Version: 1.3

Type: local

Published: 6/7/2019

Updated: 1/10/2020

Dependencies: ssh_get_info.nasl

Risk Information

Risk Factor: High

VPR Score: 8.4

CVSS v2.0

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3.0

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*, p-cpe:2.3:a:oracle:vm:kernel-uek:*:*:*:*:*:*:*, p-cpe:2.3:a:oracle:vm:kernel-uek-firmware:*:*:*:*:*:*:*

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/5/2019

Vulnerability Publication Date: 6/21/2012

Reference Information

CVE: CVE-2019-11810, CVE-2019-3819, CVE-2018-14633, CVE-2019-3459, CVE-2019-11815, CVE-2019-11884, CVE-2018-20836, CVE-2011-1079

BID: 46616