OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0024)

high Nessus Plugin ID 125754
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.


The remote OracleVM host is missing one or more security updates.


The remote OracleVM system is missing necessary patches to address critical security updates :

- hugetlbfs: don't retry when pool page allocations start to fail (Mike Kravetz) [Orabug: 29324267]

- x86/speculation: RSB stuffing with retpoline on Skylake+ cpus (William Roche) [Orabug: 29660924]

- x86/speculation: reformatting RSB overwrite macro (William Roche) [Orabug: 29660924]

- x86/speculation: Dynamic enable and disable of RSB stuffing with IBRS&!SMEP (William Roche) [Orabug:

- x86/speculation: STUFF_RSB dynamic enable (William Roche) [Orabug: 29660924]

- int3 handler better address space detection on interrupts (William Roche) [Orabug: 29660924]

- repairing out-of-tree build functionality (Mark Nicholson) [Orabug: 29755100]

- ext4: fix false negatives*and* false positives in ext4_check_descriptors (Shuning Zhang) [Orabug:

- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (Shuning Zhang) [Orabug: 29233739]

- Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer (Marcel Holtmann) [Orabug: 29526426] (CVE-2019-3459)

- Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt (Marcel Holtmann) [Orabug: 29526426] (CVE-2019-3459)

- HID: debug: fix the ring buffer implementation (Vladis Dronov) [Orabug: 29629481] (CVE-2019-3819) (CVE-2019-3819)

- scsi: target: iscsi: Use hex2bin instead of a re-implementation (Vincent Pelletier) [Orabug: 29778875] (CVE-2018-14633) (CVE-2018-14633)

- scsi: libsas: fix a race condition when smp task timeout (Jason Yan) [Orabug: 29783225] (CVE-2018-20836)

- scsi: megaraid_sas: return error when create DMA pool failed (Jason Yan) [Orabug: 29783254] (CVE-2019-11810)

- Bluetooth: hidp: fix buffer overflow (Young Xiao) [Orabug: 29786786] (CVE-2011-1079) (CVE-2019-11884)

- x86/speculation/mds: Add 'mitigations=' support for MDS (Kanth Ghatraju) [Orabug: 29791046]

- net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock. (Mao Wenan) [Orabug: 29802785] (CVE-2019-11815)


Update the affected kernel-uek / kernel-uek-firmware packages.

See Also

Plugin Details

Severity: High

ID: 125754

File Name: oraclevm_OVMSA-2019-0024.nasl

Version: 1.3

Type: local

Published: 6/7/2019

Updated: 1/10/2020

Dependencies: ssh_get_info.nasl

Risk Information


Risk Factor: Medium

Score: 6.7


Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: E:U/RL:OF/RC:C


Risk Factor: High

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:kernel-uek, p-cpe:/a:oracle:vm:kernel-uek-firmware, cpe:/o:oracle:vm_server:3.4

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/5/2019

Vulnerability Publication Date: 6/21/2012

Reference Information

CVE: CVE-2011-1079, CVE-2018-14633, CVE-2018-20836, CVE-2019-11810, CVE-2019-11815, CVE-2019-11884, CVE-2019-3459, CVE-2019-3819

BID: 46616