Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5535)

High Nessus Plugin ID 133711

Synopsis

The remote Oracle Linux host is missing one or more security updates.

Description

Description of changes:

[4.1.12-124.36.1.el6uek]
- iscsi-target: graceful disconnect on invalid mapping to iovec (Imran Haider) [Orabug: 30459537] - x86/microcode: Issue update message only once (Borislav Petkov) [Orabug: 30528904] - x86/microcode/intel: Issue the revision updated message only on the BSP (Borislav Petkov) [Orabug: 30528904] - KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332) (Paolo Bonzini) [Orabug: 30658695] {CVE-2019-19332}
- rtlwifi: Fix potential overflow on P2P code (Laura Abbott) [Orabug: 30807748] {CVE-2019-17666}

[4.1.12-124.35.5.el6uek]
- x86: microcode: propagate return value to siblings (Mihai Carabas) [Orabug: 30557086] - x86/bugs: TSX not disabled at late loading (Mihai Carabas) [Orabug: 30557086] - mlx5: lock mlx5_core to prevent module unload (Brian Maly) [Orabug: 30566775] - rds: RDS/TCP does not initiate a connection (Ka-Cheong Poon) [Orabug: 30576433] - x86: bugs: replace static_ with boot_ for CPU bugs mitigations (Mihai Carabas) [Orabug: 30649400]

Solution

Update the affected unbreakable enterprise kernel packages.

See Also

https://oss.oracle.com/pipermail/el-errata/2020-February/009635.html

https://oss.oracle.com/pipermail/el-errata/2020-February/009636.html

Plugin Details

Severity: High

ID: 133711

File Name: oraclelinux_ELSA-2020-5535.nasl

Version: 1.1

Type: local

Agent: unix

Published: 2020/02/14

Updated: 2020/02/14

Dependencies: 12634, 122878

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 8.3

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS v3.0

Base Score: 8.8

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:kernel-uek, p-cpe:/a:oracle:linux:kernel-uek-debug, p-cpe:/a:oracle:linux:kernel-uek-debug-devel, p-cpe:/a:oracle:linux:kernel-uek-devel, p-cpe:/a:oracle:linux:kernel-uek-doc, p-cpe:/a:oracle:linux:kernel-uek-firmware, cpe:/o:oracle:linux:6, cpe:/o:oracle:linux:7

Required KB Items: Host/local_checks_enabled, Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2020/02/13

Vulnerability Publication Date: 2019/10/17

Reference Information

CVE: CVE-2019-17666, CVE-2019-19332