OracleVM 3.3 / 3.4 : microcode_ctl (OVMSA-2020-0026) (Spectre)

medium Nessus Plugin ID 137739
New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.

VPR Score: 7.6

Synopsis

The remote OracleVM host is missing a security update.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

- update 06-2d-07 to 0x71a

- update 06-55-04 to 0x2006906

- update 06-55-07 to 0x5002f01

- merge Oracle changes for early load via dracut

- enable late load on install for UEK4 kernels marked safe (except BDW-79)

- set early_microcode='no' in virtualized guests to avoid early load bugs [Orabug: 30618737]

- Update Intel CPU microcode to microcode-20200602 release, addresses CVE-2020-0543, CVE-2020-0548, CVE-2020-0549 (#1795353, #1795357, #1827186) :

- Update of 06-3c-03/0x32 (HSW C0) microcode from revision 0x27 up to 0x28

- Update of 06-3d-04/0xc0 (BDW-U/Y E0/F0) microcode from revision 0x2e up to 0x2f

- Update of 06-45-01/0x72 (HSW-U C0/D0) microcode from revision 0x25 up to 0x26

- Update of 06-46-01/0x32 (HSW-H C0) microcode from revision 0x1b up to 0x1c

- Update of 06-47-01/0x22 (BDW-H/Xeon E3 E0/G0) microcode from revision 0x21 up to 0x22

- Update of 06-4e-03/0xc0 (SKL-U/Y D0) microcode from revision 0xd6 up to 0xdc

- Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000151 up to 0x1000157

- Update of 06-55-04/0xb7 (SKX-SP H0/M0/U0, SKX-D M1) microcode (in intel-06-55-04/intel-ucode/06-55-04) from revision 0x2000065 up to 0x2006906

- Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x400002c up to 0x4002f01

- Update of 06-55-07/0xbf (CLX-SP B1) microcode from revision 0x500002c up to 0x5002f01

- Update of 06-5e-03/0x36 (SKL-H/S R0/N0) microcode from revision 0xd6 up to 0xdc

- Update of 06-8e-09/0x10 (AML-Y22 H0) microcode from revision 0xca up to 0xd6

- Update of 06-8e-09/0xc0 (KBL-U/Y H0) microcode from revision 0xca up to 0xd6

- Update of 06-8e-0a/0xc0 (CFL-U43e D0) microcode from revision 0xca up to 0xd6

- Update of 06-8e-0b/0xd0 (WHL-U W0) microcode from revision 0xca up to 0xd6

- Update of 06-8e-0c/0x94 (AML-Y42 V0, CML-Y42 V0, WHL-U V0) microcode from revision 0xca up to 0xd6

- Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode from revision 0xca up to 0xd6

- Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E3 U0) microcode from revision 0xca up to 0xd6

- Update of 06-9e-0b/0x02 (CFL-S B0) microcode from revision 0xca up to 0xd6

- Update of 06-9e-0c/0x22 (CFL-H/S P0) microcode from revision 0xca up to 0xd6

- Update of 06-9e-0d/0x22 (CFL-H R0) microcode from revision 0xca up to 0xd6.

- Update Intel CPU microcode to microcode-20200520 release (#1839193) :

- Update of 06-2d-06/0x6d (SNB-E/EN/EP C1/M0) microcode from revision 0x61f up to 0x621

- Update of 06-2d-07/0x6d (SNB-E/EN/EP C2/M1) microcode from revision 0x718 up to 0x71a

- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x46 up to 0x78.

- Narrow down SKL-SP/W/X blacklist to exclude Server/FPGA/Fabric segment models (#1835555).

- Do not update 06-55-04 (SKL-SP/W/X) to revision 0x2000065, use 0x2000064 by default (#1774635).

- Update Intel CPU microcode to microcode-20191115 release :

- Update of 06-4e-03/0xc0 (SKL-U/Y D0) from revision 0xd4 up to 0xd6

- Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 R0/N0) from revision 0xd4 up to 0xd6

- Update of 06-8e-09/0x10 (AML-Y 2+2 H0) from revision 0xc6 up to 0xca

- Update of 06-8e-09/0xc0 (KBL-U/Y H0) from revision 0xc6 up to 0xca

- Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0) from revision 0xc6 up to 0xca

- Update of 06-8e-0b/0xd0 (WHL-U W0) from revision 0xc6 up to 0xca

- Update of 06-8e-0c/0x94 (AML-Y V0, CML-U 4+2 V0, WHL-U V0) from revision 0xc6 up to 0xca

- Update of 06-9e-09/0x2a (KBL-G/X H0, KBL-H/S/Xeon E3 B0) from revision 0xc6 up to 0xca

- Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) from revision 0xc6 up to 0xca

- Update of 06-9e-0b/0x02 (CFL-S B0) from revision 0xc6 up to 0xca

- Update of 06-9e-0c/0x22 (CFL-S/Xeon E P0) from revision 0xc6 up to 0xca

- Update of 06-9e-0d/0x22 (CFL-H/S R0) from revision 0xc6 up to 0xca

- Update of 06-a6-00/0x80 (CML-U 6+2 A0) from revision 0xc6 up to 0xca.

- Update Intel CPU microcode to microcode-20191113 release :

- Update of 06-9e-0c (CFL-H/S P0) microcode from revision 0xae up to 0xc6.

- Drop 0001-releasenote-changes-summary-fixes.patch.

- Package the publicy available microcode-20191112 release (#1755021) :

- Addition of 06-4d-08/0x1 (AVN B0/C0) microcode at revision 0x12d

- Addition of 06-55-06/0xbf (CSL-SP B0) microcode at revision 0x400002c

- Addition of 06-7a-08/0x1 (GLK R0) microcode at revision 0x16

- Update of 06-55-03/0x97 (SKL-SP B1) microcode from revision 0x1000150 up to 0x1000151

- Update of 06-55-04/0xb7 (SKL-SP H0/M0/U0, SKL-D M1) microcode from revision 0x2000064 up to 0x2000065

- Update of 06-55-07/0xbf (CSL-SP B1) microcode from revision 0x500002b up to 0x500002c

- Update of 06-7a-01/0x1 (GLK B0) microcode from revision 0x2e up to 0x32

- Include 06-9e-0c (CFL-H/S P0) microcode from the microcode-20190918 release.

- Correct the releasenote file (0001-releasenote-changes-summary-fixes.patch).

- Update README.caveats with the link to the new Knowledge Base article.

- Fix the incorrect 'Source2:' tag.

- Intel CPU microcode update to 20191112, addresses CVE-2017-5715, CVE-2019-0117, CVE-2019-11135, CVE-2019-11139 (#1764049, #1764062, #1764953,

- Addition of 06-a6-00/0x80 (CML-U 6+2 A0) microcode at revision 0xc6

- Addition of 06-66-03/0x80 (CNL-U D0) microcode at revision 0x2a

- Addition of 06-55-03/0x97 (SKL-SP B1) microcode at revision 0x1000150

- Addition of 06-7e-05/0x80 (ICL-U/Y D1) microcode at revision 0x46

- Update of 06-4e-03/0xc0 (SKL-U/Y D0) microcode from revision 0xcc to 0xd4

- Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 R0/N0) microcode from revision 0xcc to 0xd4

- Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode from revision 0xb4 to 0xc6

- Update of 06-8e-09/0xc0 (KBL-U/Y H0) microcode from revision 0xb4 to 0xc6

- Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0) microcode from revision 0xb4 to 0xc6

- Update of 06-8e-0b/0xd0 (WHL-U W0) microcode from revision 0xb8 to 0xc6

- Update of 06-8e-0c/0x94 (AML-Y V0) microcode from revision 0xb8 to 0xc6

- Update of 06-8e-0c/0x94 (CML-U 4+2 V0) microcode from revision 0xb8 to 0xc6

- Update of 06-8e-0c/0x94 (WHL-U V0) microcode from revision 0xb8 to 0xc6

- Update of 06-9e-09/0x2a (KBL-G/X H0) microcode from revision 0xb4 to 0xc6

- Update of 06-9e-09/0x2a (KBL-H/S/Xeon E3 B0) microcode from revision 0xb4 to 0xc6

- Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode from revision 0xb4 to 0xc6

- Update of 06-9e-0b/0x02 (CFL-S B0) microcode from revision 0xb4 to 0xc6

- Update of 06-9e-0d/0x22 (CFL-H R0) microcode from revision 0xb8 to 0xc6.

- Do not update 06-2d-07 (SNB-E/EN/EP) to revision 0x718, use 0x714 by default (#1758382).

- Revert more strict model check code, as it requires request_firmware-based microcode loading mechanism and breaks enabling of microcode with caveats.

- Intel CPU microcode update to 20190918 (#1753540).

- Intel CPU microcode update to 20190618 (#1717238).

- Remove disclaimer, as it is not as important now to justify kmsg/log pollution its contents are partially adopted in README.caveats.

- Intel CPU microcode update to 20190514a (#1711938).

- Intel CPU microcode update to 20190507_Public_DEMO (#1697960).

- Intel CPU microcode update to 20190312 (#1697960).

- Fix disclaimer path in %post script.

- Fix installation path for the disclaimer file.

- Add README.caveats documentation file.

- Use check_caveats from the RHEL 7 package in order to support overrides.

- Disable 06-4f-01 microcode in config (#1622180).

- Intel CPU microcode update to 20180807a (#1614427).

- Add check for minimal microcode version to reload_microcode.

- Intel CPU microcode update to 20180807.

- Resolves: #1614427.

- Intel CPU microcode update to 20180703

- Add infrastructure for handling kernel-version-dependant microcode

- Resolves: #1574593

- Intel CPU microcode update to 20180613.

- Resolves: #1573451

- Update AMD microcode to 2018-05-24

- Resolves: #1584192

- Update AMD microcode

- Resolves: #1574591

- Update disclaimer text

- Resolves: #1574588

- Intel CPU microcode update to 20180425.

- Resolves: #1574588

- Revert Microcode from Intel and AMD for Side Channel attack

- Resolves: #1533941

- Update microcode data file to 20180108 revision.

- Resolves: #1527354

- Update Intel CPU microde for 06-3f-02, 06-4f-01, and 06-55-04

- Add amd microcode_amd_fam17h.bin data file

- Resolves: #1527354

- Update microcode data file to 20170707 revision.

- Resolves: #1465143

- Revert microcode_amd_fam15h.bin to version from amd-ucode-2012-09-10

- Resolves: #1322525

- Update microcode data file to 20161104 revision.

- Add workaround for E5-26xxv4

- Resolves: #1346045

- Update microcode data file to 20160714 revision.

- Resolves: #1346045

- Update amd microcode data file to amd-ucode-2013-11-07

- Resolves: #1322525

- Update microcode data file to 20151106 revision.

- Resolves: #1244968

- Remove bad file permissions on /lib/udev/rules.d/89-microcode.rules

- Resolves: #1201276

- Update microcode data file to 20150121 revision.

- Resolves: #1123992

- Update microcode data file to 20140624 revision.

- Resolves: #1113394

- Update microcode data file to 20140430 revision.

- Resolves: #1036240

Solution

Update the affected microcode_ctl package.

See Also

https://oss.oracle.com/pipermail/oraclevm-errata/2020-June/000988.html

https://oss.oracle.com/pipermail/oraclevm-errata/2020-June/000986.html

Plugin Details

Severity: Medium

ID: 137739

File Name: oraclevm_OVMSA-2020-0026.nasl

Version: 1.3

Type: local

Published: 6/23/2020

Updated: 8/13/2020

Dependencies: ssh_get_info.nasl

Risk Information

Risk Factor: Medium

VPR Score: 7.6

CVSS Score Source: CVE-2017-5715

CVSS v2.0

Base Score: 4.7

Temporal Score: 4.1

Vector: AV:L/AC:M/Au:N/C:C/I:N/A:N

Temporal Vector: E:H/RL:OF/RC:C

CVSS v3.0

Base Score: 5.6

Temporal Score: 5.4

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

Temporal Vector: E:H/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:microcode_ctl, cpe:/o:oracle:vm_server:3.3, cpe:/o:oracle:vm_server:3.4

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/22/2020

Vulnerability Publication Date: 1/4/2018

Reference Information

CVE: CVE-2017-5715, CVE-2019-0117, CVE-2019-11135, CVE-2019-11139, CVE-2020-0543, CVE-2020-0548, CVE-2020-0549