Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2020-5804)

High Nessus Plugin ID 139476

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 6.7

Synopsis

The remote Oracle Linux host is missing one or more security updates.

Description

Description of changes:

[4.14.35-1902.305.4.el7uek]
- ptp: free ptp device pin descriptors properly (Vladis Dronov) [Orabug: 31710994]

[4.14.35-1902.305.3.el7uek]
- fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (Alexander Potapenko) [Orabug: 31350638] {CVE-2020-10732}
- PCI: vmd: Filter resource type bits from shadow register (Jon Derrick) [Orabug: 31674879]
- PCI: vmd: Add device id for VMD device 8086:9A0B (Jon Derrick) [Orabug: 31674879]
- PCI: vmd: Fix shadow offsets to reflect spec changes (Jon Derrick) [Orabug: 31674879]
- PCI: vmd: Fix config addressing when using bus offsets (Jon Derrick) [Orabug: 31674879]
- PCI/VMD: Configure MPS settings before adding devices (Jon Derrick) [Orabug: 31674879]
- PCI: vmd: Add an additional VMD device id to driver device id table (Jon Derrick) [Orabug: 31674879]
- PCI: vmd: Add offset to bus numbers if necessary (Jon Derrick) [Orabug: 31674879]
- PCI: vmd: Assign membar addresses from shadow registers (Jon Derrick) [Orabug: 31674879]
- PCI: Add Intel VMD devices to pci ids (Jon Derrick) [Orabug: 31674879]
- misc: pvpanic: add crash loaded event (zhenwei pi) [Orabug: 31677099]
- kvm: Increase KVM_USER_MEM_SLOTS for dense memory hotplug (Eric DeVolder) [Orabug: 31694369]

[4.14.35-1902.305.2.el7uek]
- net-sysfs: call dev_hold if kobject_init_and_add success (YueHaibing) [Orabug: 31445419] {CVE-2019-20811}
- vfio-pci: protect remap_pfn_range() from simultaneous calls (Ankur Arora) [Orabug: 31663632] {CVE-2020-12888} {CVE-2020-12888}
- crypto: user - fix memory leak in crypto_report (Navid Emamdoost) [Orabug: 31351639] {CVE-2019-19062}
- iwlwifi: pcie: fix rb_allocator workqueue allocation (Johannes Berg) [Orabug: 31351807] {CVE-2019-16234}
- RDMA/netlink: Do not always generate an ACK for some netlink operations (H&aring kon Bugge) [Orabug: 31666974]
- Revert 'uek-rpm: Move grub boot menu update to posttrans stage.' (Somasundaram Krishnasamy) [Orabug: 31358100]
- net: dsa: Do not leave DSA master with NULL netdev_ops (Allen Pais) [Orabug: 31038233]
- rds/ib: Make i_{recv,send}_hdrs non-contigious (Hans Westgaard Ry) [Orabug: 30358057]
- certs: Remove Oracle cert compiled into the kernel (Eric Snowberg) [Orabug: 31555628]
- CIFS: dump IPC tcon in debug proc file (Aurelien Aptel) [Orabug: 31500374]
- CIFS: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl (Aurelien Aptel) [Orabug: 31500374]
- CIFS: make IPC a regular tcon (Aurelien Aptel) [Orabug: 31500374]
- CIFS: don't log STATUS_NOT_FOUND errors for DFS (Aurelien Aptel) [Orabug: 31500374]
- efi: Restrict efivar_ssdt_load when the kernel is locked down (Matthew Garrett) [Orabug: 31643409] {CVE-2019-20908}
- uek-rpm: drivers: enable VMD PCIe controller (Todd Vierling) [Orabug: 30646928]
- ext4: fix ext4_empty_dir() for directories with holes (Jan Kara) [Orabug: 31265319] {CVE-2019-19037} {CVE-2019-19037}
- IB/sa: Resolv use-after-free in ib_nl_make_request() (Divya Indi) [Orabug: 31631531]
- ocfs2: change slot number type s16 to u16 (Junxiao Bi) [Orabug: 31480605]
- ocfs2: fix value of OCFS2_INVALID_SLOT (Junxiao Bi) [Orabug: 31480605]
- ocfs2: fix panic on nfs server over ocfs2 (Junxiao Bi) [Orabug: 31480605]
- ocfs2: load global_inode_alloc (Junxiao Bi) [Orabug: 31480605]
- ocfs2: avoid inode removal while nfsd is accessing it (Junxiao Bi) [Orabug: 31480605]

[4.14.35-1902.305.1.el7uek]
- x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned (Tony Luck) [Orabug: 31601132]
- libertas: fix a potential NULL pointer dereference (Allen Pais) [Orabug: 31351822] {CVE-2019-16232}
- ext4: work around deleting a file with i_nlink == 0 safely (Theodore Ts'o) [Orabug: 31351013] {CVE-2019-19447}

[4.14.35-1902.305.0.el7uek]
- thermal: support for Marvell Octeon TX SoC temperature sensors (Eric Saint-Etienne) [Orabug: 31564706]
- thermal: support for Marvell Octeon TX2 SoC temperature sensors (Eric Saint-Etienne) [Orabug: 31564706]
- x86/speculation: Prevent rogue cross-process SSBD shutdown (Anthony Steinhauser) [Orabug: 31557902] {CVE-2020-10768}
- psi: Fix double free (Tom Hromatka) [Orabug: 31535640]
- vfio/pci: Fix SR-IOV VF handling with MMIO blocking (Alex Williamson) [Orabug: 31439670] {CVE-2020-12888}
- vfio/pci: Mask buggy SR-IOV VF INTx support (Alex Williamson) [Orabug: 31439670] {CVE-2020-12888}
- vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (Alex Williamson) [Orabug: 31439670] {CVE-2020-12888} {CVE-2020-12888}
- vfio/pci: call irq_bypass_unregister_producer() before freeing irq (Jiang Yi) [Orabug: 31439670] {CVE-2020-12888}
- vfio/pci: Pull BAR mapping setup from read-write path (Alex Williamson) [Orabug: 31439670] {CVE-2020-12888}
- vfio_pci: Enable memory accesses before calling pci_map_rom (Eric Auger) [Orabug: 31439670] {CVE-2020-12888}
- vfio-pci: Fault mmaps to enable vma tracking (Alex Williamson) [Orabug: 31439670] {CVE-2020-12888}
- vfio/type1: Support faulting PFNMAP vmas (Alex Williamson) [Orabug: 31439670] {CVE-2020-12888}
- vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() (Sean Christopherson) [Orabug: 31439670] {CVE-2020-12888}
- of: unittest: fix memory leak in unittest_data_add (Navid Emamdoost) [Orabug: 31351701] {CVE-2019-19049}

Solution

Update the affected unbreakable enterprise kernel packages.

See Also

https://oss.oracle.com/pipermail/el-errata/2020-August/010228.html

Plugin Details

Severity: High

ID: 139476

File Name: oraclelinux_ELSA-2020-5804.nasl

Version: 1.1

Type: local

Agent: unix

Published: 2020/08/11

Updated: 2020/08/11

Dependencies: 12634, 122878

Risk Information

Risk Factor: High

VPR Score: 6.7

CVSS v2.0

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS v3.0

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:kernel-uek, p-cpe:/a:oracle:linux:kernel-uek-debug, p-cpe:/a:oracle:linux:kernel-uek-debug-devel, p-cpe:/a:oracle:linux:kernel-uek-devel, p-cpe:/a:oracle:linux:kernel-uek-doc, p-cpe:/a:oracle:linux:kernel-uek-tools, cpe:/o:oracle:linux:7

Required KB Items: Host/local_checks_enabled, Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2020/08/10

Vulnerability Publication Date: 2019/09/11

Reference Information

CVE: CVE-2019-16232, CVE-2019-16234, CVE-2019-19037, CVE-2019-19049, CVE-2019-19062, CVE-2019-19447, CVE-2019-20811, CVE-2019-20908, CVE-2020-10732, CVE-2020-10768, CVE-2020-12888