OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0041)

high Nessus Plugin ID 140361
New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.

VPR Score: 5.9

Synopsis

The remote OracleVM host is missing one or more security updates.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

- can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices (Tomas Bortoli) [Orabug: 31351221] (CVE-2019-19535)

- media: hdpvr: Fix an error handling path in hdpvr_probe (Arvind Yadav) [Orabug: 31352053] (CVE-2017-16644)

- fs/binfmt_misc.c: do not allow offset overflow (Thadeu Lima de Souza Cascardo) [Orabug: 31588258] - clear inode and truncate pages before enqueuing for async inactivation (Gautham Ananthakrishna) [Orabug: 31744270]

- mm: create alloc_last_chance debugfs entries (Mike Kravetz) [Orabug: 31295499] - mm: perform 'last chance' reclaim efforts before allocation failure (Mike Kravetz) [Orabug: 31295499] - mm: let page allocation slowpath retry 'order' times (Mike Kravetz) [Orabug: 31295499] - fix kABI breakage from 'netns: provide pure entropy for net_hash_mix' (Dan Duval) [Orabug: 31351904] (CVE-2019-10638) (CVE-2019-10639)

- netns: provide pure entropy for net_hash_mix (Eric Dumazet) [Orabug: 31351904] (CVE-2019-10638) (CVE-2019-10639)

- hrtimer: Annotate lockless access to timer->base (Eric Dumazet) [Orabug: 31380495] - rds: ib: Revert 'net/rds:
Avoid stalled connection due to CM REQ retries' (H&aring kon Bugge) [Orabug: 31648141] - rds: Clear reconnect pending bit (H&aring kon Bugge) [Orabug:
31648141] - RDMA/netlink: Do not always generate an ACK for some netlink operations (H&aring kon Bugge) [Orabug:
31666975] - genirq/proc: Return proper error code when irq_set_affinity fails (Wen Yaxng) [Orabug: 31723450]

- fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info (Alexander Potapenko) [Orabug:
31350639] (CVE-2020-10732)

- crypto: user - fix memory leak in crypto_report (Navid Emamdoost) [Orabug: 31351640] (CVE-2019-19062)

- of: unittest: fix memory leak in unittest_data_add (Navid Emamdoost) [Orabug: 31351702] (CVE-2019-19049)

- IB/sa: Resolv use-after-free in ib_nl_make_request (Divya Indi) [Orabug: 31656992] - net-sysfs: call dev_hold if kobject_init_and_add success (YueHaibing) [Orabug: 31687545] (CVE-2019-20811)

Solution

Update the affected kernel-uek / kernel-uek-firmware packages.

See Also

http://www.nessus.org/u?566c17a8

Plugin Details

Severity: High

ID: 140361

File Name: oraclevm_OVMSA-2020-0041.nasl

Version: 1.2

Type: local

Published: 9/8/2020

Updated: 9/10/2020

Dependencies: ssh_get_info.nasl

Risk Information

Risk Factor: High

VPR Score: 5.9

CVSS Score Source: CVE-2017-16644

CVSS v2.0

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3.0

Base Score: 6.6

Temporal Score: 5.8

Vector: CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*, p-cpe:2.3:a:oracle:vm:kernel-uek:*:*:*:*:*:*:*, p-cpe:2.3:a:oracle:vm:kernel-uek-firmware:*:*:*:*:*:*:*

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 9/4/2020

Vulnerability Publication Date: 11/7/2017

Reference Information

CVE: CVE-2017-16644, CVE-2019-10638, CVE-2019-10639, CVE-2019-19049, CVE-2019-19062, CVE-2019-19535, CVE-2019-20811, CVE-2020-10732