OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0054)

medium Nessus Plugin ID 143454


The remote OracleVM host is missing one or more security updates.


The remote OracleVM system is missing necessary patches to address critical security updates :

- qla2xxx: disable target reset during link reset and update version (Quinn Tran) [Orabug: 32095664] - scsi:
qla2xxx: Fix early srb free on abort (Quinn Tran) [Orabug: 32095664] - scsi: qla2xxx: Fix comment in MODULE_PARM_DESC in qla2xxx (Masanari Iida) [Orabug:
32095664] - scsi: qla2xxx: Enable Async TMF processing [Orabug: 32095664] - qla2xxx: tweak debug message for task management path (Quinn Tran) [Orabug: 32095664] - scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV (Arun Easi) [Orabug: 32095664] - scsi: qla2xxx:
Fix fabric scan hang (Quinn Tran) [Orabug: 32095664] - scsi: qla2xxx: Do command completion on abort timeout (Quinn Tran) [Orabug: 32095664] - scsi: qla2xxx: Fix abort timeout race condition. (Quinn Tran) [Orabug:
32095664] - scsi: qla2xxx: Fix race between switch cmd completion and timeout (Quinn Tran) [Orabug: 32095664] - scsi: qla2xxx: Add IOCB resource tracking (Quinn Tran) [Orabug: 32095664] - scsi: qla2xxx:v2: Fix double scsi_done for abort path (Quinn Tran) [Orabug: 32095664]
- scsi: qla2xxx: v2 Fix a race condition between aborting and completing a SCSI command (Bart Van Assche) [Orabug: 32095664] - scsi: qla2xxx: Really fix qla2xxx_eh_abort (Bart Van Assche) [Orabug: 32095664] - scsi: qla2xxx: v2 Reject EH_[abort|device_reset|target_request] (Quinn Tran) [Orabug: 32095664] - scsi: qla2xxx: v2: Fix race conditions in the code for aborting SCSI commands (Bart Van Assche) [Orabug: 32095664]

- IB/ipoib: Arm 'send_cq' to process completions in due time (Gerd Rausch) [Orabug: 31512608]

- block: Move part of bdi_destory to del_gendisk as bdi_unregister. (Jan Kara) [Orabug: 32124131] - kernel:
add panic_on_taint (Rafael Aquini) [Orabug: 32138039]

- drm/vmwgfx: Make sure backup_handle is always valid (Sinclair Yeh) [Orabug: 31352076] (CVE-2017-9605)

- random32: move the pseudo-random 32-bit definitions to prandom.h (Linus Torvalds) [Orabug: 31698086] (CVE-2020-16166)

- random32: remove net_rand_state from the latent entropy gcc plugin (Linus Torvalds) [Orabug: 31698086] (CVE-2020-16166)

- random: fix circular include dependency on arm64 after addition of percpu.h (Willy Tarreau) [Orabug: 31698086] (CVE-2020-16166)

- random32: update the net random state on interrupt and activity (Willy Tarreau) [Orabug: 31698086] (CVE-2020-16166)

- x86/kvm: move kvm_load/put_guest_xcr0 into atomic context (WANG Chao) [Orabug: 32021856] - kvm: x86: do not leak guest xcr0 into host interrupt handlers (David Matlack) [Orabug: 32021856]


Update the affected kernel-uek / kernel-uek-firmware packages.

See Also

Plugin Details

Severity: Medium

ID: 143454

File Name: oraclevm_OVMSA-2020-0054.nasl

Version: 1.2

Type: local

Published: 12/3/2020

Updated: 12/7/2020

Risk Information


Risk Factor: Medium

Score: 5.1


Risk Factor: Medium

Base Score: 4.9

Temporal Score: 3.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N


Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:kernel-uek, p-cpe:/a:oracle:vm:kernel-uek-firmware, cpe:/o:oracle:vm_server:3.4

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 12/2/2020

Vulnerability Publication Date: 6/13/2017

Reference Information

CVE: CVE-2017-9605, CVE-2020-16166