Detections
Analytics

OracleVM 3.4 : kernel-uek (OVMSA-2023-0016)

high Nessus Plugin ID 179930

Language:

Synopsis

The remote OracleVM host is missing one or more security updates.

Description

The remote OracleVM system is missing necessary patches to address security updates:

 - A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect. (CVE-2022-3169)

 - A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents. We recommend upgrading past version 6.1.8 or commit 739790605705ddcf18f21782b9c99ad7d53a8c11 (CVE-2023-0458)

 - A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
 (CVE-2023-1670)

 - A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.
 (CVE-2023-2162)

 - ** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it was the duplicate of CVE-2023-31436. (CVE-2023-2248)

 - cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). (CVE-2023-23454)

 - A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device.
 This flaw allows a local user to crash the system or potentially cause a denial of service.
 (CVE-2023-28328)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel-uek / kernel-uek-firmware packages.

See Also

https://linux.oracle.com/cve/CVE-2022-3169.html

https://linux.oracle.com/cve/CVE-2023-0458.html

https://linux.oracle.com/cve/CVE-2023-1670.html

https://linux.oracle.com/cve/CVE-2023-2162.html

https://linux.oracle.com/cve/CVE-2023-2248.html

https://linux.oracle.com/cve/CVE-2023-23454.html

https://linux.oracle.com/cve/CVE-2023-28328.html

https://linux.oracle.com/errata/OVMSA-2023-0016.html

Plugin Details

Severity: High

ID: 179930

File Name: oraclevm_OVMSA-2023-0016.nasl

Version: 1.0

Type: local

Published: 8/17/2023

Updated: 8/17/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2023-1670

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:kernel-uek, p-cpe:/a:oracle:vm:kernel-uek-firmware, cpe:/o:oracle:vm_server:3.4

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 8/3/2023

Vulnerability Publication Date: 9/9/2022

Reference Information

CVE: CVE-2022-3169, CVE-2023-0458, CVE-2023-1670, CVE-2023-2162, CVE-2023-2248, CVE-2023-23454, CVE-2023-28328