OracleVM 2.1 : kernel (OVMSA-2009-0004)
High Nessus Plugin ID 79453
SynopsisThe remote OracleVM host is missing one or more security updates.
DescriptionThe remote OracleVM system is missing necessary patches to address critical security updates :
CVE-2008-3528 The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 184.108.40.206 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries.
CVE-2008-5700 libata in the Linux kernel before 220.127.116.11 does not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program.
CVE-2009-0028 The clone system call in the Linux kernel 2.6.28 and earlier allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting this new process exit. CVE-2009-0322 drivers/firmware/dell_rbu.c in the Linux kernel before 18.104.22.168, and 2.6.28.x before 22.214.171.124, allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size file in /sys/devices/platform/dell_rbu/. CVE-2009-0675 The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel before 126.96.36.199 permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an 'inverted logic' issue. CVE-2009-0676 The sock_getsockopt function in net/core/sock.c in the Linux kernel before 188.8.131.52 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request.
- CVE-2008-3528 - [fs] ext: directory corruption DoS (Eugene Teo)
- CVE-2008-5700 - [block] enforce a minimum SG_IO timeout (Eugene Teo)
- CVE-2009-0322 - [firmware] dell_rbu: prevent oops (Don Howard)
- CVE-2009-0028 - [misc] minor signal handling vulnerability (Oleg Nesterov) [479963 479964]
- CVE-2009-0676 - [net] memory disclosure in SO_BSDCOMPAT gsopt (Eugene Teo) [486517 486518]
- CVE-2009-0675 - [net] skfp_ioctl inverted logic flaw (Eugene Teo)
- CVE-2009-0778 - not required
- CVE-2009-0269 - not required
- Enable enic
- Finish porting infrastructure for fnic but disable it on 32bit
- Add netconsole support for bonding in dom0 (Tina Yang) [orabug 8231228]
- Add Cisco fnic/enic support, requires fc infrastructure from el5u3
SolutionUpdate the affected packages.