OracleVM 3.1 : kernel-uek (OVMSA-2012-0042)

High Nessus Plugin ID 79484


The remote OracleVM host is missing one or more security updates.


The remote OracleVM system is missing necessary patches to address critical security updates :

- Fix bug number for commit 'cciss: Update HPSA_BOUNDARY' (Joe Jin) [Orabug: 14681166]

- cciss: Update HPSA_BOUNDARY. (Joe Jin) [Orabug:

- KVM: introduce kvm_for_each_memslot macro (Maxim Uvarov) [Bugdb: 13966]

- dl2k: Clean up rio_ioctl (Jeff Mahoney) [Orabug:
14126896] (CVE-2012-2313)

- NFSv4: include bitmap in nfsv4 get acl data (Andy Adamson) (CVE-2011-4131)

- KVM: Fix buffer overflow in kvm_set_irq (Avi Kivity) [Bugdb: 13966] (CVE-2012-2137)

- net: sock: validate data_len before allocating skb in sock_alloc_send_pskb (Jason Wang) [Bugdb: 13966] (CVE-2012-2136)

- mm: pmd_read_atomic: fix 32bit PAE pmd walk vs pmd_populate SMP race condition (Andrea Arcangeli) [Bugdb: 13966] (CVE-2012-2373)

- KVM: lock slots_lock around device assignment (Alex Williamson) [Bugdb: 13966] (CVE-2012-2121)

- KVM: unmap pages from the iommu when slots are removed (Maxim Uvarov) [Bugdb: 13966] (CVE-2012-2121)

- fcaps: clear the same personality flags as suid when fcaps are used (Eric Paris) [Bugdb: 13966] (CVE-2012-2123)

- tilegx: enable SYSCALL_WRAPPERS support (Chris Metcalf) (CVE-2009-0029)

- drm/i915: fix integer overflow in i915_gem_do_execbuffer (Xi Wang) [Orabug: 14107456] (CVE-2012-2384)

- drm/i915: fix integer overflow in i915_gem_execbuffer2 (Xi Wang) [Orabug: 14107445] (CVE-2012-2383)

- [dm] do not forward ioctls from logical volumes to the underlying device (Joe Jin) (CVE-2011-4127)

- [block] fail SCSI passthrough ioctls on partition devices (Joe Jin) (CVE-2011-4127)

- [block] add and use scsi_blk_cmd_ioctl (Joe Jin) [Orabug: 14056755] (CVE-2011-4127)

- KVM: Ensure all vcpus are consistent with in-kernel irqchip settings (Avi Kivity) [Bugdb: 13871] (CVE-2012-1601)

- regset: Return -EFAULT, not -EIO, on host-side memory fault (H. Peter Anvin) (CVE-2012-1097)

- regset: Prevent null pointer reference on readonly regsets (H. Peter Anvin) (CVE-2012-1097)

- cifs: fix dentry refcount leak when opening a FIFO on lookup (Jeff Layton) (CVE-2012-1090)

- mm: thp: fix pmd_bad triggering in code paths holding mmap_sem read mode (Andrea Arcangeli) (CVE-2012-1179)

- ext4: fix undefined behavior in ext4_fill_flex_info (Xi Wang) (CVE-2009-4307)

- ocfs2: clear unaligned io flag when dio fails (Junxiao Bi) [Orabug: 14063941]

- aio: make kiocb->private NUll in init_sync_kiocb (Junxiao Bi) [Orabug: 14063941]

- igb: Fix for Alt MAC Address feature on 82580 and later devices (Carolyn Wyborny) [Orabug: 14258706]

- igb: Alternate MAC Address Updates for Func2&3 (Akeem G.
Abodunrin) [Orabug: 14258706]

- igb: Alternate MAC Address EEPROM Updates (Akeem G.
Abodunrin) [Orabug: 14258706]

- cciss: only enable cciss_allow_hpsa when for ol5 (Joe Jin) [Orabug: 14106006]

- Revert 'cciss: remove controllers supported by hpsa' (Joe Jin) [Orabug: 14106006]

- [scsi] hpsa: add all support devices for ol5 (Joe Jin) [Orabug: 14106006]

- Disable VLAN 0 tagging for none VLAN traffic (Adnan Misherfi) [Orabug: 14406424]

- x86: Add Xen kexec control code size check to linker script (Daniel Kiper)

- drivers/xen: Export vmcoreinfo through sysfs (Daniel Kiper)

- x86/xen/enlighten: Add init and crash kexec/kdump hooks (Maxim Uvarov)

- x86/xen: Add kexec/kdump makefile rules (Daniel Kiper)

- x86/xen: Add x86_64 kexec/kdump implementation (Daniel Kiper)

- x86/xen: Add placeholder for i386 kexec/kdump implementation (Daniel Kiper)

- x86/xen: Register resources required by kexec-tools (Daniel Kiper)

- x86/xen: Introduce architecture dependent data for kexec/kdump (Daniel Kiper)

- xen: Introduce architecture independent data for kexec/kdump (Daniel Kiper)

- x86/kexec: Add extra pointers to transition page table PGD, PUD, PMD and PTE (Daniel Kiper)

- kexec: introduce kexec_ops struct (Daniel Kiper)

- SPEC: replace DEFAULTKERNEL from kernel-ovs to kernel-uek


Update the affected kernel-uek / kernel-uek-firmware packages.

See Also

Plugin Details

Severity: High

ID: 79484

File Name: oraclevm_OVMSA-2012-0042.nasl

Version: $Revision: 1.7 $

Type: local

Published: 2014/11/26

Modified: 2017/02/14

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.2

Temporal Score: 6.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:kernel-uek, p-cpe:/a:oracle:vm:kernel-uek-firmware, cpe:/o:oracle:vm_server:3.1

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2012/10/22

Reference Information

CVE: CVE-2009-0029, CVE-2009-4307, CVE-2011-4127, CVE-2011-4131, CVE-2012-1090, CVE-2012-1097, CVE-2012-1179, CVE-2012-1601, CVE-2012-2121, CVE-2012-2123, CVE-2012-2136, CVE-2012-2137, CVE-2012-2313, CVE-2012-2373, CVE-2012-2383, CVE-2012-2384

BID: 50655, 51176, 52197, 52274, 52533, 53162, 53166, 53488, 53614, 53721, 53965, 53971, 54063

OSVDB: 77100

CWE: 20, 189