OracleVM 2.2 : xen (OVMSA-2012-0049)

low Nessus Plugin ID 79487

Language:

Synopsis

The remote OracleVM host is missing one or more security updates.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

- XSA-20: VCPU/timers: Prevent overflow in calculations [orabug 15852489] (CVE-2012-4535)

- XSA-22: Prevent incorrect updates of m2p mappings [orabug 15852490] (CVE-2012-4537)

- Increase network hotplug script timeout to 200 (Chuang Cao) [Orabug 14378502]

Solution

Update the affected packages.

Plugin Details

Severity: Low

ID: 79487

File Name: oraclevm_OVMSA-2012-0049.nasl

Version: 1.4

Type: local

Family: OracleVM Local Security Checks

Published: 11/26/2014

Updated: 1/4/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.0

CVSS v2

Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.8

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:xen, p-cpe:/a:oracle:vm:xen-64, p-cpe:/a:oracle:vm:xen-debugger, p-cpe:/a:oracle:vm:xen-devel, p-cpe:/a:oracle:vm:xen-pvhvm-devel, p-cpe:/a:oracle:vm:xen-tools, cpe:/o:oracle:vm_server:2.2

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 11/16/2012

Vulnerability Publication Date: 11/21/2012

Reference Information

CVE: CVE-2012-4535, CVE-2012-4537

BID: 56498

Detections

Analytics