OracleVM 3.3 : xen (OVMSA-2014-0025)
High Nessus Plugin ID 79541
SynopsisThe remote OracleVM host is missing one or more security updates.
DescriptionThe remote OracleVM system is missing necessary patches to address critical security updates :
- x86/HVM: properly bound x2APIC MSR range This is XSA-108. Additional changelog comments added to 4.3.0-55.el22.214.171.124 (CVE-2014-7188)
- Fix for bug 19698535
- x86emul: only emulate software interrupt injection for real mode Protected mode emulation currently lacks proper privilege checking of the referenced IDT entry, and there's currently no legitimate way for any of the respective instructions to reach the emulator when the guest is in protected mode. This is XSA-106.
- x86/emulate: check cpl for all privileged instructions Without this, it is possible for userspace to load its own IDT or GDT. This is XSA-105. (CVE-2014-7155)
SolutionUpdate the affected xen / xen-tools packages.