OracleVM 3.3 : glibc (OVMSA-2016-0013) (GHOST)

high Nessus Plugin ID 88783


The remote OracleVM host is missing one or more security updates.


The remote OracleVM system is missing necessary patches to address critical security updates :

- Update fix for CVE-2015-7547 (#1296028).

- Create helper threads with enough stack for POSIX AIO and timers (#1301625).

- Fix CVE-2015-7547: getaddrinfo stack-based buffer overflow (#1296028).

- Support loading more libraries with static TLS (#1291270).

- Check for NULL arena pointer in _int_pvalloc (#1256890).

- Don't change no_dyn_threshold on mallopt failure (#1256891).

- Unlock main arena after allocation in calloc (#1256812).

- Enable robust malloc change again (#1256812).

- Fix perturbing in malloc on free and simply perturb_byte (#1256812).

- Don't fall back to mmap prematurely (#1256812).

- The malloc deadlock avoidance support has been temporarily removed since it triggers deadlocks in certain applications (#1244002).

- Fix ruserok check to reject, not skip, negative user checks (#1217186).

- Optimize ruserok function for large ~/.rhosts (#1217186).

- Fix crash in valloc due to the backtrace deadlock fix (#1207236).

- Fix buffer overflow in gethostbyname_r with misaligned buffer (#1209376, CVE-2015-1781).

- Avoid deadlock in malloc on backtrace (#1066724).

- Support running applications that use Intel AVX-512 (#1195453).

- Silence logging of record type mismatch for DNSSEC records (#1088301).

- Shrink heap on free when vm.overcommit_memory == 2 (#867679).

- Enhance nscd to detect any configuration file changes (#859965).

- Fix __times handling of EFAULT when buf is NULL (#1124204).

- Fix memory leak with dlopen and thread-local storage variables (#978098).

- Prevent getaddrinfo from writing DNS queries to random fd (CVE-2013-7423, - Implement userspace half of in6.h header coordination (#1053178).

- Correctely size relocation cache used by profiler (#1144132).

- Fix reuse of cached stack leading to bounds overrun of DTV (#1116050).

- Return failure in getnetgrent only when all netgroups have been searched (#1085312).

- Fix valgrind warning in nscd_stats (#1091915).

- Initialize xports array (#1159167).

- Fix tst-default-attr test to not fail on powerpc (#1023306).

- Fix parsing of numeric hosts in gethostbyname_r (CVE-2015-0235, #1183534).

- Fix typo in nscd/selinux.c (#1125307).

- Actually run test-iconv modules (#1176907).

- Fix recursive dlopen (#1154563).

- Fix crashes on invalid input in IBM gconv modules (CVE-2014-6040, #1172044).

- Fix wordexp to honour WRDE_NOCMD (CVE-2014-7817, #1171296).

- Fix typo in res_send and res_query (#rh1138769).


Update the affected glibc / glibc-common / nscd packages.

See Also

Plugin Details

Severity: High

ID: 88783

File Name: oraclevm_OVMSA-2016-0013.nasl

Version: 2.25

Type: local

Published: 2/17/2016

Updated: 1/4/2021

Supported Sensors: Nessus

Risk Information


Risk Factor: Critical

Score: 9.8


Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C


Risk Factor: High

Base Score: 8.1

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:glibc, p-cpe:/a:oracle:vm:glibc-common, p-cpe:/a:oracle:vm:nscd, cpe:/o:oracle:vm_server:3.3

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/16/2016

Vulnerability Publication Date: 11/24/2014

Exploitable With

Core Impact

Metasploit (Exim GHOST (glibc gethostbyname) Buffer Overflow)

Reference Information

CVE: CVE-2013-7423, CVE-2014-6040, CVE-2014-7817, CVE-2015-0235, CVE-2015-1781, CVE-2015-7547

BID: 69472, 71216, 72325, 72844, 74255

IAVA: 2016-A-0053

TRA: TRA-2017-08