Oracle Linux 7 : kernel (ELSA-2017-0933-1)

High Nessus Plugin ID 99386

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 7.4

Synopsis

The remote Oracle Linux host is missing one or more security updates.

Description

Description of changes:

- [3.10.0-514.16.1.0.1.el7.OL7]
- [ipc] ipc/sem.c: bugfix for semctl(,,GETZCNT) (Manfred Spraul) [orabug 22552377]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(<A HREF='https://oss.oracle.com/mailman/listinfo/el-errata'>alexey.petrenko at oracle.com</A>)
- Update x509.genkey [bug 24817676]

[3.10.0-514.16.1.el7]
- [tty] n_hdlc: get rid of racy n_hdlc.tbuf ('Herton R. Krzesinski') [1429919 1429920] {CVE-2017-2636}
- [md] dm rq: cope with DM device destruction while in dm_old_request_fn() (Mike Snitzer) [1430334 1412854]
- [fs] nfs: Fix inode corruption in nfs_prime_dcache() (Benjamin Coddington) [1429514 1416532]
- [fs] nfs: Don't let readdirplus revalidate an inode that was marked as stale (Benjamin Coddington) [1429514 1416532]
- [block] Copy a user iovec if it includes gaps (Jeff Moyer) [1429508 1421263]
- [kernel] percpu-refcount: fix reference leak during percpu-atomic transition (Jeff Moyer) [1429507 1418333]
- [powerpc] eeh: eeh_pci_enable(): fix checking of post-request state (Steve Best) [1425538 1383670]
- [s390] mm: handle PTE-mapped tail pages in fast gup (Hendrik Brueckner) [1423438 1391532]
- [net] skbuff: Fix skb checksum partial check (Lance Richardson) [1422964 1411480]
- [net] skbuff: Fix skb checksum flag on skb pull (Lance Richardson) [1422964 1411480]
- [security] selinux: fix off-by-one in setprocattr (Paul Moore) [1422368 1422369] {CVE-2017-2618}
- [virtio] balloon: check the number of available pages in leak balloon (David Hildenbrand) [1417194 1401615]
- [infiniband] ib/rdmavt: Only put mmap_info ref if it exists (Jonathan Toppins) [1417191 1391299]
- [x86] kvm: x86: make lapic hrtimer pinned (Luiz Capitulino) [1416373 1392593]
- [kernel] sched/nohz: Fix affine unpinned timers mess (Luiz Capitulino) [1416373 1392593]
- [kernel] nohz: Affine unpinned timers to housekeepers (Luiz Capitulino) [1416373 1392593]
- [kernel] tick-sched: add housekeeping_mask cpumask (Luiz Capitulino) [1416373 1392593]
- [x86] platform/uv/bau: Add UV4-specific functions (Frank Ramsay) [1414715 1386692]
- [x86] platform/uv/bau: Fix payload queue setup on UV4 hardware (Frank Ramsay) [1414715 1386692]
- [x86] platform/uv/bau: Disable software timeout on UV4 hardware (Frank Ramsay) [1414715 1386692]
- [x86] platform/uv/bau: Populate ->uvhub_version with UV4 version information (Frank Ramsay) [1414715 1386692]
- [x86] platform/uv/bau: Use generic function pointers (Frank Ramsay) [1414715 1386692]
- [x86] platform/uv/bau: Add generic function pointers (Frank Ramsay) [1414715 1386692]
- [x86] platform/uv/bau: Convert uv_physnodeaddr() use to uv_gpa_to_offset() (Frank Ramsay) [1414715 1386692]
- [x86] platform/uv/bau: Clean up pq_init() (Frank Ramsay) [1414715 1386692]
- [x86] platform/uv/bau: Clean up and update printks (Frank Ramsay) [1414715 1386692]
- [x86] platform/uv/bau: Clean up vertical alignment (Frank Ramsay) [1414715 1386692]
- [virtio] virtio-pci: alloc only resources actually used (Laurent Vivier) [1413093 1375153]
- [net] avoid signed overflows for SO_{SND|RCV}BUFFORCE (Sabrina Dubroca) [1412473 1412474] {CVE-2016-9793}
- [netdrv] sfc: clear napi_hash state when copying channels (Jarod Wilson) [1401461 1394304]
- [lib] mpi: Fix NULL ptr dereference in mpi_powm() (Mateusz Guzik) [1398457 1398458] {CVE-2016-8650}
- [scsi] lpfc: Fix eh_deadline setting for sli3 adapters (Ewan Milne) [1430687 1366564]
- [md] dm round robin: revert 'use percpu 'repeat_count' and 'current_path'' (Mike Snitzer) [1430689 1422567]
- [md] dm round robin: do not use this_cpu_ptr() without having preemption disabled (Mike Snitzer) [1430689 1422567]
- Revert: [x86] Handle non enumerated CPU after physical hotplug (Prarit Bhargava) [1426633 1373738]
- Revert: [x86] smp: Don't try to poke disabled/non-existent APIC (Prarit Bhargava) [1426633 1373738]
- Revert: [x86] smpboot: Init apic mapping before usage (Prarit Bhargava) [1426633 1373738]
- Revert: [x86] revert 'perf/uncore: Disable uncore on kdump kernel' (Prarit Bhargava) [1426633 1373738]
- Revert: [x86] perf/x86/intel/uncore: Fix hardcoded socket 0 assumption in the Haswell init code (Prarit Bhargava) [1426633 1373738]

Solution

Update the affected kernel packages. Note that the updated packages may not be immediately available from the package repository and its mirrors.

See Also

https://oss.oracle.com/pipermail/el-errata/2017-April/006863.html

Plugin Details

Severity: High

ID: 99386

File Name: oraclelinux_ELSA-2017-0933-1.nasl

Version: 3.4

Type: local

Agent: unix

Published: 2017/04/14

Updated: 2019/04/10

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 7.4

CVSS v2.0

Base Score: 7.2

Temporal Score: 6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSS v3.0

Base Score: 7.8

Temporal Score: 7.2

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:kernel, p-cpe:/a:oracle:linux:kernel-abi-whitelists, p-cpe:/a:oracle:linux:kernel-debug, p-cpe:/a:oracle:linux:kernel-debug-devel, p-cpe:/a:oracle:linux:kernel-devel, p-cpe:/a:oracle:linux:kernel-doc, p-cpe:/a:oracle:linux:kernel-headers, p-cpe:/a:oracle:linux:kernel-tools, p-cpe:/a:oracle:linux:kernel-tools-libs, p-cpe:/a:oracle:linux:kernel-tools-libs-devel, p-cpe:/a:oracle:linux:perf, p-cpe:/a:oracle:linux:python-perf, cpe:/o:oracle:linux:7

Required KB Items: Host/local_checks_enabled, Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2017/04/13

Exploitable With

Core Impact

Reference Information

CVE: CVE-2016-8650, CVE-2016-9793, CVE-2017-2618, CVE-2017-2636