The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4114 advisory.

    - KVM: SVM: Move spec control call after restore of GS (Thomas Gleixner)   {CVE-2018-3639}
    - x86/bugs: Fix the parameters alignment and missing void (Konrad Rzeszutek Wilk)   {CVE-2018-3639}
    - x86/bugs: Make cpu_show_common() static (Jiri Kosina)   {CVE-2018-3639}
    - x86/bugs: Fix __ssb_select_mitigation() return type (Jiri Kosina)   {CVE-2018-3639}
    - Documentation/spec_ctrl: Do some minor cleanups (Borislav Petkov)   {CVE-2018-3639}
    - proc: Use underscores for SSBD in 'status' (Konrad Rzeszutek Wilk)   {CVE-2018-3639}
    - x86/bugs: Rename _RDS to _SSBD (Konrad Rzeszutek Wilk)   {CVE-2018-3639}
    - x86/speculation: Make 'seccomp' the default mode for Speculative Store Bypass (Kees Cook)     {CVE-2018-3639}
    - seccomp: Move speculation migitation control to arch code (Thomas Gleixner)   {CVE-2018-3639}
    - seccomp: Add filter flag to opt-out of SSB mitigation (Kees Cook)   {CVE-2018-3639}
    - seccomp: Use PR_SPEC_FORCE_DISABLE (Thomas Gleixner)   {CVE-2018-3639}
    - prctl: Add force disable speculation (Konrad Rzeszutek Wilk)   {CVE-2018-3639}
    - seccomp: Enable speculation flaw mitigations (Kees Cook)   {CVE-2018-3639}
    - proc: Provide details on speculation flaw mitigations (Kees Cook)   {CVE-2018-3639}
    - nospec: Allow getting/setting on non-current task (Kees Cook)   {CVE-2018-3639}
    - x86/bugs/IBRS: Disable SSB (RDS) if IBRS is sslected for spectre_v2. (Konrad Rzeszutek Wilk)     {CVE-2018-3639}
    - x86/speculation: Add prctl for Speculative Store Bypass mitigation (Thomas Gleixner)   {CVE-2018-3639}
    - x86: thread_info.h: move RDS from index 5 to 23 (Mihai Carabas)   {CVE-2018-3639}
    - x86/process: Allow runtime control of Speculative Store Bypass (Thomas Gleixner)   {CVE-2018-3639}
    - prctl: Add speculation control prctls (Thomas Gleixner)   {CVE-2018-3639}
    - x86/speculation: Create spec-ctrl.h to avoid include hell (Thomas Gleixner)   {CVE-2018-3639}
    - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest (Konrad Rzeszutek Wilk)   {CVE-2018-3639}
    - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested (Konrad Rzeszutek Wilk)     {CVE-2018-3639}
    - x86/bugs: Whitelist allowed SPEC_CTRL MSR values (Konrad Rzeszutek Wilk)   {CVE-2018-3639}
    - x86/bugs/intel: Set proper CPU features and setup RDS (Konrad Rzeszutek Wilk)   {CVE-2018-3639}
    - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation (Konrad Rzeszutek Wilk)     {CVE-2018-3639}
    - x86/cpufeatures: Add X86_FEATURE_RDS (Konrad Rzeszutek Wilk)   {CVE-2018-3639}
    - x86/bugs: Expose /sys/../spec_store_bypass (Konrad Rzeszutek Wilk)   {CVE-2018-3639}
    - x86/cpu/intel: Add Knights Mill to Intel family (Piotr Luc)   {CVE-2018-3639}
    - x86/cpu: Rename Merrifield2 to Moorefield (Andy Shevchenko)   {CVE-2018-3639}
    - x86/bugs, KVM: Support the combination of guest and host IBRS (Konrad Rzeszutek Wilk)   {CVE-2018-3639}
    - x86/bugs/IBRS: Warn if IBRS is enabled during boot. (Konrad Rzeszutek Wilk)   {CVE-2018-3639}
    - x86/bugs/IBRS: Use variable instead of defines for enabling IBRS (Konrad Rzeszutek Wilk)     {CVE-2018-3639}
    - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits (Konrad Rzeszutek Wilk)     {CVE-2018-3639}
    - x86/bugs: Concentrate bug reporting into a separate function (Konrad Rzeszutek Wilk)   {CVE-2018-3639}
    - x86/bugs: Concentrate bug detection into a separate function (Konrad Rzeszutek Wilk)   {CVE-2018-3639}
    - x86/bugs/IBRS: Turn on IBRS in spectre_v2_select_mitigation (Konrad Rzeszutek Wilk)   {CVE-2018-3639}
    - x86/msr: Add SPEC_CTRL_IBRS.. (Konrad Rzeszutek Wilk)   {CVE-2018-3639}
    - RDS: null pointer dereference in rds_atomic_free_op (Mohamed Ghannam)  [Orabug: 27422832]     {CVE-2018-5333}
    - ACPI: sbshc: remove raw pointer from printk() message (Greg Kroah-Hartman)  [Orabug: 27501257]     {CVE-2018-5750}
    - futex: Prevent overflow by strengthen input validation (Li Jinyue)  [Orabug: 27539548]  {CVE-2018-6927}
    - dm: fix race between dm_get_from_kobject() and __dm_destroy() (Hou Tao)  [Orabug: 27677556]     {CVE-2017-18203}
    - mm/mempolicy: fix use after free when calling get_mempolicy (zhong jiang)  [Orabug: 27963519]     {CVE-2018-10675}
    - drm: udl: Properly check framebuffer mmap offsets (Greg Kroah-Hartman)  [Orabug: 27963530]     {CVE-2018-8781}
    - xfs: set format back to extents if xfs_bmap_extents_to_btree (Eric Sandeen)  [Orabug: 27963576]     {CVE-2018-10323}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4114)

high Nessus Plugin ID 110071

Version 1.15

Version 1.14

Version 1.13

Version 1.15 Oct 24, 2024, 7:46 AM Exploit attributes ("Exploit framework metasploit" set to "True") Plugin Feed: 202410240746
Version 1.14 Oct 23, 2024, 3:11 AM CVE (set "CVE" coverage to "CVE-2017-18203,CVE-2017-1000410,CVE-2018-3639,CVE-2018-5333,CVE-2018-5750,CVE-2018-6927,CVE-2018-10323,CVE-2018-10675") CVSS metrics ("Cvssv4 score" set to 0.0) CVSSv2 score source (changed from "CVE-2018-8781" to "CVE-2018-10675") CVSSv2 severity (based on None, severity decreased from "High" to "Low") CVSSv3 score source (set to "CVE-2018-6927") Detection (updated detection logic) Exploit attributes ("Exploit framework metasploit" changed from "True" to none) Plugin metadata Plugin Feed: 202410230311
Version 1.13 Oct 1, 2024, 9:12 AM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C") CVSSv2 score source (changed from "CVE-2018-10675" to "CVE-2018-8781") Plugin Feed: 202410010912