Detections
Analytics
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2016-104)
high Nessus Plugin ID 121162
Synopsis
The remote Virtuozzo host is missing multiple security updates.Description
According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities :- Stack overflow via ecryptfs and /proc/$pid/environ. It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a recursion by mapping /proc/environ. An unprivileged, local user could potentially use this flaw to escalate their privileges on the system.
- Use after free in tcp_xmit_retransmit_queue. A use after free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions.
This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection.
- block: fix use-after-free in seq file. Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.
- block: fix use-after-free in sys_ioprio_get(). Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.
Note that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected parallels-server-bm-release / vzkernel / etc packages.See Also
https://access.redhat.com/solutions/2374831
https://infosec.cert-pa.it/cve-2016-7910.html
https://infosec.cert-pa.it/cve-2016-7911.html
https://source.android.com/security/bulletin/2016-11-01.html
Plugin Details
Severity: High
ID: 121162
File Name: Virtuozzo_VZA-2016-104.nasl
Version: 1.4
Type: local
Family: Virtuozzo Local Security Checks
Published: 1/14/2019
Updated: 6/26/2024
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 7.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2016-7911
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:virtuozzo:virtuozzo:vzmodules, p-cpe:/a:virtuozzo:virtuozzo:vzkernel-devel, p-cpe:/a:virtuozzo:virtuozzo:vzmodules-devel, p-cpe:/a:virtuozzo:virtuozzo:vzkernel-firmware, p-cpe:/a:virtuozzo:virtuozzo:parallels-server-bm-release, p-cpe:/a:virtuozzo:virtuozzo:vzkernel, cpe:/o:virtuozzo:virtuozzo:6
Required KB Items: Host/local_checks_enabled, Host/Virtuozzo/release, Host/Virtuozzo/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 11/21/2016
Reference Information
CVE: CVE-2016-1583, CVE-2016-6828, CVE-2016-7910, CVE-2016-7911