Detections
Analytics
RHEL 7 : ovmf (RHSA-2019:2125)
critical Nessus Plugin ID 127676
Language:
Synopsis
The remote Red Hat host is missing one or more security updates for ovmf.Description
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:2125 advisory.OVMF (Open Virtual Machine Firmware) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.
Security Fix(es):
* edk2: Privilege escalation via processing of malformed files in TianoCompress.c (CVE-2017-5731)
* edk2: Privilege escalation via processing of malformed files in BaseUefiDecompressLib.c (CVE-2017-5732)
* edk2: Privilege escalation via heap-based buffer overflow in MakeTable() function (CVE-2017-5733)
* edk2: Privilege escalation via stack-based buffer overflow in MakeTable() function (CVE-2017-5734)
* edk2: Privilege escalation via heap-based buffer overflow in Decode() function (CVE-2017-5735)
* edk2: Logic error in MdeModulePkg in EDK II firmware allows for privilege escalation by authenticated users (CVE-2018-3613)
* openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) (CVE-2018-5407)
* edk2: Stack buffer overflow with corrupted BMP (CVE-2018-12181)
* edk2: buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media (CVE-2019-0160)
* edk2: stack overflow in XHCI causing denial of service (CVE-2019-0161)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL ovmf package based on the guidance in RHSA-2019:2125.See Also
http://www.nessus.org/u?23ef5c27
http://www.nessus.org/u?cc7115e8
https://access.redhat.com/errata/RHSA-2019:2125
https://access.redhat.com/security/updates/classification/#moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1641433
https://bugzilla.redhat.com/show_bug.cgi?id=1641442
https://bugzilla.redhat.com/show_bug.cgi?id=1641446
https://bugzilla.redhat.com/show_bug.cgi?id=1641450
https://bugzilla.redhat.com/show_bug.cgi?id=1641458
https://bugzilla.redhat.com/show_bug.cgi?id=1641465
https://bugzilla.redhat.com/show_bug.cgi?id=1645695
https://bugzilla.redhat.com/show_bug.cgi?id=1686783
Plugin Details
Severity: Critical
ID: 127676
File Name: redhat-RHSA-2019-2125.nasl
Version: 1.8
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 8/12/2019
Updated: 11/7/2024
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
Vendor
Vendor Severity: Moderate
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.9
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2019-0160
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:redhat:enterprise_linux:ovmf, cpe:/o:redhat:enterprise_linux:7
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 8/6/2019
Vulnerability Publication Date: 11/15/2018
Reference Information
CVE: CVE-2017-5731, CVE-2017-5732, CVE-2017-5733, CVE-2017-5734, CVE-2017-5735, CVE-2018-12181, CVE-2018-3613, CVE-2018-5407, CVE-2019-0160, CVE-2019-0161