Detections
Analytics
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4850)
high Nessus Plugin ID 131174
Language:
Synopsis
The remote Oracle Linux host is missing one or more security updates.Description
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4850 advisory.- vhost: make sure log_num < in_num (yongduan) [Orabug: 30312787] {CVE-2019-14835}
- vhost: block speculation of translated descriptors (Michael S. Tsirkin) [Orabug: 30312787] {CVE-2019-14835}
- net: hsr: fix memory leak in hsr_dev_finalize() (Mao Wenan) [Orabug: 30444853] {CVE-2019-16995}
- ieee802154: enforce CAP_NET_RAW for raw sockets (Ori Nimron) [Orabug: 30444946] {CVE-2019-17053}
- mISDN: enforce CAP_NET_RAW for raw sockets (Ori Nimron) [Orabug: 30445158] {CVE-2019-17055}
- net: sit: fix memory leak in sit_init_net() (Mao Wenan) [Orabug: 30445305] {CVE-2019-16994}
- media: dvb: usb: fix use after free in dvb_usb_device_exit (Oliver Neukum) [Orabug: 30490491] {CVE-2019-15213}
- media: cpia2_usb: first wake up, then free in disconnect (Oliver Neukum) [Orabug: 30511741] {CVE-2019-15215}
- media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap (Vandana BN) [Orabug:
30532774] {CVE-2019-15217}
- x86/tsx: Add config options to set tsx=on|off|auto (Michal Hocko) [Orabug: 30517133] {CVE-2019-11135}
- x86/speculation/taa: Add documentation for TSX Async Abort (Pawan Gupta) [Orabug: 30517133] {CVE-2019-11135}
- x86/tsx: Add 'auto' option to the tsx= cmdline parameter (Pawan Gupta) [Orabug: 30517133] {CVE-2019-11135}
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled (Pawan Gupta) [Orabug: 30517133] {CVE-2019-11135}
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort (Pawan Gupta) [Orabug: 30517133] {CVE-2019-11135}
- x86/speculation/taa: Add mitigation for TSX Async Abort (Kanth Ghatraju) [Orabug: 30517133] {CVE-2019-11135}
- x86/cpu: Add a 'tsx=' cmdline option with TSX disabled by default (Pawan Gupta) [Orabug: 30517133] {CVE-2019-11135}
- x86/cpu: Add a helper function x86_read_arch_cap_msr() (Pawan Gupta) [Orabug: 30517133] {CVE-2019-11135}
- x86/msr: Add the IA32_TSX_CTRL MSR (Pawan Gupta) [Orabug: 30517133] {CVE-2019-11135}
- kvm: x86: mmu: Recovery of shattered NX large pages (Junaid Shahid) [Orabug: 30517059] {CVE-2018-12207}
- kvm: Add helper function for creating VM worker threads (Junaid Shahid) [Orabug: 30517059] {CVE-2018-12207}
- kvm: mmu: ITLB_MULTIHIT mitigation (Paolo Bonzini) [Orabug: 30517059] {CVE-2018-12207}
- KVM: x86: remove now unneeded hugepage gfn adjustment (Paolo Bonzini) [Orabug: 30517059] {CVE-2018-12207}
- KVM: x86: make FNAME(fetch) and __direct_map more similar (Paolo Bonzini) [Orabug: 30517059] {CVE-2018-12207}
- kvm: x86: Do not release the page inside mmu_set_spte() (Junaid Shahid) [Orabug: 30517059] {CVE-2018-12207}
- x86/cpu: Add Tremont to the cpu vulnerability whitelist (Pawan Gupta) [Orabug: 30517059] {CVE-2018-12207}
- x86: Add ITLB_MULTIHIT bug infrastructure (Pawan Gupta) [Orabug: 30517059] {CVE-2018-12207}
- KVM: x86: MMU: Move mapping_level_dirty_bitmap() call in mapping_level() (Takuya Yoshikawa) [Orabug:
30517059] {CVE-2018-12207}
- Revert 'KVM: x86: use the fast way to invalidate all pages' (Sean Christopherson) [Orabug: 30517059] {CVE-2018-12207}
- kvm: Convert kvm_lock to a mutex (Junaid Shahid) [Orabug: 30517059] {CVE-2018-12207}
- KVM: x86: MMU: Simplify force_pt_level calculation code in FNAME(page_fault)() (Takuya Yoshikawa) [Orabug: 30517059] {CVE-2018-12207}
- KVM: x86: MMU: Make force_pt_level bool (Takuya Yoshikawa) [Orabug: 30517059] {CVE-2018-12207}
- KVM: x86: MMU: Remove unused parameter parent_pte from kvm_mmu_get_page() (Takuya Yoshikawa) [Orabug:
30517059] {CVE-2018-12207}
- KVM: x86: extend usage of RET_MMIO_PF_* constants (Paolo Bonzini) [Orabug: 30517059] {CVE-2018-12207}
- KVM: x86: MMU: Make mmu_set_spte() return emulate value (Takuya Yoshikawa) [Orabug: 30517059] {CVE-2018-12207}
- KVM: x86: MMU: Move parent_pte handling from kvm_mmu_get_page() to link_shadow_page() (Takuya Yoshikawa) [Orabug: 30517059] {CVE-2018-12207}
- KVM: x86: MMU: Move initialization of parent_ptes out from kvm_mmu_alloc_page() (Takuya Yoshikawa) [Orabug: 30517059] {CVE-2018-12207}
- i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA (Jeremy Compostella) [Orabug:
30210503] {CVE-2017-18551}
- net-sysfs: Fix mem leak in netdev_register_kobject (YueHaibing) [Orabug: 30350263] {CVE-2019-15916}
Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
Plugin Details
Severity: High
ID: 131174
File Name: oraclelinux_ELSA-2019-4850.nasl
Version: 1.9
Type: local
Agent: unix
Published: 11/21/2019
Updated: 10/24/2024
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.1
CVSS v2
Risk Factor: High
Base Score: 7.2
Temporal Score: 5.6
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2019-14835
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:oracle:linux:kernel-uek-debug-devel, cpe:/o:oracle:linux:7, p-cpe:/a:oracle:linux:kernel-uek-devel, p-cpe:/a:oracle:linux:kernel-uek-doc, p-cpe:/a:oracle:linux:kernel-uek-firmware, p-cpe:/a:oracle:linux:kernel-uek, p-cpe:/a:oracle:linux:kernel-uek-debug, cpe:/o:oracle:linux:6
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/OracleLinux
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 11/20/2019
Vulnerability Publication Date: 11/13/2017
Reference Information
CVE: CVE-2017-15102, CVE-2017-15128, CVE-2017-18551, CVE-2018-12207, CVE-2019-11135, CVE-2019-11478, CVE-2019-14284, CVE-2019-14835, CVE-2019-15213, CVE-2019-15215, CVE-2019-15217, CVE-2019-15916, CVE-2019-16994, CVE-2019-16995, CVE-2019-17053, CVE-2019-17055
IAVA: 2020-A-0325-S