Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2020-5715)

critical Nessus Plugin ID 137291

Synopsis

The remote Oracle Linux host is missing one or more security updates.

Description

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5715 advisory.

- x86/speculation: Add SRBDS vulnerability and mitigation documentation (Mark Gross) [Orabug: 31422209] {CVE-2020-0543}
- x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Mark Gross) [Orabug:
31422209] {CVE-2020-0543}
- x86/cpu: Add 'table' argument to cpu_matches() (Mark Gross) [Orabug: 31422209] {CVE-2020-0543}
- x86/cpu: Add a steppings field to struct x86_cpu_id (Mark Gross) [Orabug: 31422209] {CVE-2020-0543}
- libertas: Fix two buffer overflows at parsing bss descriptor (Wen Huang) [Orabug: 31351306] {CVE-2019-14896} {CVE-2019-14897} {CVE-2019-14897}
- KVM: SVM: Fix potential memory leak in svm_cpu_init() (Miaohe Lin) [Orabug: 31350457] {CVE-2020-12768}
- net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq (Navid Emamdoost) [Orabug: 31301340] {CVE-2019-19045}
- mdio_bus: Fix use-after-free on device_register fails (YueHaibing) [Orabug: 31222291] {CVE-2019-12819}
- USB: core: Fix races in character device registration and deregistraion (Alan Stern) [Orabug: 31317666] {CVE-2019-19537}
- mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring (Navid Emamdoost) [Orabug: 31263146] {CVE-2019-19057}
- mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf (Navid Emamdoost) [Orabug: 31246301] {CVE-2019-19056}
- media: technisat-usb2: break out of loop at end of buffer (Sean Young) [Orabug: 31224553] {CVE-2019-15505}
- Input: ff-memless - kill timer in destroy() (Oliver Neukum) [Orabug: 31213690] {CVE-2019-19524}
- Input: add safety guards to input_set_keycode() (Dmitry Torokhov) [Orabug: 31200557] {CVE-2019-20636}
- brcmfmac: add subtype check for event handling in data path (Arend van Spriel) [Orabug: 31234675] {CVE-2019-9503}
- iwlwifi: dbg_ini: fix memory leak in alloc_sgtable (Navid Emamdoost) [Orabug: 31233656] {CVE-2019-19058}
- coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping (Andrea Arcangeli) [Orabug: 31222107] {CVE-2019-11599}
- ext4: add more paranoia checking in ext4_expand_extra_isize handling (Theodore Tso) [Orabug: 31218807] {CVE-2019-19767}
- ext4: fix use-after-free race with debug_want_extra_isize (Barret Rhoden) [Orabug: 31218807] {CVE-2019-19767}
- media: xirlink_cit: add missing descriptor sanity checks (Johan Hovold) [Orabug: 31213766] {CVE-2020-11668}
- media: ov519: add missing endpoint sanity checks (Johan Hovold) [Orabug: 31213757] {CVE-2020-11608}
- media: stv06xx: add missing descriptor sanity checks (Johan Hovold) [Orabug: 31200578] {CVE-2020-11609}
- net/flow_dissector: switch to siphash (Eric Dumazet) [Orabug: 30872863] {CVE-2019-18282}
- brcmfmac: assure SSID length from firmware is limited (Arend van Spriel) [Orabug: 30872843] {CVE-2019-9500}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://linux.oracle.com/errata/ELSA-2020-5715.html

Plugin Details

Severity: Critical

ID: 137291

File Name: oraclelinux_ELSA-2020-5715.nasl

Version: 1.6

Type: local

Agent: unix

Published: 6/10/2020

Updated: 11/1/2024

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2019-15505

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:kernel-uek-headers, p-cpe:/a:oracle:linux:kernel-uek-debug-devel, p-cpe:/a:oracle:linux:perf, p-cpe:/a:oracle:linux:kernel-uek-devel, cpe:/o:oracle:linux:7, p-cpe:/a:oracle:linux:kernel-uek-tools-libs-devel, p-cpe:/a:oracle:linux:kernel-uek-doc, p-cpe:/a:oracle:linux:python-perf, p-cpe:/a:oracle:linux:kernel-uek-tools, p-cpe:/a:oracle:linux:kernel-uek-tools-libs, p-cpe:/a:oracle:linux:kernel-uek, p-cpe:/a:oracle:linux:kernel-uek-debug

Required KB Items: Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list, Host/local_checks_enabled

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/9/2020

Vulnerability Publication Date: 4/17/2019

Reference Information

CVE: CVE-2019-11599, CVE-2019-12819, CVE-2019-14896, CVE-2019-14897, CVE-2019-15505, CVE-2019-18282, CVE-2019-19045, CVE-2019-19056, CVE-2019-19057, CVE-2019-19058, CVE-2019-19524, CVE-2019-19537, CVE-2019-19767, CVE-2019-20636, CVE-2019-9500, CVE-2019-9503, CVE-2020-0543, CVE-2020-11609, CVE-2020-11668, CVE-2020-12768