Detections
Analytics

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2020-5755)

high Nessus Plugin ID 138418

Language:

Synopsis

The remote Oracle Linux host is missing one or more security updates.

Description

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5755 advisory.

 - p54usb: Fix race between disconnect and firmware loading (Alan Stern) [Orabug: 31351863] {CVE-2019-15220}
 - media: rc: prevent memory leak in cx23888_ir_probe (Navid Emamdoost) [Orabug: 31351671] {CVE-2019-19054}
 - mm: Fix mremap not considering huge pmd devmap (Fan Yang) [Orabug: 31452398] {CVE-2020-10757} {CVE-2020-10757}
 - bpf: fix sanitation of alu op with pointer / scalar type from different paths (Daniel Borkmann) [Orabug: 31350800] {CVE-2019-7308}
 - bpf: prevent out of bounds speculation on pointer arithmetic (Daniel Borkmann) [Orabug: 31350800] {CVE-2019-7308}
 - bpf: restrict unknown scalars of mixed signed bounds for unprivileged (Daniel Borkmann) [Orabug:
 31350800] {CVE-2019-7308}
 - bpf: move {prev_,}insn_idx into verifier env (Daniel Borkmann) [Orabug: 31350800] {CVE-2019-7308}
 - bpf: reduce verifier memory consumption (Alexei Starovoitov) [Orabug: 31350800] {CVE-2019-7308}
 - bpf: Prevent memory disambiguation attack (Alexei Starovoitov) [Orabug: 31350800] {CVE-2019-7308}
 - media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() (Tomas Bortoli) [Orabug: 31351117] {CVE-2019-19533}
 - ALSA: core: Fix card races between register and disconnect (Takashi Iwai) [Orabug: 31351890] {CVE-2019-15214}
 - ALSA: info: Fix racy addition/deletion of nodes (Takashi Iwai) [Orabug: 31351890] {CVE-2019-15214}
 - x86/speculation: Add SRBDS vulnerability and mitigation documentation (Mark Gross) [Orabug: 31352781] {CVE-2020-0543}
 - x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Mark Gross) [Orabug:
 31352781] {CVE-2020-0543}
 - x86/cpu: Add 'table' argument to cpu_matches() (Mark Gross) [Orabug: 31352781] {CVE-2020-0543}
 - x86/cpu: Add a steppings field to struct x86_cpu_id (Mark Gross) [Orabug: 31352781] {CVE-2020-0543}
 - can: peak_usb: fix slab info leak (Johan Hovold) [Orabug: 31351139] {CVE-2019-19534}
 - can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices (Tomas Bortoli) [Orabug: 31351248] {CVE-2019-19536}
 - netlabel: cope with NULL catmap (Paolo Abeni) [Orabug: 31350492] {CVE-2020-10711}
 - mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() (Qing Xu) [Orabug: 31350516] {CVE-2020-12654}
 - scsi: sg: add sg_remove_request in sg_write (Wu Bo) [Orabug: 31350698] {CVE-2020-12770}
 - block, bfq: fix use-after-free in bfq_idle_slice_timer_body (Zhiqiang Liu) [Orabug: 31350912] {CVE-2020-12657}
 - mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() (Qing Xu) [Orabug: 31350931] {CVE-2020-12653}
 - USB: core: Fix free-while-in-use bug in the USB S-Glibrary (Alan Stern) [Orabug: 31350965] {CVE-2020-12464}
 - xfs: add agf freeblocks verify in xfs_agf_verify (Zheng Bin) [Orabug: 31350922] {CVE-2020-12655}
 - mwifiex: Abort at too short BSS descriptor element (Takashi Iwai) [Orabug: 31351915] {CVE-2019-3846}
 - mwifiex: Fix possible buffer overflows at parsing bss descriptor (Takashi Iwai) [Orabug: 31351915] {CVE-2019-3846} {CVE-2019-3846}
 - scsi: mptfusion: Fix double fetch bug in ioctl (Dan Carpenter) [Orabug: 31350940] {CVE-2020-12652}
 - ptp: fix the race between the release of ptp_clock and cdev (Vladis Dronov) [Orabug: 31350706] {CVE-2020-10690}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://linux.oracle.com/errata/ELSA-2020-5755.html

Plugin Details

Severity: High

ID: 138418

File Name: oraclelinux_ELSA-2020-5755.nasl

Version: 1.6

Type: local

Agent: unix

Published: 7/14/2020

Updated: 11/1/2024

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 6.5

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2019-3846

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:kernel-uek-headers, p-cpe:/a:oracle:linux:kernel-uek-debug-devel, p-cpe:/a:oracle:linux:perf, p-cpe:/a:oracle:linux:kernel-uek-devel, cpe:/o:oracle:linux:7, p-cpe:/a:oracle:linux:kernel-uek-tools-libs-devel, p-cpe:/a:oracle:linux:kernel-uek-doc, p-cpe:/a:oracle:linux:python-perf, p-cpe:/a:oracle:linux:kernel-uek-tools, p-cpe:/a:oracle:linux:kernel-uek-tools-libs, p-cpe:/a:oracle:linux:kernel-uek, p-cpe:/a:oracle:linux:kernel-uek-debug

Required KB Items: Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list, Host/local_checks_enabled

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/10/2020

Vulnerability Publication Date: 1/31/2019

Reference Information

CVE: CVE-2019-15214, CVE-2019-15220, CVE-2019-19054, CVE-2019-19533, CVE-2019-19534, CVE-2019-19536, CVE-2019-3846, CVE-2019-7308, CVE-2020-0543, CVE-2020-10690, CVE-2020-10711, CVE-2020-10757, CVE-2020-12464, CVE-2020-12652, CVE-2020-12653, CVE-2020-12654, CVE-2020-12655, CVE-2020-12657, CVE-2020-12770