Detections
Analytics

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.10)

high Nessus Plugin ID 164558

Language:

Synopsis

The Nutanix AOS host is affected by multiple vulnerabilities .

Description

The version of AOS installed on the remote host is prior to 5.10. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.10 advisory.

 - An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system. (CVE-2019-14821)

 - In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting. Specifically, by adding to a write queue between disconnection and re-connection, a local attacker can trigger multiple use-after-free conditions. This can result in a kernel crash, or potentially in privilege escalation.
 NOTE: this affects (for example) Linux distributions that use 4.9.x longterm kernels before 4.9.190 or 4.14.x longterm kernels before 4.14.139. (CVE-2019-15239)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the Nutanix AOS software to recommended version.

See Also

http://www.nessus.org/u?feeda9d8

Plugin Details

Severity: High

ID: 164558

File Name: nutanix_NXSA-AOS-5_10.nasl

Version: 1.7

Type: local

Family: Misc.

Published: 9/1/2022

Updated: 3/6/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2019-15239

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2019-14821

Vulnerability Information

CPE: cpe:/o:nutanix:aos

Required KB Items: Host/Nutanix/Data/lts, Host/Nutanix/Data/Service, Host/Nutanix/Data/Version, Host/Nutanix/Data/arch

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/24/2022

Vulnerability Publication Date: 8/20/2019

Reference Information

CVE: CVE-2019-14821, CVE-2019-15239