Oracle Linux 8 : kernel (ELSA-2020-3010)

high Nessus Plugin ID 180898

Synopsis

The remote Oracle Linux host is missing one or more security updates.

Description

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3010 advisory.

- [vfio] vfio/pci: Fix SR-IOV VF handling with MMIO blocking (Alex Williamson) [1837309 1837310] {CVE-2020-12888}
- [x86] kvm: Clean up host's steal time structure (Jon Maloy) [1795128 1813987] {CVE-2019-3016}
- [x86] kvm: Make sure KVM_VCPU_FLUSH_TLB flag is not missed (Jon Maloy) [1795128 1813987] {CVE-2019-3016}
- [virt] x86/kvm: Cache gfn to pfn translation (Jon Maloy) [1795128 1813987] {CVE-2019-3016}
- [virt] x86/kvm: Introduce kvm_(un)map_gfn() (Jon Maloy) [1795128 1813987] {CVE-2019-3016}
- [x86] kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit (Jon Maloy) [1795128 1813987] {CVE-2019-3016}
- [x86] mm: Fix mremap not considering huge pmd devmap (Rafael Aquini) [1843440 1843441] {CVE-2020-10757}
- [x86] x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches (Waiman Long) [1847395 1847396] {CVE-2020-10768}
- [x86] x86/speculation: Prevent rogue cross-process SSBD shutdown (Waiman Long) [1847357 1847358] {CVE-2020-10766}
- [x86] x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS (Waiman Long) [1847378 1847379] {CVE-2020-10767}
- [x86] x86/speculation: Add support for STIBP always-on preferred mode (Waiman Long) [1847378 1847379] {CVE-2020-10767}
- [x86] x86/speculation: Change misspelled STIPB to STIBP (Waiman Long) [1847378 1847379] {CVE-2020-10767}
- [wireless] mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() (Jarod Wilson) [1844073 1844031] {CVE-2020-12654}
- [wireless] mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() (Jarod Wilson) [1844049 1844039] {CVE-2020-12653}
- [documentation] x86/speculation: Add Ivy Bridge to affected list (Josh Poimboeuf) [1827191 1827192] {CVE-2020-0543}
- [documentation] x86/speculation: Add SRBDS vulnerability and mitigation documentation (Josh Poimboeuf) [1827191 1827192] {CVE-2020-0543}
- [x86] x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Josh Poimboeuf) [1827191 1827192] {CVE-2020-0543}
- [x86] x86/cpu: Add 'table' argument to cpu_matches() (Josh Poimboeuf) [1827191 1827192] {CVE-2020-0543}
- [x86] x86/cpu: Add a steppings field to struct x86_cpu_id (Josh Poimboeuf) [1827191 1827192] {CVE-2020-0543}
- [vfio] vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (Alex Williamson) [1837309 1837310] {CVE-2020-12888}
- [vfio] vfio-pci: Fault mmaps to enable vma tracking (Alex Williamson) [1837309 1837310] {CVE-2020-12888}
- [vfio] vfio/type1: Support faulting PFNMAP vmas (Alex Williamson) [1837309 1837310] {CVE-2020-12888}
- [vfio] vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() (Alex Williamson) [1837309 1837310] {CVE-2020-12888}
- [vfio] vfio/pci: call irq_bypass_unregister_producer() before freeing irq (Alex Williamson) [1837309 1837310] {CVE-2020-12888}
- [vfio] vfio_pci: Enable memory accesses before calling pci_map_rom (Alex Williamson) [1837309 1837310] {CVE-2020-12888}
- [sound] ALSA: timer: Fix incorrectly assigned timer instance (Jaroslav Kysela) [1821714 1798468] {CVE-2019-19807}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://linux.oracle.com/errata/ELSA-2020-3010.html

Plugin Details

Severity: High

ID: 180898

File Name: oraclelinux_ELSA-2020-3010.nasl

Version: 1.2

Type: local

Agent: unix

Published: 9/7/2023

Updated: 11/1/2024

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2019-19807

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2020-12653

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:kernel-tools-libs-devel, p-cpe:/a:oracle:linux:kernel-devel, p-cpe:/a:oracle:linux:kernel-cross-headers, p-cpe:/a:oracle:linux:kernel-debug-modules, cpe:/o:oracle:linux:8, p-cpe:/a:oracle:linux:kernel-tools, p-cpe:/a:oracle:linux:kernel-debug-devel, p-cpe:/a:oracle:linux:kernel-headers, p-cpe:/a:oracle:linux:kernel-modules, p-cpe:/a:oracle:linux:kernel-debug, p-cpe:/a:oracle:linux:kernel-core, p-cpe:/a:oracle:linux:kernel-abi-whitelists, p-cpe:/a:oracle:linux:kernel-debug-modules-extra, p-cpe:/a:oracle:linux:python3-perf, p-cpe:/a:oracle:linux:bpftool, p-cpe:/a:oracle:linux:kernel-debug-core, p-cpe:/a:oracle:linux:perf, p-cpe:/a:oracle:linux:kernel-modules-extra, p-cpe:/a:oracle:linux:kernel-tools-libs, p-cpe:/a:oracle:linux:kernel

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/OracleLinux

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/24/2020

Vulnerability Publication Date: 12/15/2019

Reference Information

CVE: CVE-2019-19807, CVE-2019-3016, CVE-2020-10757, CVE-2020-10766, CVE-2020-10767, CVE-2020-10768, CVE-2020-12653, CVE-2020-12654, CVE-2020-12888