Oracle Linux 6 : rdma (ELSA-2013-0509)

high Nessus Plugin ID 68748

Synopsis

The remote Oracle Linux host is missing one or more security updates.

Description

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0509 advisory.

ibacm [1.0.8-0.git7a3adb7]
- Update to latest upstream via git repo
- Resolves: bz866222, bz866223

ibsim [0.5-7]
- Bump and rebuild against latest opensm
- Related: bz756396

ibutils [1.5.7-7]
- Bump and rebuild against latest opensm
- Related: bz756396

infiniband-diags [1.5.12-5]
- Bump and rebuild against latest opensm
- Pick up fixes done for rhel5.9
- Related: bz756396

[1.5.12-4]
- Update the all_hcas patch to resolve several problems
- Give a simple help message to the ibnodes script
- Resolves: bz818606, bz847129

infinipath-psm [3.0.1-115.1015_open.1]
- New upstream releas Resolves: rhbz818789

libibmad [1.3.9-1]
- Update to latest upstream version (more SRIOV support)
- Related: bz756396

[1.3.8-1]
- Update to latest upstream version (for FDR link speed support)
- Related: bz750609

[1.3.7-1]
- Update to latest upstream version (1.3.4 -> 1.3.7)
- Related: bz725016

[1.3.4-1]
- New upstream version

[1.3.3-2]
- ExcludeArch s390(x) as there's no hardware support there

[1.3.3-1]
- Update to latest upstream release

[1.3.2-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

[1.3.2-1]
- Update to latest upstream version
- Require the same version of libibumad as our version

[1.3.1-1]
- Update to latest upstream version

[1.2.0-3]
- Rebuilt against libtool 2.2

[1.2.0-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

[1.2.0-1]
- Initial package for Fedora review process

libibumad [1.3.8-1]
- Update to latest upstream release (more SRIOV support)
- Related: bz756396

[1.3.7-1]
- Update to latest upstream version (1.3.4 -> 1.3.7)
- Related: bz725016

[1.3.4-1]
- New upstream release

[1.3.3-2]
- ExcludeArch s390(x) as there is no hardware support there

[1.3.3-1]
- Update to latest upstream version

[1.3.2-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

[1.3.2-2]
- Forgot to remove both instances of the libibcommon requires
- Add build requires on glibc-static

[1.3.2-1]
- Update to latest upstream version
- Remove requirement on libibcommon since that library is no longer needed
- Fix a problem with man page listing

[1.3.1-1]
- Update to latest upstream version

[1.2.0-3]
- Rebuilt against libtool 2.2

[1.2.0-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

[1.2.0-1]
- Initial package for Fedora review process

libibverbs [1.1.6-5]
- Don't print link state on iWARP links as it's always invalid
- Don't try to do ud transfers in excess of port MTU
- Resolves: bz822781

libmlx4 [1.0.4-1]
- Update to latest upstream version
- Related: bz756396

librdmacm [1.0.17-0.git4b5c1aa]
- Pre-release version of 1.0.17
- Resolves a CVE vulnerability between librdmacm and ibacm
- Fixes various minor bugs in sample programs
- Resolves: bz866221, bz816074

opensm [3.3.15-1]
- Update to latest upstream source (adds more SRIOV support)
- Fix init script when no config files are present
- Related: bz756396

[3.3.13-1]
- Update to latest upstream release
- Add patch to support specifying subnet_prefix on command lien
- Update init script to pass unique subnet_prefix's when using the GUID method of starting multiple instances
- Fix up LSB init script headers
- Resolves: bz754196

[3.3.12-1]
- Generate the opensm.conf file instead of shipping a static one as a source
- Update to latest upstream release (FDR link speed support)
- Resolves: bz750609

[3.3.9-1]
- Update to latest upstream version (3.3.5 -> 3.3.9)
- Add /etc/sysconfig/opensm for use by opensm init script
- Enable the ability to start more than one instance of opensm for multiple fabric support
- Enable the ability to start opensm with a priority other than default for support of backup opensm instances
- Related: bz725016
- Resolves: bz633392

[3.3.5-1]
- Update to latest upstream release. We need various defines in ib_types.h for the latest ibutils package to build properly, and the latest ibutils package is needed because we found licensing problems in the older tarballs during review.

[3.3.3-2]
- ExcludeArch s390(x) as there's no hardware support there

[3.3.3-1]
- Update to latest upstream release
- Minor tweaks to init script for LSB compliance

[3.3.2-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

[3.3.2-1]
- Update to latest upstream version

[3.3.1-1]
- Update to latest upstream version

[3.2.1-3]
- fix bare elifs to rebuild

[3.2.1-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

[3.2.1-1]
- Initial package for Fedora review process

rdma [3.6-1.0.2]
- Add SDP to rdma.conf and rdma.init

[3.6-1.0.1]
- Support Mellanox OFED 1.5.5

[3.6-1]
- Bump version to match final kernel submission

[3.6-0.rc5.1]
- Bump version to match kernel update submitted for rhel6.4

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://linux.oracle.com/errata/ELSA-2013-0509.html

Plugin Details

Severity: High

ID: 68748

File Name: oraclelinux_ELSA-2013-0509.nasl

Version: 1.9

Type: local

Agent: unix

Published: 7/12/2013

Updated: 10/22/2024

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Low

Base Score: 3.6

Temporal Score: 2.7

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:P

CVSS Score Source: CVE-2012-4518

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2012-4517

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:ibacm-devel, p-cpe:/a:oracle:linux:libmlx4, p-cpe:/a:oracle:linux:librdmacm-static, p-cpe:/a:oracle:linux:opensm-devel, p-cpe:/a:oracle:linux:infiniband-diags, p-cpe:/a:oracle:linux:libibverbs-devel, p-cpe:/a:oracle:linux:infinipath-psm, p-cpe:/a:oracle:linux:libibmad-devel, p-cpe:/a:oracle:linux:rdma, p-cpe:/a:oracle:linux:libibumad, p-cpe:/a:oracle:linux:libibumad-devel, p-cpe:/a:oracle:linux:ibsim, p-cpe:/a:oracle:linux:libibverbs, p-cpe:/a:oracle:linux:opensm-libs, p-cpe:/a:oracle:linux:ibutils, p-cpe:/a:oracle:linux:libibverbs-devel-static, p-cpe:/a:oracle:linux:ibutils-libs, p-cpe:/a:oracle:linux:librdmacm, p-cpe:/a:oracle:linux:librdmacm-utils, p-cpe:/a:oracle:linux:ibutils-devel, p-cpe:/a:oracle:linux:libibmad, p-cpe:/a:oracle:linux:infiniband-diags-devel-static, p-cpe:/a:oracle:linux:libibverbs-utils, p-cpe:/a:oracle:linux:opensm-static, p-cpe:/a:oracle:linux:opensm, p-cpe:/a:oracle:linux:ibacm, p-cpe:/a:oracle:linux:libmlx4-static, p-cpe:/a:oracle:linux:libibumad-static, p-cpe:/a:oracle:linux:infinipath-psm-devel, p-cpe:/a:oracle:linux:libibmad-static, p-cpe:/a:oracle:linux:infiniband-diags-devel, p-cpe:/a:oracle:linux:librdmacm-devel, cpe:/o:oracle:linux:6

Required KB Items: Host/local_checks_enabled, Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/25/2013

Vulnerability Publication Date: 10/22/2012

Reference Information

CVE: CVE-2012-4517, CVE-2012-4518

BID: 55890

RHSA: 2013:0509