Detections
Analytics

OracleVM 2.1 : udev (OVMSA-2009-0006)

high Nessus Plugin ID 79454

Language:

Synopsis

The remote OracleVM host is missing one or more security updates.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

CVE-2009-1185 udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.

 - fix for CVE-2009-1185 (bug #495051)

 - Resolves: rhbz#495055

 - removed zaptel rules (rhbz #294061)

 - fixed segfault for empty lines in passwd (rhbz#413831)

 - added patch for iscsi ids (Daniel Berrange) (rhbz#427640)

 - added /etc/sysconfig/udev-stw, which makes MODULES configurable (Jeff Bastian) (rhbz#437979)

 - added ext4 support to vol_id (rhbz#444528)

 - updated dasd_id from dasdinfo of s390-tools-1.6.2 (rhbz#430532)

 - Resolves: rhbz#294061, rhbz#413831, rhbz#427640

 - Resolves: rhbz#437979, rhbz#444528, rhbz#430532

 - scsi_id, retry open on EBUSY (rhbz#450279)

 - Resolves: rhbz#450279

 - set selinux context for .udev dirs and symlinks (rhbz#442886)

 - fixed rule for hp iLO2 virtual mouse device (rhbz#429215)

 - Resolves: rhbz#429215, rhbz#442886

 - fixed selinux context setting for symlinks (rhbz#441054)

 - Resolves: rhbz#441054

 - fixed regression bug rhbz#430667 introduced by fix for rhbz#275441

 - Resolves: rhbz#275441

 - added rule for hp iLO2 virtual mouse device (rhbz#429215)

 - Resolves: rhbz#429215

 - fix for looping vol_id, because of a malformed passwd (rhbz#425941)

 - revised fix for tape devices (rhbz#231990)

 - Resolves: rhbz#425941, rhbz#231990

 - moved 'ignore_device' for dm devices to 90-dm.rules (rhbz#275441)

 - added cciss support (rhbz#250484)

 - support more than 10 nst devices in the persistent rules (rhbz#231990)

 - extra double check for symlinks improved (rhbz#217917)

 - Resolves: rhbz#217917, rhbz#231990, rhbz#250484, rhbz#275441

 - do not fail, if EEXIST on symlink (#217917)

 - Resolves: rhbz#217917

 - corrected rules for tape devices (#231990)

 - Resolves: rhbz#231990

 - removed pie link flag from static build flags

 - Resolves: rhbz#233956, rhbz#233307, rhbz#226997, rhbz#236242

 - Resolves: rhbz#217917, rhbz#231990

 - added RPM_OPT_FLAGS and pie to static build flags

 - Resolves: rhbz#233956, rhbz#233307, rhbz#226997, rhbz#236242

 - Resolves: rhbz#217917, rhbz#231990

 - do not fail, if EEXIST on mkdir (#217917)

 - configure process numbers dynamically according to CPU and MEM (#226997)

 - link statically (#236242, #233307)

 - fixed rule for raw1394 (#233956)

 - added persistent device names for tape devices (#231990)

 - Resolves: rhbz#233956, rhbz#233307, rhbz#226997, rhbz#236242

 - Resolves: rhbz#217917, rhbz#231990

Solution

Update the affected libvolume_id / udev packages.

See Also

http://www.nessus.org/u?f660381b

Plugin Details

Severity: High

ID: 79454

File Name: oraclevm_OVMSA-2009-0006.nasl

Version: 1.10

Type: local

Published: 11/26/2014

Updated: 1/14/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 10.0

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 6.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:oracle:vm_server:2.1, p-cpe:/a:oracle:vm:udev, p-cpe:/a:oracle:vm:libvolume_id

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/27/2009

Vulnerability Publication Date: 4/17/2009

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (Linux udev Netlink Local Privilege Escalation)

Reference Information

CVE: CVE-2009-1185

BID: 34536

CWE: 20