OracleVM 3.1 : xen (OVMSA-2013-0009)

medium Nessus Plugin ID 79498

Synopsis

The remote OracleVM host is missing one or more security updates.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

- oxenstored incorrect handling of certain Xenbus ring states Xen Security Advisory 38 (CVE-2013-0215) Patch xsa38.patch The oxenstored daemon (the ocaml version of the xenstore daemon) does not correctly handle unusual or malicious contents in the xenstore ring. A malicious guest can exploit this to cause oxenstored to read past the end of the ring (and very likely crash) or to allocate large amounts of RAM. Signed-off-by Chuck Anderson (CVE-2013-0215)

- ACPI: acpi_table_parse should return handler's error code Currently, the error code returned by acpi_table_parse's handler is ignored. This patch will propagate handler's return value to acpi_table_parse's caller. AMD,IOMMU: Clean up old entries in remapping tables when creating new interrupt mapping. When changing the affinity of an IRQ associated with a passed through PCI device, clear previous mapping. In addition, because some BIOSes may incorrectly program IVRS entries for IOAPIC try to check for entry's consistency.
Specifically, if conflicting entries are found disable IOMMU if per-device remapping table is used. If entries refer to bogus IOAPIC IDs disable IOMMU unconditionally AMD,IOMMU: Disable IOMMU if SATA Combined mode is on AMD's SP5100 chipset can be placed into SATA Combined mode that may cause prevent dom0 from booting when IOMMU is enabled and per-device interrupt remapping table is used. While SP5100 erratum 28 requires BIOSes to disable this mode, some may still use it. This patch checks whether this mode is on and, if per-device table is in use, disables IOMMU. AMD,IOMMU: Make per-device interrupt remapping table default Using global interrupt remapping table may be insecure, as described by XSA-36.
This patch makes per-device mode default. This is XSA-36 / CVE-2013-0153. (CVE-2013-0153)

Solution

Update the affected xen / xen-devel / xen-tools packages.

See Also

http://www.nessus.org/u?2b9fce8b

Plugin Details

Severity: Medium

ID: 79498

File Name: oraclevm_OVMSA-2013-0009.nasl

Version: 1.4

Type: local

Published: 11/26/2014

Updated: 1/4/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 4.7

Temporal Score: 4.1

Vector: CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:xen, p-cpe:/a:oracle:vm:xen-devel, p-cpe:/a:oracle:vm:xen-tools, cpe:/o:oracle:vm_server:3.1

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 2/7/2013

Vulnerability Publication Date: 2/14/2013

Reference Information

CVE: CVE-2013-0153, CVE-2013-0215

BID: 57742, 57745