Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLEVM_OVMSA-2015-0034.NASL
HistoryMar 18, 2015 - 12:00 a.m.

OracleVM 3.3 : kernel-uek (OVMSA-2015-0034)

2015-03-1800:00:00
This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20
JSON

The remote OracleVM system is missing necessary patches to address critical security updates :

  • kvm: fix excessive pages un-pinning in kvm_iommu_map error path. (Quentin Casasnovas) [Orabug: 20687313] (CVE-2014-3601) (CVE-2014-8369) (CVE-2014-3601)

  • ttusb-dec: buffer overflow in ioctl (Dan Carpenter) [Orabug: 20673376] (CVE-2014-8884)

  • mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support (Kirill A. Shutemov) [Orabug: 20673281] (CVE-2014-8173)

  • netfilter: conntrack: disable generic tracking for known protocols (Florian Westphal) [Orabug: 20673239] (CVE-2014-8160)

  • tracing/syscalls: Ignore numbers outside NR_syscalls’ range (Rabin Vincent) [Orabug: 20673163] (CVE-2014-7826)

  • uek-rpm: ol7: update update-el to 7.1 (Guangyu Sun) [Orabug: 20524579]

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The package checks in this plugin were extracted from OracleVM
# Security Advisory OVMSA-2015-0034.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(81904);
  script_version("1.10");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");

  script_cve_id("CVE-2014-3601", "CVE-2014-7826", "CVE-2014-8160", "CVE-2014-8173", "CVE-2014-8369", "CVE-2014-8884");
  script_bugtraq_id(69489, 70747, 70749, 70971, 71097, 72061, 73133);

  script_name(english:"OracleVM 3.3 : kernel-uek (OVMSA-2015-0034)");
  script_summary(english:"Checks the RPM output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis",
    value:"The remote OracleVM host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description",
    value:
"The remote OracleVM system is missing necessary patches to address
critical security updates :

  - kvm: fix excessive pages un-pinning in kvm_iommu_map
    error path. (Quentin Casasnovas) [Orabug: 20687313]
    (CVE-2014-3601) (CVE-2014-8369) (CVE-2014-3601)

  - ttusb-dec: buffer overflow in ioctl (Dan Carpenter)
    [Orabug: 20673376] (CVE-2014-8884)

  - mm: Fix NULL pointer dereference in
    madvise(MADV_WILLNEED) support (Kirill A. Shutemov)
    [Orabug: 20673281] (CVE-2014-8173)

  - netfilter: conntrack: disable generic tracking for known
    protocols (Florian Westphal) [Orabug: 20673239]
    (CVE-2014-8160)

  - tracing/syscalls: Ignore numbers outside NR_syscalls'
    range (Rabin Vincent) [Orabug: 20673163] (CVE-2014-7826)

  - uek-rpm: ol7: update update-el to 7.1 (Guangyu Sun)
    [Orabug: 20524579]"
  );
  # https://oss.oracle.com/pipermail/oraclevm-errata/2015-March/000285.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?9dc7578d"
  );
  script_set_attribute(
    attribute:"solution",
    value:"Update the affected kernel-uek / kernel-uek-firmware packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:kernel-uek");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:kernel-uek-firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:vm_server:3.3");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/09/01");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/03/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/18");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"OracleVM Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/OracleVM/release", "Host/OracleVM/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/OracleVM/release");
if (isnull(release) || "OVS" >!< release) audit(AUDIT_OS_NOT, "OracleVM");
if (! preg(pattern:"^OVS" + "3\.3" + "(\.[0-9]|$)", string:release)) audit(AUDIT_OS_NOT, "OracleVM 3.3", "OracleVM " + release);
if (!get_kb_item("Host/OracleVM/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "OracleVM", cpu);
if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);

flag = 0;
if (rpm_check(release:"OVS3.3", reference:"kernel-uek-3.8.13-55.1.8.el6uek")) flag++;
if (rpm_check(release:"OVS3.3", reference:"kernel-uek-firmware-3.8.13-55.1.8.el6uek")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel-uek / kernel-uek-firmware");
}
VendorProductVersionCPE
oraclevmkernel-uekp-cpe:/a:oracle:vm:kernel-uek
oraclevmkernel-uek-firmwarep-cpe:/a:oracle:vm:kernel-uek-firmware
oraclevm_server3.3cpe:/o:oracle:vm_server:3.3

Related

oraclelinux 8
openvas 54
nessus 45
prion 6
ubuntucve 6
cve 6
debiancve 6
centos 3
redhat 5
f5 8
securityvulns 5
debian 2
osv 1
ubuntu 18
archlinux 2
veracode 5
mageia 11
suse 7
fedora 1
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2015-03-13 00:00:00
Unbreakable Enterprise kernel security update
2015-03-13 00:00:00
Unbreakable Enterprise kernel security update
2015-03-13 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2015-3013)
2015-10-06 00:00:00
Oracle: Security Advisory (ELSA-2015-3014)
2015-10-06 00:00:00
RedHat Update for kernel RHSA-2015:0674-01
2015-03-12 00:00:00
nessus
nessus
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2015-3013)
2015-03-17 00:00:00
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2015-3014)
2015-03-17 00:00:00
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2015-3015)
2015-03-17 00:00:00
prion
prion
Design/Logic Flaw
2014-11-10 11:55:00
Null pointer dereference
2015-03-16 10:59:00
Stack overflow
2014-11-30 01:59:00
ubuntucve
ubuntucve
CVE-2014-8369
2014-11-10 00:00:00
CVE-2014-8173
2015-03-16 00:00:00
CVE-2014-8160
2014-12-31 00:00:00
cve
cve
CVE-2014-8369
2014-11-10 11:55:00
CVE-2014-8173
2015-03-16 10:59:00
CVE-2014-8884
2014-11-30 01:59:00
debiancve
debiancve
CVE-2014-8369
2014-11-10 11:55:00
CVE-2014-8173
2015-03-16 10:59:00
CVE-2014-8884
2014-11-30 01:59:00
centos
centos
kernel, perf, python security update
2015-03-12 15:31:30
kernel, perf, python security update
2015-03-17 13:28:28
kernel, perf, python security update
2015-04-22 09:51:52
redhat
redhat
(RHSA-2015:0674) Important: kernel security and bug fix update
2015-03-11 00:00:00
(RHSA-2015:0290) Important: kernel security, bug fix, and enhancement update
2015-03-05 00:00:00
(RHSA-2015:0864) Important: kernel security and bug fix update
2015-04-21 00:00:00
f5
f5
SOL16478 - Linux kernel vulnerabilities CVE-2014-8159 and CVE-2014-8369
2015-04-22 00:00:00
K16478 : Linux kernel vulnerabilities CVE-2014-8159 and CVE-2014-8369
2015-04-22 00:00:00
K16558 : Linux kernel vulnerability CVE-2014-8884
2015-05-08 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3093-1] linux security update
2014-12-11 00:00:00
Linux kernel multiple security vulnerabilities
2014-12-21 00:00:00
[ MDVSA-2014:230 ] kernel
2014-11-30 00:00:00
debian
debian
[SECURITY] [DSA 3093-1] linux security update
2014-12-08 21:09:15
[SECURITY] [DSA 3093-1] linux security update
2014-12-08 21:09:15
osv
osv
linux - security update
2014-12-08 00:00:00
ubuntu
ubuntu
Linux kernel (OMAP4) vulnerabilities
2014-12-12 00:00:00
Linux kernel vulnerabilities
2014-12-12 00:00:00
Linux kernel vulnerabilities
2015-01-13 00:00:00
archlinux
archlinux
linux-lts: local denial of service, privilege escalation
2014-11-17 00:00:00
linux: local denial of service, privilege escalation
2014-11-17 00:00:00
veracode
veracode
NULL Pointer Dereference
2019-05-02 05:12:38
Privilege Escalation
2019-05-02 05:05:48
Denial Of Service (DoS)
2019-05-02 05:12:38
mageia
mageia
Updated kernel & related packages provide 3.10 longterm support branch
2014-09-28 16:17:31
Updated kernel packages fix security vulnerabilities
2015-05-11 23:10:38
Updated kernel-linus packages fix security vulnerabilities
2015-05-13 20:18:54
suse
suse
Security update for the Linux Kernel (important)
2015-04-13 14:17:21
Security update for Linux kernel (important)
2014-12-23 19:06:22
Security update for Linux kernel (important)
2014-12-24 08:08:49
fedora
fedora
[SECURITY] Fedora 21 Update: kernel-3.17.3-300.fc21
2014-11-18 12:17:53
JSON
Related for ORACLEVM_OVMSA-2015-0034.NASL
oraclelinux8openvas54nessus45prion6ubuntucve6cve6debiancve6centos3redhat5f58securityvulns5debian2osv1ubuntu18archlinux2veracode5mageia11suse7fedora1