ID ORACLEVM_OVMSA-2016-0173.NASL
Type nessus
Reporter Tenable
Modified 2018-11-19T00:00:00
Description
The remote OracleVM system is missing necessary patches to address
critical security updates :
- qemu: ioport_read, ioport_write: be defensive about
32-bit addresses master XSA-199 [OraBug: 25119498]
#
# (C) Tenable Network Security, Inc.
#
# The package checks in this plugin were extracted from OracleVM
# Security Advisory OVMSA-2016-0173.
#
include("compat.inc");
if (description)
{
script_id(95620);
script_version("3.3");
script_cvs_date("Date: 2018/11/19 16:36:34");
script_name(english:"OracleVM 3.4 : xen (OVMSA-2016-0173)");
script_summary(english:"Checks the RPM output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote OracleVM host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"The remote OracleVM system is missing necessary patches to address
critical security updates :
- qemu: ioport_read, ioport_write: be defensive about
32-bit addresses master XSA-199 [OraBug: 25119498]"
);
# https://oss.oracle.com/pipermail/oraclevm-errata/2016-December/000597.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?6104821f"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected xen / xen-tools packages."
);
script_set_attribute(attribute:"risk_factor", value:"High");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:xen");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:xen-tools");
script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:vm_server:3.4");
script_set_attribute(attribute:"patch_publication_date", value:"2016/12/07");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/12/08");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"OracleVM Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/OracleVM/release", "Host/OracleVM/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/OracleVM/release");
if (isnull(release) || "OVS" >!< release) audit(AUDIT_OS_NOT, "OracleVM");
if (! ereg(pattern:"^OVS" + "3\.4" + "(\.[0-9]|$)", string:release)) audit(AUDIT_OS_NOT, "OracleVM 3.4", "OracleVM " + release);
if (!get_kb_item("Host/OracleVM/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "OracleVM", cpu);
if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);
flag = 0;
if (rpm_exists(rpm:"xen-4.4.4-105", release:"OVS3.4") && rpm_check(release:"OVS3.4", reference:"xen-4.4.4-105.0.2.1.el6")) flag++;
if (rpm_exists(rpm:"xen-tools-4.4.4-105", release:"OVS3.4") && rpm_check(release:"OVS3.4", reference:"xen-tools-4.4.4-105.0.2.1.el6")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xen / xen-tools");
}
{"id": "ORACLEVM_OVMSA-2016-0173.NASL", "bulletinFamily": "scanner", "title": "OracleVM 3.4 : xen (OVMSA-2016-0173)", "description": "The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - qemu: ioport_read, ioport_write: be defensive about\n 32-bit addresses master XSA-199 [OraBug: 25119498]", "published": "2016-12-08T00:00:00", "modified": "2018-11-19T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=95620", "reporter": "Tenable", "references": ["http://www.nessus.org/u?6104821f"], "cvelist": [], "type": "nessus", "lastseen": "2019-01-16T20:25:33", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - qemu: ioport_read, ioport_write: be defensive about 32-bit addresses master XSA-199 [OraBug: 25119498]", "edition": 3, "enchantments": {}, "hash": "1c1b0e838c5dccdfcea4e2801aa2792b436f5684dc881b5f656b98fb0de91403", "hashmap": [{"hash": "9e33ebe844d7e88ee97bfa9301de7569", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "63d4fd9a95be526174d65f5ab80055d7", "key": "naslFamily"}, {"hash": "960b81abc49634fdc51d32a137f6637d", "key": "modified"}, {"hash": "0c70f99fb718b8ef3906a2e2ecfddb58", "key": "references"}, {"hash": "5ff9daa2b99a96ed3271e0445c001c7b", "key": "sourceData"}, {"hash": "77d8b92f7e4ad09337545800164f0737", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8037f56d4d98ec6b5e687bc34cd58867", "key": "description"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "f73a7def4acb756ae33e8fc8d23622eb", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "fd6fdbbbebbdde2720bb46b1e0cf6af8", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=95620", "id": "ORACLEVM_OVMSA-2016-0173.NASL", "lastseen": "2017-02-17T01:04:30", "modified": "2017-02-14T00:00:00", "naslFamily": "OracleVM Local Security Checks", "objectVersion": "1.2", "pluginID": "95620", "published": "2016-12-08T00:00:00", "references": ["http://www.nessus.org/u?6104821f"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2016-0173.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95620);\n script_version(\"$Revision: 3.2 $\");\n script_cvs_date(\"$Date: 2017/02/14 17:23:20 $\");\n\n script_name(english:\"OracleVM 3.4 : xen (OVMSA-2016-0173)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - qemu: ioport_read, ioport_write: be defensive about\n 32-bit addresses master XSA-199 [OraBug: 25119498]\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2016-December/000597.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6104821f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xen / xen-tools packages.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! ereg(pattern:\"^OVS\" + \"3\\.4\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.4\", reference:\"xen-4.4.4-105.0.2.1.el6\")) flag++;\nif (rpm_check(release:\"OVS3.4\", reference:\"xen-tools-4.4.4-105.0.2.1.el6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen / xen-tools\");\n}\n", "title": "OracleVM 3.4 : xen (OVMSA-2016-0173)", "type": "nessus", "viewCount": 1}, "differentElements": ["cpe"], "edition": 3, "lastseen": "2017-02-17T01:04:30"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:oracle:vm_server:3.4", "p-cpe:/a:oracle:vm:xen", "p-cpe:/a:oracle:vm:xen-tools"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - qemu: ioport_read, ioport_write: be defensive about 32-bit addresses master XSA-199 [OraBug: 25119498]", "edition": 4, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "1281a15568c061e40d1adc2b989e54bd398a6657490272c75d541e260744a403", "hashmap": [{"hash": "9e33ebe844d7e88ee97bfa9301de7569", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "63d4fd9a95be526174d65f5ab80055d7", "key": "naslFamily"}, {"hash": "960b81abc49634fdc51d32a137f6637d", "key": "modified"}, {"hash": "0c70f99fb718b8ef3906a2e2ecfddb58", "key": "references"}, {"hash": "5ff9daa2b99a96ed3271e0445c001c7b", "key": "sourceData"}, {"hash": "77d8b92f7e4ad09337545800164f0737", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8037f56d4d98ec6b5e687bc34cd58867", "key": "description"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "f73a7def4acb756ae33e8fc8d23622eb", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "fd6fdbbbebbdde2720bb46b1e0cf6af8", "key": "title"}, {"hash": "8b9f10f18591da16417a9436b16c9610", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=95620", "id": "ORACLEVM_OVMSA-2016-0173.NASL", "lastseen": "2017-10-29T13:42:48", "modified": "2017-02-14T00:00:00", "naslFamily": "OracleVM Local Security Checks", "objectVersion": "1.3", "pluginID": "95620", "published": "2016-12-08T00:00:00", "references": ["http://www.nessus.org/u?6104821f"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2016-0173.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95620);\n script_version(\"$Revision: 3.2 $\");\n script_cvs_date(\"$Date: 2017/02/14 17:23:20 $\");\n\n script_name(english:\"OracleVM 3.4 : xen (OVMSA-2016-0173)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - qemu: ioport_read, ioport_write: be defensive about\n 32-bit addresses master XSA-199 [OraBug: 25119498]\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2016-December/000597.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6104821f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xen / xen-tools packages.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! ereg(pattern:\"^OVS\" + \"3\\.4\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.4\", reference:\"xen-4.4.4-105.0.2.1.el6\")) flag++;\nif (rpm_check(release:\"OVS3.4\", reference:\"xen-tools-4.4.4-105.0.2.1.el6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen / xen-tools\");\n}\n", "title": "OracleVM 3.4 : xen (OVMSA-2016-0173)", "type": "nessus", "viewCount": 1}, "differentElements": ["modified", "sourceData"], "edition": 4, "lastseen": "2017-10-29T13:42:48"}, {"bulletin": {"bulletinFamily": "exploit", "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - qemu: ioport_read, ioport_write: be defensive about 32-bit addresses master XSA-199 [OraBug: 25119498]", "edition": 2, "hash": "4b1a971f85b95180778bfc8a4482bf12d2a1d95f7b6dae65718920ab5a8d1c8c", "hashmap": [{"hash": "9e33ebe844d7e88ee97bfa9301de7569", "key": "href"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "f73a7def4acb756ae33e8fc8d23622eb", "key": "modified"}, {"hash": "63d4fd9a95be526174d65f5ab80055d7", "key": "naslFamily"}, {"hash": "0c70f99fb718b8ef3906a2e2ecfddb58", "key": "references"}, {"hash": "5ff9daa2b99a96ed3271e0445c001c7b", "key": "sourceData"}, {"hash": "77d8b92f7e4ad09337545800164f0737", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8037f56d4d98ec6b5e687bc34cd58867", "key": "description"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "f73a7def4acb756ae33e8fc8d23622eb", "key": "published"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "fd6fdbbbebbdde2720bb46b1e0cf6af8", "key": "title"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=95620", "id": "ORACLEVM_OVMSA-2016-0173.NASL", "lastseen": "2017-02-14T23:03:45", "modified": "2016-12-08T00:00:00", "naslFamily": "OracleVM Local Security Checks", "objectVersion": "1.2", "pluginID": "95620", "published": "2016-12-08T00:00:00", "references": ["http://www.nessus.org/u?6104821f"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2016-0173.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95620);\n script_version(\"$Revision: 3.2 $\");\n script_cvs_date(\"$Date: 2017/02/14 17:23:20 $\");\n\n script_name(english:\"OracleVM 3.4 : xen (OVMSA-2016-0173)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - qemu: ioport_read, ioport_write: be defensive about\n 32-bit addresses master XSA-199 [OraBug: 25119498]\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2016-December/000597.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6104821f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xen / xen-tools packages.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! ereg(pattern:\"^OVS\" + \"3\\.4\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.4\", reference:\"xen-4.4.4-105.0.2.1.el6\")) flag++;\nif (rpm_check(release:\"OVS3.4\", reference:\"xen-tools-4.4.4-105.0.2.1.el6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen / xen-tools\");\n}\n", "title": "OracleVM 3.4 : xen (OVMSA-2016-0173)", "type": "nessus", "viewCount": 1}, "differentElements": ["modified"], "edition": 2, "lastseen": "2017-02-14T23:03:45"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:oracle:vm_server:3.4", "p-cpe:/a:oracle:vm:xen", "p-cpe:/a:oracle:vm:xen-tools"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - qemu: ioport_read, ioport_write: be defensive about 32-bit addresses master XSA-199 [OraBug: 25119498]", "edition": 5, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "1b3c699b03faf6497872a733844e5813ffc71892a22b8bd72ab5f087a4ed0ef6", "hashmap": [{"hash": "9e33ebe844d7e88ee97bfa9301de7569", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "5d271ede8106ea079ca87703966309c1", "key": "sourceData"}, {"hash": "63d4fd9a95be526174d65f5ab80055d7", "key": "naslFamily"}, {"hash": "5e9c28fb71a885719f4f0312b51c7b38", "key": "modified"}, {"hash": "0c70f99fb718b8ef3906a2e2ecfddb58", "key": "references"}, {"hash": "77d8b92f7e4ad09337545800164f0737", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8037f56d4d98ec6b5e687bc34cd58867", "key": "description"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "f73a7def4acb756ae33e8fc8d23622eb", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "fd6fdbbbebbdde2720bb46b1e0cf6af8", "key": "title"}, {"hash": "8b9f10f18591da16417a9436b16c9610", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=95620", "id": "ORACLEVM_OVMSA-2016-0173.NASL", "lastseen": "2018-11-20T07:41:11", "modified": "2018-11-19T00:00:00", "naslFamily": "OracleVM Local Security Checks", "objectVersion": "1.3", "pluginID": "95620", "published": "2016-12-08T00:00:00", "references": ["http://www.nessus.org/u?6104821f"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2016-0173.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95620);\n script_version(\"3.3\");\n script_cvs_date(\"Date: 2018/11/19 16:36:34\");\n\n script_name(english:\"OracleVM 3.4 : xen (OVMSA-2016-0173)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - qemu: ioport_read, ioport_write: be defensive about\n 32-bit addresses master XSA-199 [OraBug: 25119498]\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2016-December/000597.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6104821f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xen / xen-tools packages.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! ereg(pattern:\"^OVS\" + \"3\\.4\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_exists(rpm:\"xen-4.4.4-105\", release:\"OVS3.4\") && rpm_check(release:\"OVS3.4\", reference:\"xen-4.4.4-105.0.2.1.el6\")) flag++;\nif (rpm_exists(rpm:\"xen-tools-4.4.4-105\", release:\"OVS3.4\") && rpm_check(release:\"OVS3.4\", reference:\"xen-tools-4.4.4-105.0.2.1.el6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen / xen-tools\");\n}\n", "title": "OracleVM 3.4 : xen (OVMSA-2016-0173)", "type": "nessus", "viewCount": 1}, "differentElements": ["description"], "edition": 5, "lastseen": "2018-11-20T07:41:11"}, {"bulletin": {"bulletinFamily": "exploit", "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - qemu: ioport_read, ioport_write: be defensive about 32-bit addresses master XSA-199 [OraBug: 25119498]", "edition": 1, "hash": "16dc592be182dc64c973024a2a62e614c8deead455447e42cb26961761578d4b", "hashmap": [{"hash": "9e33ebe844d7e88ee97bfa9301de7569", "key": "href"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "f73a7def4acb756ae33e8fc8d23622eb", "key": "modified"}, {"hash": "63d4fd9a95be526174d65f5ab80055d7", "key": "naslFamily"}, {"hash": "0c70f99fb718b8ef3906a2e2ecfddb58", "key": "references"}, {"hash": "77d8b92f7e4ad09337545800164f0737", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8037f56d4d98ec6b5e687bc34cd58867", "key": "description"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "f73a7def4acb756ae33e8fc8d23622eb", "key": "published"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f9bdb390f81adf9057882e27cce0b598", "key": "sourceData"}, {"hash": "fd6fdbbbebbdde2720bb46b1e0cf6af8", "key": "title"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=95620", "id": "ORACLEVM_OVMSA-2016-0173.NASL", "lastseen": "2016-12-08T21:39:26", "modified": "2016-12-08T00:00:00", "naslFamily": "OracleVM Local Security Checks", "objectVersion": "1.2", "pluginID": "95620", "published": "2016-12-08T00:00:00", "references": ["http://www.nessus.org/u?6104821f"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2016-0173.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95620);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2016/12/08 14:28:00 $\");\n\n script_name(english:\"OracleVM 3.4 : xen (OVMSA-2016-0173)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - qemu: ioport_read, ioport_write: be defensive about\n 32-bit addresses master XSA-199 [OraBug: 25119498]\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2016-December/000597.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6104821f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xen / xen-tools packages.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:oracle:vm:3.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! ereg(pattern:\"^OVS\" + \"3\\.4\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.4\", reference:\"xen-4.4.4-105.0.2.1.el6\")) flag++;\nif (rpm_check(release:\"OVS3.4\", reference:\"xen-tools-4.4.4-105.0.2.1.el6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen / xen-tools\");\n}\n", "title": "OracleVM 3.4 : xen (OVMSA-2016-0173)", "type": "nessus", "viewCount": 1}, "differentElements": ["sourceData"], "edition": 1, "lastseen": "2016-12-08T21:39:26"}], "edition": 6, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "8b9f10f18591da16417a9436b16c9610"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "dc233597f3760b02c8ddebc69eee649e"}, {"key": "href", "hash": "9e33ebe844d7e88ee97bfa9301de7569"}, {"key": "modified", "hash": "5e9c28fb71a885719f4f0312b51c7b38"}, {"key": "naslFamily", "hash": "63d4fd9a95be526174d65f5ab80055d7"}, {"key": "pluginID", "hash": "77d8b92f7e4ad09337545800164f0737"}, {"key": "published", "hash": "f73a7def4acb756ae33e8fc8d23622eb"}, {"key": "references", "hash": "0c70f99fb718b8ef3906a2e2ecfddb58"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "5d271ede8106ea079ca87703966309c1"}, {"key": "title", "hash": "fd6fdbbbebbdde2720bb46b1e0cf6af8"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "9af54f7c6f0c3bfa2046e4ad82ce66108a1e1aa4ac164c8497f783af07f76cca", "viewCount": 1, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}, "vulnersScore": 7.2}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2016-0173.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95620);\n script_version(\"3.3\");\n script_cvs_date(\"Date: 2018/11/19 16:36:34\");\n\n script_name(english:\"OracleVM 3.4 : xen (OVMSA-2016-0173)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - qemu: ioport_read, ioport_write: be defensive about\n 32-bit addresses master XSA-199 [OraBug: 25119498]\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2016-December/000597.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6104821f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xen / xen-tools packages.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! ereg(pattern:\"^OVS\" + \"3\\.4\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_exists(rpm:\"xen-4.4.4-105\", release:\"OVS3.4\") && rpm_check(release:\"OVS3.4\", reference:\"xen-4.4.4-105.0.2.1.el6\")) flag++;\nif (rpm_exists(rpm:\"xen-tools-4.4.4-105\", release:\"OVS3.4\") && rpm_check(release:\"OVS3.4\", reference:\"xen-tools-4.4.4-105.0.2.1.el6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen / xen-tools\");\n}\n", "naslFamily": "OracleVM Local Security Checks", "pluginID": "95620", "cpe": ["cpe:/o:oracle:vm_server:3.4", "p-cpe:/a:oracle:vm:xen", "p-cpe:/a:oracle:vm:xen-tools"]}
{"nessus": [{"lastseen": "2019-01-16T20:30:19", "references": ["http://www.nessus.org/u?08785912"], "pluginID": "105147", "description": "The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - tty: Fix race in pty_write leading to NULL deref (Todd\n Vierling) \n\n - ocfs2/dlm: ignore cleaning the migration mle that is\n inuse (xuejiufei) [Orabug: 26479780]\n\n - KEYS: fix dereferencing NULL payload with nonzero length\n (Eric Biggers) [Orabug: 26592025]\n\n - oracleasm: Copy the integrity descriptor (Martin K.\n Petersen) \n\n - mm: Tighten x86 /dev/mem with zeroing reads (Kees Cook)\n [Orabug: 26675925] (CVE-2017-7889)\n\n - xscore: add dma address check (Zhu Yanjun) [Orabug:\n 27058468]\n\n - more bio_map_user_iov leak fixes (Al Viro) [Orabug:\n 27069042] (CVE-2017-12190)\n\n - fix unbalanced page refcounting in bio_map_user_iov\n (Vitaly Mayatskikh) [Orabug: 27069042] (CVE-2017-12190)\n\n - nvme: Drop nvmeq->q_lock before dma_pool_alloc, so as to\n prevent hard lockups (Aruna Ramakrishna) [Orabug:\n 25409587]\n\n - nvme: Handle PM1725 HIL reset (Martin K. Petersen)\n [Orabug: 26277600]\n\n - char: lp: fix possible integer overflow in lp_setup\n (Willy Tarreau) [Orabug: 26403940] (CVE-2017-1000363)\n\n - ALSA: timer: Fix missing queue indices reset at\n SNDRV_TIMER_IOCTL_SELECT (Takashi Iwai) [Orabug:\n 26403956] (CVE-2017-1000380)\n\n - ALSA: timer: Fix race between read and ioctl (Takashi\n Iwai) [Orabug: 26403956] (CVE-2017-1000380)\n\n - ALSA: timer: fix NULL pointer dereference in read/ioctl\n race (Vegard Nossum) [Orabug: 26403956]\n (CVE-2017-1000380)\n\n - ALSA: timer: Fix negative queue usage by racy accesses\n (Takashi Iwai) [Orabug: 26403956] (CVE-2017-1000380)\n\n - ALSA: timer: Fix race at concurrent reads (Takashi Iwai)\n [Orabug: 26403956] (CVE-2017-1000380)\n\n - ALSA: timer: Fix race among timer ioctls (Takashi Iwai)\n [Orabug: 26403956] (CVE-2017-1000380)\n\n - ipv6/dccp: do not inherit ipv6_mc_list from parent (WANG\n Cong) [Orabug: 26404005] (CVE-2017-9077)\n\n - ocfs2: fix deadlock issue when taking inode lock at vfs\n entry points (Eric Ren) [Orabug: 26427126]\n\n - ocfs2/dlmglue: prepare tracking logic to avoid recursive\n cluster lock (Eric Ren) [Orabug: 26427126]\n\n - ping: implement proper locking (Eric Dumazet) [Orabug:\n 26540286] (CVE-2017-2671)\n\n - aio: mark AIO pseudo-fs noexec (Jann Horn) [Orabug:\n 26643598] (CVE-2016-10044)\n\n - vfs: Commit to never having exectuables on proc and\n sysfs. (Eric W. Biederman) [Orabug: 26643598]\n (CVE-2016-10044)\n\n - vfs, writeback: replace FS_CGROUP_WRITEBACK with\n SB_I_CGROUPWB (Tejun Heo) [Orabug: 26643598]\n (CVE-2016-10044)\n\n - x86/acpi: Prevent out of bound access caused by broken\n ACPI tables (Seunghun Han) [Orabug: 26643645]\n (CVE-2017-11473)\n\n - sctp: do not inherit ipv6_[mc|ac|fl]_list from parent\n (Eric Dumazet) [Orabug: 26650883] (CVE-2017-9075)\n\n - [media] saa7164: fix double fetch PCIe access condition\n (Steven Toth) [Orabug: 26675142] (CVE-2017-8831)\n\n - [media] saa7164: fix sparse warnings (Hans Verkuil)\n [Orabug: 26675142] (CVE-2017-8831)\n\n - fs: __generic_file_splice_read retry lookup on\n AOP_TRUNCATED_PAGE (Abhi Das) [Orabug: 26797306]\n\n - timerfd: Protect the might cancel mechanism proper\n (Thomas Gleixner) [Orabug: 26899787] (CVE-2017-10661)\n\n - scsi: scsi_transport_iscsi: fix the issue that\n iscsi_if_rx doesn't parse nlmsg properly (Xin Long)\n [Orabug: 26988627] (CVE-2017-14489)\n\n - mqueue: fix a use-after-free in sys_mq_notify (Cong\n Wang) [Orabug: 26643556] (CVE-2017-11176)\n\n - ipv6: avoid overflow of offset in ip6_find_1stfragopt\n (Sabrina Dubroca) [Orabug: 27011273] (CVE-2017-7542)\n\n - packet: fix tp_reserve race in packet_set_ring (Willem\n de Bruijn) [Orabug: 27002450] (CVE-2017-1000111)\n\n - mlx4_core: calculate log_num_mtt based on total system\n memory (Wei Lin Guay) [Orabug: 26883934]\n\n - xen/x86: Add interface for querying amount of host\n memory (Boris Ostrovsky) [Orabug: 26883934]\n\n - Bluetooth: Properly check L2CAP config option output\n buffer length (Ben Seri) [Orabug: 26796364]\n (CVE-2017-1000251)\n\n - xen: fix bio vec merging (Roger Pau Monne) [Orabug:\n 26645550] (CVE-2017-12134)\n\n - fs/exec.c: account for argv/envp pointers (Kees Cook)\n [Orabug: 26638921] (CVE-2017-1000365) (CVE-2017-1000365)\n\n - l2tp: fix racy SOCK_ZAPPED flag check in\n l2tp_ip[,6]_bind (Guillaume Nault) [Orabug: 26586047]\n (CVE-2016-10200)\n\n - xfs: fix two memory leaks in xfs_attr_list.c error paths\n (Mateusz Guzik) [Orabug: 26586022] (CVE-2016-9685)\n\n - KEYS: Disallow keyrings beginning with '.' to be joined\n as session keyrings (David Howells) [Orabug: 26585994]\n (CVE-2016-9604)\n\n - ipv6: fix out of bound writes in __ip6_append_data (Eric\n Dumazet) [Orabug: 26578198] (CVE-2017-9242)\n\n - posix_acl: Clear SGID bit when setting file permissions\n (Jan Kara) [Orabug: 25507344] (CVE-2016-7097)\n (CVE-2016-7097)\n\n - nfsd: check for oversized NFSv2/v3 arguments (J. Bruce\n Fields) [Orabug: 26366022] (CVE-2017-7645)", "edition": 7, "reporter": "Tenable", "published": "2017-12-11T00:00:00", "title": "OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0173) (BlueBorne) (Stack Clash)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "OracleVM Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9604", "CVE-2017-11176", "CVE-2016-7097", "CVE-2017-1000380", "CVE-2017-1000111", "CVE-2017-14489", "CVE-2017-7889", "CVE-2017-7645", "CVE-2017-9242", "CVE-2016-10200", "CVE-2017-8831", "CVE-2017-2671", "CVE-2017-11473", "CVE-2017-9075", "CVE-2017-10661", "CVE-2016-9685", "CVE-2017-1000251", "CVE-2017-12134", "CVE-2017-1000363", "CVE-2017-9077", "CVE-2017-7542", "CVE-2017-1000365", "CVE-2016-10044", "CVE-2017-12190"], "modified": "2018-09-05T00:00:00", "cpe": ["cpe:/o:oracle:vm_server:3.3", "p-cpe:/a:oracle:vm:kernel-uek", "p-cpe:/a:oracle:vm:kernel-uek-firmware"], "id": "ORACLEVM_OVMSA-2017-0173.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=105147", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2017-0173.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(105147);\n script_version(\"3.4\");\n script_cvs_date(\"Date: 2018/09/05 15:02:26\");\n\n script_cve_id(\"CVE-2016-10044\", \"CVE-2016-10200\", \"CVE-2016-7097\", \"CVE-2016-9604\", \"CVE-2016-9685\", \"CVE-2017-1000111\", \"CVE-2017-1000251\", \"CVE-2017-1000363\", \"CVE-2017-1000365\", \"CVE-2017-1000380\", \"CVE-2017-10661\", \"CVE-2017-11176\", \"CVE-2017-11473\", \"CVE-2017-12134\", \"CVE-2017-12190\", \"CVE-2017-14489\", \"CVE-2017-2671\", \"CVE-2017-7542\", \"CVE-2017-7645\", \"CVE-2017-7889\", \"CVE-2017-8831\", \"CVE-2017-9075\", \"CVE-2017-9077\", \"CVE-2017-9242\");\n\n script_name(english:\"OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0173) (BlueBorne) (Stack Clash)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - tty: Fix race in pty_write leading to NULL deref (Todd\n Vierling) \n\n - ocfs2/dlm: ignore cleaning the migration mle that is\n inuse (xuejiufei) [Orabug: 26479780]\n\n - KEYS: fix dereferencing NULL payload with nonzero length\n (Eric Biggers) [Orabug: 26592025]\n\n - oracleasm: Copy the integrity descriptor (Martin K.\n Petersen) \n\n - mm: Tighten x86 /dev/mem with zeroing reads (Kees Cook)\n [Orabug: 26675925] (CVE-2017-7889)\n\n - xscore: add dma address check (Zhu Yanjun) [Orabug:\n 27058468]\n\n - more bio_map_user_iov leak fixes (Al Viro) [Orabug:\n 27069042] (CVE-2017-12190)\n\n - fix unbalanced page refcounting in bio_map_user_iov\n (Vitaly Mayatskikh) [Orabug: 27069042] (CVE-2017-12190)\n\n - nvme: Drop nvmeq->q_lock before dma_pool_alloc, so as to\n prevent hard lockups (Aruna Ramakrishna) [Orabug:\n 25409587]\n\n - nvme: Handle PM1725 HIL reset (Martin K. Petersen)\n [Orabug: 26277600]\n\n - char: lp: fix possible integer overflow in lp_setup\n (Willy Tarreau) [Orabug: 26403940] (CVE-2017-1000363)\n\n - ALSA: timer: Fix missing queue indices reset at\n SNDRV_TIMER_IOCTL_SELECT (Takashi Iwai) [Orabug:\n 26403956] (CVE-2017-1000380)\n\n - ALSA: timer: Fix race between read and ioctl (Takashi\n Iwai) [Orabug: 26403956] (CVE-2017-1000380)\n\n - ALSA: timer: fix NULL pointer dereference in read/ioctl\n race (Vegard Nossum) [Orabug: 26403956]\n (CVE-2017-1000380)\n\n - ALSA: timer: Fix negative queue usage by racy accesses\n (Takashi Iwai) [Orabug: 26403956] (CVE-2017-1000380)\n\n - ALSA: timer: Fix race at concurrent reads (Takashi Iwai)\n [Orabug: 26403956] (CVE-2017-1000380)\n\n - ALSA: timer: Fix race among timer ioctls (Takashi Iwai)\n [Orabug: 26403956] (CVE-2017-1000380)\n\n - ipv6/dccp: do not inherit ipv6_mc_list from parent (WANG\n Cong) [Orabug: 26404005] (CVE-2017-9077)\n\n - ocfs2: fix deadlock issue when taking inode lock at vfs\n entry points (Eric Ren) [Orabug: 26427126]\n\n - ocfs2/dlmglue: prepare tracking logic to avoid recursive\n cluster lock (Eric Ren) [Orabug: 26427126]\n\n - ping: implement proper locking (Eric Dumazet) [Orabug:\n 26540286] (CVE-2017-2671)\n\n - aio: mark AIO pseudo-fs noexec (Jann Horn) [Orabug:\n 26643598] (CVE-2016-10044)\n\n - vfs: Commit to never having exectuables on proc and\n sysfs. (Eric W. Biederman) [Orabug: 26643598]\n (CVE-2016-10044)\n\n - vfs, writeback: replace FS_CGROUP_WRITEBACK with\n SB_I_CGROUPWB (Tejun Heo) [Orabug: 26643598]\n (CVE-2016-10044)\n\n - x86/acpi: Prevent out of bound access caused by broken\n ACPI tables (Seunghun Han) [Orabug: 26643645]\n (CVE-2017-11473)\n\n - sctp: do not inherit ipv6_[mc|ac|fl]_list from parent\n (Eric Dumazet) [Orabug: 26650883] (CVE-2017-9075)\n\n - [media] saa7164: fix double fetch PCIe access condition\n (Steven Toth) [Orabug: 26675142] (CVE-2017-8831)\n\n - [media] saa7164: fix sparse warnings (Hans Verkuil)\n [Orabug: 26675142] (CVE-2017-8831)\n\n - fs: __generic_file_splice_read retry lookup on\n AOP_TRUNCATED_PAGE (Abhi Das) [Orabug: 26797306]\n\n - timerfd: Protect the might cancel mechanism proper\n (Thomas Gleixner) [Orabug: 26899787] (CVE-2017-10661)\n\n - scsi: scsi_transport_iscsi: fix the issue that\n iscsi_if_rx doesn't parse nlmsg properly (Xin Long)\n [Orabug: 26988627] (CVE-2017-14489)\n\n - mqueue: fix a use-after-free in sys_mq_notify (Cong\n Wang) [Orabug: 26643556] (CVE-2017-11176)\n\n - ipv6: avoid overflow of offset in ip6_find_1stfragopt\n (Sabrina Dubroca) [Orabug: 27011273] (CVE-2017-7542)\n\n - packet: fix tp_reserve race in packet_set_ring (Willem\n de Bruijn) [Orabug: 27002450] (CVE-2017-1000111)\n\n - mlx4_core: calculate log_num_mtt based on total system\n memory (Wei Lin Guay) [Orabug: 26883934]\n\n - xen/x86: Add interface for querying amount of host\n memory (Boris Ostrovsky) [Orabug: 26883934]\n\n - Bluetooth: Properly check L2CAP config option output\n buffer length (Ben Seri) [Orabug: 26796364]\n (CVE-2017-1000251)\n\n - xen: fix bio vec merging (Roger Pau Monne) [Orabug:\n 26645550] (CVE-2017-12134)\n\n - fs/exec.c: account for argv/envp pointers (Kees Cook)\n [Orabug: 26638921] (CVE-2017-1000365) (CVE-2017-1000365)\n\n - l2tp: fix racy SOCK_ZAPPED flag check in\n l2tp_ip[,6]_bind (Guillaume Nault) [Orabug: 26586047]\n (CVE-2016-10200)\n\n - xfs: fix two memory leaks in xfs_attr_list.c error paths\n (Mateusz Guzik) [Orabug: 26586022] (CVE-2016-9685)\n\n - KEYS: Disallow keyrings beginning with '.' to be joined\n as session keyrings (David Howells) [Orabug: 26585994]\n (CVE-2016-9604)\n\n - ipv6: fix out of bound writes in __ip6_append_data (Eric\n Dumazet) [Orabug: 26578198] (CVE-2017-9242)\n\n - posix_acl: Clear SGID bit when setting file permissions\n (Jan Kara) [Orabug: 25507344] (CVE-2016-7097)\n (CVE-2016-7097)\n\n - nfsd: check for oversized NFSv2/v3 arguments (J. Bruce\n Fields) [Orabug: 26366022] (CVE-2017-7645)\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2017-December/000804.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?08785912\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel-uek / kernel-uek-firmware packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/08\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! ereg(pattern:\"^OVS\" + \"3\\.3\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"kernel-uek-3.8.13-118.20.1.el6uek\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"kernel-uek-firmware-3.8.13-118.20.1.el6uek\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-uek / kernel-uek-firmware\");\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
