Lucene search

K
nessusThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLEVM_OVMSA-2019-0047.NASL
HistoryOct 17, 2019 - 12:00 a.m.

OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0047)

2019-10-1700:00:00
This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11

The remote OracleVM system is missing necessary patches to address critical security updates :

  • scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE (Hannes Reinecke) [Orabug: 26941755] (CVE-2017-14991)

  • failover: allow name change on IFF_UP slave interfaces (Si-Wei Liu)

  • Revert ‘net_failover: delay taking over primary device to accommodate udevd renaming’ (Si-Wei Liu) [Orabug:
    29707258]

  • build: Revert ‘repairing out-of-tree build functionality’ (Todd Vierling) [Orabug: 30257829]

  • rds: add ibmr to busy_list in flush code path (Manjunath Patil)

  • rds: fix uninteneded increase of rds_rdma:pool->max_items_soft (Manjunath Patil)

  • ext4: fix data exposure after a crash (Jan Kara) [Orabug: 30361860] (CVE-2017-7495)

#
# (C) Tenable Network Security, Inc.
#
# The package checks in this plugin were extracted from OracleVM
# Security Advisory OVMSA-2019-0047.
#

include("compat.inc");

if (description)
{
  script_id(129986);
  script_version("1.2");
  script_cvs_date("Date: 2019/12/19");

  script_cve_id("CVE-2017-14991", "CVE-2017-7495");

  script_name(english:"OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0047)");
  script_summary(english:"Checks the RPM output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote OracleVM host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote OracleVM system is missing necessary patches to address
critical security updates :

  - scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE
    (Hannes Reinecke) [Orabug: 26941755] (CVE-2017-14991)

  - failover: allow name change on IFF_UP slave interfaces
    (Si-Wei Liu) 

  - Revert 'net_failover: delay taking over primary device
    to accommodate udevd renaming' (Si-Wei Liu) [Orabug:
    29707258]

  - build: Revert 'repairing out-of-tree build
    functionality' (Todd Vierling) [Orabug: 30257829]

  - rds: add ibmr to busy_list in flush code path (Manjunath
    Patil)

  - rds: fix uninteneded increase of
    rds_rdma:pool->max_items_soft (Manjunath Patil)

  - ext4: fix data exposure after a crash (Jan Kara)
    [Orabug: 30361860] (CVE-2017-7495)"
  );
  # https://oss.oracle.com/pipermail/oraclevm-errata/2019-October/000962.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?ca241a19"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected kernel-uek / kernel-uek-firmware packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:kernel-uek");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:kernel-uek-firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:vm_server:3.4");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/05/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/10/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/17");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"OracleVM Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/OracleVM/release", "Host/OracleVM/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/OracleVM/release");
if (isnull(release) || "OVS" >!< release) audit(AUDIT_OS_NOT, "OracleVM");
if (! preg(pattern:"^OVS" + "3\.4" + "(\.[0-9]|$)", string:release)) audit(AUDIT_OS_NOT, "OracleVM 3.4", "OracleVM " + release);
if (!get_kb_item("Host/OracleVM/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "OracleVM", cpu);
if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);

flag = 0;
if (rpm_check(release:"OVS3.4", reference:"kernel-uek-4.1.12-124.32.3.el6uek")) flag++;
if (rpm_check(release:"OVS3.4", reference:"kernel-uek-firmware-4.1.12-124.32.3.el6uek")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
  else security_note(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel-uek / kernel-uek-firmware");
}
Related for ORACLEVM_OVMSA-2019-0047.NASL