Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLEVM_OVMSA-2020-0032.NASL
HistoryAug 10, 2020 - 12:00 a.m.

OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0032)

2020-08-1000:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18

7 High

AI Score

Confidence

Low

JSON

The remote OracleVM system is missing necessary patches to address critical security updates :

  • uek-rpm: Add OL6 shim conflict for new signing key (Eric Snowberg) [Orabug: 31688239] - Revert ‘certs: Add Oracle’s new X509 cert into the kernel keyring’ (Eric Snowberg) [Orabug: 31688223] - blk-mq: don’t overwrite rq->mq_ctx (Jens Axboe) [Orabug: 31457304] - blk-mq:
    mark ctx as pending at batch in flush plug path (Ming Lei) [Orabug: 31457304]

  • scsi: qla2xxx: Fix stuck session in GNL (Quinn Tran) [Orabug: 31561461] - scsi: qla2xxx: Serialize session free in qlt_free_session_done (Quinn Tran) [Orabug:
    31561461] - scsi: qla2xxx: v2: Change abort wait_loop from msleep to wait_event_timeout (Giridhar Malavali) [Orabug: 26932683] - scsi: qla2xxx: v2: Move ABTS code behind qpair (Quinn Tran) [Orabug: 31517449] - ocfs2:
    change slot number type s16 to u16 (Junxiao Bi) [Orabug:
    31027042] - ocfs2: fix value of OCFS2_INVALID_SLOT (Junxiao Bi) [Orabug: 31027042] - ocfs2: fix panic on nfs server over ocfs2 (Junxiao Bi) [Orabug: 31027042] - ocfs2: load global_inode_alloc (Junxiao Bi) [Orabug:
    31027042] - ocfs2: avoid inode removal while nfsd is accessing it (Junxiao Bi) [Orabug: 31027042] - block_dev: don’t test bdev->bd_contains when it is not stable (NeilBrown) [Orabug: 31554143] - KVM: x86: Remove spurious semicolon (Joao Martins) [Orabug: 31584727]

  • media: rc: prevent memory leak in cx23888_ir_probe (Navid Emamdoost) [Orabug: 31351672] (CVE-2019-19054)

  • vfio/pci: Fix SR-IOV VF handling with MMIO blocking (Alex Williamson) [Orabug: 31439671] (CVE-2020-12888)

  • vfio/pci: Mask buggy SR-IOV VF INTx support (Alex Williamson) [Orabug: 31439671] (CVE-2020-12888)

  • vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (Alex Williamson) [Orabug: 31439671] (CVE-2020-12888) (CVE-2020-12888)

  • vfio/pci: Pull BAR mapping setup from read-write path (Alex Williamson) [Orabug: 31439671] (CVE-2020-12888)

  • vfio_pci: Enable memory accesses before calling pci_map_rom (Eric Auger) [Orabug: 31439671] (CVE-2020-12888)

  • vfio-pci: Fault mmaps to enable vma tracking (Alex Williamson) [Orabug: 31439671] (CVE-2020-12888)

  • vfio/type1: Support faulting PFNMAP vmas (Alex Williamson) [Orabug: 31439671] (CVE-2020-12888)

  • mm: bring in additional flag for fixup_user_fault to signal unlock (Dominik Dingel) [Orabug: 31439671] (CVE-2020-12888)

  • vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn (Sean Christopherson) [Orabug: 31439671] (CVE-2020-12888)

  • x86/mitigations: reset default value for srbds_mitigation (Mihai Carabas) [Orabug: 31514993] - x86/cpu: clear X86_BUG_SRBDS before late loading (Mihai Carabas) [Orabug: 31514993] - x86/mitigations: update MSRs on all CPUs for SRBDS (Mihai Carabas) [Orabug:
    31514993] - Revert ‘x86/efi: Request desired alignment via the PE/COFF headers’ (Matt Fleming) [Orabug:
    31602576]

  • can, slip: Protect tty->disc_data in write_wakeup and close with RCU (Richard Palethorpe) [Orabug: 31516085] (CVE-2020-14416)

  • scsi: qla2xxx: Fix warning in qla2x00_async_iocb_timeout [Orabug: 31530589] - scsi: qla2xxx: Fix NULL pointer access for fcport structure (Quinn Tran) [Orabug:
    31530589]

#
# (C) Tenable Network Security, Inc.
#
# The package checks in this plugin were extracted from OracleVM
# Security Advisory OVMSA-2020-0032.
#

include('compat.inc');

if (description)
{
  script_id(139442);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/26");

  script_cve_id("CVE-2019-19054", "CVE-2020-12888", "CVE-2020-14416");

  script_name(english:"OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0032)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OracleVM host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote OracleVM system is missing necessary patches to address
critical security updates :

  - uek-rpm: Add OL6 shim conflict for new signing key (Eric
    Snowberg) [Orabug: 31688239] - Revert 'certs: Add
    Oracle's new X509 cert into the kernel keyring' (Eric
    Snowberg) [Orabug: 31688223] - blk-mq: don't overwrite
    rq->mq_ctx (Jens Axboe) [Orabug: 31457304] - blk-mq:
    mark ctx as pending at batch in flush plug path (Ming
    Lei) [Orabug: 31457304]

  - scsi: qla2xxx: Fix stuck session in GNL (Quinn Tran)
    [Orabug: 31561461] - scsi: qla2xxx: Serialize session
    free in qlt_free_session_done (Quinn Tran) [Orabug:
    31561461] - scsi: qla2xxx: v2: Change abort wait_loop
    from msleep to wait_event_timeout (Giridhar Malavali)
    [Orabug: 26932683] - scsi: qla2xxx: v2: Move ABTS code
    behind qpair (Quinn Tran) [Orabug: 31517449] - ocfs2:
    change slot number type s16 to u16 (Junxiao Bi) [Orabug:
    31027042] - ocfs2: fix value of OCFS2_INVALID_SLOT
    (Junxiao Bi) [Orabug: 31027042] - ocfs2: fix panic on
    nfs server over ocfs2 (Junxiao Bi) [Orabug: 31027042] -
    ocfs2: load global_inode_alloc (Junxiao Bi) [Orabug:
    31027042] - ocfs2: avoid inode removal while nfsd is
    accessing it (Junxiao Bi) [Orabug: 31027042] -
    block_dev: don't test bdev->bd_contains when it is not
    stable (NeilBrown) [Orabug: 31554143] - KVM: x86: Remove
    spurious semicolon (Joao Martins) [Orabug: 31584727]

  - media: rc: prevent memory leak in cx23888_ir_probe
    (Navid Emamdoost) [Orabug: 31351672] (CVE-2019-19054)

  - vfio/pci: Fix SR-IOV VF handling with MMIO blocking
    (Alex Williamson) [Orabug: 31439671] (CVE-2020-12888)

  - vfio/pci: Mask buggy SR-IOV VF INTx support (Alex
    Williamson) [Orabug: 31439671] (CVE-2020-12888)

  - vfio-pci: Invalidate mmaps and block MMIO access on
    disabled memory (Alex Williamson) [Orabug: 31439671]
    (CVE-2020-12888) (CVE-2020-12888)

  - vfio/pci: Pull BAR mapping setup from read-write path
    (Alex Williamson) [Orabug: 31439671] (CVE-2020-12888)

  - vfio_pci: Enable memory accesses before calling
    pci_map_rom (Eric Auger) [Orabug: 31439671]
    (CVE-2020-12888)

  - vfio-pci: Fault mmaps to enable vma tracking (Alex
    Williamson) [Orabug: 31439671] (CVE-2020-12888)

  - vfio/type1: Support faulting PFNMAP vmas (Alex
    Williamson) [Orabug: 31439671] (CVE-2020-12888)

  - mm: bring in additional flag for fixup_user_fault to
    signal unlock (Dominik Dingel) [Orabug: 31439671]
    (CVE-2020-12888)

  - vfio/type1: Fix VA->PA translation for PFNMAP VMAs in
    vaddr_get_pfn (Sean Christopherson) [Orabug: 31439671]
    (CVE-2020-12888)

  - x86/mitigations: reset default value for
    srbds_mitigation (Mihai Carabas) [Orabug: 31514993] -
    x86/cpu: clear X86_BUG_SRBDS before late loading (Mihai
    Carabas) [Orabug: 31514993] - x86/mitigations: update
    MSRs on all CPUs for SRBDS (Mihai Carabas) [Orabug:
    31514993] - Revert 'x86/efi: Request desired alignment
    via the PE/COFF headers' (Matt Fleming) [Orabug:
    31602576]

  - can, slip: Protect tty->disc_data in write_wakeup and
    close with RCU (Richard Palethorpe) [Orabug: 31516085]
    (CVE-2020-14416)

  - scsi: qla2xxx: Fix warning in qla2x00_async_iocb_timeout
    [Orabug: 31530589] - scsi: qla2xxx: Fix NULL pointer
    access for fcport structure (Quinn Tran) [Orabug:
    31530589]");
  # https://oss.oracle.com/pipermail/oraclevm-errata/2020-August/000992.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ccf50329");
  script_set_attribute(attribute:"solution", value:
"Update the affected kernel-uek / kernel-uek-firmware packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-14416");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2020-12888");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/11/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/08/07");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/08/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:kernel-uek");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:kernel-uek-firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:vm_server:3.4");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"OracleVM Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/OracleVM/release", "Host/OracleVM/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/OracleVM/release");
if (isnull(release) || "OVS" >!< release) audit(AUDIT_OS_NOT, "OracleVM");
if (! preg(pattern:"^OVS" + "3\.4" + "(\.[0-9]|$)", string:release)) audit(AUDIT_OS_NOT, "OracleVM 3.4", "OracleVM " + release);
if (!get_kb_item("Host/OracleVM/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "OracleVM", cpu);
if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);

flag = 0;
if (rpm_check(release:"OVS3.4", reference:"kernel-uek-4.1.12-124.41.4.el6uek")) flag++;
if (rpm_check(release:"OVS3.4", reference:"kernel-uek-firmware-4.1.12-124.41.4.el6uek")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel-uek / kernel-uek-firmware");
}
VendorProductVersionCPE
oraclevmkernel-uekp-cpe:/a:oracle:vm:kernel-uek
oraclevmkernel-uek-firmwarep-cpe:/a:oracle:vm:kernel-uek-firmware
oraclevm_server3.4cpe:/o:oracle:vm_server:3.4

Related

oraclelinux 8
nessus 69
osv 7
openvas 43
prion 3
cve 3
debiancve 3
redhatcve 3
ibm 2
ubuntucve 3
veracode 2
ubuntu 5
fedora 12
cbl_mariner 1
redhat 12
centos 1
f5 1
cloudfoundry 1
suse 3
photon 10
amazon 2
debian 3
symantec 1
slackware 1
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2020-08-06 00:00:00
Unbreakable Enterprise kernel security update
2020-08-10 00:00:00
Unbreakable Enterprise kernel security update
2020-08-06 00:00:00
nessus
nessus
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5801)
2020-08-07 00:00:00
NewStart CGSL MAIN 6.02 : kernel Vulnerability (NS-SA-2022-0099)
2022-11-15 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4525-1)
2020-09-22 00:00:00
osv
osv
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
2020-09-24 03:59:06
CVE-2019-19054
2019-11-18 06:15:11
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
2020-09-23 07:42:42
openvas
openvas
Ubuntu: Security Advisory (USN-4525-1)
2020-09-23 00:00:00
Fedora: Security Advisory for kernel (FEDORA-2020-5436586091)
2020-06-07 00:00:00
Fedora: Security Advisory for kernel (FEDORA-2020-57bf620276)
2020-05-29 00:00:00
prion
prion
Race condition
2020-06-18 11:15:00
Memory corruption
2019-11-18 06:15:00
Memory corruption
2020-05-15 18:15:00
cve
cve
CVE-2020-14416
2020-06-18 11:15:00
CVE-2019-19054
2019-11-18 06:15:00
CVE-2020-12888
2020-05-15 18:15:00
debiancve
debiancve
CVE-2020-14416
2020-06-18 11:15:00
CVE-2019-19054
2019-11-18 06:15:00
CVE-2020-12888
2020-05-15 18:15:00
redhatcve
redhatcve
CVE-2020-14416
2020-06-23 08:26:46
CVE-2019-19054
2020-04-09 03:19:44
CVE-2020-12888
2020-05-15 18:25:34
ibm
ibm
Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management
2020-09-23 13:10:38
Security Bulletin: There are multiple vulnerabilities in the Linux Kernel used in IBM Elastic Storage System
2022-05-25 23:01:32
ubuntucve
ubuntucve
CVE-2020-14416
2020-06-18 00:00:00
CVE-2020-12888
2020-05-15 00:00:00
CVE-2019-19054
2019-11-18 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-09-24 11:04:14
Denial Of Service (DoS)
2020-06-24 03:05:34
ubuntu
ubuntu
Linux kernel vulnerabilities
2020-09-24 00:00:00
Linux kernel vulnerabilities
2020-09-23 00:00:00
Kernel Live Patch Security Notice
2020-07-27 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: kernel-5.6.14-300.fc32
2020-05-25 02:48:16
[SECURITY] Fedora 31 Update: kernel-5.6.15-200.fc31
2020-06-02 03:14:22
[SECURITY] Fedora 32 Update: kernel-5.6.18-300.fc32
2020-06-15 01:58:35
cbl_mariner
cbl_mariner
CVE-2020-12888 affecting package kernel 5.4.91-6
2021-03-03 03:44:27
redhat
redhat
(RHSA-2020:2664) Important: kernel security and bug fix update
2020-06-23 11:09:02
(RHSA-2020:2831) Important: kernel security and bug fix update
2020-07-07 08:14:43
(RHSA-2020:2665) Important: kernel-rt security and bug fix update
2020-06-23 11:09:20
centos
centos
bpftool, kernel, perf, python security update
2020-06-23 19:56:05
f5
f5
K25225860 : Linux kernel vulnerabilities CVE-2019-6454, CVE-2020-12888, and CVE-2020-36385
2022-09-05 00:00:00
cloudfoundry
cloudfoundry
USN-4526-1: Linux kernel vulnerabilities | Cloud Foundry
2020-11-19 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2020-07-07 00:00:00
Security update for the Linux Kernel (important)
2020-08-06 00:00:00
Security update for the Linux Kernel (important)
2020-03-13 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0279
2020-02-21 00:00:00
Important Photon OS Security Update - PHSA-2020-0279
2020-02-21 00:00:00
Important Photon OS Security Update - PHSA-2020-0219
2020-02-20 00:00:00
amazon
amazon
Important: kernel
2020-08-18 20:29:00
Important: kernel
2020-10-26 18:08:00
debian
debian
[SECURITY] [DLA 2385-1] linux-4.19 security update
2020-09-28 13:31:21
[SECURITY] [DLA 2420-2] linux regression update
2020-10-31 16:14:20
[SECURITY] [DLA 2420-1] linux security update
2020-10-30 14:21:51
symantec
symantec
Linux Kernel Multiple Memory Leak Denial of Service Vulnerabilities
2019-09-14 00:00:00
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2020-10-21 22:25:53

7 High

AI Score

Confidence

Low

JSON
Related for ORACLEVM_OVMSA-2020-0032.NASL
oraclelinux8nessus69osv7openvas43prion3cve3debiancve3redhatcve3ibm2ubuntucve3veracode2ubuntu5fedora12cbl_mariner1redhat12centos1f51cloudfoundry1suse3photon10amazon2debian3symantec1slackware1