OracleVM 3.4 : kernel-uek (OVMSA-2022-0024)

The remote OracleVM system is missing necessary patches to address security updates: - In the Linux kernel before 4.20.14, expanddownwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms...

OracleVM 3.3 / 3.4 : openssh (OVMSA-2019-0013)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fix for CVE-2018-15473: User enumeration via malformed packets in authentication requests C Tenable Network Security, Inc. The package checks in this plugin were extracted from OracleVM Security...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0040)

The remote OracleVM system is missing necessary patches to address critical security updates : - vhost/scsi: fix reuse of &vq-iovout in response Benjamin Coddington Orabug: 27928330 - kernel.spec: add requires system-release for OL7 Brian Maly - x86/kernel/traps.c: fix tracedienotifier return val...

OracleVM 3.4 : xen (OVMSA-2017-0176)

The remote OracleVM system is missing necessary patches to address critical security updates : - BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8 - BUILDINFO: xen commit=b90f0a4fa66aea67e743c393ba307612a2fec379 - BUILDINFO: QEMU upstream...

OracleVM 3.3 : xen (OVMSA-2017-0158)

The remote OracleVM system is missing necessary patches to address critical security updates : - From: Jan Beulich Subject: gnttab: also validate PTE permissions upon destroy/replace In order for PTE handling to match up with the reference counting done by common code, presence and writability of...

OracleVM 3.4 : qemu-kvm (OVMSA-2017-0055)

The remote OracleVM system is missing necessary patches to address critical security updates : - kvm-cirrus-fix-patterncopy-checks.patch bz1420487 bz1420489 - kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil .patch - kvm-cirrus-add-blitisunsafe-call-to-cirrusbitbltcput .patch - Resolves:...

OracleVM 3.4 : qemu-kvm (OVMSA-2016-0051)

The remote OracleVM system is missing necessary patches to address critical security updates : - kvm-Add-vga.h-unmodified-from-Linux.patch bz1331407 - kvm-vga.h-remove-unused-stuff-and-reformat.patch bz1331407 - kvm-vga-use-constants-from-vga.h.patch bz1331407 -...

OracleVM 3.3 : xen (OVMSA-2015-0057) (Venom)

The remote OracleVM system is missing necessary patches to address critical security updates : - fdc: force the fifo access to be in bounds of the allocated buffer During processing of certain commands such as FDCMDREADID and FDCMDDRIVESPECIFICATIONCOMMAND the fifo memory access could get out of...

OracleVM 3.3 : nss (OVMSA-2014-0023)

The remote OracleVM system is missing necessary patches to address critical security updates : nss - Added nss-vendor.patch to change vendor - Replace expired PayPal test certificate that breaks the build - Resolves: Bug 1145431 - CVE-2014-1568 - Resolves: Bug 1145431 - CVE-2014-1568 - Removed...

OracleVM 3.2 : kernel-uek (OVMSA-2013-0003)

The remote OracleVM system is missing necessary patches to address critical security updates : - bonding: fixup typo in rlb mode of bond and bridge fix Guru Anbalagane Orabug: 16069448 - bonding: rlb mode of bond should not alter ARP originating via bridge zheng.li Orabug: 14650975 - compilation...

OracleVM 3.1 : kernel-uek (OVMSA-2012-0042)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fix bug number for commit 'cciss: Update HPSABOUNDARY' Joe Jin Orabug: 14681166 - cciss: Update HPSABOUNDARY. Joe Jin Orabug: 14319765 - KVM: introduce kvmforeachmemslot macro Maxim Uvarov Bugdb: 1396...