OracleVM 3.4:qemu-kvm (OVMSA-2018-0238) (Spectre)
critical Nessus Plugin ID 111023
語系:
概要
遠端 OracleVM 主機缺少安全性更新。說明
遠端 OracleVM 系統缺少可解決重大安全性更新的必要修補程式:- qemu-kvm-i386-define-the-ssbd-CPUID-feature-bit-CVE-2018-3639.patch
- qemu-kvm-i386-Define-the-Virt-SSBD-MSR-and-handling-of-it-CVE.patch
- qemu-kvm-i386-define-the-AMD-virt-ssbd-CPUID-feature-bit-CVE-.patch
- 解決:bz#1574074 (CVE-2018-3639 qemu-kvm:hw:cpu:
推測存儲繞過 [rhel-6.10.z])
- kvm-vga-add-share_surface-flag.patch [bz#1553674]
- kvm-vga-add-sanity-checks.patch [bz#1553674]
- 解決:bz#1553674 (CVE-2018-7858 qemu-kvm:Qemu:
cirrus:更新 vga 顯示時,出現 OOB 存取 [rhel-6])
- kvm-target-i386-add-support-for-SPEC_CTRL-MSR.patch [bz#1525939 bz#1528024]
- kvm-target-i386-cpu-add-new-CPUID-bits-for-indirect-bran.patch
- kvm-target-i386-cpu-add-new-CPU-models-for-indirect-bran.patch
- kvm-cirrus-fix-oob-access-in-mode4and5-write-functions.patch [bz#1501298]
- kvm-vga-stop-passing-pointers-to-vga_draw_line-functions.patch
- kvm-vga-check-the-validation-of-memory-addr-when-draw-te.patch
- 解決:bz#1486641 (CVE-2017-13672 qemu-kvm-rhev:
Qemu:vga:顯示更新期間存在 OOB 讀取讀取存取 [rhel-6.10])
- 解決:bz#1501298 (CVE-2017-15289 qemu-kvm:Qemu:
cirrus:mode4and5 寫入函式中存在 OOB 存取問題 [rhel-6.10])
- 解決:bz#1525939 (CVE-2017-5715 qemu-kvm:hw:cpu:
推測執行分支目標注入 [rhel-6.10])
- 解決:bz#1528024 (CVE-2017-5715 qemu-kvm-rhev:hw:
cpu:推測執行分支目標注入 [rhel-6.10])
- 解決:bz#1534692 (CVE-2018-5683 qemu-kvm:Qemu:
vga_draw_text 常式中存在越界讀取 [rhel-6.10])
- 解決:bz#1549152 (qemu-kvm-rhev:移除未使用的修補程式文件 [rhel-6.10])
- kvm-vns-tls-don-t-use-depricated-gnutls-functions.patch [bz#1428750]
- kvm-vnc-apply-display-size-limits.patch [bz#1430616 bz#1430617]
- kvm-fix-cirrus_vga-fix-OOB-read-case-qemu-Segmentation-f.patch
- kvm-cirrus-vnc-zap-bitblit-support-from-console-code.patch [bz#1443448 bz#1443450 bz#1447542 bz#1447545]
- kvm-cirrus-avoid-write-only-variables.patch [bz#1444378 bz#1444380]
- kvm-cirrus-stop-passing-around-dst-pointers-in-the-blitt.patch
- kvm-cirrus-stop-passing-around-src-pointers-in-the-blitt.patch
- kvm-cirrus-fix-off-by-one-in-cirrus_bitblt_rop_bkwd_tran.patch
- kvm-cirrus-fix-PUTPIXEL-macro.patch [bz#1444378 bz#1444380]
- 解決:bz#1428750 (在 brew 中構建失敗)
- 解決:bz#1430616 (CVE-2017-2633 qemu-kvm:Qemu:VNC:
未檢查分辨率限制導致的記憶體損壞 [rhel-6.10])
- 解決:bz#1430617 (CVE-2017-2633 qemu-kvm-rhev:Qemu:
VNC:未檢查分辨率限制導致的記憶體損壞 [rhel-6.10])
- 解決:bz#1443448 (CVE-2017-7718 qemu-kvm:Qemu:
display:cirrus:OOB 讀取訪問問題 [rhel-6.10])
- 解決:bz#1443450 (CVE-2017-7718 qemu-kvm-rhev:Qemu:
display:cirrus:OOB 讀取訪問問題 [rhel-6.10])
- 解決:bz#1444378 (CVE-2017-7980 qemu-kvm:Qemu:
display:cirrus:bitblt 例程中存在 OOB r/w 訪問問題 [rhel-6.10])
- 解決:bz#1444380 (CVE-2017-7980 qemu-kvm-rhev:Qemu:
display:cirrus:bitblt 例程中存在 OOB r/w 訪問問題 [rhel-6.10])
- 解決:bz#1447542 (CVE-2016-9603 qemu-kvm:Qemu:
cirrus:透過 vnc 連接造成的堆緩沖區溢出 [rhel-6.10])
- 解決:bz#1447545 (CVE-2016-9603 qemu-kvm-rhev:Qemu:
cirrus:透過 vnc 連接造成的堆緩沖區溢出 [rhel-6.10])
解決方案
更新受影響的 qemu-img 套件。另請參閱
https://oss.oracle.com/pipermail/oraclevm-errata/2018-July/000873.html
Plugin 詳細資訊
嚴重性: Critical
ID: 111023
檔案名稱: oraclevm_OVMSA-2018-0238.nasl
版本: 1.8
類型: local
已發布: 2018/7/12
已更新: 2019/9/27
支援的感應器: Nessus
風險資訊
VPR
風險因素: High
分數: 7.6
CVSS v2
風險因素: High
基本分數: 9
時間分數: 7.8
媒介: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C
CVSS v3
風險因素: Critical
基本分數: 9.9
時間分數: 9.5
媒介: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
時間媒介: CVSS:3.0/E:H/RL:O/RC:C
弱點資訊
CPE: p-cpe:/a:oracle:vm:qemu-img, cpe:/o:oracle:vm_server:3.4
必要的 KB 項目: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list
可被惡意程式利用: true
可輕鬆利用: Exploits are available
修補程式發佈日期: 2018/7/11
弱點發布日期: 2017/4/20
參考資訊
CVE: CVE-2016-9603, CVE-2017-13672, CVE-2017-15289, CVE-2017-2633, CVE-2017-5715, CVE-2017-7718, CVE-2017-7980, CVE-2018-3639, CVE-2018-5683, CVE-2018-7858