• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Advisory – Exploitation of automatic DNS registration and auto-discovery
September 6, 2018
Internal Attacks and their Impact on Organizations
September 8, 2018

Rewterz Threat Advisory – Oracle VM Server for x86 update for kernel-uek

September 6, 2018

Oracle has issued an update for kernel-uek included in Oracle VM Server for x86 for fixing multiple vulnerabilities.

 

IMPACT:  NORMAL

 

PUBLISH DATE:  06-09-2018

 

 

OVERVIEW

 

Oracle VM Server 3.x was detected to have multiple vulnerabilities which may lead to Denial of Service, unauthorized exposure of sensitive information or Security Bypass attacks by users with malicious intents. Oracle has issued an update that patches the mentioned vulnerabilities.

 

 

ANALYSIS

 

Below is a brief summary of the vulnerabilities addressed in this update.

 

CVE-2018-13405

Local users are allowed to create files with an unintended group ownership by the inode_init_owner function in fs/inode.c in the Linux kernel through 4.17.4. This happens in a scenario where a directory is SGID to a certain group and is writable by a non-member user, who can trigger creation of a plain file (intended to be a directory) whose group ownership is that group. If the non-member makes that plain file executable and SGID, it’ll lead to privilege escalation.

 

CVE-2018-10021

Local users are allowed to cause a denial of service by drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel before 4.16, (ata qc leak) by triggering certain failure conditions.

NOTE: This report is objected on by a third party who claims that only physically proximate attackers can cause the failure who unplug SAS Host Bus Adapter cables.

 

CVE-2018-10938

A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. The kernel may be forced to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c if an attacker remotely sends a crafted network packet. This leads to a denial-of-service. For an attacker to leverage this flaw, a certain non-default configuration of LSM (Linux Security Module) and NetLabel is required.

 

CVE-2018-15594

It’s easier for attackers to conduct Spectre-v2 attacks against paravirtual guests because arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls.

 

 

AFFECTED PRODUCT

 

Oracle VM Server 3.x

 

 

UPDATE

Apply updated packages concerning Oracle VM Server for x86 version 3.4.
Follow the links for help:

https://docs.oracle.com/cd/E64076_01/E64078/html/vmiug-upgrading-ovs-three-three.html

https://docs.oracle.com/html/E50247_08/vmiug-server-upgrading.html

  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.