SB2020071534 - Multiple vulnerabilities in Oracle VM Server
Published: July 15, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 10 secuirty vulnerabilities.
1) Information disclosure (CVE-ID: CVE-2020-0548)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to cleanup errors. A local user can gain unauthorized access to sensitive information on the system.
2) Information disclosure (CVE-ID: CVE-2020-0549)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to cleanup errors in some data cache evictions. A local user can gain unauthorized access to sensitive information on the system.
3) Denial of service (CVE-ID: CVE-2017-16538)
The vulnerability allows a local attacker to cause DoS condition on the target system.The weakness exists due to an error in the drivers/media/usb/dvb-usb-v2/lmedm04.c. A local attacker can use a specially crafted USB device and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
4) Use-after-free (CVE-ID: CVE-2019-15214)
The vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists in the Advanced Linux Sound Architecture (ALSA) subsystem in "sound/core/init.c" and "sound/core/info.c" due to the card disconnection causes certain data structures to be deleted too early. A local authenticated user with physical access to the system can exploit this vulnerability to cause a denial of service (system crash) or possibly execute arbitrary code.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
5) Information disclosure (CVE-ID: CVE-2019-19533)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to an info-leak bug in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver. A local user with physical access can use a malicious USB device and gain unauthorized access to sensitive information on the system.
6) Information disclosure (CVE-ID: CVE-2019-19534)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output within the USB driver in drivers/net/can/usb/peak_usb/pcan_usb_core.c driver. A local use can use a specially crafted USB devices to gain unauthorized access to sensitive information on the system.
7) Information disclosure (CVE-ID: CVE-2019-19536)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output in drivers/net/can/usb/peak_usb/pcan_usb_pro.c USB driver. A local user can use a specially crafted USB device to gain unauthorized access to sensitive information on the system.
8) Information disclosure (CVE-ID: CVE-2020-0543)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to incomplete cleanup from specific special register read operations in some Intel(R) Processors. A local user can gain unauthorized access to sensitive information on the system.
9) Out-of-bounds write (CVE-ID: CVE-2017-15289)
The vulnerability allows an adjacent authenticated attacker to cause DoS condition on the target system.The weakness exists in the mode4and5 write functions in hw/display/cirrus_vga.c due to out-of-bounds write. An adjacent attacker can trigger memory corruption and cause the service to crash via vectors related to dst calculation.
10) Out-of-bounds read (CVE-ID: CVE-2017-18030)
The vulnerability allows an adjacent attacker to cause DoS condition on the target system.The weakness exists in the cirrus_invalidate_region function in hw/display/cirrus_vga.c due to out-of-bounds read. A remote attacker can use vectors related to negative pitch, trigger memory error and cause QEMU process to crash.
Remediation
Install update from vendor's website.