Test Kennung:	1.3.6.1.4.1.25623.1.0.123223
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2014-3104)
Zusammenfassung:	The remote host is missing an update for the 'kernel-uek' package(s) announced via the ELSA-2014-3104 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'kernel-uek' package(s) announced via the ELSA-2014-3104 advisory. Vulnerability Insight: [2.6.39-400.215.14] - HID: magicmouse: sanity check report size in raw_event() callback (Jiri Kosina) [Orabug: 19849355] {CVE-2014-3181} - ALSA: control: Protect user controls against concurrent access (Lars-Peter Clausen) [Orabug: 20192542] {CVE-2014-4652} - target/rd: Refactor rd_build_device_space + rd_release_device_space (Nicholas Bellinger) [Orabug: 20192517] {CVE-2014-4027} - media-device: fix infoleak in ioctl media_enum_entities() (Salva Peiro) [Orabug: 20192501] {CVE-2014-1739} {CVE-2014-1739} - udf: Avoid infinite loop when processing indirect ICBs (Jan Kara) [Orabug: 20192449] {CVE-2014-6410} - ALSA: control: Make sure that id->index does not overflow (Lars-Peter Clausen) [Orabug: 20192418] {CVE-2014-4656} - ALSA: control: Handle numid overflow (Lars-Peter Clausen) [Orabug: 20192376] {CVE-2014-465} - HID: picolcd: sanity check report size in raw_event() callback (Jiri Kosina) [Orabug: 20192205] {CVE-2014-3186} - net: sctp: fix remote memory pressure from excessive queueing (Daniel Borkmann) [Orabug: 20192059] {CVE-2014-3688} Affected Software/OS: 'kernel-uek' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-1739 BugTraq ID: 68048 http://www.securityfocus.com/bid/68048 http://speirofr.appspot.com/cve-2014-1739-kernel-infoleak-vulnerability-in-media_enum_entities.html http://www.openwall.com/lists/oss-security/2014/06/15/1 http://www.securitytracker.com/id/1038201 http://secunia.com/advisories/59597 SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html http://www.ubuntu.com/usn/USN-2259-1 http://www.ubuntu.com/usn/USN-2261-1 http://www.ubuntu.com/usn/USN-2263-1 http://www.ubuntu.com/usn/USN-2264-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-3181 BugTraq ID: 69779 http://www.securityfocus.com/bid/69779 https://code.google.com/p/google-security-research/issues/detail?id=100 http://www.openwall.com/lists/oss-security/2014/09/11/21 RedHat Security Advisories: RHSA-2014:1318 http://rhn.redhat.com/errata/RHSA-2014-1318.html SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://www.ubuntu.com/usn/USN-2376-1 http://www.ubuntu.com/usn/USN-2377-1 http://www.ubuntu.com/usn/USN-2378-1 http://www.ubuntu.com/usn/USN-2379-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-3186 BugTraq ID: 69763 http://www.securityfocus.com/bid/69763 https://code.google.com/p/google-security-research/issues/detail?id=101 http://www.openwall.com/lists/oss-security/2014/09/11/22 Common Vulnerability Exposure (CVE) ID: CVE-2014-3688 DSA-3060 http://www.debian.org/security/2014/dsa-3060 HPSBGN03282 http://marc.info/?l=bugtraq&m=142722544401658&w=2 HPSBGN03285 http://marc.info/?l=bugtraq&m=142722450701342&w=2 RHSA-2015:0062 http://rhn.redhat.com/errata/RHSA-2015-0062.html RHSA-2015:0115 http://rhn.redhat.com/errata/RHSA-2015-0115.html SUSE-SU-2015:0481 SUSE-SU-2015:0652 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html SUSE-SU-2015:0736 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html USN-2417-1 http://www.ubuntu.com/usn/USN-2417-1 USN-2418-1 http://www.ubuntu.com/usn/USN-2418-1 [oss-security] 20141113 Linux kernel: SCTP issues http://www.openwall.com/lists/oss-security/2014/11/13/8 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26b87c7881006311828bb0ab271a551a62dcceb4 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4 https://bugzilla.redhat.com/show_bug.cgi?id=1155745 https://github.com/torvalds/linux/commit/26b87c7881006311828bb0ab271a551a62dcceb4 openSUSE-SU-2015:0566 Common Vulnerability Exposure (CVE) ID: CVE-2014-4027 http://www.openwall.com/lists/oss-security/2014/06/11/1 http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618 http://secunia.com/advisories/59134 http://secunia.com/advisories/59777 http://secunia.com/advisories/60564 http://secunia.com/advisories/61310 http://www.ubuntu.com/usn/USN-2334-1 http://www.ubuntu.com/usn/USN-2335-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-4652 http://www.openwall.com/lists/oss-security/2014/06/26/6 RedHat Security Advisories: RHSA-2014:1083 http://rhn.redhat.com/errata/RHSA-2014-1083.html RedHat Security Advisories: RHSA-2015:1272 http://rhn.redhat.com/errata/RHSA-2015-1272.html http://secunia.com/advisories/59434 http://secunia.com/advisories/60545 SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html XForce ISS Database: linux-kernel-cve20144652-info-disc(94412) https://exchange.xforce.ibmcloud.com/vulnerabilities/94412 Common Vulnerability Exposure (CVE) ID: CVE-2014-4656 RedHat Security Advisories: RHSA-2015:0087 http://rhn.redhat.com/errata/RHSA-2015-0087.html Common Vulnerability Exposure (CVE) ID: CVE-2014-6410 BugTraq ID: 69799 http://www.securityfocus.com/bid/69799 HPdes Security Advisory: HPSBGN03282 HPdes Security Advisory: HPSBGN03285 http://www.openwall.com/lists/oss-security/2014/09/15/9 http://www.ubuntu.com/usn/USN-2374-1 http://www.ubuntu.com/usn/USN-2375-1
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.