Test Kennung:	1.3.6.1.4.1.25623.1.0.123230
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2014-1971)
Zusammenfassung:	The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-1971 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-1971 advisory. Vulnerability Insight: [3.10.0-123.13.1] - Oracle Linux certificates (Alexey Petrenko) [3.10.0-123.13.1] - [powerpc] mm: Make sure a local_irq_disable prevent a parallel THP split (Don Zickus) [1151057 1083296] - [powerpc] Implement __get_user_pages_fast() (Don Zickus) [1151057 1083296] - [scsi] vmw_pvscsi: Some improvements in pvscsi driver (Ewan Milne) [1144016 1075090] - [scsi] vmw_pvscsi: Add support for I/O requests coalescing (Ewan Milne) [1144016 1075090] - [scsi] vmw_pvscsi: Fix pvscsi_abort() function (Ewan Milne) [1144016 1075090] [3.10.0-123.12.1] - [alsa] control: Make sure that id->index does not overflow (Jaroslav Kysela) [1117313 1117314] {CVE-2014-4656} - [alsa] control: Handle numid overflow (Jaroslav Kysela) [1117313 1117314] {CVE-2014-4656} - [alsa] control: Protect user controls against concurrent access (Jaroslav Kysela) [1117338 1117339] {CVE-2014-4652} - [alsa] control: Fix replacing user controls (Jaroslav Kysela) [1117323 1117324] {CVE-2014-4654 CVE-2014-4655} - [net] sctp: fix remote memory pressure from excessive queueing (Daniel Borkmann) [1155750 1152755] {CVE-2014-3688} - [net] sctp: fix panic on duplicate ASCONF chunks (Daniel Borkmann) [1155737 1152755] {CVE-2014-3687} - [net] sctp: fix skb_over_panic when receiving malformed ASCONF chunks (Daniel Borkmann) [1147856 1152755] {CVE-2014-3673} - [net] sctp: handle association restarts when the socket is closed (Daniel Borkmann) [1147856 1152755] [1155737 1152755] [1155750 1152755] - [pci] Add ACS quirk for Intel 10G NICs (Alex Williamson) [1156447 1141399] - [pci] Add ACS quirk for Solarflare SFC9120 & SFC9140 (Alex Williamson) [1158316 1131552] - [lib] assoc_array: Fix termination condition in assoc array garbage collection (David Howells) [1155136 1139431] {CVE-2014-3631} - [block] cfq-iosched: Add comments on update timing of weight (Vivek Goyal) [1152874 1116126] - [block] cfq-iosched: Fix wrong children_weight calculation (Vivek Goyal) [1152874 1116126] - [powerpc] mm: Check paca psize is up to date for huge mappings (Gustavo Duarte) [1151927 1107337] - [x86] perf/intel: ignore CondChgd bit to avoid false NMI handling (Don Zickus) [1146819 1110264] - [x86] smpboot: initialize secondary CPU only if master CPU will wait for it (Phillip Lougher) [1144295 968147] - [x86] smpboot: Log error on secondary CPU wakeup failure at ERR level (Igor Mammedov) [1144295 968147] - [x86] smpboot: Fix list/memory corruption on CPU hotplug (Igor Mammedov) [1144295 968147] - [acpi] processor: do not mark present at boot but not onlined CPU as onlined (Igor Mammedov) [1144295 968147] - [fs] udf: Avoid infinite loop when processing indirect ICBs (Jacob Tanenbaum) [1142321 1142322] {CVE-2014-6410} - [hid] picolcd: fix memory corruption via OOB write (Jacob Tanenbaum) [1141408 1141409] {CVE-2014-3186} - [usb] serial/whiteheat: fix memory corruption flaw (Jacob Tanenbaum) [1141403 1141404] {CVE-2014-3185} - [hid] fix off by one error ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel' package(s) on Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2929 BugTraq ID: 64111 http://www.securityfocus.com/bid/64111 RedHat Security Advisories: RHSA-2014:0100 http://rhn.redhat.com/errata/RHSA-2014-0100.html RedHat Security Advisories: RHSA-2014:0159 http://rhn.redhat.com/errata/RHSA-2014-0159.html RedHat Security Advisories: RHSA-2014:0285 http://rhn.redhat.com/errata/RHSA-2014-0285.html RedHat Security Advisories: RHSA-2018:1252 https://access.redhat.com/errata/RHSA-2018:1252 SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://www.ubuntu.com/usn/USN-2070-1 http://www.ubuntu.com/usn/USN-2075-1 http://www.ubuntu.com/usn/USN-2109-1 http://www.ubuntu.com/usn/USN-2110-1 http://www.ubuntu.com/usn/USN-2111-1 http://www.ubuntu.com/usn/USN-2112-1 http://www.ubuntu.com/usn/USN-2114-1 http://www.ubuntu.com/usn/USN-2115-1 http://www.ubuntu.com/usn/USN-2116-1 http://www.ubuntu.com/usn/USN-2128-1 http://www.ubuntu.com/usn/USN-2129-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-1739 BugTraq ID: 68048 http://www.securityfocus.com/bid/68048 http://speirofr.appspot.com/cve-2014-1739-kernel-infoleak-vulnerability-in-media_enum_entities.html http://www.openwall.com/lists/oss-security/2014/06/15/1 http://www.securitytracker.com/id/1038201 http://secunia.com/advisories/59597 SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html http://www.ubuntu.com/usn/USN-2259-1 http://www.ubuntu.com/usn/USN-2261-1 http://www.ubuntu.com/usn/USN-2263-1 http://www.ubuntu.com/usn/USN-2264-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-3181 BugTraq ID: 69779 http://www.securityfocus.com/bid/69779 https://code.google.com/p/google-security-research/issues/detail?id=100 http://www.openwall.com/lists/oss-security/2014/09/11/21 RedHat Security Advisories: RHSA-2014:1318 http://rhn.redhat.com/errata/RHSA-2014-1318.html http://www.ubuntu.com/usn/USN-2376-1 http://www.ubuntu.com/usn/USN-2377-1 http://www.ubuntu.com/usn/USN-2378-1 http://www.ubuntu.com/usn/USN-2379-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-3182 BugTraq ID: 69770 http://www.securityfocus.com/bid/69770 https://code.google.com/p/google-security-research/issues/detail?id=89 Common Vulnerability Exposure (CVE) ID: CVE-2014-3184 BugTraq ID: 69768 http://www.securityfocus.com/bid/69768 https://code.google.com/p/google-security-research/issues/detail?id=91 RedHat Security Advisories: RHSA-2015:1272 http://rhn.redhat.com/errata/RHSA-2015-1272.html SuSE Security Announcement: SUSE-SU-2015:0652 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://www.ubuntu.com/usn/USN-2374-1 http://www.ubuntu.com/usn/USN-2375-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-3185 BugTraq ID: 69781 http://www.securityfocus.com/bid/69781 https://code.google.com/p/google-security-research/issues/detail?id=98 RedHat Security Advisories: RHSA-2015:0284 http://rhn.redhat.com/errata/RHSA-2015-0284.html Common Vulnerability Exposure (CVE) ID: CVE-2014-3186 BugTraq ID: 69763 http://www.securityfocus.com/bid/69763 https://code.google.com/p/google-security-research/issues/detail?id=101 http://www.openwall.com/lists/oss-security/2014/09/11/22 Common Vulnerability Exposure (CVE) ID: CVE-2014-3631 111298 http://osvdb.org/show/osvdb/111298 36268 http://www.exploit-db.com/exploits/36268 70095 http://www.securityfocus.com/bid/70095 USN-2378-1 USN-2379-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=95389b08d93d5c06ec63ab49bd732b0069b7c35e http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3 https://bugzilla.redhat.com/show_bug.cgi?id=1140325 https://github.com/torvalds/linux/commit/95389b08d93d5c06ec63ab49bd732b0069b7c35e Common Vulnerability Exposure (CVE) ID: CVE-2014-3673 62428 http://secunia.com/advisories/62428 70883 http://www.securityfocus.com/bid/70883 DSA-3060 http://www.debian.org/security/2014/dsa-3060 HPSBGN03282 http://marc.info/?l=bugtraq&m=142722544401658&w=2 HPSBGN03285 http://marc.info/?l=bugtraq&m=142722450701342&w=2 RHSA-2015:0062 http://rhn.redhat.com/errata/RHSA-2015-0062.html RHSA-2015:0115 http://rhn.redhat.com/errata/RHSA-2015-0115.html SUSE-SU-2015:0481 SUSE-SU-2015:0529 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html SUSE-SU-2015:0652 SUSE-SU-2015:0812 USN-2417-1 http://www.ubuntu.com/usn/USN-2417-1 USN-2418-1 http://www.ubuntu.com/usn/USN-2418-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9de7922bc709eee2f609cd01d98aaedc4cf5ea74 http://linux.oracle.com/errata/ELSA-2014-3087.html http://linux.oracle.com/errata/ELSA-2014-3088.html http://linux.oracle.com/errata/ELSA-2014-3089.html https://bugzilla.redhat.com/show_bug.cgi?id=1147850 https://github.com/torvalds/linux/commit/9de7922bc709eee2f609cd01d98aaedc4cf5ea74 openSUSE-SU-2015:0566 Common Vulnerability Exposure (CVE) ID: CVE-2014-3687 70766 http://www.securityfocus.com/bid/70766 SUSE-SU-2015:0178 http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html SUSE-SU-2015:0736 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html SUSE-SU-2015:1489 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b69040d8e39f20d5215a03502a8e8b4c6ab78395 https://bugzilla.redhat.com/show_bug.cgi?id=1155731 https://github.com/torvalds/linux/commit/b69040d8e39f20d5215a03502a8e8b4c6ab78395 Common Vulnerability Exposure (CVE) ID: CVE-2014-3688 [oss-security] 20141113 Linux kernel: SCTP issues http://www.openwall.com/lists/oss-security/2014/11/13/8 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26b87c7881006311828bb0ab271a551a62dcceb4 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4 https://bugzilla.redhat.com/show_bug.cgi?id=1155745 https://github.com/torvalds/linux/commit/26b87c7881006311828bb0ab271a551a62dcceb4 Common Vulnerability Exposure (CVE) ID: CVE-2014-4027 http://www.openwall.com/lists/oss-security/2014/06/11/1 http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618 http://secunia.com/advisories/59134 http://secunia.com/advisories/59777 http://secunia.com/advisories/60564 http://secunia.com/advisories/61310 http://www.ubuntu.com/usn/USN-2334-1 http://www.ubuntu.com/usn/USN-2335-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-4652 http://www.openwall.com/lists/oss-security/2014/06/26/6 RedHat Security Advisories: RHSA-2014:1083 http://rhn.redhat.com/errata/RHSA-2014-1083.html http://secunia.com/advisories/59434 http://secunia.com/advisories/60545 XForce ISS Database: linux-kernel-cve20144652-info-disc(94412) https://exchange.xforce.ibmcloud.com/vulnerabilities/94412 Common Vulnerability Exposure (CVE) ID: CVE-2014-4654 BugTraq ID: 68162 http://www.securityfocus.com/bid/68162 Common Vulnerability Exposure (CVE) ID: CVE-2014-4655 http://www.securitytracker.com/id/1036763 Common Vulnerability Exposure (CVE) ID: CVE-2014-4656 RedHat Security Advisories: RHSA-2015:0087 http://rhn.redhat.com/errata/RHSA-2015-0087.html Common Vulnerability Exposure (CVE) ID: CVE-2014-5045 BugTraq ID: 68862 http://www.securityfocus.com/bid/68862 http://www.openwall.com/lists/oss-security/2014/07/24/2 RedHat Security Advisories: RHSA-2015:0062 http://secunia.com/advisories/60353 Common Vulnerability Exposure (CVE) ID: CVE-2014-6410 BugTraq ID: 69799 http://www.securityfocus.com/bid/69799 HPdes Security Advisory: HPSBGN03282 HPdes Security Advisory: HPSBGN03285 http://www.openwall.com/lists/oss-security/2014/09/15/9
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.