 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.123347 |
| Kategorie: | Oracle Linux Local Security Checks |
| Titel: | Oracle: Security Advisory (ELSA-2014-0981) |
| Zusammenfassung: | The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-0981 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-0981 advisory. Vulnerability Insight: [2.6.32-431.23.3] - [netdrv] pppol2tp: fail when socket option level is not SOL_PPPOL2TP [1119461 1119462] {CVE-2014-4943} [2.6.32-431.23.2] - [kernel] utrace: force IRET path after utrace_finish_vfork() (Oleg Nesterov) [1115932 1115933] {CVE-2014-4699} [2.6.32-431.23.1] - [net] ip_tunnel: fix ip_tunnel_find to return NULL in case the tunnel is not there (Jiri Pirko) [1107931 1104503] - [netdrv] bnx2x: Fix kernel crash and data miscompare after EEH recovery (Michal Schmidt) [1109269 1029600] - [netdrv] bnx2x: Adapter not recovery from EEH error injection (Michal Schmidt) [1109269 1029600] - [scsi] qla2xxx: Don't check for firmware hung during the reset context for ISP82XX (Chad Dupuis) [1110658 1054299] - [scsi] qla2xxx: Clear loop_id for ports that are marked lost during fabric scanning (Chad Dupuis) [1110658 1054299] - [scsi] qla2xxx: Issue abort command for outstanding commands during cleanup when only firmware is alive (Chad Dupuis) [1110658 1054299] - [scsi] qla2xxx: Reduce the time we wait for a command to complete during SCSI error handling (Chad Dupuis) [1110658 1054299] - [scsi] qla2xxx: Avoid escalating the SCSI error handler if the command is not found in firmware (Chad Dupuis) [1110658 1054299] - [scsi] qla2xxx: Set host can_queue value based on available resources (Chad Dupuis) [1110658 1054299] - [net] filter: prevent nla extensions to peek beyond the end of the message (Jiri Benc) [1096778 1096779] {CVE-2014-3144 CVE-2014-3145} - [net] bridge: add empty br_mdb_init() and br_mdb_uninit() definitions (Vlad Yasevich) [1106472 1097915] - [net] bridge: Correctly unregister MDB rtnetlink handlers (Vlad Yasevich) [1106472 1097915] - [net] rds: prevent dereference of a NULL device in rds_iw_laddr_check (Radomir Vrbovsky) [1083276 1083277] {CVE-2014-2678} - [s390] crypto: fix aes, des ctr mode concurrency finding (Hendrik Brueckner) [1110168 1096328] - [s390] crypto: fix des and des3_ede ctr concurrency issue (Hendrik Brueckner) [1109885 1065404] - [s390] crypto: fix des and des3_ede cbc concurrency issue (Hendrik Brueckner) [1109883 1065398] - [kernel] futex: Forbid uaddr == uaddr2 in futex_wait_requeue_pi() (Mateusz Guzik) [1097759 1097760] {CVE-2012-6647} - [libata] ahci: accommodate tag ordered controller (David Milburn) [1099725 1083748] - [net] mac80211: crash dues to AP powersave TX vs. wakeup race (Jacob Tanenbaum) [1083531 1083532] {CVE-2014-2706} - [netdrv] ath9k: tid->sched race in ath_tx_aggr_sleep() (Jacob Tanenbaum) [1083249 1083250] {CVE-2014-2672} - [kernel] hrtimer: Prevent all reprogramming if hang detected (Prarit Bhargava) [1096059 1075805] - [net] ipv4: current group_info should be put after using (Jiri Benc) [1087412 1087414] {CVE-2014-2851} - [kernel] tracing: Reset ring buffer when changing trace_clocks (Marcelo Tosatti) [1093984 1018138] - [net] rds: dereference of a NULL device (Jacob Tanenbaum) [1079218 1079219] {CVE-2013-7339} - [s390] ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-6647 [oss-security] 20140514 Re: CVE request Linux kernel: forbid uaddr == uaddr2 in futex_wait_requeue_pi() to avoid null dereference http://www.openwall.com/lists/oss-security/2014/05/14/9 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6f7b0a2a5c0fb03be7c25bd1745baa50582348ef http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.1 https://bugzilla.redhat.com/show_bug.cgi?id=1097746 https://github.com/torvalds/linux/commit/6f7b0a2a5c0fb03be7c25bd1745baa50582348ef Common Vulnerability Exposure (CVE) ID: CVE-2013-7339 BugTraq ID: 66351 http://www.securityfocus.com/bid/66351 http://www.openwall.com/lists/oss-security/2014/03/20/14 http://secunia.com/advisories/59386 Common Vulnerability Exposure (CVE) ID: CVE-2014-2672 BugTraq ID: 66492 http://www.securityfocus.com/bid/66492 http://www.openwall.com/lists/oss-security/2014/03/30/5 http://secunia.com/advisories/57468 Common Vulnerability Exposure (CVE) ID: CVE-2014-2678 BugTraq ID: 66543 http://www.securityfocus.com/bid/66543 http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131276.html https://lkml.org/lkml/2014/3/29/188 http://www.openwall.com/lists/oss-security/2014/03/31/10 http://secunia.com/advisories/60130 http://secunia.com/advisories/60471 Common Vulnerability Exposure (CVE) ID: CVE-2014-2706 BugTraq ID: 66591 http://www.securityfocus.com/bid/66591 http://www.openwall.com/lists/oss-security/2014/04/01/8 http://www.securitytracker.com/id/1038201 http://secunia.com/advisories/60613 SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html Common Vulnerability Exposure (CVE) ID: CVE-2014-2851 BugTraq ID: 66779 http://www.securityfocus.com/bid/66779 Debian Security Information: DSA-2926 (Google Search) http://www.debian.org/security/2014/dsa-2926 https://lkml.org/lkml/2014/4/10/736 http://www.openwall.com/lists/oss-security/2014/04/11/4 http://www.securitytracker.com/id/1030769 http://secunia.com/advisories/59599 Common Vulnerability Exposure (CVE) ID: CVE-2014-3144 58990 http://secunia.com/advisories/58990 59311 http://secunia.com/advisories/59311 59597 http://secunia.com/advisories/59597 60613 67309 http://www.securityfocus.com/bid/67309 DSA-2949 http://www.debian.org/security/2014/dsa-2949 USN-2251-1 http://www.ubuntu.com/usn/USN-2251-1 USN-2252-1 http://www.ubuntu.com/usn/USN-2252-1 USN-2259-1 http://www.ubuntu.com/usn/USN-2259-1 USN-2261-1 http://www.ubuntu.com/usn/USN-2261-1 USN-2262-1 http://www.ubuntu.com/usn/USN-2262-1 USN-2263-1 http://www.ubuntu.com/usn/USN-2263-1 USN-2264-1 http://www.ubuntu.com/usn/USN-2264-1 [oss-security] 20140509 Re: CVE request Linux kernel: filter: prevent nla extensions to peek beyond the end of the message http://www.openwall.com/lists/oss-security/2014/05/09/6 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=05ab8f2647e4221cbdb3856dd7d32bd5407316b3 http://linux.oracle.com/errata/ELSA-2014-3052.html https://github.com/torvalds/linux/commit/05ab8f2647e4221cbdb3856dd7d32bd5407316b3 Common Vulnerability Exposure (CVE) ID: CVE-2014-3145 1038201 67321 http://www.securityfocus.com/bid/67321 https://source.android.com/security/bulletin/2017-04-01 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |