English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 146377 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.123440
Kategorie:Oracle Linux Local Security Checks
Titel:Oracle: Security Advisory (ELSA-2014-0328)
Zusammenfassung:The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-0328 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-0328 advisory.

Vulnerability Insight:
[2.6.32-431.11.2]
- [net] sctp: fix sctp_sf_do_5_1D_ce to verify if peer is AUTH capable (Daniel Borkmann) [1070715 1067451] {CVE-2014-0101}
- [vhost] validate vhost_get_vq_desc return value (Michael S. Tsirkin) [1062579 1058677] {CVE-2014-0055}

[2.6.32-431.11.1]
- [net] netpoll: take rcu_read_lock_bh() in netpoll_send_skb_on_dev() (Florian Westphal) [1063271 1049052]
- [fs] cifs: sanity check length of data to send before sending (Sachin Prabhu) [1065668 1062590] {CVE-2014-0069}
- [fs] cifs: ensure that uncached writes handle unmapped areas correctly (Sachin Prabhu) [1065668 1062590] {CVE-2014-0069}
- [infiniband] ipoib: Report operstate consistently when brought up without a link (Michal Schmidt) [1064464 995300]
- [security] selinux: fix broken peer recv check (Paul Moore) [1059991 1043051]
- [fs] GFS2: Fix slab memory leak in gfs2_bufdata (Robert S Peterson) [1064913 1024024]
- [fs] GFS2: Fix use-after-free race when calling gfs2_remove_from_ail (Robert S Peterson) [1064913 1024024]
- [fs] nfs: always make sure page is up-to-date before extending a write to cover the entire page (Scott Mayhew) [1066942 1054493]
- [fs] xfs: ensure we capture IO errors correctly (Lachlan McIlroy) [1058418 1021325]
- [mm] get rid of unnecessary pageblock scanning in setup_zone_migrate_reserve (Motohiro Kosaki) [1062113 1043353]
- [security] selinux: process labeled IPsec TCP SYN-ACK packets properly in selinux_ip_postroute() (Paul Moore) [1055364 1024631]
- [security] selinux: look for IPsec labels on both inbound and outbound packets (Paul Moore) [1055364 1024631]
- [security] selinux: handle TCP SYN-ACK packets correctly in selinux_ip_postroute() (Paul Moore) [1055364 1024631]
- [security] selinux: handle TCP SYN-ACK packets correctly in selinux_ip_output() (Paul Moore) [1055364 1024631]
- [edac] e752x_edac: Fix pci_dev usage count (Aristeu Rozanski) [1058420 1029530]
- [s390] mm: handle asce-type exceptions as normal page fault (Hendrik Brueckner) [1057164 1034268]
- [s390] mm: correct tlb flush on page table upgrade (Hendrik Brueckner) [1057165 1034269]
- [net] fix memory information leaks in recv protocol handlers (Florian Westphal) [1039868 1039869]
- [usb] cdc-wdm: fix buffer overflow (Alexander Gordeev) [922000 922001] {CVE-2013-1860}
- [usb] cdc-wdm: Fix race between autosuspend and reading from the device (Alexander Gordeev) [922000 922001] {CVE-2013-1860}

[2.6.32-431.10.1]
- [fs] xfs: xfs_remove deadlocks due to inverted AGF vs AGI lock ordering (Brian Foster) [1067775 1059334]
- [x86] apic: Map the local apic when parsing the MP table (Prarit Bhargava) [1063507 1061873]

[2.6.32-431.9.1]
- [netdrv] bonding: add NETIF_F_NO_CSUM vlan_features (Ivan Vecera) [1063199 1059777]

[2.6.32-431.8.1]
- [netdrv] enic: remove enic->vlan_group check (Stefan Assmann) [1064115 1057704]

[2.6.32-431.7.1]
- [char] n_tty: Fix unsafe update of available buffer space (Jiri Benc) [1060491 ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'kernel' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-1860
58510
http://www.securityfocus.com/bid/58510
MDVSA-2013:176
http://www.mandriva.com/security/advisories?name=MDVSA-2013:176
RHSA-2014:0328
http://rhn.redhat.com/errata/RHSA-2014-0328.html
RHSA-2014:0339
http://rhn.redhat.com/errata/RHSA-2014-0339.html
USN-1809-1
http://www.ubuntu.com/usn/USN-1809-1
USN-1811-1
http://www.ubuntu.com/usn/USN-1811-1
USN-1812-1
http://www.ubuntu.com/usn/USN-1812-1
USN-1813-1
http://www.ubuntu.com/usn/USN-1813-1
USN-1814-1
http://www.ubuntu.com/usn/USN-1814-1
USN-1829-1
http://www.ubuntu.com/usn/USN-1829-1
[oss-security] 20130314 Re: CVE Request/Guidance: Linux kernel cdc-wdm buffer overflow triggered by device
http://www.openwall.com/lists/oss-security/2013/03/15/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c0f5ecee4e741667b2493c742b60b6218d40b3aa
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.4
https://bugzilla.redhat.com/show_bug.cgi?id=921970
https://github.com/torvalds/linux/commit/c0f5ecee4e741667b2493c742b60b6218d40b3aa
Common Vulnerability Exposure (CVE) ID: CVE-2014-0055
59386
http://secunia.com/advisories/59386
66441
http://www.securityfocus.com/bid/66441
https://bugzilla.redhat.com/show_bug.cgi?id=1062577
Common Vulnerability Exposure (CVE) ID: CVE-2014-0069
65588
http://www.securityfocus.com/bid/65588
SUSE-SU-2014:0459
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html
[linux-cifs] 20140214 [PATCH] cifs: ensure that uncached writes handle unmapped areas correctly
http://article.gmane.org/gmane.linux.kernel.cifs/9401
[oss-security] 20140217 CVE-2014-0069 -- kernel: cifs: incorrect handling of bogus user pointers during uncached writes
http://www.openwall.com/lists/oss-security/2014/02/17/4
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5d81de8e8667da7135d3a32a964087c0faf5483f
https://bugzilla.redhat.com/show_bug.cgi?id=1064253
https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483f
Common Vulnerability Exposure (CVE) ID: CVE-2014-0101
59216
http://secunia.com/advisories/59216
65943
http://www.securityfocus.com/bid/65943
RHSA-2014:0419
http://rhn.redhat.com/errata/RHSA-2014-0419.html
RHSA-2014:0432
http://rhn.redhat.com/errata/RHSA-2014-0432.html
USN-2173-1
http://www.ubuntu.com/usn/USN-2173-1
USN-2174-1
http://www.ubuntu.com/usn/USN-2174-1
[oss-security] 20140304 CVE-2014-0101 -- Linux kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk
http://www.openwall.com/lists/oss-security/2014/03/04/6
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html
https://bugzilla.redhat.com/show_bug.cgi?id=1070705
https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729
CopyrightCopyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.