English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 146377 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.123467
Kategorie:Oracle Linux Local Security Checks
Titel:Oracle: Security Advisory (ELSA-2014-0163)
Zusammenfassung:The remote host is missing an update for the 'kvm' package(s) announced via the ELSA-2014-0163 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'kvm' package(s) announced via the ELSA-2014-0163 advisory.

Vulnerability Insight:
[kvm-83-266.0.1.el5_10.1]
- Added kvm-add-oracle-workaround-for-libvirt-bug.patch
- Added kvm-Introduce-oel-machine-type.patch

[kvm-83-266_10.1.el5]
- KVM: x86: prevent cross page vapic_addr access (CVE-2013-6368) [bz#1032219]
- KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367) [bz#1032216]
- Resolves: bz#1032219
(CVE-2013-6368 kvm: cross page vapic_addr access [rhel-5.10])
- Resolves: bz#1032216
CVE-2013-6367 kvm: division by zero in apic_get_tmcct() [rhel-5.10.z]

[kvm-83-266.el5]
- Updated kversion to 2.6.18-348.4.1.el5
- kvm-fix-l1_map-buffer-overflow.patch [bz#956511]
- Resolves: bz#956511
(qemu-kvm segfault in tb_invalidate_phys_page_range())

[kvm-83-265.el5]
- kvm-kernel-kvm-accept-unaligned-MSR_KVM_SYSTEM_TIME-writes.patch [bz#924597]
- Resolves: bz#924597
(RHEL.5.8.32 guest hang when installing)

[kvm-83-264.el5]
- kvm-kernel-KVM-Fix-for-buffer-overflow-in-handling-of-MSR_KVM_S.patch [bz#917019]
- kvm-kernel-KVM-Convert-MSR_KVM_SYSTEM_TIME-to-use-kvm_write_gue.patch [bz#917023]
- kvm-kernel-KVM-Fix-bounds-checking-in-ioapic-indirect-register-.patch [bz#917029]
- kvm-kernel-do-not-GP-on-unaligned-MSR_KVM_SYSTEM_TIME-write.patch [bz#bz917019]
- Resolves: bz#917019
(CVE-2013-1796 kernel: kvm: buffer overflow in handling of MSR_KVM_SYSTEM_TIME [rhel-5.10])
- Resolves: bz#917023
(CVE-2013-1797 kernel: kvm: after free issue with the handling of MSR_KVM_SYSTEM_TIME [rhel-5.10])
- Resolves: bz#917029
(CVE-2013-1798 kernel: kvm: out-of-bounds access in ioapic indirect register reads [rhel-5.10])

[kvm-83-263.el5]
- kvm-e1000-Discard-packets-that-are-too-long-if-SBP-and-L.patch [bz#910840]
- kvm-e1000-Discard-oversized-packets-based-on-SBP-LPE.patch [bz#910840]
- Resolves: bz#910840
(CVE-2012-6075 qemu (e1000 device driver): Buffer overflow when processing large packets when SBP and LPE flags are disabled [rhel-5.10])

Affected Software/OS:
'kvm' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
6.2

CVSS Vector:
AV:L/AC:H/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-6367
64270
http://www.securityfocus.com/bid/64270
RHSA-2013:1801
http://rhn.redhat.com/errata/RHSA-2013-1801.html
RHSA-2014:0163
http://rhn.redhat.com/errata/RHSA-2014-0163.html
RHSA-2014:0284
http://rhn.redhat.com/errata/RHSA-2014-0284.html
USN-2109-1
http://www.ubuntu.com/usn/USN-2109-1
USN-2110-1
http://www.ubuntu.com/usn/USN-2110-1
USN-2113-1
http://www.ubuntu.com/usn/USN-2113-1
USN-2117-1
http://www.ubuntu.com/usn/USN-2117-1
USN-2128-1
http://www.ubuntu.com/usn/USN-2128-1
USN-2129-1
http://www.ubuntu.com/usn/USN-2129-1
USN-2135-1
http://www.ubuntu.com/usn/USN-2135-1
USN-2136-1
http://www.ubuntu.com/usn/USN-2136-1
USN-2138-1
http://www.ubuntu.com/usn/USN-2138-1
USN-2139-1
http://www.ubuntu.com/usn/USN-2139-1
USN-2141-1
http://www.ubuntu.com/usn/USN-2141-1
[oss-security] 20131212 Re: [vs-plain] kvm issues
http://www.openwall.com/lists/oss-security/2013/12/12/12
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b963a22e6d1a266a67e9eecc88134713fd54775c
https://bugzilla.redhat.com/show_bug.cgi?id=1032207
https://github.com/torvalds/linux/commit/b963a22e6d1a266a67e9eecc88134713fd54775c
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.54
openSUSE-SU-2014:0204
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html
openSUSE-SU-2014:0205
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.html
openSUSE-SU-2014:0247
http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-6368
64291
http://www.securityfocus.com/bid/64291
USN-2133-1
http://www.ubuntu.com/usn/USN-2133-1
USN-2134-1
http://www.ubuntu.com/usn/USN-2134-1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fda4e2e85589191b123d31cdc21fd33ee70f50fd
https://bugzilla.redhat.com/show_bug.cgi?id=1032210
https://github.com/torvalds/linux/commit/fda4e2e85589191b123d31cdc21fd33ee70f50fd
CopyrightCopyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.