Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2013-1790)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.123506

Kategorie: Oracle Linux Local Security Checks

Titel: Oracle: Security Advisory (ELSA-2013-1790)

Zusammenfassung: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-371.3.1.el5, oracleasm-2.6.18-371.3.1.el5' package(s) announced via the ELSA-2013-1790 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'kernel, ocfs2-2.6.18-371.3.1.el5, oracleasm-2.6.18-371.3.1.el5' package(s) announced via the ELSA-2013-1790 advisory.

Vulnerability Insight:
kernel
[2.6.18-371.3.1]
- [net] be2net: don't use GRO for packets w/ re-inserted VLAN tags (Ivan Vecera) [1023348 1008691]
- [net] tg3: call pci_enable_wake() to set power state (John Feeney) [1014973 996331]
- [misc] backport fixes for percpu-rw-semaphore (Mikulas Patocka) [1014715 867997]
- [xen] information leak via I/O instruction emulation (Igor Mammedov) [1009602 1009603] {CVE-2013-4355}

[2.6.18-371.2.1]
- [scsi] mpt2sas: bump version (Tomas Henzl) [1018458 956330]
- [scsi] mpt2sas: fix the incorrect scsi_dma_map error checking (Tomas Henzl) [1018458 956330]
- [xen] x86: check segment descriptor read result in 64-bit OUTS emulation (Radim Krcmar) [1012958 1012959] {CVE-2013-4368}
- [md] dm snapshot: fix data corruption (Mikulas Patocka) [1004734 975353] {CVE-2013-4299}

Affected Software/OS:
'kernel, ocfs2-2.6.18-371.3.1.el5, oracleasm-2.6.18-371.3.1.el5' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
1.5

CVSS Vector:
AV:L/AC:M/Au:S/C:P/I:N/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-4355
DSA-3006
http://www.debian.org/security/2014/dsa-3006
GLSA-201407-03
http://security.gentoo.org/glsa/glsa-201407-03.xml
RHSA-2013:1790
http://rhn.redhat.com/errata/RHSA-2013-1790.html
SUSE-SU-2014:0411
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html
SUSE-SU-2014:0446
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html
SUSE-SU-2014:0470
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html
[oss-security] 20130930 Xen Security Advisory 63 (CVE-2013-4355) - Information leaks through I/O instruction emulation
http://www.openwall.com/lists/oss-security/2013/09/30/1
openSUSE-SU-2013:1636
http://lists.opensuse.org/opensuse-updates/2013-11/msg00009.html

Copyright Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.123506
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2013-1790)
Zusammenfassung:	The remote host is missing an update for the 'kernel, ocfs2-2.6.18-371.3.1.el5, oracleasm-2.6.18-371.3.1.el5' package(s) announced via the ELSA-2013-1790 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-371.3.1.el5, oracleasm-2.6.18-371.3.1.el5' package(s) announced via the ELSA-2013-1790 advisory. Vulnerability Insight: kernel [2.6.18-371.3.1] - [net] be2net: don't use GRO for packets w/ re-inserted VLAN tags (Ivan Vecera) [1023348 1008691] - [net] tg3: call pci_enable_wake() to set power state (John Feeney) [1014973 996331] - [misc] backport fixes for percpu-rw-semaphore (Mikulas Patocka) [1014715 867997] - [xen] information leak via I/O instruction emulation (Igor Mammedov) [1009602 1009603] {CVE-2013-4355} [2.6.18-371.2.1] - [scsi] mpt2sas: bump version (Tomas Henzl) [1018458 956330] - [scsi] mpt2sas: fix the incorrect scsi_dma_map error checking (Tomas Henzl) [1018458 956330] - [xen] x86: check segment descriptor read result in 64-bit OUTS emulation (Radim Krcmar) [1012958 1012959] {CVE-2013-4368} - [md] dm snapshot: fix data corruption (Mikulas Patocka) [1004734 975353] {CVE-2013-4299} Affected Software/OS: 'kernel, ocfs2-2.6.18-371.3.1.el5, oracleasm-2.6.18-371.3.1.el5' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 1.5 CVSS Vector: AV:L/AC:M/Au:S/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4355 DSA-3006 http://www.debian.org/security/2014/dsa-3006 GLSA-201407-03 http://security.gentoo.org/glsa/glsa-201407-03.xml RHSA-2013:1790 http://rhn.redhat.com/errata/RHSA-2013-1790.html SUSE-SU-2014:0411 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html SUSE-SU-2014:0446 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html SUSE-SU-2014:0470 http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html [oss-security] 20130930 Xen Security Advisory 63 (CVE-2013-4355) - Information leaks through I/O instruction emulation http://www.openwall.com/lists/oss-security/2013/09/30/1 openSUSE-SU-2013:1636 http://lists.opensuse.org/opensuse-updates/2013-11/msg00009.html
Copyright	Copyright (C) 2015 Greenbone AG