| Beschreibung: | Summary:
The remote host is missing an update for the 'kernel, ocfs2-2.6.18-308.24.1.el5, oracleasm-2.6.18-308.24.1.el5' package(s) announced via the ELSA-2012-1540 advisory.
Vulnerability Insight:
kernel
[2.6.18-308.24.1.el5]
- Revert: [scsi] sg: fix races during device removal (Ewan Milne) [868950 861004]
[2.6.18-308.23.1.el5]
- [net] bnx2x: Add remote-fault link detection (Alexander Gordeev) [870120 796905]
- [net] bnx2x: Cosmetic changes (Alexander Gordeev) [870120 796905]
- [net] rds-ping cause kernel panic (Alexander Gordeev) [822755 822756] {CVE-2012-2372}
- [xen] add guest address range checks to XENMEM_exchange handlers (Igor Mammedov) [878033 878034] {CVE-2012-5513}
- [xen] x86/physmap: Prevent incorrect updates of m2p mappings (Igor Mammedov) [870148 870149] {CVE-2012-4537}
- [xen] VCPU/timer: Dos vulnerability prev overflow in calculations (Igor Mammedov) [870150 870151] {CVE-2012-4535}
- [scsi] sg: fix races during device removal (Ewan Milne) [868950 861004]
[2.6.18-308.22.1.el5]
- [net] bonding: fix link down handling in 802.3ad mode (Andy Gospodarek) [877943 782866]
[2.6.18-308.21.1.el5]
- [fs] ext4: race-cond protect for convert_unwritten_extents_endio (Lukas Czerner) [869910 869911] {CVE-2012-4508}
- [fs] ext4: serialize fallocate w/ ext4_convert_unwritten_extents (Lukas Czerner) [869910 869911] {CVE-2012-4508}
- [fs] ext4: flush the i_completed_io_list during ext4_truncate (Lukas Czerner) [869910 869911] {CVE-2012-4508}
- [net] WARN if struct ip_options was allocated directly by kmalloc (Jiri Pirko) [874973 872612]
- [net] ipv4: add RCU protection to inet->opt (Jiri Pirko) [872113 855302] {CVE-2012-3552}
- [scsi] qla2xx: Don't toggle inter bits after IRQ lines attached (Chad Dupuis) [870118 800708]
Affected Software/OS:
'kernel, ocfs2-2.6.18-308.24.1.el5, oracleasm-2.6.18-308.24.1.el5' package(s) on Oracle Linux 5.
Solution:
Please install the updated package(s).
CVSS Score:
7.1
CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C
|
