ID de Prueba:	1.3.6.1.4.1.25623.1.0.122018
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2011-2038)
Resumen:	The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-300.4.1.el6uek, ofa-2.6.32-300.4.1.el5uek, ofa-2.6.32-300.4.1.el6uek' package(s) announced via the ELSA-2011-2038 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-300.4.1.el6uek, ofa-2.6.32-300.4.1.el5uek, ofa-2.6.32-300.4.1.el6uek' package(s) announced via the ELSA-2011-2038 advisory. Vulnerability Insight: kernel-uek [2.6.32-300.4.1.el6uek] - [pci] intel-iommu: Default to non-coherent for domains unattached to iommus (Joe Jin) - [dm] do not forward ioctls from logical volumes to the underlying device (Joe Jin) {CVE-2011-4127} - [block] fail SCSI passthrough ioctls on partition devices (Joe Jin) {CVE-2011-4127} - [block] add and use scsi_blk_cmd_ioctl (Joe Jin) {CVE-2011-4127} - [net] gro: reset vlan_tci on reuse (Dan Carpenter) {CVE-2011-1576} - [net] rose: Add length checks to CALL_REQUEST parsing (Ben Hutchings) {CVE-2011-1493} - [net] rose_loopback_timer sets VC number <= ROSE_DEFAULT_MAXVC (Bernard Pidoux F6BVP) {CVE-2011-1493} Affected Software/OS: 'kernel-uek, mlnx_en-2.6.32-300.4.1.el6uek, ofa-2.6.32-300.4.1.el5uek, ofa-2.6.32-300.4.1.el6uek' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1493 SUSE-SU-2015:0812 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html [oss-security] 20110405 Re: CVE request: kernel: multiple issues in ROSE http://www.openwall.com/lists/oss-security/2011/04/05/19 http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=be20250c13f88375345ad99950190685eda51eb8 https://bugzilla.redhat.com/show_bug.cgi?id=770777 https://github.com/torvalds/linux/commit/be20250c13f88375345ad99950190685eda51eb8 Common Vulnerability Exposure (CVE) ID: CVE-2011-1576 1025853 http://www.securitytracker.com/id?1025853 48907 http://www.securityfocus.com/bid/48907 RHSA-2011:0927 http://rhn.redhat.com/errata/RHSA-2011-0927.html RHSA-2011:1090 http://www.redhat.com/support/errata/RHSA-2011-1090.html RHSA-2011:1106 http://www.redhat.com/support/errata/RHSA-2011-1106.html https://bugzilla.redhat.com/show_bug.cgi?id=695173 Common Vulnerability Exposure (CVE) ID: CVE-2011-4127 48898 http://secunia.com/advisories/48898 SUSE-SU-2012:0554 http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html [oss-security] 20111222 CVE-2011-4127 kernel: possible privilege escalation via SG_IO ioctl http://www.openwall.com/lists/oss-security/2011/12/22/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0bfc96cb77224736dfa35c3c555d37b3646ef35e http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec8013beddd717d1740cfefb1a9b900deef85462 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.2 https://bugzilla.redhat.com/show_bug.cgi?id=752375 https://github.com/torvalds/linux/commit/0bfc96cb77224736dfa35c3c555d37b3646ef35e https://github.com/torvalds/linux/commit/ec8013beddd717d1740cfefb1a9b900deef85462
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.