Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2010-0704)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122317

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2010-0704)

Resumen: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-194.11.4.0.1.el5, oracleasm-2.6.18-194.11.4.0.1.el5' package(s) announced via the ELSA-2010-0704 advisory.

Descripción: Summary:
The remote host is missing an update for the 'kernel, ocfs2-2.6.18-194.11.4.0.1.el5, oracleasm-2.6.18-194.11.4.0.1.el5' package(s) announced via the ELSA-2010-0704 advisory.

Vulnerability Insight:
[2.6.18-194.11.4.0.1.el5]
- [xen] check to see if hypervisor supports memory reservation change
(Chuck Anderson) [orabug 7556514]
- Add entropy support to igb (John Sobecki) [orabug 7607479]
- [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332]
- [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043]
[bz 7258]
- [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839]
- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]
- [nfsd] fix failure of file creation from hpux client (Wen gang Wang)
[orabug 7579314]
- [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702]
- [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524]
- [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105]
RDS: Fix BUG_ONs to not fire when in a tasklet
ipoib: Fix lockup of the tx queue
RDS: Do not call set_page_dirty() with irqs off (Sherman Pun)
RDS: Properly unmap when getting a remote access error (Tina Yang)
RDS: Fix locking in rds_send_drop_to()
- [mm] Enhance shrink_zone patch allow full swap utilization, and also be
NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh)
[orabug 9245919]
- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)
[orabug 9107465]
- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)
[orabug 9764220]
- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]
- fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro,
Guru Anbalagane) [orabug 6124033]
- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]

[2.6.18-194.11.4.el5]
- [misc] make compat_alloc_user_space() incorporate the access_ok() (Don Howard) [634463 634464] {CVE-2010-3081}

Affected Software/OS:
'kernel, ocfs2-2.6.18-194.11.4.0.1.el5, oracleasm-2.6.18-194.11.4.0.1.el5' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-3081
20100916 Ac1db1tch3z vs x86_64 Linux Kernel
http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0273.html
20100916 Workaround for Ac1db1tch3z exploit.
http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0278.html
20101130 VMSA-2010-0017 VMware ESX third party update for Service Console kerne
http://www.securityfocus.com/archive/1/514938/30/30/threaded
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
http://www.securityfocus.com/archive/1/516397/100/0/threaded
42384
http://secunia.com/advisories/42384
43315
http://secunia.com/advisories/43315
ADV-2010-3083
http://www.vupen.com/english/advisories/2010/3083
ADV-2010-3117
http://www.vupen.com/english/advisories/2010/3117
ADV-2011-0298
http://www.vupen.com/english/advisories/2011/0298
MDVSA-2010:198
http://www.mandriva.com/security/advisories?name=MDVSA-2010:198
MDVSA-2010:214
http://www.mandriva.com/security/advisories?name=MDVSA-2010:214
MDVSA-2010:247
http://www.mandriva.com/security/advisories?name=MDVSA-2010:247
RHSA-2010:0758
http://www.redhat.com/support/errata/RHSA-2010-0758.html
RHSA-2010:0842
http://www.redhat.com/support/errata/RHSA-2010-0842.html
RHSA-2010:0882
http://www.redhat.com/support/errata/RHSA-2010-0882.html
SUSE-SA:2010:050
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html
SUSE-SA:2011:007
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
SUSE-SR:2010:017
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
[oss-security] 20100916 CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow
http://marc.info/?l=oss-security&m=128461522230211&w=2
http://blog.ksplice.com/2010/09/cve-2010-3081/
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c41d68a513c71e35a14f66d71782d27a79a81ea6
http://isc.sans.edu/diary.html?storyid=9574
http://sota.gen.nz/compat1/
http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.36-rc4-git2.log
http://www.vmware.com/security/advisories/VMSA-2010-0017.html
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
https://access.redhat.com/kb/docs/DOC-40265
https://bugzilla.redhat.com/show_bug.cgi?id=634457

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122317
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2010-0704)
Resumen:	The remote host is missing an update for the 'kernel, ocfs2-2.6.18-194.11.4.0.1.el5, oracleasm-2.6.18-194.11.4.0.1.el5' package(s) announced via the ELSA-2010-0704 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-194.11.4.0.1.el5, oracleasm-2.6.18-194.11.4.0.1.el5' package(s) announced via the ELSA-2010-0704 advisory. Vulnerability Insight: [2.6.18-194.11.4.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] [2.6.18-194.11.4.el5] - [misc] make compat_alloc_user_space() incorporate the access_ok() (Don Howard) [634463 634464] {CVE-2010-3081} Affected Software/OS: 'kernel, ocfs2-2.6.18-194.11.4.0.1.el5, oracleasm-2.6.18-194.11.4.0.1.el5' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3081 20100916 Ac1db1tch3z vs x86_64 Linux Kernel http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0273.html 20100916 Workaround for Ac1db1tch3z exploit. http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0278.html 20101130 VMSA-2010-0017 VMware ESX third party update for Service Console kerne http://www.securityfocus.com/archive/1/514938/30/30/threaded 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX http://www.securityfocus.com/archive/1/516397/100/0/threaded 42384 http://secunia.com/advisories/42384 43315 http://secunia.com/advisories/43315 ADV-2010-3083 http://www.vupen.com/english/advisories/2010/3083 ADV-2010-3117 http://www.vupen.com/english/advisories/2010/3117 ADV-2011-0298 http://www.vupen.com/english/advisories/2011/0298 MDVSA-2010:198 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 MDVSA-2010:214 http://www.mandriva.com/security/advisories?name=MDVSA-2010:214 MDVSA-2010:247 http://www.mandriva.com/security/advisories?name=MDVSA-2010:247 RHSA-2010:0758 http://www.redhat.com/support/errata/RHSA-2010-0758.html RHSA-2010:0842 http://www.redhat.com/support/errata/RHSA-2010-0842.html RHSA-2010:0882 http://www.redhat.com/support/errata/RHSA-2010-0882.html SUSE-SA:2010:050 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html SUSE-SA:2011:007 http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html SUSE-SR:2010:017 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html [oss-security] 20100916 CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow http://marc.info/?l=oss-security&m=128461522230211&w=2 http://blog.ksplice.com/2010/09/cve-2010-3081/ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c41d68a513c71e35a14f66d71782d27a79a81ea6 http://isc.sans.edu/diary.html?storyid=9574 http://sota.gen.nz/compat1/ http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.36-rc4-git2.log http://www.vmware.com/security/advisories/VMSA-2010-0017.html http://www.vmware.com/security/advisories/VMSA-2011-0003.html https://access.redhat.com/kb/docs/DOC-40265 https://bugzilla.redhat.com/show_bug.cgi?id=634457
Copyright	Copyright (C) 2015 Greenbone AG