ID de Prueba:	1.3.6.1.4.1.25623.1.0.122422
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2009-1548)
Resumen:	The remote host is missing an update for the 'kernel, ocfs2-2.6.18-164.6.1.0.1.el5, oracleasm-2.6.18-164.6.1.0.1.el5' package(s) announced via the ELSA-2009-1548 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-164.6.1.0.1.el5, oracleasm-2.6.18-164.6.1.0.1.el5' package(s) announced via the ELSA-2009-1548 advisory. Vulnerability Insight: [2.6.18-164.6.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb ( John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258] - [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] [2.6.18-164.6.1.el5] - [fs] fix pipe null pointer dereference (Jeff Moyer) [530938 530939] {CVE-2009-3547} - [security] require root for mmap_min_addr (Eric Paris ) [518142 518143] {CVE-2009-2695} - [net] lvs: adjust sync protocol handling for ipvsadm -2 (Neil Horman ) [528645 524129] - [xen] allow booting with broken serial hardware (Chris Lalancette ) [524153 518338] [2.6.18-164.5.1.el5] - [fs] eCryptfs: prevent lower dentry from going negative (Eric Sandeen ) [527834 527835] {CVE-2009-2908} - [nfs] v4: reclaimer thread stuck in an infinite loop (Sachin S. Prabhu ) [529162 526888] - [net] r8169: avoid losing MSI interrupts (Ivan Vecera ) [529366 514589] - [scsi] st.c: memory use after free after MTSETBLK ioctl (David Jeffery ) [528133 520192] - [net] r8169: balance pci_map/unmap pair, use hw padding (Ivan Vecera ) [529143 515857] {CVE-2009-3613} [2.6.18-164.4.1.el5] - [net] bonding: set primary param via sysfs (Jiri Pirko ) [517971 499884] - [scsi] fusion: re-enable mpt_msi_enable option (Tomas Henzl ) [526963 520820] - [net] ipt_recent: sanity check hit count (Amerigo Wang ) [527434 523982] - [net] ipv4: ip_append_data handle NULL routing table (Jiri Pirko ) [527436 520297] - [nfs] fix cache invalidation problems in nfs_readdir (Jeff Layton ) [526960 511170] - [net] tc: fix uninitialized kernel memory leak (Jiri Pirko ) [520994 520863] [2.6.18-164.3.1.el5] - [nfs] knfsd: fix NFSv4 O_EXCL creates (Jeff Layton ) [522163 524521] {CVE-2009-3286} Affected Software/OS: 'kernel, ocfs2-2.6.18-164.6.1.0.1.el5, oracleasm-2.6.18-164.6.1.0.1.el5' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2695 BugTraq ID: 36051 http://www.securityfocus.com/bid/36051 Debian Security Information: DSA-2005 (Google Search) http://www.debian.org/security/2010/dsa-2005 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html http://twitter.com/spendergrsec/statuses/3303390960 http://www.openwall.com/lists/oss-security/2009/08/17/4 http://lists.vmware.com/pipermail/security-announce/2010/000082.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7144 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9882 RedHat Security Advisories: RHSA-2009:1540 https://rhn.redhat.com/errata/RHSA-2009-1540.html RedHat Security Advisories: RHSA-2009:1548 https://rhn.redhat.com/errata/RHSA-2009-1548.html http://www.redhat.com/support/errata/RHSA-2009-1672.html http://secunia.com/advisories/36501 http://secunia.com/advisories/37105 http://secunia.com/advisories/38794 http://secunia.com/advisories/38834 http://www.ubuntu.com/usn/USN-852-1 http://www.vupen.com/english/advisories/2010/0528 Common Vulnerability Exposure (CVE) ID: CVE-2009-2908 36639 http://www.securityfocus.com/bid/36639 37075 http://secunia.com/advisories/37075 37105 38794 38834 ADV-2010-0528 FEDORA-2009-10525 https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00483.html RHSA-2009:1548 USN-852-1 [oss-security] 20091006 Kernel ecryptfs CVE id (CVE-2009-2908) http://www.openwall.com/lists/oss-security/2009/10/06/1 [security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.31.y.git%3Ba=commit%3Bh=afc2b6932f48f200736d3e36ad66fee0ec733136 https://bugs.launchpad.net/ecryptfs/+bug/387073 https://bugzilla.redhat.com/show_bug.cgi?id=527534 kernel-ecryptfs-dos(53693) https://exchange.xforce.ibmcloud.com/vulnerabilities/53693 oval:org.mitre.oval:def:10216 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10216 oval:org.mitre.oval:def:6992 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6992 Common Vulnerability Exposure (CVE) ID: CVE-2009-3228 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 http://www.openwall.com/lists/oss-security/2009/09/03/1 http://www.openwall.com/lists/oss-security/2009/09/05/2 http://www.openwall.com/lists/oss-security/2009/09/06/2 http://www.openwall.com/lists/oss-security/2009/09/07/2 http://www.openwall.com/lists/oss-security/2009/09/17/1 http://www.openwall.com/lists/oss-security/2009/09/17/9 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6757 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9409 http://www.redhat.com/support/errata/RHSA-2009-1522.html http://www.securitytracker.com/id?1023073 http://secunia.com/advisories/37084 http://www.ubuntu.com/usn/usn-864-1 Common Vulnerability Exposure (CVE) ID: CVE-2009-3286 http://www.openwall.com/lists/oss-security/2009/09/21/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7527 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9757 SuSE Security Announcement: SUSE-SA:2010:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2009-3547 20100625 VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel http://www.securityfocus.com/archive/1/512019/100/0/threaded 36901 http://www.securityfocus.com/bid/36901 37351 http://secunia.com/advisories/37351 38017 http://secunia.com/advisories/38017 FEDORA-2009-11038 https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html MDVSA-2009:329 http://www.mandriva.com/security/advisories?name=MDVSA-2009:329 RHSA-2009:1540 RHSA-2009:1541 https://rhn.redhat.com/errata/RHSA-2009-1541.html RHSA-2009:1550 https://rhn.redhat.com/errata/RHSA-2009-1550.html RHSA-2009:1672 SUSE-SA:2009:054 http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html SUSE-SA:2009:056 http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html SUSE-SA:2010:001 http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html SUSE-SA:2010:012 USN-864-1 [linux-kernel] 20091014 fs/pipe.c null pointer dereference http://lkml.org/lkml/2009/10/14/184 [linux-kernel] 20091021 Re: [PATCH v4 1/1]: fs: pipe.c null pointer dereference + really sign off + unmangled diffs http://lkml.org/lkml/2009/10/21/42 [oss-security] 20091103 CVE-2009-3547 kernel: fs: pipe.c null pointer dereference http://marc.info/?l=oss-security&m=125724568017045&w=2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad3960243e55320d74195fb85c975e0a8cc4466c http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc6 https://bugzilla.redhat.com/show_bug.cgi?id=530490 oval:org.mitre.oval:def:11513 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11513 oval:org.mitre.oval:def:7608 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7608 oval:org.mitre.oval:def:9327 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9327 Common Vulnerability Exposure (CVE) ID: CVE-2009-3613 36706 http://www.securityfocus.com/bid/36706 37909 http://secunia.com/advisories/37909 RHSA-2009:1671 http://www.redhat.com/support/errata/RHSA-2009-1671.html SUSE-SA:2009:064 http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html [oss-security] 20091015 Re: CVE request kernel: flood ping cause http://marc.info/?l=oss-security&m=125561712529352&w=2 http://bugzilla.kernel.org/show_bug.cgi?id=9468 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=97d477a914b146e7e6722ded21afa79886ae8ccd http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a866bbf6aacf95f849810079442a20be118ce905 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.22 https://bugzilla.redhat.com/show_bug.cgi?id=529137 oval:org.mitre.oval:def:10209 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10209 oval:org.mitre.oval:def:7377 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7377
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.