Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2008-0129)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122611

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2008-0129)

Resumen: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-53.1.13.0.1.el5, oracleasm-2.6.18-53.1.13.0.1.el5' package(s) announced via the ELSA-2008-0129 advisory.

Descripción: Summary:
The remote host is missing an update for the 'kernel, ocfs2-2.6.18-53.1.13.0.1.el5, oracleasm-2.6.18-53.1.13.0.1.el5' package(s) announced via the ELSA-2008-0129 advisory.

Vulnerability Insight:
[2.6.18-53.1.13.0.1.el5]

- [NET] Add entropy support to e1000 and bnx2 (John Sobecki) [orabug
6045759]
- [NET] Fix msi issue with kexec/kdump (Michael Chan) [orabug 6219364]
- [MM] Fix alloc_pages_node() static `nid\' race made kernel crash (Joe
Jin) [orabug 6187457]
- [splice] Fix bad unlock_page() in error case (Jens Axboe) [orabug
6263574]
- [dio] fix error-path crashes (Linus Torvalds) [orabug 6242289]
- [MM] Fix leak in hugepages, regression for shared pagetables patch
(Adam Litke) [orabug 6732368]

[2.6.18-53.1.13]
- revert to 2.6.18-53.1.6.el5
- [x86_64] kernel vmsplice_to_pipe flaw (Alexander Viro ) [432252]
{CVE-2008-0600}

Affected Software/OS:
'kernel, ocfs2-2.6.18-53.1.13.0.1.el5, oracleasm-2.6.18-53.1.13.0.1.el5' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-0600
1019393
http://securitytracker.com/id?1019393
20080212 rPSA-2008-0052-1 kernel
http://www.securityfocus.com/archive/1/488009/100/0/threaded
27704
http://www.securityfocus.com/bid/27704
27801
http://www.securityfocus.com/bid/27801
28835
http://secunia.com/advisories/28835
28858
http://secunia.com/advisories/28858
28875
http://secunia.com/advisories/28875
28889
http://secunia.com/advisories/28889
28896
http://secunia.com/advisories/28896
28912
http://secunia.com/advisories/28912
28925
http://secunia.com/advisories/28925
28933
http://secunia.com/advisories/28933
28937
http://secunia.com/advisories/28937
29245
http://secunia.com/advisories/29245
30818
http://secunia.com/advisories/30818
5092
https://www.exploit-db.com/exploits/5092
ADV-2008-0487
http://www.vupen.com/english/advisories/2008/0487/references
DSA-1494
http://www.debian.org/security/2008/dsa-1494
FEDORA-2008-1422
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html
FEDORA-2008-1423
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00255.html
FEDORA-2008-1433
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00270.html
FEDORA-2008-1629
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00485.html
MDVSA-2008:043
http://www.mandriva.com/security/advisories?name=MDVSA-2008:043
MDVSA-2008:044
http://www.mandriva.com/security/advisories?name=MDVSA-2008:044
RHSA-2008:0129
http://www.redhat.com/support/errata/RHSA-2008-0129.html
SUSE-SA:2008:007
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html
SUSE-SA:2008:013
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html
SUSE-SA:2008:030
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html
USN-577-1
http://www.ubuntu.com/usn/usn-577-1
[linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit
http://marc.info/?l=linux-kernel&m=120263652322197&w=2
http://marc.info/?l=linux-kernel&m=120264520431307&w=2
http://marc.info/?l=linux-kernel&m=120264773202422&w=2
http://marc.info/?l=linux-kernel&m=120266328220808&w=2
http://marc.info/?l=linux-kernel&m=120266353621139&w=2
http://wiki.rpath.com/Advisories:rPSA-2008-0052
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0052
https://bugzilla.redhat.com/show_bug.cgi?id=432229
https://bugzilla.redhat.com/show_bug.cgi?id=432517
https://issues.rpath.com/browse/RPL-2237
oval:org.mitre.oval:def:11358
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11358

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122611
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2008-0129)
Resumen:	The remote host is missing an update for the 'kernel, ocfs2-2.6.18-53.1.13.0.1.el5, oracleasm-2.6.18-53.1.13.0.1.el5' package(s) announced via the ELSA-2008-0129 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-53.1.13.0.1.el5, oracleasm-2.6.18-53.1.13.0.1.el5' package(s) announced via the ELSA-2008-0129 advisory. Vulnerability Insight: [2.6.18-53.1.13.0.1.el5] - [NET] Add entropy support to e1000 and bnx2 (John Sobecki) [orabug 6045759] - [NET] Fix msi issue with kexec/kdump (Michael Chan) [orabug 6219364] - [MM] Fix alloc_pages_node() static `nid\' race made kernel crash (Joe Jin) [orabug 6187457] - [splice] Fix bad unlock_page() in error case (Jens Axboe) [orabug 6263574] - [dio] fix error-path crashes (Linus Torvalds) [orabug 6242289] - [MM] Fix leak in hugepages, regression for shared pagetables patch (Adam Litke) [orabug 6732368] [2.6.18-53.1.13] - revert to 2.6.18-53.1.6.el5 - [x86_64] kernel vmsplice_to_pipe flaw (Alexander Viro ) [432252] {CVE-2008-0600} Affected Software/OS: 'kernel, ocfs2-2.6.18-53.1.13.0.1.el5, oracleasm-2.6.18-53.1.13.0.1.el5' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0600 1019393 http://securitytracker.com/id?1019393 20080212 rPSA-2008-0052-1 kernel http://www.securityfocus.com/archive/1/488009/100/0/threaded 27704 http://www.securityfocus.com/bid/27704 27801 http://www.securityfocus.com/bid/27801 28835 http://secunia.com/advisories/28835 28858 http://secunia.com/advisories/28858 28875 http://secunia.com/advisories/28875 28889 http://secunia.com/advisories/28889 28896 http://secunia.com/advisories/28896 28912 http://secunia.com/advisories/28912 28925 http://secunia.com/advisories/28925 28933 http://secunia.com/advisories/28933 28937 http://secunia.com/advisories/28937 29245 http://secunia.com/advisories/29245 30818 http://secunia.com/advisories/30818 5092 https://www.exploit-db.com/exploits/5092 ADV-2008-0487 http://www.vupen.com/english/advisories/2008/0487/references DSA-1494 http://www.debian.org/security/2008/dsa-1494 FEDORA-2008-1422 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html FEDORA-2008-1423 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00255.html FEDORA-2008-1433 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00270.html FEDORA-2008-1629 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00485.html MDVSA-2008:043 http://www.mandriva.com/security/advisories?name=MDVSA-2008:043 MDVSA-2008:044 http://www.mandriva.com/security/advisories?name=MDVSA-2008:044 RHSA-2008:0129 http://www.redhat.com/support/errata/RHSA-2008-0129.html SUSE-SA:2008:007 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html SUSE-SA:2008:013 http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html SUSE-SA:2008:030 http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html USN-577-1 http://www.ubuntu.com/usn/usn-577-1 [linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit http://marc.info/?l=linux-kernel&m=120263652322197&w=2 http://marc.info/?l=linux-kernel&m=120264520431307&w=2 http://marc.info/?l=linux-kernel&m=120264773202422&w=2 http://marc.info/?l=linux-kernel&m=120266328220808&w=2 http://marc.info/?l=linux-kernel&m=120266353621139&w=2 http://wiki.rpath.com/Advisories:rPSA-2008-0052 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0052 https://bugzilla.redhat.com/show_bug.cgi?id=432229 https://bugzilla.redhat.com/show_bug.cgi?id=432517 https://issues.rpath.com/browse/RPL-2237 oval:org.mitre.oval:def:11358 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11358
Copyright	Copyright (C) 2015 Greenbone AG