ID de Prueba:	1.3.6.1.4.1.25623.1.0.122797
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2015-2552)
Resumen:	The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2015-2552 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2015-2552 advisory. Vulnerability Insight: [3.10.0-327.3.1.OL7] - Oracle Linux certificates (Alexey Petrenko) [3.10.0-327.3.1] - rebuild [3.10.0-327.2.1] - [netdrv] macvtap: unbreak receiving of gro skb with frag list (Jason Wang) [1279794 1273737] - [net] ipv6: drop frames with attached skb->sk in forwarding (Hannes Frederic Sowa) [1281701 1243966] - [net] ipv6: ip6_forward: perform skb->pkt_type check at the beginning (Hannes Frederic Sowa) [1281701 1243966] - [net] sctp: Fix race between OOTB response and route removal (Jamie Bainbridge) [1281426 1277309] - [x86] mm: fix VM_FAULT_RETRY handling (Andrea Arcangeli) [1281427 1277226] - [x86] mm: consolidate VM_FAULT_RETRY handling (Andrea Arcangeli) [1281427 1277226] - [x86] mm: move mmap_sem unlock from mm_fault_error() to caller (Andrea Arcangeli) [1281427 1277226] - [mm] let mm_find_pmd fix buggy race with THP fault (Larry Woodman) [1281424 1273993] - [mm] ksm: unstable_tree_search_insert error checking cleanup (Andrea Arcangeli) [1281422 1274871] - [mm] ksm: use find_mergeable_vma in try_to_merge_with_ksm_page (Andrea Arcangeli) [1281422 1274871] - [mm] ksm: use the helper method to do the hlist_empty check (Andrea Arcangeli) [1281422 1274871] - [mm] ksm: don't fail stable tree lookups if walking over stale stable_nodes (Andrea Arcangeli) [1281422 1274871] - [mm] ksm: add cond_resched() to the rmap_walks (Andrea Arcangeli) [1281422 1274871] - [powerpc] kvm: book3s_hv: Synthesize segment fault if SLB lookup fails (Thomas Huth) [1281423 1269467] - [powerpc] kvm: book3s_hv: Create debugfs file for each guest's HPT (David Gibson) [1281420 1273692] - [powerpc] kvm: book3s_hv: Add helpers for lock/unlock hpte (David Gibson) [1281420 1273692] - [powerpc] pci: initialize hybrid_dma_data before use (Laurent Vivier) [1279793 1270717] - [md] raid10: don't clear bitmap bit when bad-block-list write fails (Jes Sorensen) [1279796 1267652] - [md] raid1: don't clear bitmap bit when bad-block-list write fails (Jes Sorensen) [1279796 1267652] - [md] raid10: submit_bio_wait() returns 0 on success (Jes Sorensen) [1279796 1267652] - [md] raid1: submit_bio_wait() returns 0 on success (Jes Sorensen) [1279796 1267652] - [md] crash in md-raid1 and md-raid10 due to incorrect list manipulation (Jes Sorensen) [1279796 1267652] - [md] raid10: ensure device failure recorded before write request returns (Jes Sorensen) [1279796 1267652] - [md] raid1: ensure device failure recorded before write request returns (Jes Sorensen) [1279796 1267652] - [block] nvme: Fix memory leak on retried commands (David Milburn) [1279792 1271860] - [cpufreq] intel_pstate: fix rounding error in max_freq_pct (Prarit Bhargava) [1281491 1263866] - [cpufreq] intel_pstate: fix PCT_TO_HWP macro (Prarit Bhargava) [1273926 1264990] - [cpufreq] revert 'intel_pstate: add quirk to disable HWP on Skylake-S processors' (Prarit Bhargava) [1273926 1264990] - [cpufreq] revert 'intel_pstate: disable Skylake processors' (Prarit ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel' package(s) on Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5307 1034105 http://www.securitytracker.com/id/1034105 77528 http://www.securityfocus.com/bid/77528 DSA-3396 http://www.debian.org/security/2015/dsa-3396 DSA-3414 http://www.debian.org/security/2015/dsa-3414 DSA-3454 http://www.debian.org/security/2016/dsa-3454 FEDORA-2015-394835a3f6 http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172435.html FEDORA-2015-668d213dc3 http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172300.html FEDORA-2015-f150b2a8c8 http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172187.html RHSA-2015:2636 http://rhn.redhat.com/errata/RHSA-2015-2636.html RHSA-2015:2645 http://rhn.redhat.com/errata/RHSA-2015-2645.html RHSA-2016:0046 http://rhn.redhat.com/errata/RHSA-2016-0046.html SUSE-SU-2015:2108 http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html SUSE-SU-2015:2194 http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html SUSE-SU-2015:2339 http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html SUSE-SU-2015:2350 http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html SUSE-SU-2016:0354 http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html SUSE-SU-2016:2074 http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html USN-2800-1 http://www.ubuntu.com/usn/USN-2800-1 USN-2801-1 http://www.ubuntu.com/usn/USN-2801-1 USN-2802-1 http://www.ubuntu.com/usn/USN-2802-1 USN-2803-1 http://www.ubuntu.com/usn/USN-2803-1 USN-2804-1 http://www.ubuntu.com/usn/USN-2804-1 USN-2805-1 http://www.ubuntu.com/usn/USN-2805-1 USN-2806-1 http://www.ubuntu.com/usn/USN-2806-1 USN-2807-1 http://www.ubuntu.com/usn/USN-2807-1 [oss-security] 20151110 Re: CVE-2015-5307 kernel: kvm: guest to host DoS by triggering an infinite loop in microcode via #AC exception http://www.openwall.com/lists/oss-security/2015/11/10/6 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54a20552e1eae07aa240fa370a0293e006b5faed http://support.citrix.com/article/CTX202583 http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://xenbits.xen.org/xsa/advisory-156.html https://bugzilla.redhat.com/show_bug.cgi?id=1277172 https://github.com/torvalds/linux/commit/54a20552e1eae07aa240fa370a0293e006b5faed https://kb.juniper.net/JSA10783 openSUSE-SU-2015:2232 http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html openSUSE-SU-2015:2250 http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html Common Vulnerability Exposure (CVE) ID: CVE-2015-8104 BugTraq ID: 77524 http://www.securityfocus.com/bid/77524 BugTraq ID: 91787 http://www.securityfocus.com/bid/91787 Debian Security Information: DSA-3414 (Google Search) Debian Security Information: DSA-3426 (Google Search) http://www.debian.org/security/2015/dsa-3426 Debian Security Information: DSA-3454 (Google Search) http://www.openwall.com/lists/oss-security/2015/11/10/5 http://www.openwall.com/lists/oss-security/2023/10/10/4 RedHat Security Advisories: RHSA-2015:2636 RedHat Security Advisories: RHSA-2015:2645 RedHat Security Advisories: RHSA-2016:0046 SuSE Security Announcement: SUSE-SU-2015:2108 (Google Search) SuSE Security Announcement: SUSE-SU-2015:2194 (Google Search) SuSE Security Announcement: SUSE-SU-2015:2339 (Google Search) SuSE Security Announcement: SUSE-SU-2015:2350 (Google Search) SuSE Security Announcement: SUSE-SU-2016:0354 (Google Search) SuSE Security Announcement: SUSE-SU-2016:2074 (Google Search) SuSE Security Announcement: openSUSE-SU-2015:2232 (Google Search) SuSE Security Announcement: openSUSE-SU-2015:2250 (Google Search) SuSE Security Announcement: openSUSE-SU-2016:1008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html http://www.ubuntu.com/usn/USN-2840-1 http://www.ubuntu.com/usn/USN-2841-1 http://www.ubuntu.com/usn/USN-2841-2 http://www.ubuntu.com/usn/USN-2842-1 http://www.ubuntu.com/usn/USN-2842-2 http://www.ubuntu.com/usn/USN-2843-1 http://www.ubuntu.com/usn/USN-2843-2 http://www.ubuntu.com/usn/USN-2844-1
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.