ID de Prueba:	1.3.6.1.4.1.25623.1.0.122851
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2016-3510)
Resumen:	The remote host is missing an update for the 'dtrace-modules-4.1.12-32.1.2.el6uek, dtrace-modules-4.1.12-32.1.2.el7uek, kernel-uek' package(s) announced via the ELSA-2016-3510 advisory.
Descripción:	Summary: The remote host is missing an update for the 'dtrace-modules-4.1.12-32.1.2.el6uek, dtrace-modules-4.1.12-32.1.2.el7uek, kernel-uek' package(s) announced via the ELSA-2016-3510 advisory. Vulnerability Insight: kernel-uek [4.1.12-32.1.2] - KEYS: Fix keyring ref leak in join_session_keyring() (Yevgeny Pats) [Orabug: 22563965] {CVE-2016-0728} [4.1.12-32.1.1] - ocfs2: return non-zero st_blocks for inline data (John Haxby) [Orabug: 22218243] - xen/events/fifo: Consume unprocessed events when a CPU dies (Ross Lagerwall) [Orabug: 22498877] - Revert 'xen/fb: allow xenfb initialization for hvm guests' (Konrad Rzeszutek Wilk) - xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set. (Konrad Rzeszutek Wilk) - xen/pciback: For XEN_PCI_OP_disable_msi[x] only disable if device has MSI(X) enabled. (Konrad Rzeszutek Wilk) - xen/pciback: Do not install an IRQ handler for MSI interrupts. (Konrad Rzeszutek Wilk) - xen/pciback: Return error on XEN_PCI_OP_enable_msix when device has MSI or MSI-X enabled (Konrad Rzeszutek Wilk) - xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled (Konrad Rzeszutek Wilk) - xen/pciback: Save xen_pci_op commands before processing it (Konrad Rzeszutek Wilk) - xen-scsiback: safely copy requests (David Vrabel) - xen-blkback: read from indirect descriptors only once (Roger Pau Monne) - xen-blkback: only read request operation from shared ring once (Roger Pau Monne) - xen-netback: use RING_COPY_REQUEST() throughout (David Vrabel) - xen-netback: don't use last request to determine minimum Tx credit (David Vrabel) - xen: Add RING_COPY_REQUEST() (David Vrabel) Affected Software/OS: 'dtrace-modules-4.1.12-32.1.2.el6uek, dtrace-modules-4.1.12-32.1.2.el7uek, kernel-uek' package(s) on Oracle Linux 6, Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-0728 1034701 http://www.securitytracker.com/id/1034701 39277 https://www.exploit-db.com/exploits/39277/ 81054 http://www.securityfocus.com/bid/81054 DSA-3448 http://www.debian.org/security/2016/dsa-3448 FEDORA-2016-5d43766e33 http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html FEDORA-2016-b59fd603be http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html HPSBHF03436 https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05018265 RHSA-2016:0064 http://rhn.redhat.com/errata/RHSA-2016-0064.html RHSA-2016:0065 http://rhn.redhat.com/errata/RHSA-2016-0065.html RHSA-2016:0068 http://rhn.redhat.com/errata/RHSA-2016-0068.html SUSE-SU-2016:0205 http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00026.html SUSE-SU-2016:0341 http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00012.html SUSE-SU-2016:0745 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00033.html SUSE-SU-2016:0746 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00034.html SUSE-SU-2016:0747 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00035.html SUSE-SU-2016:0750 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00038.html SUSE-SU-2016:0751 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00039.html SUSE-SU-2016:0752 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00040.html SUSE-SU-2016:0753 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00041.html SUSE-SU-2016:0755 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00043.html SUSE-SU-2016:0756 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00044.html SUSE-SU-2016:0757 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00045.html USN-2870-1 http://www.ubuntu.com/usn/USN-2870-1 USN-2870-2 http://www.ubuntu.com/usn/USN-2870-2 USN-2871-1 http://www.ubuntu.com/usn/USN-2871-1 USN-2871-2 http://www.ubuntu.com/usn/USN-2871-2 USN-2872-1 http://www.ubuntu.com/usn/USN-2872-1 USN-2872-2 http://www.ubuntu.com/usn/USN-2872-2 USN-2872-3 http://www.ubuntu.com/usn/USN-2872-3 USN-2873-1 http://www.ubuntu.com/usn/USN-2873-1 [oss-security] 20160119 Linux kernel: use after free in keyring facility. http://www.openwall.com/lists/oss-security/2016/01/19/2 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23567fd052a9abb6d67fe8e7a9ccdd9800a540f2 http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/ http://source.android.com/security/bulletin/2016-03-01.html http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1 http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html https://bto.bluecoat.com/security-advisory/sa112 https://bugzilla.redhat.com/show_bug.cgi?id=1297475 https://github.com/torvalds/linux/commit/23567fd052a9abb6d67fe8e7a9ccdd9800a540f2 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380 https://security.netapp.com/advisory/ntap-20160211-0001/
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.