ID de Prueba:	1.3.6.1.4.1.25623.1.0.123126
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2015-3034)
Resumen:	The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-400.37.4.el5uek, mlnx_en-2.6.32-400.37.4.el6uek, ofa-2.6.32-400.37.4.el5uek, ofa-2.6.32-400.37.4.el6uek' package(s) announced via the ELSA-2015-3034 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-400.37.4.el5uek, mlnx_en-2.6.32-400.37.4.el6uek, ofa-2.6.32-400.37.4.el5uek, ofa-2.6.32-400.37.4.el6uek' package(s) announced via the ELSA-2015-3034 advisory. Vulnerability Insight: kernel-uek [2.6.32-400.37.4] - isofs: Fix unchecked printing of ER records (Jan Kara) [Orabug: 20930553] {CVE-2014-9584} - selinux: Permit bounded transitions under NO_NEW_PRIVS or NOSUID. (Stephen Smalley) [Orabug: 20930502] {CVE-2014-3215} - Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privs (Andy Lutomirski) [Orabug: 20930519] {CVE-2014-3215} Affected Software/OS: 'kernel-uek, mlnx_en-2.6.32-400.37.4.el5uek, mlnx_en-2.6.32-400.37.4.el6uek, ofa-2.6.32-400.37.4.el5uek, ofa-2.6.32-400.37.4.el6uek' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3215 BugTraq ID: 67341 http://www.securityfocus.com/bid/67341 http://www.mandriva.com/security/advisories?name=MDVSA-2015:156 http://openwall.com/lists/oss-security/2014/04/29/7 http://openwall.com/lists/oss-security/2014/04/30/4 http://openwall.com/lists/oss-security/2014/05/08/1 RedHat Security Advisories: RHSA-2015:0864 http://rhn.redhat.com/errata/RHSA-2015-0864.html http://secunia.com/advisories/59007 SuSE Security Announcement: openSUSE-SU-2014:0749 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-06/msg00008.html Common Vulnerability Exposure (CVE) ID: CVE-2014-9584 71883 http://www.securityfocus.com/bid/71883 DSA-3128 http://www.debian.org/security/2015/dsa-3128 MDVSA-2015:058 http://www.mandriva.com/security/advisories?name=MDVSA-2015:058 RHSA-2015:0864 RHSA-2015:1137 http://rhn.redhat.com/errata/RHSA-2015-1137.html RHSA-2015:1138 http://rhn.redhat.com/errata/RHSA-2015-1138.html SUSE-SU-2015:0481 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html SUSE-SU-2015:0529 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html SUSE-SU-2015:0652 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html SUSE-SU-2015:0736 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html SUSE-SU-2015:0812 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html USN-2511-1 http://www.ubuntu.com/usn/USN-2511-1 USN-2512-1 http://www.ubuntu.com/usn/USN-2512-1 USN-2513-1 http://www.ubuntu.com/usn/USN-2513-1 USN-2514-1 http://www.ubuntu.com/usn/USN-2514-1 USN-2515-1 http://www.ubuntu.com/usn/USN-2515-1 USN-2516-1 http://www.ubuntu.com/usn/USN-2516-1 USN-2517-1 http://www.ubuntu.com/usn/USN-2517-1 USN-2518-1 http://www.ubuntu.com/usn/USN-2518-1 [oss-security] 20150109 Re: CVE request Linux kernel: isofs: unchecked printing of ER records http://www.openwall.com/lists/oss-security/2015/01/09/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e2024624e678f0ebb916e6192bd23c1f9fdf696 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2 http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html https://bugzilla.redhat.com/show_bug.cgi?id=1180119 https://github.com/torvalds/linux/commit/4e2024624e678f0ebb916e6192bd23c1f9fdf696 openSUSE-SU-2015:0566 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html openSUSE-SU-2015:0714 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.