Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2015-0869)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.123127

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2015-0869)

Resumen: The remote host is missing an update for the 'kvm' package(s) announced via the ELSA-2015-0869 advisory.

Descripción: Summary:
The remote host is missing an update for the 'kvm' package(s) announced via the ELSA-2015-0869 advisory.

Vulnerability Insight:
[kvm-83-270.0.1.el5_11]
- Added kvm-add-oracle-workaround-for-libvirt-bug.patch
- Added kvm-Introduce-oel-machine-type.patch

[kvm-83-270.el5]
- KVM: x86: Check non canonical addresses upon WRMSR
- Resolves: bz#1152982
(CVE-2014-3610 kernel: kvm: noncanonical MSR writes [rhel-5.11.z])

[kvm-83-269.el5]
- KVM: x86: Improve thread safety in pit
- Resolves: bz#1152985
(CVE-2014-3611 kernel: kvm: PIT timer race condition)

Affected Software/OS:
'kvm' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
4.9

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-3610
70742
http://www.securityfocus.com/bid/70742
DSA-3060
http://www.debian.org/security/2014/dsa-3060
RHSA-2015:0869
http://rhn.redhat.com/errata/RHSA-2015-0869.html
SUSE-SU-2015:0481
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
USN-2394-1
http://www.ubuntu.com/usn/USN-2394-1
USN-2417-1
http://www.ubuntu.com/usn/USN-2417-1
USN-2418-1
http://www.ubuntu.com/usn/USN-2418-1
USN-2491-1
http://www.ubuntu.com/usn/USN-2491-1
[oss-security] 20141024 kvm issues
http://www.openwall.com/lists/oss-security/2014/10/24/9
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=854e8bb1aa06c578c2c9145fa6bfe3680ef63b23
https://bugzilla.redhat.com/show_bug.cgi?id=1144883
https://github.com/torvalds/linux/commit/854e8bb1aa06c578c2c9145fa6bfe3680ef63b23
openSUSE-SU-2015:0566
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3611
RHSA-2015:0126
http://rhn.redhat.com/errata/RHSA-2015-0126.html
RHSA-2015:0284
http://rhn.redhat.com/errata/RHSA-2015-0284.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2febc839133280d5a5e8e1179c94ea674489dae2
https://bugzilla.redhat.com/show_bug.cgi?id=1144878
https://github.com/torvalds/linux/commit/2febc839133280d5a5e8e1179c94ea674489dae2

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.123127
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2015-0869)
Resumen:	The remote host is missing an update for the 'kvm' package(s) announced via the ELSA-2015-0869 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kvm' package(s) announced via the ELSA-2015-0869 advisory. Vulnerability Insight: [kvm-83-270.0.1.el5_11] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch [kvm-83-270.el5] - KVM: x86: Check non canonical addresses upon WRMSR - Resolves: bz#1152982 (CVE-2014-3610 kernel: kvm: noncanonical MSR writes [rhel-5.11.z]) [kvm-83-269.el5] - KVM: x86: Improve thread safety in pit - Resolves: bz#1152985 (CVE-2014-3611 kernel: kvm: PIT timer race condition) Affected Software/OS: 'kvm' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3610 70742 http://www.securityfocus.com/bid/70742 DSA-3060 http://www.debian.org/security/2014/dsa-3060 RHSA-2015:0869 http://rhn.redhat.com/errata/RHSA-2015-0869.html SUSE-SU-2015:0481 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html USN-2394-1 http://www.ubuntu.com/usn/USN-2394-1 USN-2417-1 http://www.ubuntu.com/usn/USN-2417-1 USN-2418-1 http://www.ubuntu.com/usn/USN-2418-1 USN-2491-1 http://www.ubuntu.com/usn/USN-2491-1 [oss-security] 20141024 kvm issues http://www.openwall.com/lists/oss-security/2014/10/24/9 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=854e8bb1aa06c578c2c9145fa6bfe3680ef63b23 https://bugzilla.redhat.com/show_bug.cgi?id=1144883 https://github.com/torvalds/linux/commit/854e8bb1aa06c578c2c9145fa6bfe3680ef63b23 openSUSE-SU-2015:0566 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html Common Vulnerability Exposure (CVE) ID: CVE-2014-3611 RHSA-2015:0126 http://rhn.redhat.com/errata/RHSA-2015-0126.html RHSA-2015:0284 http://rhn.redhat.com/errata/RHSA-2015-0284.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2febc839133280d5a5e8e1179c94ea674489dae2 https://bugzilla.redhat.com/show_bug.cgi?id=1144878 https://github.com/torvalds/linux/commit/2febc839133280d5a5e8e1179c94ea674489dae2
Copyright	Copyright (C) 2015 Greenbone AG