ID de Prueba:	1.3.6.1.4.1.25623.1.0.123159
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2015-3014)
Resumen:	The remote host is missing an update for the 'kernel-uek' package(s) announced via the ELSA-2015-3014 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel-uek' package(s) announced via the ELSA-2015-3014 advisory. Vulnerability Insight: [2.6.39-400.248.3] - kvm: fix excessive pages un-pinning in kvm_iommu_map error path. (Quentin Casasnovas) [Orabug: 20687314] {CVE-2014-3601} {CVE-2014-8369} {CVE-2014-3601} - Revert 'mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support' (Guangyu Sun) [Orabug: 20673281] {CVE-2014-8173} [2.6.39-400.248.2] - netfilter: conntrack: disable generic tracking for known protocols (Florian Westphal) [Orabug: 20679630] {CVE-2014-8160} - mac80211: fix fragmentation code, particularly for encryption (Johannes Berg) [Orabug: 20673313] {CVE-2014-8709} - mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support (Kirill A. Shutemov) [Orabug: 20673282] {CVE-2014-8173} - tracing/syscalls: Ignore numbers outside NR_syscalls' range (Rabin Vincent) [Orabug: 20673164] {CVE-2014-7825} {CVE-2014-7826} - tracing/syscalls: Fix perf syscall tracing when syscall_nr == -1 (Will Deacon) [Orabug: 20673164] {CVE-2014-7825} {CVE-2014-7826} [2.6.39-400.248.1] - NVMe: Disable pci before clearing queue (Keith Busch) [Orabug: 20533100] - x86, fpu: disable eagerfpu by default (Santosh Shilimkar) [Orabug: 20521543] Affected Software/OS: 'kernel-uek' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-7825 70972 http://www.securityfocus.com/bid/70972 RHSA-2014:1943 http://rhn.redhat.com/errata/RHSA-2014-1943.html RHSA-2015:0290 http://rhn.redhat.com/errata/RHSA-2015-0290.html RHSA-2015:0864 http://rhn.redhat.com/errata/RHSA-2015-0864.html [oss-security] 20141106 Exploitable issues in Linux perf/ftrace subsystems http://www.openwall.com/lists/oss-security/2014/11/06/11 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=086ba77a6db00ed858ff07451bedee197df868c9 https://bugzilla.redhat.com/show_bug.cgi?id=1161565 https://github.com/torvalds/linux/commit/086ba77a6db00ed858ff07451bedee197df868c9 linux-kernel-cve20147825-dos(98557) https://exchange.xforce.ibmcloud.com/vulnerabilities/98557 Common Vulnerability Exposure (CVE) ID: CVE-2014-7826 70971 http://www.securityfocus.com/bid/70971 SUSE-SU-2015:0481 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html linux-kernel-cve20147826-dos(98556) https://exchange.xforce.ibmcloud.com/vulnerabilities/98556 openSUSE-SU-2015:0566 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html Common Vulnerability Exposure (CVE) ID: CVE-2014-8160 72061 http://www.securityfocus.com/bid/72061 DSA-3170 http://www.debian.org/security/2015/dsa-3170 MDVSA-2015:057 http://www.mandriva.com/security/advisories?name=MDVSA-2015:057 MDVSA-2015:058 http://www.mandriva.com/security/advisories?name=MDVSA-2015:058 RHSA-2015:0284 http://rhn.redhat.com/errata/RHSA-2015-0284.html RHSA-2015:0674 http://rhn.redhat.com/errata/RHSA-2015-0674.html SUSE-SU-2015:0529 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html SUSE-SU-2015:0652 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html SUSE-SU-2015:0736 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html USN-2513-1 http://www.ubuntu.com/usn/USN-2513-1 USN-2514-1 http://www.ubuntu.com/usn/USN-2514-1 USN-2515-1 http://www.ubuntu.com/usn/USN-2515-1 USN-2516-1 http://www.ubuntu.com/usn/USN-2516-1 USN-2517-1 http://www.ubuntu.com/usn/USN-2517-1 USN-2518-1 http://www.ubuntu.com/usn/USN-2518-1 [netfilter-devel] 20140925 [PATCH nf] netfilter: conntrack: disable generic protocol tracking http://www.spinics.net/lists/netfilter-devel/msg33430.html [oss-security] 20150114 CVE-2014-8160 Linux Kernel: SCTP firewalling fails until SCTP module is loaded http://www.openwall.com/lists/oss-security/2015/01/14/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=db29a9508a9246e77087c5531e45b2c88ec6988b https://bugzilla.redhat.com/show_bug.cgi?id=1182059 https://github.com/torvalds/linux/commit/db29a9508a9246e77087c5531e45b2c88ec6988b openSUSE-SU-2015:0714 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html Common Vulnerability Exposure (CVE) ID: CVE-2014-8369 BugTraq ID: 70747 http://www.securityfocus.com/bid/70747 BugTraq ID: 70749 http://www.securityfocus.com/bid/70749 Debian Security Information: DSA-3093 (Google Search) http://www.debian.org/security/2014/dsa-3093 https://lkml.org/lkml/2014/10/24/460 http://www.openwall.com/lists/oss-security/2014/10/24/7 RedHat Security Advisories: RHSA-2015:0674 http://secunia.com/advisories/62326 http://secunia.com/advisories/62336 SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search) SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search) SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2014-8709 BugTraq ID: 70965 http://www.securityfocus.com/bid/70965 http://www.openwall.com/lists/oss-security/2014/11/09/1 RedHat Security Advisories: RHSA-2015:0290 RedHat Security Advisories: RHSA-2015:1272 http://rhn.redhat.com/errata/RHSA-2015-1272.html http://www.securitytracker.com/id/1037968 SuSE Security Announcement: SUSE-SU-2015:0652 (Google Search) XForce ISS Database: linux-kernel-cve20148709-info-disclsoure(98922) https://exchange.xforce.ibmcloud.com/vulnerabilities/98922
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.