ID de Prueba:	1.3.6.1.4.1.25623.1.0.123170
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2015-0674)
Resumen:	The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2015-0674 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2015-0674 advisory. Vulnerability Insight: [2.6.32-504.12.2] - [infiniband] core: Prevent integer overflow in ib_umem_get address arithmetic (Doug Ledford) [1181173 1179327] {CVE-2014-8159} [2.6.32-504.12.1] - [fs] splice: perform generic write checks (Eric Sandeen) [1163798 1155900] {CVE-2014-7822} [2.6.32-504.11.1] - [virt] kvm: excessive pages un-pinning in kvm_iommu_map error path (Jacob Tanenbaum) [1156520 1156521] {CVE-2014-8369} - [x86] crypto: Add support for 192 & 256 bit keys to AESNI RFC4106 (Jarod Wilson) [1184332 1176211] - [block] nvme: Clear QUEUE_FLAG_STACKABLE (David Milburn) [1180555 1155715] - [net] netfilter: conntrack: disable generic tracking for known protocols (Daniel Borkmann) [1182071 1114697] {CVE-2014-8160} - [xen] pvhvm: Fix vcpu hotplugging hanging (Vitaly Kuznetsov) [1179343 1164278] - [xen] pvhvm: Don't point per_cpu(xen_vpcu, 33 and larger) to shared_info (Vitaly Kuznetsov) [1179343 1164278] - [xen] enable PVHVM VCPU placement when using more than 32 CPUs (Vitaly Kuznetsov) [1179343 1164278] - [xen] support large numbers of CPUs with vcpu info placement (Vitaly Kuznetsov) [1179343 1164278] [2.6.32-504.10.1] - [netdrv] tg3: Change nvram command timeout value to 50ms (Ivan Vecera) [1182903 1176230] [2.6.32-504.9.1] - [net] ipv6: increase ip6_rt_max_size to 16384 (Hannes Frederic Sowa) [1177581 1112946] - [net] ipv6: don't set DST_NOCOUNT for remotely added routes (Hannes Frederic Sowa) [1177581 1112946] - [net] ipv6: don't count addrconf generated routes against gc limit (Hannes Frederic Sowa) [1177581 1112946] - [net] ipv6: Don't put artificial limit on routing table size (Hannes Frederic Sowa) [1177581 1112946] - [scsi] bnx2fc: fix tgt spinlock locking (Maurizio Lombardi) [1179098 1079656] Affected Software/OS: 'kernel' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-7822 117810 http://www.osvdb.org/117810 36743 https://www.exploit-db.com/exploits/36743/ 72347 http://www.securityfocus.com/bid/72347 DSA-3170 http://www.debian.org/security/2015/dsa-3170 RHSA-2015:0102 http://rhn.redhat.com/errata/RHSA-2015-0102.html RHSA-2015:0164 http://rhn.redhat.com/errata/RHSA-2015-0164.html RHSA-2015:0674 http://rhn.redhat.com/errata/RHSA-2015-0674.html RHSA-2015:0694 http://rhn.redhat.com/errata/RHSA-2015-0694.html SUSE-SU-2015:0529 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html SUSE-SU-2015:0736 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html SUSE-SU-2015:1488 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html SUSE-SU-2015:1489 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html USN-2541-1 http://www.ubuntu.com/usn/USN-2541-1 USN-2542-1 http://www.ubuntu.com/usn/USN-2542-1 USN-2543-1 http://www.ubuntu.com/usn/USN-2543-1 USN-2544-1 http://www.ubuntu.com/usn/USN-2544-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d0207652cbe27d1f962050737848e5ad4671958 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html https://bugzilla.redhat.com/show_bug.cgi?id=1163792 https://github.com/torvalds/linux/commit/8d0207652cbe27d1f962050737848e5ad4671958 openSUSE-SU-2015:0714 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html Common Vulnerability Exposure (CVE) ID: CVE-2014-8159 1032224 http://www.securitytracker.com/id/1032224 73060 http://www.securityfocus.com/bid/73060 DSA-3237 http://www.debian.org/security/2015/dsa-3237 FEDORA-2015-4066 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152747.html RHSA-2015:0695 http://rhn.redhat.com/errata/RHSA-2015-0695.html RHSA-2015:0726 http://rhn.redhat.com/errata/RHSA-2015-0726.html RHSA-2015:0751 http://rhn.redhat.com/errata/RHSA-2015-0751.html RHSA-2015:0782 http://rhn.redhat.com/errata/RHSA-2015-0782.html RHSA-2015:0783 http://rhn.redhat.com/errata/RHSA-2015-0783.html RHSA-2015:0803 http://rhn.redhat.com/errata/RHSA-2015-0803.html RHSA-2015:0870 http://rhn.redhat.com/errata/RHSA-2015-0870.html RHSA-2015:0919 http://rhn.redhat.com/errata/RHSA-2015-0919.html SUSE-SU-2015:1478 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html SUSE-SU-2015:1487 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html SUSE-SU-2015:1491 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html USN-2525-1 http://www.ubuntu.com/usn/USN-2525-1 USN-2526-1 http://www.ubuntu.com/usn/USN-2526-1 USN-2527-1 http://www.ubuntu.com/usn/USN-2527-1 USN-2528-1 http://www.ubuntu.com/usn/USN-2528-1 USN-2529-1 http://www.ubuntu.com/usn/USN-2529-1 USN-2530-1 http://www.ubuntu.com/usn/USN-2530-1 USN-2561-1 http://www.ubuntu.com/usn/USN-2561-1 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 https://bugzilla.redhat.com/show_bug.cgi?id=1181166 Common Vulnerability Exposure (CVE) ID: CVE-2014-8160 72061 http://www.securityfocus.com/bid/72061 MDVSA-2015:057 http://www.mandriva.com/security/advisories?name=MDVSA-2015:057 MDVSA-2015:058 http://www.mandriva.com/security/advisories?name=MDVSA-2015:058 RHSA-2015:0284 http://rhn.redhat.com/errata/RHSA-2015-0284.html RHSA-2015:0290 http://rhn.redhat.com/errata/RHSA-2015-0290.html SUSE-SU-2015:0652 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html USN-2513-1 http://www.ubuntu.com/usn/USN-2513-1 USN-2514-1 http://www.ubuntu.com/usn/USN-2514-1 USN-2515-1 http://www.ubuntu.com/usn/USN-2515-1 USN-2516-1 http://www.ubuntu.com/usn/USN-2516-1 USN-2517-1 http://www.ubuntu.com/usn/USN-2517-1 USN-2518-1 http://www.ubuntu.com/usn/USN-2518-1 [netfilter-devel] 20140925 [PATCH nf] netfilter: conntrack: disable generic protocol tracking http://www.spinics.net/lists/netfilter-devel/msg33430.html [oss-security] 20150114 CVE-2014-8160 Linux Kernel: SCTP firewalling fails until SCTP module is loaded http://www.openwall.com/lists/oss-security/2015/01/14/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=db29a9508a9246e77087c5531e45b2c88ec6988b https://bugzilla.redhat.com/show_bug.cgi?id=1182059 https://github.com/torvalds/linux/commit/db29a9508a9246e77087c5531e45b2c88ec6988b Common Vulnerability Exposure (CVE) ID: CVE-2014-8369 BugTraq ID: 70747 http://www.securityfocus.com/bid/70747 BugTraq ID: 70749 http://www.securityfocus.com/bid/70749 Debian Security Information: DSA-3093 (Google Search) http://www.debian.org/security/2014/dsa-3093 https://lkml.org/lkml/2014/10/24/460 http://www.openwall.com/lists/oss-security/2014/10/24/7 RedHat Security Advisories: RHSA-2015:0674 http://secunia.com/advisories/62326 http://secunia.com/advisories/62336 SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search) SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.