ID de Prueba:	1.3.6.1.4.1.25623.1.0.123219
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2014-1997)
Resumen:	The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-1997 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-1997 advisory. Vulnerability Insight: [2.6.32-504.3.3] - [x86] traps: stop using IST for #SS (Petr Matousek) [1172810 1172811] {CVE-2014-9322} [2.6.32-504.3.2] - [md] dm-thin: fix pool_io_hints to avoid looking at max_hw_sectors (Mike Snitzer) [1161420 1161421 1142773 1145230] [2.6.32-504.3.1] - [s390] zcrypt: toleration of new crypto adapter hardware (Hendrik Brueckner) [1158311 1134984] - [s390] zcrypt: support for extended number of ap domains (Hendrik Brueckner) [1158311 1134984] - [md] dm-thin: fix potential for infinite loop in pool_io_hints (Mike Snitzer) [1161420 1161421 1142773 1145230] [2.6.32-504.2.1] - [fs] udf: Avoid infinite loop when processing indirect ICBs (Jacob Tanenbaum) [1142319 1142320] {CVE-2014-6410} - [fs] isofs: unbound recursion when processing relocated directories (Jacob Tanenbaum) [1142268 1142269] {CVE-2014-5472 CVE-2014-5471} - [net] ipv6: delete expired route in ip6_pmtu_deliver (Hannes Frederic Sowa) [1161418 1156137] - [net] sctp: fix remote memory pressure from excessive queueing (Daniel Borkmann) [1155746 1154676] {CVE-2014-3688} - [net] sctp: fix panic on duplicate ASCONF chunks (Daniel Borkmann) [1155733 1154676] {CVE-2014-3687} - [net] sctp: fix skb_over_panic when receiving malformed ASCONF chunks (Daniel Borkmann) [1147857 1154676] {CVE-2014-3673} - [net] sctp: handle association restarts when the socket is closed (Daniel Borkmann) [1147857 1154676] - [md] dm-thin: refactor requeue_io to eliminate spinlock bouncing (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: optimize retry_bios_on_resume (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: sort the deferred cells (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: direct dispatch when breaking sharing (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: remap the bios in a cell immediately (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: defer whole cells rather than individual bios (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: factor out remap_and_issue_overwrite (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: performance improvement to discard processing (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: grab a virtual cell before looking up the mapping (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: implement thin_merge (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm: improve documentation and code clarity in dm_merge_bvec (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: adjust max_sectors_kb based on thinp blocksize (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] block: fix alignment_offset math that assumes io_min is a power-of-2 (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: throttle incoming IO (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: prefetch missing metadata pages (Mike Snitzer) [1161420 ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-6657 HPSBGN03282 http://marc.info/?l=bugtraq&m=142722544401658&w=2 HPSBGN03285 http://marc.info/?l=bugtraq&m=142722450701342&w=2 SUSE-SU-2015:0652 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html SUSE-SU-2015:0812 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html [oss-security] 20140915 Re: CVE request Linux kernel: net: guard tcp_set_keepalive against crash http://www.openwall.com/lists/oss-security/2014/09/15/8 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3e10986d1d698140747fcfc2761ec9cb64c1d582 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.7 https://bugzilla.redhat.com/show_bug.cgi?id=1141742 https://github.com/torvalds/linux/commit/3e10986d1d698140747fcfc2761ec9cb64c1d582 Common Vulnerability Exposure (CVE) ID: CVE-2014-3673 62428 http://secunia.com/advisories/62428 70883 http://www.securityfocus.com/bid/70883 DSA-3060 http://www.debian.org/security/2014/dsa-3060 RHSA-2015:0062 http://rhn.redhat.com/errata/RHSA-2015-0062.html RHSA-2015:0115 http://rhn.redhat.com/errata/RHSA-2015-0115.html SUSE-SU-2015:0481 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html SUSE-SU-2015:0529 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html USN-2417-1 http://www.ubuntu.com/usn/USN-2417-1 USN-2418-1 http://www.ubuntu.com/usn/USN-2418-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9de7922bc709eee2f609cd01d98aaedc4cf5ea74 http://linux.oracle.com/errata/ELSA-2014-3087.html http://linux.oracle.com/errata/ELSA-2014-3088.html http://linux.oracle.com/errata/ELSA-2014-3089.html https://bugzilla.redhat.com/show_bug.cgi?id=1147850 https://github.com/torvalds/linux/commit/9de7922bc709eee2f609cd01d98aaedc4cf5ea74 openSUSE-SU-2015:0566 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html Common Vulnerability Exposure (CVE) ID: CVE-2014-3687 70766 http://www.securityfocus.com/bid/70766 SUSE-SU-2015:0178 http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html SUSE-SU-2015:0736 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html SUSE-SU-2015:1489 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b69040d8e39f20d5215a03502a8e8b4c6ab78395 https://bugzilla.redhat.com/show_bug.cgi?id=1155731 https://github.com/torvalds/linux/commit/b69040d8e39f20d5215a03502a8e8b4c6ab78395 Common Vulnerability Exposure (CVE) ID: CVE-2014-3688 [oss-security] 20141113 Linux kernel: SCTP issues http://www.openwall.com/lists/oss-security/2014/11/13/8 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26b87c7881006311828bb0ab271a551a62dcceb4 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4 https://bugzilla.redhat.com/show_bug.cgi?id=1155745 https://github.com/torvalds/linux/commit/26b87c7881006311828bb0ab271a551a62dcceb4 Common Vulnerability Exposure (CVE) ID: CVE-2014-5471 BugTraq ID: 69396 http://www.securityfocus.com/bid/69396 HPdes Security Advisory: HPSBGN03282 HPdes Security Advisory: HPSBGN03285 https://code.google.com/p/google-security-research/issues/detail?id=88 http://seclists.org/oss-sec/2014/q3/450 http://www.openwall.com/lists/oss-security/2014/08/27/1 RedHat Security Advisories: RHSA-2014:1318 http://rhn.redhat.com/errata/RHSA-2014-1318.html RedHat Security Advisories: RHSA-2015:0102 http://rhn.redhat.com/errata/RHSA-2015-0102.html RedHat Security Advisories: RHSA-2015:0695 http://rhn.redhat.com/errata/RHSA-2015-0695.html RedHat Security Advisories: RHSA-2015:0782 http://rhn.redhat.com/errata/RHSA-2015-0782.html RedHat Security Advisories: RHSA-2015:0803 http://rhn.redhat.com/errata/RHSA-2015-0803.html SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search) SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search) SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search) http://www.ubuntu.com/usn/USN-2354-1 http://www.ubuntu.com/usn/USN-2355-1 http://www.ubuntu.com/usn/USN-2356-1 http://www.ubuntu.com/usn/USN-2357-1 http://www.ubuntu.com/usn/USN-2358-1 http://www.ubuntu.com/usn/USN-2359-1 XForce ISS Database: linux-kernel-isofs-bo(95481) https://exchange.xforce.ibmcloud.com/vulnerabilities/95481 Common Vulnerability Exposure (CVE) ID: CVE-2014-5472 BugTraq ID: 69428 http://www.securityfocus.com/bid/69428 XForce ISS Database: linux-kernel-cve20145472-dos(95556) https://exchange.xforce.ibmcloud.com/vulnerabilities/95556 Common Vulnerability Exposure (CVE) ID: CVE-2014-6410 BugTraq ID: 69799 http://www.securityfocus.com/bid/69799 http://www.openwall.com/lists/oss-security/2014/09/15/9 http://www.ubuntu.com/usn/USN-2374-1 http://www.ubuntu.com/usn/USN-2375-1 http://www.ubuntu.com/usn/USN-2376-1 http://www.ubuntu.com/usn/USN-2377-1 http://www.ubuntu.com/usn/USN-2378-1 http://www.ubuntu.com/usn/USN-2379-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-9322 http://www.exploit-db.com/exploits/36266 http://www.zerodayinitiative.com/advisories/ZDI-16-170 http://www.openwall.com/lists/oss-security/2014/12/15/6 http://osvdb.org/show/osvdb/115919 RedHat Security Advisories: RHSA-2014:1998 http://rhn.redhat.com/errata/RHSA-2014-1998.html RedHat Security Advisories: RHSA-2014:2008 http://rhn.redhat.com/errata/RHSA-2014-2008.html RedHat Security Advisories: RHSA-2014:2028 http://rhn.redhat.com/errata/RHSA-2014-2028.html RedHat Security Advisories: RHSA-2014:2031 http://rhn.redhat.com/errata/RHSA-2014-2031.html RedHat Security Advisories: RHSA-2015:0009 http://rhn.redhat.com/errata/RHSA-2015-0009.html http://secunia.com/advisories/62336 SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search) http://www.ubuntu.com/usn/USN-2491-1
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.