ID de Prueba:	1.3.6.1.4.1.25623.1.0.123224
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2014-3105)
Resumen:	The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-400.36.12.el5uek, mlnx_en-2.6.32-400.36.12.el6uek, ofa-2.6.32-400.36.12.el5uek, ofa-2.6.32-400.36.12.el6uek' package(s) announced via the ELSA-2014-3105 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-400.36.12.el5uek, mlnx_en-2.6.32-400.36.12.el6uek, ofa-2.6.32-400.36.12.el5uek, ofa-2.6.32-400.36.12.el6uek' package(s) announced via the ELSA-2014-3105 advisory. Vulnerability Insight: kernel-uek [2.6.32-400.36.12] - HID: fix a couple of off-by-ones (Jiri Kosina) [Orabug: 19849320] {CVE-2014-3184} - ALSA: control: Protect user controls against concurrent access (Lars-Peter Clausen) [Orabug: 20192545] {CVE-2014-4652} - udf: Avoid infinite loop when processing indirect ICBs (Jan Kara) [Orabug: 20192451] {CVE-2014-6410} - ALSA: control: Make sure that id->index does not overflow (Lars-Peter Clausen) [Orabug: 20192420] {CVE-2014-4656} - ALSA: control: Handle numid overflow (Lars-Peter Clausen) [Orabug: 20192379] {CVE-2014-4656} - net: sctp: fix remote memory pressure from excessive queueing (Daniel Borkmann) [Orabug: 20192060] {CVE-2014-3688} Affected Software/OS: 'kernel-uek, mlnx_en-2.6.32-400.36.12.el5uek, mlnx_en-2.6.32-400.36.12.el6uek, ofa-2.6.32-400.36.12.el5uek, ofa-2.6.32-400.36.12.el6uek' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3184 BugTraq ID: 69768 http://www.securityfocus.com/bid/69768 https://code.google.com/p/google-security-research/issues/detail?id=91 http://www.openwall.com/lists/oss-security/2014/09/11/21 RedHat Security Advisories: RHSA-2014:1318 http://rhn.redhat.com/errata/RHSA-2014-1318.html RedHat Security Advisories: RHSA-2015:1272 http://rhn.redhat.com/errata/RHSA-2015-1272.html SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html SuSE Security Announcement: SUSE-SU-2015:0652 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://www.ubuntu.com/usn/USN-2374-1 http://www.ubuntu.com/usn/USN-2375-1 http://www.ubuntu.com/usn/USN-2376-1 http://www.ubuntu.com/usn/USN-2377-1 http://www.ubuntu.com/usn/USN-2378-1 http://www.ubuntu.com/usn/USN-2379-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-3688 DSA-3060 http://www.debian.org/security/2014/dsa-3060 HPSBGN03282 http://marc.info/?l=bugtraq&m=142722544401658&w=2 HPSBGN03285 http://marc.info/?l=bugtraq&m=142722450701342&w=2 RHSA-2015:0062 http://rhn.redhat.com/errata/RHSA-2015-0062.html RHSA-2015:0115 http://rhn.redhat.com/errata/RHSA-2015-0115.html SUSE-SU-2015:0481 SUSE-SU-2015:0652 SUSE-SU-2015:0736 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html USN-2417-1 http://www.ubuntu.com/usn/USN-2417-1 USN-2418-1 http://www.ubuntu.com/usn/USN-2418-1 [oss-security] 20141113 Linux kernel: SCTP issues http://www.openwall.com/lists/oss-security/2014/11/13/8 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26b87c7881006311828bb0ab271a551a62dcceb4 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4 https://bugzilla.redhat.com/show_bug.cgi?id=1155745 https://github.com/torvalds/linux/commit/26b87c7881006311828bb0ab271a551a62dcceb4 openSUSE-SU-2015:0566 Common Vulnerability Exposure (CVE) ID: CVE-2014-4652 http://www.openwall.com/lists/oss-security/2014/06/26/6 RedHat Security Advisories: RHSA-2014:1083 http://rhn.redhat.com/errata/RHSA-2014-1083.html http://secunia.com/advisories/59434 http://secunia.com/advisories/59777 http://secunia.com/advisories/60545 http://secunia.com/advisories/60564 http://www.ubuntu.com/usn/USN-2334-1 http://www.ubuntu.com/usn/USN-2335-1 XForce ISS Database: linux-kernel-cve20144652-info-disc(94412) https://exchange.xforce.ibmcloud.com/vulnerabilities/94412 Common Vulnerability Exposure (CVE) ID: CVE-2014-4656 RedHat Security Advisories: RHSA-2015:0087 http://rhn.redhat.com/errata/RHSA-2015-0087.html http://www.securitytracker.com/id/1038201 Common Vulnerability Exposure (CVE) ID: CVE-2014-6410 BugTraq ID: 69799 http://www.securityfocus.com/bid/69799 HPdes Security Advisory: HPSBGN03282 HPdes Security Advisory: HPSBGN03285 http://www.openwall.com/lists/oss-security/2014/09/15/9 SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.