ID de Prueba:	1.3.6.1.4.1.25623.1.0.123272
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2014-1392)
Resumen:	The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-1392 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-1392 advisory. Vulnerability Insight: [2.6.32-504] - [netdrv] revert 'cxgb4: set skb->rxhash' (Prarit Bhargava) [1140743] - [netdrv] revert 'cxgb4: Use netif_set_real_num_rx/tx_queues()' (Prarit Bhargava) [1140743] - [infiniband] revert 'cxgb4: Turn on delayed ACK' (Prarit Bhargava) [1140743] - [infiniband] revert 'cxgb4: Use ULP_MODE_TCPDDP' (Prarit Bhargava) [1140743] - [infiniband] revert 'cxgb4: Debugfs dump_qp() updates' (Prarit Bhargava) [1140743] - [infiniband] revert 'cxgb4: Drop peer_abort when no endpoint found' (Prarit Bhargava) [1140743] - [netdrv] revert 'cxgb4: Detect DB FULL events and notify RDMA ULD' (Prarit Bhargava) [1140743] - [netdrv] revert 'cxgb4: Common platform specific changes for DB Drop Recovery' (Prarit Bhargava) [1140743] - [netdrv] revert 'cxgb4: DB Drop Recovery for RDMA and LLD queues' (Prarit Bhargava) [1140743] - [infiniband] revert 'cxgb4: Add debugfs RDMA memory stats' (Prarit Bhargava) [1140743] - [infiniband] revert 'cxgb4: Add DB Overflow Avoidance' (Prarit Bhargava) [1140743] - [infiniband] revert 'cxgb4: DB Drop Recovery for RDMA and LLD queues' (Prarit Bhargava) [1140743] - [infiniband] revert 'cxgb4: Use vmalloc() for debugfs QP dump' (Prarit Bhargava) [1140743] - [infiniband] revert 'cxgb4: Remove kfifo usage' (Prarit Bhargava) [1140743] - [infiniband] revert 'cxgb4: Include vmalloc.h for vmalloc and vfree' (Prarit Bhargava) [1140743] - [netdrv] revert 'cxgb4: set maximal number of default RSS queues' (Prarit Bhargava) [1140743] - [netdrv] revert 'cxgb4: Remove duplicate register definitions' (Prarit Bhargava) [1140743] - [infiniband] revert 'cxgb4: Update RDMA/cxgb4 due to macro definition removal in cxgb4 driver' (Prarit Bhargava) [1140743] - [infiniband] revert 'cxgb4: Move dereference below NULL test' (Prarit Bhargava) [1140743] - [netdrv] revert 'cxgb4: Fix incorrect values for MEMWIN*_APERTURE and MEMWIN*_BASE' (Prarit Bhargava) [1140743] - [netdrv] revert 'cxgb4: Add functions to read memory via PCIE memory window' (Prarit Bhargava) [1140743] - [netdrv] revert 'cxgb4: Code cleanup to enable T4 Configuration File support' (Prarit Bhargava) [1140743] - [netdrv] revert 'cxgb4: Add support for T4 configuration file' (Prarit Bhargava) [1140743] - [netdrv] revert 'cxgb4: Add support for T4 hardwired driver configuration settings' (Prarit Bhargava) [1140743] - [netdrv] revert 'cxgb4: Don't attempt to upgrade T4 firmware when cxgb4 will end up as a slave' (Prarit Bhargava) [1140743] - [infiniband] revert 'cxgb4: Fix error handling in create_qp()' (Prarit Bhargava) [1140743] - [netdrv] revert 'cxgb4: Dynamically allocate memory in t4_memory_rw() and get_vpd_params()' (Prarit Bhargava) [1140743] - [netdrv] revert 'cxgb4: Fix build error due to missing linux/vmalloc.h include' (Prarit Bhargava) [1140743] - [netdrv] revert 'cxgb4: allocate enough data in t4_memory_rw()' (Prarit Bhargava) [1140743] - [netdrv] revert 'cxgb4: Address various sparse warnings' (Prarit ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2596 BugTraq ID: 59264 http://www.securityfocus.com/bid/59264 http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 http://forum.xda-developers.com/showthread.php?t=2255491 http://www.droid-life.com/2013/04/09/root-method-released-for-droid-razr-hd-running-android-4-1-2-other-devices-too/ http://www.droidrzr.com/index.php/topic/15208-root-motochopper-yet-another-android-root-exploit/ http://marc.info/?l=linux-kernel&m=136616837923938&w=2 RedHat Security Advisories: RHSA-2015:0695 http://rhn.redhat.com/errata/RHSA-2015-0695.html RedHat Security Advisories: RHSA-2015:0782 http://rhn.redhat.com/errata/RHSA-2015-0782.html RedHat Security Advisories: RHSA-2015:0803 http://rhn.redhat.com/errata/RHSA-2015-0803.html Common Vulnerability Exposure (CVE) ID: CVE-2013-4483 RHSA-2014:0285 http://rhn.redhat.com/errata/RHSA-2014-0285.html RHSA-2015:0284 http://rhn.redhat.com/errata/RHSA-2015-0284.html [oss-security] 20131030 Re: CVE Request -- Linux kernel: ipc: ipc_rcu_putref refcount races http://www.openwall.com/lists/oss-security/2013/10/30/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6062a8dc0517bce23e3c2f7d2fea5e22411269a3 https://bugzilla.redhat.com/show_bug.cgi?id=1024854 https://github.com/torvalds/linux/commit/6062a8dc0517bce23e3c2f7d2fea5e22411269a3 https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.10.bz2 openSUSE-SU-2014:0247 http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html Common Vulnerability Exposure (CVE) ID: CVE-2014-0181 RHSA-2014:1959 http://rhn.redhat.com/errata/RHSA-2014-1959.html SUSE-SU-2015:0481 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html SUSE-SU-2015:0652 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html SUSE-SU-2015:0736 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html SUSE-SU-2015:0812 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html [netdev] 20140423 [PATCH 0/5]: Preventing abuse when passing file descriptors http://marc.info/?l=linux-netdev&m=139828832919748&w=2 [oss-security] 20140423 Re: CVE-2014-0181: Linux network reconfiguration due to incorrect netlink checks http://www.openwall.com/lists/oss-security/2014/04/23/6 https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=90f62cf30a78721641e08737bda787552428061e https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.45 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.9 openSUSE-SU-2015:0566 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://www.openwall.com/lists/oss-security/2023/04/16/3 Common Vulnerability Exposure (CVE) ID: CVE-2014-3122 59386 http://secunia.com/advisories/59386 59599 http://secunia.com/advisories/59599 67162 http://www.securityfocus.com/bid/67162 DSA-2926 http://www.debian.org/security/2014/dsa-2926 USN-2240-1 http://www.ubuntu.com/usn/USN-2240-1 [oss-security] 20140430 Re: CVE request Linux kernel: mm: try_to_unmap_cluster() should lock_page() before mlocking http://www.openwall.com/lists/oss-security/2014/05/01/7 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=57e68e9cd65b4b8eb4045a1e0d0746458502554c http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.3 https://bugzilla.redhat.com/show_bug.cgi?id=1093076 https://github.com/torvalds/linux/commit/57e68e9cd65b4b8eb4045a1e0d0746458502554c Common Vulnerability Exposure (CVE) ID: CVE-2014-3601 60830 http://secunia.com/advisories/60830 69489 http://www.securityfocus.com/bid/69489 USN-2356-1 http://www.ubuntu.com/usn/USN-2356-1 USN-2357-1 http://www.ubuntu.com/usn/USN-2357-1 USN-2358-1 http://www.ubuntu.com/usn/USN-2358-1 USN-2359-1 http://www.ubuntu.com/usn/USN-2359-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7 https://bugzilla.redhat.com/show_bug.cgi?id=1131951 https://github.com/torvalds/linux/commit/350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7 linux-kernel-cve20143601-dos(95689) https://exchange.xforce.ibmcloud.com/vulnerabilities/95689 Common Vulnerability Exposure (CVE) ID: CVE-2014-4608 BugTraq ID: 68214 http://www.securityfocus.com/bid/68214 http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html http://www.oberhumer.com/opensource/lzo/ https://www.securitymouse.com/lms-2014-06-16-2 http://www.openwall.com/lists/oss-security/2014/06/26/21 RedHat Security Advisories: RHSA-2015:0062 http://rhn.redhat.com/errata/RHSA-2015-0062.html http://secunia.com/advisories/60011 http://secunia.com/advisories/60174 http://secunia.com/advisories/62633 SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search) SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search) SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search) http://www.ubuntu.com/usn/USN-2416-1 http://www.ubuntu.com/usn/USN-2417-1 http://www.ubuntu.com/usn/USN-2418-1 http://www.ubuntu.com/usn/USN-2419-1 http://www.ubuntu.com/usn/USN-2420-1 http://www.ubuntu.com/usn/USN-2421-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-4653 BugTraq ID: 68164 http://www.securityfocus.com/bid/68164 http://www.openwall.com/lists/oss-security/2014/06/26/6 RedHat Security Advisories: RHSA-2014:1083 http://rhn.redhat.com/errata/RHSA-2014-1083.html http://secunia.com/advisories/59434 http://secunia.com/advisories/59777 http://secunia.com/advisories/60545 http://secunia.com/advisories/60564 SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search) http://www.ubuntu.com/usn/USN-2334-1 http://www.ubuntu.com/usn/USN-2335-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-4654 BugTraq ID: 68162 http://www.securityfocus.com/bid/68162 Common Vulnerability Exposure (CVE) ID: CVE-2014-4655 http://www.securitytracker.com/id/1036763 Common Vulnerability Exposure (CVE) ID: CVE-2014-5045 BugTraq ID: 68862 http://www.securityfocus.com/bid/68862 http://www.openwall.com/lists/oss-security/2014/07/24/2 http://secunia.com/advisories/60353 Common Vulnerability Exposure (CVE) ID: CVE-2014-5077 1030681 http://www.securitytracker.com/id/1030681 59777 60430 http://secunia.com/advisories/60430 60545 60564 60744 http://secunia.com/advisories/60744 62563 http://secunia.com/advisories/62563 68881 http://www.securityfocus.com/bid/68881 RHSA-2014:1083 RHSA-2014:1668 http://rhn.redhat.com/errata/RHSA-2014-1668.html RHSA-2014:1763 http://rhn.redhat.com/errata/RHSA-2014-1763.html SUSE-SU-2014:1316 http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html SUSE-SU-2014:1319 http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html USN-2334-1 USN-2335-1 [oss-security] 20140725 Re: CVE request Linux Kernel: net: SCTP: NULL pointer dereference http://www.openwall.com/lists/oss-security/2014/07/26/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1be9a950c646c9092fb3618197f7b6bfb50e82aa https://bugzilla.redhat.com/show_bug.cgi?id=1122982 https://github.com/torvalds/linux/commit/1be9a950c646c9092fb3618197f7b6bfb50e82aa linux-kernel-cve20145077-dos(95134) https://exchange.xforce.ibmcloud.com/vulnerabilities/95134
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.