ID de Prueba:	1.3.6.1.4.1.25623.1.0.123276
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2014-3083)
Resumen:	The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-400.36.9.el5uek, mlnx_en-2.6.32-400.36.9.el6uek, ofa-2.6.32-400.36.9.el5uek, ofa-2.6.32-400.36.9.el6uek' package(s) announced via the ELSA-2014-3083 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-400.36.9.el5uek, mlnx_en-2.6.32-400.36.9.el6uek, ofa-2.6.32-400.36.9.el5uek, ofa-2.6.32-400.36.9.el6uek' package(s) announced via the ELSA-2014-3083 advisory. Vulnerability Insight: kernel-uek [2.6.32-400.36.9uek] - ALSA: control: Don't access controls outside of protected regions (Lars-Peter Clausen) [Orabug: 19817787] {CVE-2014-4653} {CVE-2014-4654} {CVE-2014-4655} - ALSA: control: Fix replacing user controls (Lars-Peter Clausen) [Orabug: 19817749] {CVE-2014-4653} {CVE-2014-4654} {CVE-2014-4655} - mm: try_to_unmap_cluster() should lock_page() before mlocking (Vlastimil Babka) [Orabug: 19817324] {CVE-2014-3122} - vm: convert fb_mmap to vm_iomap_memory() helper (Linus Torvalds) [Orabug: 19816564] {CVE-2013-2596} - vm: add vm_iomap_memory() helper function (Linus Torvalds) [Orabug: 19816564] {CVE-2013-2596} - net: sctp: inherit auth_capable on INIT collisions (Daniel Borkmann) [Orabug: 19816069] {CVE-2014-5077} Affected Software/OS: 'kernel-uek, mlnx_en-2.6.32-400.36.9.el5uek, mlnx_en-2.6.32-400.36.9.el6uek, ofa-2.6.32-400.36.9.el5uek, ofa-2.6.32-400.36.9.el6uek' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2596 BugTraq ID: 59264 http://www.securityfocus.com/bid/59264 http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 http://forum.xda-developers.com/showthread.php?t=2255491 http://www.droid-life.com/2013/04/09/root-method-released-for-droid-razr-hd-running-android-4-1-2-other-devices-too/ http://www.droidrzr.com/index.php/topic/15208-root-motochopper-yet-another-android-root-exploit/ http://marc.info/?l=linux-kernel&m=136616837923938&w=2 RedHat Security Advisories: RHSA-2015:0695 http://rhn.redhat.com/errata/RHSA-2015-0695.html RedHat Security Advisories: RHSA-2015:0782 http://rhn.redhat.com/errata/RHSA-2015-0782.html RedHat Security Advisories: RHSA-2015:0803 http://rhn.redhat.com/errata/RHSA-2015-0803.html Common Vulnerability Exposure (CVE) ID: CVE-2014-3122 59386 http://secunia.com/advisories/59386 59599 http://secunia.com/advisories/59599 67162 http://www.securityfocus.com/bid/67162 DSA-2926 http://www.debian.org/security/2014/dsa-2926 USN-2240-1 http://www.ubuntu.com/usn/USN-2240-1 [oss-security] 20140430 Re: CVE request Linux kernel: mm: try_to_unmap_cluster() should lock_page() before mlocking http://www.openwall.com/lists/oss-security/2014/05/01/7 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=57e68e9cd65b4b8eb4045a1e0d0746458502554c http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.3 https://bugzilla.redhat.com/show_bug.cgi?id=1093076 https://github.com/torvalds/linux/commit/57e68e9cd65b4b8eb4045a1e0d0746458502554c Common Vulnerability Exposure (CVE) ID: CVE-2014-4653 BugTraq ID: 68164 http://www.securityfocus.com/bid/68164 http://www.openwall.com/lists/oss-security/2014/06/26/6 RedHat Security Advisories: RHSA-2014:1083 http://rhn.redhat.com/errata/RHSA-2014-1083.html http://secunia.com/advisories/59434 http://secunia.com/advisories/59777 http://secunia.com/advisories/60545 http://secunia.com/advisories/60564 SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://www.ubuntu.com/usn/USN-2334-1 http://www.ubuntu.com/usn/USN-2335-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-4654 BugTraq ID: 68162 http://www.securityfocus.com/bid/68162 Common Vulnerability Exposure (CVE) ID: CVE-2014-4655 http://www.securitytracker.com/id/1036763 Common Vulnerability Exposure (CVE) ID: CVE-2014-5077 1030681 http://www.securitytracker.com/id/1030681 59777 60430 http://secunia.com/advisories/60430 60545 60564 60744 http://secunia.com/advisories/60744 62563 http://secunia.com/advisories/62563 68881 http://www.securityfocus.com/bid/68881 RHSA-2014:1083 RHSA-2014:1668 http://rhn.redhat.com/errata/RHSA-2014-1668.html RHSA-2014:1763 http://rhn.redhat.com/errata/RHSA-2014-1763.html SUSE-SU-2014:1316 http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html SUSE-SU-2014:1319 http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html USN-2334-1 USN-2335-1 USN-2358-1 http://www.ubuntu.com/usn/USN-2358-1 USN-2359-1 http://www.ubuntu.com/usn/USN-2359-1 [oss-security] 20140725 Re: CVE request Linux Kernel: net: SCTP: NULL pointer dereference http://www.openwall.com/lists/oss-security/2014/07/26/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1be9a950c646c9092fb3618197f7b6bfb50e82aa https://bugzilla.redhat.com/show_bug.cgi?id=1122982 https://github.com/torvalds/linux/commit/1be9a950c646c9092fb3618197f7b6bfb50e82aa linux-kernel-cve20145077-dos(95134) https://exchange.xforce.ibmcloud.com/vulnerabilities/95134
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.