ID de Prueba:	1.3.6.1.4.1.25623.1.0.123416
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2014-0475)
Resumen:	The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-0475 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-0475 advisory. Vulnerability Insight: [2.6.32-431.17.1] - [scsi] qla2xxx: Fixup looking for a space in the outstanding_cmds array in qla2x00_alloc_iocbs() (Chad Dupuis) [1085660 1070856] - [scsi] isci: fix reset timeout handling (David Milburn) [1080600 1040393] - [scsi] isci: correct erroneous for_each_isci_host macro (David Milburn) [1074855 1059325] - [kernel] sched: Fix small race where child->se.parent, cfs_rq might point to invalid ones (Naoya Horiguchi) [1081907 1032350] - [kernel] sched: suppress RCU lockdep splat in task_fork_fair (Naoya Horiguchi) [1081907 1032350] - [kernel] sched: add local variable to store task_group() to avoid kernel stall (Naoya Horiguchi) [1081908 1043733] - [fs] cifs: mask off top byte in get_rfc1002_length() (Sachin Prabhu) [1085358 1069737] - [kernel] Prevent deadlock when post_schedule_rt() results in calling wakeup_kswapd() on multiple CPUs (Larry Woodman) [1086095 1009626] - [scsi] AACRAID Driver compat IOCTL missing capability check (Jacob Tanenbaum) [1033533 1033534] {CVE-2013-6383} - [md] dm-thin: fix rcu_read_lock being held in code that can sleep (Mike Snitzer) [1086007 1060381] - [md] dm-thin: irqsave must always be used with the pool->lock spinlock (Mike Snitzer) [1086007 1060381] - [md] dm-thin: sort the per thin deferred bios using an rb_tree (Mike Snitzer) [1086007 1060381] - [md] dm-thin: use per thin device deferred bio lists (Mike Snitzer) [1086007 1060381] - [md] dm-thin: simplify pool_is_congested (Mike Snitzer) [1086007 1060381] - [md] dm-thin: fix dangling bio in process_deferred_bios error path (Mike Snitzer) [1086007 1060381] - [md] dm-thin: take care to copy the space map root before locking the superblock (Mike Snitzer) [1086007 1060381] - [md] dm-transaction-manager: fix corruption due to non-atomic transaction commit (Mike Snitzer) [1086007 1060381] - [md] dm-space-map-metadata: fix refcount decrement below 0 which caused corruption (Mike Snitzer) [1086007 1060381] - [md] dm-thin: fix Documentation for held metadata root feature (Mike Snitzer) [1086007 1060381] - [md] dm-thin: fix noflush suspend IO queueing (Mike Snitzer) [1086007 1060381] - [md] dm-thin: fix deadlock in __requeue_bio_list (Mike Snitzer) [1086007 1060381] - [md] dm-thin: fix out of data space handling (Mike Snitzer) [1086007 1060381] - [md] dm-thin: ensure user takes action to validate data and metadata consistency (Mike Snitzer) [1086007 1060381] - [md] dm-thin: synchronize the pool mode during suspend (Mike Snitzer) [1086007 1060381] - [md] fix Kconfig indentation (Mike Snitzer) [1086007 1060381] - [md] dm-thin: allow metadata space larger than supported to go unused (Mike Snitzer) [1086007 1060381] - [md] dm-thin: fix the error path for the thin device constructor (Mike Snitzer) [1086007 1060381] - [md] dm-thin: avoid metadata commit if a pool's thin devices haven't changed (Mike Snitzer) [1086007 1060381] - [md] dm-space-map-metadata: fix bug in resizing of thin metadata ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-6383 RHSA-2014:0100 http://rhn.redhat.com/errata/RHSA-2014-0100.html RHSA-2014:0285 http://rhn.redhat.com/errata/RHSA-2014-0285.html USN-2066-1 http://www.ubuntu.com/usn/USN-2066-1 USN-2067-1 http://www.ubuntu.com/usn/USN-2067-1 USN-2068-1 http://www.ubuntu.com/usn/USN-2068-1 USN-2069-1 http://www.ubuntu.com/usn/USN-2069-1 USN-2070-1 http://www.ubuntu.com/usn/USN-2070-1 USN-2071-1 http://www.ubuntu.com/usn/USN-2071-1 USN-2072-1 http://www.ubuntu.com/usn/USN-2072-1 USN-2073-1 http://www.ubuntu.com/usn/USN-2073-1 USN-2074-1 http://www.ubuntu.com/usn/USN-2074-1 USN-2075-1 http://www.ubuntu.com/usn/USN-2075-1 USN-2076-1 http://www.ubuntu.com/usn/USN-2076-1 USN-2107-1 http://www.ubuntu.com/usn/USN-2107-1 USN-2108-1 http://www.ubuntu.com/usn/USN-2108-1 [oss-security] 20131122 Linux kernel CVE fixes http://www.openwall.com/lists/oss-security/2013/11/22/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f856567b930dfcdbc3323261bf77240ccdde01f5 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.8 https://bugzilla.redhat.com/show_bug.cgi?id=1033530 https://github.com/torvalds/linux/commit/f856567b930dfcdbc3323261bf77240ccdde01f5 Common Vulnerability Exposure (CVE) ID: CVE-2014-0077 59386 http://secunia.com/advisories/59386 59599 http://secunia.com/advisories/59599 66678 http://www.securityfocus.com/bid/66678 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d8316f3991d207fe32881a9ac20241be8fa2bad0 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.10 https://bugzilla.redhat.com/show_bug.cgi?id=1064440 https://github.com/torvalds/linux/commit/d8316f3991d207fe32881a9ac20241be8fa2bad0 Common Vulnerability Exposure (CVE) ID: CVE-2014-2523 BugTraq ID: 66279 http://www.securityfocus.com/bid/66279 http://twitter.com/grsecurity/statuses/445496197399461888 http://www.openwall.com/lists/oss-security/2014/03/17/7 http://www.securitytracker.com/id/1029945 http://secunia.com/advisories/57446 http://www.ubuntu.com/usn/USN-2173-1 http://www.ubuntu.com/usn/USN-2174-1 XForce ISS Database: linux-kernel-cve20142523-code-exec(91910) https://exchange.xforce.ibmcloud.com/vulnerabilities/91910
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.