English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
146377 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.123440
Categoría:Oracle Linux Local Security Checks
Título:Oracle: Security Advisory (ELSA-2014-0328)
Resumen:The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-0328 advisory.
Descripción:Summary:
The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-0328 advisory.

Vulnerability Insight:
[2.6.32-431.11.2]
- [net] sctp: fix sctp_sf_do_5_1D_ce to verify if peer is AUTH capable (Daniel Borkmann) [1070715 1067451] {CVE-2014-0101}
- [vhost] validate vhost_get_vq_desc return value (Michael S. Tsirkin) [1062579 1058677] {CVE-2014-0055}

[2.6.32-431.11.1]
- [net] netpoll: take rcu_read_lock_bh() in netpoll_send_skb_on_dev() (Florian Westphal) [1063271 1049052]
- [fs] cifs: sanity check length of data to send before sending (Sachin Prabhu) [1065668 1062590] {CVE-2014-0069}
- [fs] cifs: ensure that uncached writes handle unmapped areas correctly (Sachin Prabhu) [1065668 1062590] {CVE-2014-0069}
- [infiniband] ipoib: Report operstate consistently when brought up without a link (Michal Schmidt) [1064464 995300]
- [security] selinux: fix broken peer recv check (Paul Moore) [1059991 1043051]
- [fs] GFS2: Fix slab memory leak in gfs2_bufdata (Robert S Peterson) [1064913 1024024]
- [fs] GFS2: Fix use-after-free race when calling gfs2_remove_from_ail (Robert S Peterson) [1064913 1024024]
- [fs] nfs: always make sure page is up-to-date before extending a write to cover the entire page (Scott Mayhew) [1066942 1054493]
- [fs] xfs: ensure we capture IO errors correctly (Lachlan McIlroy) [1058418 1021325]
- [mm] get rid of unnecessary pageblock scanning in setup_zone_migrate_reserve (Motohiro Kosaki) [1062113 1043353]
- [security] selinux: process labeled IPsec TCP SYN-ACK packets properly in selinux_ip_postroute() (Paul Moore) [1055364 1024631]
- [security] selinux: look for IPsec labels on both inbound and outbound packets (Paul Moore) [1055364 1024631]
- [security] selinux: handle TCP SYN-ACK packets correctly in selinux_ip_postroute() (Paul Moore) [1055364 1024631]
- [security] selinux: handle TCP SYN-ACK packets correctly in selinux_ip_output() (Paul Moore) [1055364 1024631]
- [edac] e752x_edac: Fix pci_dev usage count (Aristeu Rozanski) [1058420 1029530]
- [s390] mm: handle asce-type exceptions as normal page fault (Hendrik Brueckner) [1057164 1034268]
- [s390] mm: correct tlb flush on page table upgrade (Hendrik Brueckner) [1057165 1034269]
- [net] fix memory information leaks in recv protocol handlers (Florian Westphal) [1039868 1039869]
- [usb] cdc-wdm: fix buffer overflow (Alexander Gordeev) [922000 922001] {CVE-2013-1860}
- [usb] cdc-wdm: Fix race between autosuspend and reading from the device (Alexander Gordeev) [922000 922001] {CVE-2013-1860}

[2.6.32-431.10.1]
- [fs] xfs: xfs_remove deadlocks due to inverted AGF vs AGI lock ordering (Brian Foster) [1067775 1059334]
- [x86] apic: Map the local apic when parsing the MP table (Prarit Bhargava) [1063507 1061873]

[2.6.32-431.9.1]
- [netdrv] bonding: add NETIF_F_NO_CSUM vlan_features (Ivan Vecera) [1063199 1059777]

[2.6.32-431.8.1]
- [netdrv] enic: remove enic->vlan_group check (Stefan Assmann) [1064115 1057704]

[2.6.32-431.7.1]
- [char] n_tty: Fix unsafe update of available buffer space (Jiri Benc) [1060491 ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'kernel' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-1860
58510
http://www.securityfocus.com/bid/58510
MDVSA-2013:176
http://www.mandriva.com/security/advisories?name=MDVSA-2013:176
RHSA-2014:0328
http://rhn.redhat.com/errata/RHSA-2014-0328.html
RHSA-2014:0339
http://rhn.redhat.com/errata/RHSA-2014-0339.html
USN-1809-1
http://www.ubuntu.com/usn/USN-1809-1
USN-1811-1
http://www.ubuntu.com/usn/USN-1811-1
USN-1812-1
http://www.ubuntu.com/usn/USN-1812-1
USN-1813-1
http://www.ubuntu.com/usn/USN-1813-1
USN-1814-1
http://www.ubuntu.com/usn/USN-1814-1
USN-1829-1
http://www.ubuntu.com/usn/USN-1829-1
[oss-security] 20130314 Re: CVE Request/Guidance: Linux kernel cdc-wdm buffer overflow triggered by device
http://www.openwall.com/lists/oss-security/2013/03/15/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c0f5ecee4e741667b2493c742b60b6218d40b3aa
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.4
https://bugzilla.redhat.com/show_bug.cgi?id=921970
https://github.com/torvalds/linux/commit/c0f5ecee4e741667b2493c742b60b6218d40b3aa
Common Vulnerability Exposure (CVE) ID: CVE-2014-0055
59386
http://secunia.com/advisories/59386
66441
http://www.securityfocus.com/bid/66441
https://bugzilla.redhat.com/show_bug.cgi?id=1062577
Common Vulnerability Exposure (CVE) ID: CVE-2014-0069
65588
http://www.securityfocus.com/bid/65588
SUSE-SU-2014:0459
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html
[linux-cifs] 20140214 [PATCH] cifs: ensure that uncached writes handle unmapped areas correctly
http://article.gmane.org/gmane.linux.kernel.cifs/9401
[oss-security] 20140217 CVE-2014-0069 -- kernel: cifs: incorrect handling of bogus user pointers during uncached writes
http://www.openwall.com/lists/oss-security/2014/02/17/4
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5d81de8e8667da7135d3a32a964087c0faf5483f
https://bugzilla.redhat.com/show_bug.cgi?id=1064253
https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483f
Common Vulnerability Exposure (CVE) ID: CVE-2014-0101
59216
http://secunia.com/advisories/59216
65943
http://www.securityfocus.com/bid/65943
RHSA-2014:0419
http://rhn.redhat.com/errata/RHSA-2014-0419.html
RHSA-2014:0432
http://rhn.redhat.com/errata/RHSA-2014-0432.html
USN-2173-1
http://www.ubuntu.com/usn/USN-2173-1
USN-2174-1
http://www.ubuntu.com/usn/USN-2174-1
[oss-security] 20140304 CVE-2014-0101 -- Linux kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk
http://www.openwall.com/lists/oss-security/2014/03/04/6
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html
https://bugzilla.redhat.com/show_bug.cgi?id=1070705
https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729
CopyrightCopyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.