ID de Prueba:	1.3.6.1.4.1.25623.1.0.123494
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2013-2589)
Resumen:	The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-400.33.4.el5uek, mlnx_en-2.6.32-400.33.4.el6uek, ofa-2.6.32-400.33.4.el5uek, ofa-2.6.32-400.33.4.el6uek' package(s) announced via the ELSA-2013-2589 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-400.33.4.el5uek, mlnx_en-2.6.32-400.33.4.el6uek, ofa-2.6.32-400.33.4.el5uek, ofa-2.6.32-400.33.4.el6uek' package(s) announced via the ELSA-2013-2589 advisory. Vulnerability Insight: kernel-uek [2.6.32-400.33.4uek] - kernel/signal.c: stop info leak via the tkill and the tgkill syscalls (Emese Revfy) [Orabug: 17951083] {CVE-2013-2141} - ip_output: do skb ufo init for peeked non ufo skb as well (Jiri Pirko) [Orabug: 17951078] {CVE-2013-4470} - KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367) (Andy Honig) [Orabug: 17951073] {CVE-2013-6367} Affected Software/OS: 'kernel-uek, mlnx_en-2.6.32-400.33.4.el5uek, mlnx_en-2.6.32-400.33.4.el6uek, ofa-2.6.32-400.33.4.el5uek, ofa-2.6.32-400.33.4.el6uek' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2141 55055 http://secunia.com/advisories/55055 DSA-2766 http://www.debian.org/security/2013/dsa-2766 MDVSA-2013:176 http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 RHSA-2013:1801 http://rhn.redhat.com/errata/RHSA-2013-1801.html USN-1899-1 http://www.ubuntu.com/usn/USN-1899-1 USN-1900-1 http://www.ubuntu.com/usn/USN-1900-1 [oss-security] 20130604 Re: CVE Request: kernel info leak in tkill/tgkill http://www.openwall.com/lists/oss-security/2013/06/04/10 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b9e146d8eb3b9ecae5086d373b50fa0c1f3e7f0f http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9 https://bugzilla.redhat.com/show_bug.cgi?id=970873 https://github.com/torvalds/linux/commit/b9e146d8eb3b9ecae5086d373b50fa0c1f3e7f0f openSUSE-SU-2013:1971 http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html Common Vulnerability Exposure (CVE) ID: CVE-2013-4470 63359 http://www.securityfocus.com/bid/63359 RHSA-2014:0100 http://rhn.redhat.com/errata/RHSA-2014-0100.html RHSA-2014:0284 http://rhn.redhat.com/errata/RHSA-2014-0284.html SUSE-SU-2014:0459 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html USN-2040-1 http://www.ubuntu.com/usn/USN-2040-1 USN-2042-1 http://www.ubuntu.com/usn/USN-2042-1 USN-2043-1 http://www.ubuntu.com/usn/USN-2043-1 USN-2044-1 http://www.ubuntu.com/usn/USN-2044-1 USN-2046-1 http://www.ubuntu.com/usn/USN-2046-1 USN-2049-1 http://www.ubuntu.com/usn/USN-2049-1 USN-2050-1 http://www.ubuntu.com/usn/USN-2050-1 USN-2066-1 http://www.ubuntu.com/usn/USN-2066-1 USN-2067-1 http://www.ubuntu.com/usn/USN-2067-1 USN-2069-1 http://www.ubuntu.com/usn/USN-2069-1 USN-2073-1 http://www.ubuntu.com/usn/USN-2073-1 [oss-security] 20131025 Re: CVE request: Linux kernel: net: memory corruption with UDP_CORK and UFO http://www.openwall.com/lists/oss-security/2013/10/25/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e93b7d748be887cd7639b113ba7d7ef792a7efb9 https://bugzilla.redhat.com/show_bug.cgi?id=1023477 https://github.com/torvalds/linux/commit/c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b https://github.com/torvalds/linux/commit/e93b7d748be887cd7639b113ba7d7ef792a7efb9 https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2 Common Vulnerability Exposure (CVE) ID: CVE-2013-6367 64270 http://www.securityfocus.com/bid/64270 RHSA-2014:0163 http://rhn.redhat.com/errata/RHSA-2014-0163.html USN-2109-1 http://www.ubuntu.com/usn/USN-2109-1 USN-2110-1 http://www.ubuntu.com/usn/USN-2110-1 USN-2113-1 http://www.ubuntu.com/usn/USN-2113-1 USN-2117-1 http://www.ubuntu.com/usn/USN-2117-1 USN-2128-1 http://www.ubuntu.com/usn/USN-2128-1 USN-2129-1 http://www.ubuntu.com/usn/USN-2129-1 USN-2135-1 http://www.ubuntu.com/usn/USN-2135-1 USN-2136-1 http://www.ubuntu.com/usn/USN-2136-1 USN-2138-1 http://www.ubuntu.com/usn/USN-2138-1 USN-2139-1 http://www.ubuntu.com/usn/USN-2139-1 USN-2141-1 http://www.ubuntu.com/usn/USN-2141-1 [oss-security] 20131212 Re: [vs-plain] kvm issues http://www.openwall.com/lists/oss-security/2013/12/12/12 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b963a22e6d1a266a67e9eecc88134713fd54775c https://bugzilla.redhat.com/show_bug.cgi?id=1032207 https://github.com/torvalds/linux/commit/b963a22e6d1a266a67e9eecc88134713fd54775c https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.54 openSUSE-SU-2014:0204 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html openSUSE-SU-2014:0205 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.html openSUSE-SU-2014:0247 http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.