ID de Prueba:	1.3.6.1.4.1.25623.1.0.123785
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2012-2044)
Resumen:	The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-300.39.1.el5uek, mlnx_en-2.6.32-300.39.1.el6uek, ofa-2.6.32-300.39.1.el5uek, ofa-2.6.32-300.39.1.el6uek' package(s) announced via the ELSA-2012-2044 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-300.39.1.el5uek, mlnx_en-2.6.32-300.39.1.el6uek, ofa-2.6.32-300.39.1.el5uek, ofa-2.6.32-300.39.1.el6uek' package(s) announced via the ELSA-2012-2044 advisory. Vulnerability Insight: [2.6.32-300.39.1] - hugepages: fix use after free bug in 'quota' handling [15842385] {CVE-2012-2133} - mm: Hold a file reference in madvise_remove [15842884] {CVE-2012-3511} - udf: Fortify loading of sparing table [15843730] {CVE-2012-3400} - udf: Avoid run away loop when partition table length is corrupt [15843730] {CVE-2012-3400} Affected Software/OS: 'kernel-uek, mlnx_en-2.6.32-300.39.1.el5uek, mlnx_en-2.6.32-300.39.1.el6uek, ofa-2.6.32-300.39.1.el5uek, ofa-2.6.32-300.39.1.el6uek' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2133 53233 http://www.securityfocus.com/bid/53233 DSA-2469 http://www.debian.org/security/2012/dsa-2469 SUSE-SU-2012:0616 http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html [oss-security] 20120424 Re: CVE Request: use after free bug in "quota" handling in hugetlb code http://www.openwall.com/lists/oss-security/2012/04/24/12 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=90481622d75715bfcb68501280a917dbfe516029 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.6 https://bugzilla.redhat.com/show_bug.cgi?id=817430 https://github.com/torvalds/linux/commit/90481622d75715bfcb68501280a917dbfe516029 linux-kernel-hugepages-dos(75168) https://exchange.xforce.ibmcloud.com/vulnerabilities/75168 Common Vulnerability Exposure (CVE) ID: CVE-2012-3400 50506 http://secunia.com/advisories/50506 RHSA-2013:0594 http://rhn.redhat.com/errata/RHSA-2013-0594.html SUSE-SU-2015:0812 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html USN-1529-1 http://ubuntu.com/usn/usn-1529-1 USN-1555-1 http://www.ubuntu.com/usn/USN-1555-1 USN-1556-1 http://www.ubuntu.com/usn/USN-1556-1 USN-1557-1 http://www.ubuntu.com/usn/USN-1557-1 [oss-security] 20120709 Re: CVE Request: Stability fixes in UDF Logical Volume Descriptor handling http://www.openwall.com/lists/oss-security/2012/07/10/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1df2ae31c724e57be9d7ac00d78db8a5dabdd050 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=adee11b2085bee90bd8f4f52123ffb07882d6256 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5 https://bugzilla.redhat.com/show_bug.cgi?id=843139 https://github.com/torvalds/linux/commit/1df2ae31c724e57be9d7ac00d78db8a5dabdd050 https://github.com/torvalds/linux/commit/adee11b2085bee90bd8f4f52123ffb07882d6256 Common Vulnerability Exposure (CVE) ID: CVE-2012-3511 50633 http://secunia.com/advisories/50633 50732 http://secunia.com/advisories/50732 55055 http://secunia.com/advisories/55055 55151 http://www.securityfocus.com/bid/55151 USN-1567-1 http://www.ubuntu.com/usn/USN-1567-1 USN-1572-1 http://www.ubuntu.com/usn/USN-1572-1 USN-1577-1 http://www.ubuntu.com/usn/USN-1577-1 [oss-security] 20120820 Re: CVE Request -- kernel: mm: use-after-free in madvise_remove() http://www.openwall.com/lists/oss-security/2012/08/20/13 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9ab4233dd08036fe34a89c7dc6f47a8bf2eb29eb https://bugzilla.redhat.com/show_bug.cgi?id=849734 https://github.com/torvalds/linux/commit/9ab4233dd08036fe34a89c7dc6f47a8bf2eb29eb
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.