Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2012-0690)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.123914

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2012-0690)

Resumen: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-308.8.1.el5, oracleasm-2.6.18-308.8.1.el5' package(s) announced via the ELSA-2012-0690 advisory.

Descripción: Summary:
The remote host is missing an update for the 'kernel, ocfs2-2.6.18-308.8.1.el5, oracleasm-2.6.18-308.8.1.el5' package(s) announced via the ELSA-2012-0690 advisory.

Vulnerability Insight:
[2.6.18-308.8.1.el5]
- [net] sock: validate data_len before allocating skb in sock_alloc_send_pskb() (Jason Wang) [816290 816106] {CVE-2012-2136}
- [net] tg3: Fix VLAN tagging assignments (John Feeney) [817691 797011]
- [net] ixgbe: do not stop stripping VLAN tags in promiscuous mode (Andy Gospodarek) [809791 804800]
- [s390] zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl (Hendrik Brueckner) [810123 808489]
- [x86] unwind information fix for the vsyscall DSO (Prarit Bhargava) [807930 805799]

[2.6.18-308.7.1.el5]
- [fs] epoll: Don't limit non-nested epoll paths (Jason Baron) [809380 804778]

[2.6.18-308.6.1.el5]
- [scsi] fc class: fix scanning when devs are offline (Mike Christie) [816684 799530]
- [md] dm-multipath: delay retry of bypassed pg (Mike Christie) [816684 799530]
- [net] bonding: properly unset current_arp_slave on slave link up (Veaceslav Falico) [811927 800575]
- [net] bonding: remove {master,vlan}_ip and query devices instead (Andy Gospodarek) [810321 772216]

[2.6.18-308.5.1.el5]
- [scsi] skip sense logging for some ATA PASS-THROUGH cdbs (David Milburn) [807265 788777]

Affected Software/OS:
'kernel, ocfs2-2.6.18-308.8.1.el5, oracleasm-2.6.18-308.8.1.el5' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-2136
50807
http://secunia.com/advisories/50807
53721
http://www.securityfocus.com/bid/53721
RHSA-2012:0743
http://rhn.redhat.com/errata/RHSA-2012-0743.html
RHSA-2012:1087
http://rhn.redhat.com/errata/RHSA-2012-1087.html
USN-1529-1
http://ubuntu.com/usn/usn-1529-1
USN-1535-1
http://www.ubuntu.com/usn/USN-1535-1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5
https://bugzilla.redhat.com/show_bug.cgi?id=816289
https://github.com/torvalds/linux/commit/cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.123914
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2012-0690)
Resumen:	The remote host is missing an update for the 'kernel, ocfs2-2.6.18-308.8.1.el5, oracleasm-2.6.18-308.8.1.el5' package(s) announced via the ELSA-2012-0690 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-308.8.1.el5, oracleasm-2.6.18-308.8.1.el5' package(s) announced via the ELSA-2012-0690 advisory. Vulnerability Insight: [2.6.18-308.8.1.el5] - [net] sock: validate data_len before allocating skb in sock_alloc_send_pskb() (Jason Wang) [816290 816106] {CVE-2012-2136} - [net] tg3: Fix VLAN tagging assignments (John Feeney) [817691 797011] - [net] ixgbe: do not stop stripping VLAN tags in promiscuous mode (Andy Gospodarek) [809791 804800] - [s390] zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl (Hendrik Brueckner) [810123 808489] - [x86] unwind information fix for the vsyscall DSO (Prarit Bhargava) [807930 805799] [2.6.18-308.7.1.el5] - [fs] epoll: Don't limit non-nested epoll paths (Jason Baron) [809380 804778] [2.6.18-308.6.1.el5] - [scsi] fc class: fix scanning when devs are offline (Mike Christie) [816684 799530] - [md] dm-multipath: delay retry of bypassed pg (Mike Christie) [816684 799530] - [net] bonding: properly unset current_arp_slave on slave link up (Veaceslav Falico) [811927 800575] - [net] bonding: remove {master,vlan}_ip and query devices instead (Andy Gospodarek) [810321 772216] [2.6.18-308.5.1.el5] - [scsi] skip sense logging for some ATA PASS-THROUGH cdbs (David Milburn) [807265 788777] Affected Software/OS: 'kernel, ocfs2-2.6.18-308.8.1.el5, oracleasm-2.6.18-308.8.1.el5' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2136 50807 http://secunia.com/advisories/50807 53721 http://www.securityfocus.com/bid/53721 RHSA-2012:0743 http://rhn.redhat.com/errata/RHSA-2012-0743.html RHSA-2012:1087 http://rhn.redhat.com/errata/RHSA-2012-1087.html USN-1529-1 http://ubuntu.com/usn/usn-1529-1 USN-1535-1 http://www.ubuntu.com/usn/USN-1535-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5 https://bugzilla.redhat.com/show_bug.cgi?id=816289 https://github.com/torvalds/linux/commit/cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc
Copyright	Copyright (C) 2015 Greenbone AG