Test Kennung:	1.3.6.1.4.1.25623.1.0.123103
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2015-3042)
Zusammenfassung:	The remote host is missing an update for the 'kernel-uek' package(s) announced via the ELSA-2015-3042 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'kernel-uek' package(s) announced via the ELSA-2015-3042 advisory. Vulnerability Insight: [2.6.39-400.250.5] - x86_64, vdso: Fix the vdso address randomization algorithm (Andy Lutomirski) [Orabug: 21226730] {CVE-2014-9585} - isofs: Fix infinite looping over CE entries (Jan Kara) [Orabug: 21225976] {CVE-2014-9420} - x86_64, switch_to(): Load TLS descriptors before switching DS and ES (Andy Lutomirski) [Orabug: 21225938] {CVE-2014-9419} [2.6.39-400.250.4] - IB/ipoib: Disable TSO in connected mode (Yuval Shaia) [Orabug: 20637991] [2.6.39-400.250.3] - af_unix: don't send SCM_CREDENTIALS by default (Eric Dumazet) [Orabug: 20604916] - scm: Capture the full credentials of the scm sender (Tim Chen) [Orabug: 20604916] - af_unix: limit recursion level (Eric Dumazet) [Orabug: 20604916] - af_unix: Allow credentials to work across user and pid namespaces. (Eric W. Biederman) [Orabug: 20604916] - scm: Capture the full credentials of the scm sender. (Eric W. Biederman) [Orabug: 20604916] - BUG_ON(lockres->l_level != DLM_LOCK_EX && !checkpointed) tripped in ocfs2_ci_checkpointed (Tariq Saeed) [Orabug: 20189959] - sched: Prevent divide by zero when cpu power calculation is 0 (Todd Vierling) [Orabug: 17936435] Affected Software/OS: 'kernel-uek' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-9419 BugTraq ID: 71794 http://www.securityfocus.com/bid/71794 Debian Security Information: DSA-3128 (Google Search) http://www.debian.org/security/2015/dsa-3128 http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147973.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:058 http://www.openwall.com/lists/oss-security/2014/12/25/1 RedHat Security Advisories: RHSA-2015:1081 http://rhn.redhat.com/errata/RHSA-2015-1081.html SuSE Security Announcement: SUSE-SU-2015:0529 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html SuSE Security Announcement: openSUSE-SU-2015:0714 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html http://www.ubuntu.com/usn/USN-2515-1 http://www.ubuntu.com/usn/USN-2516-1 http://www.ubuntu.com/usn/USN-2517-1 http://www.ubuntu.com/usn/USN-2518-1 http://www.ubuntu.com/usn/USN-2541-1 http://www.ubuntu.com/usn/USN-2542-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-9420 62801 http://secunia.com/advisories/62801 FEDORA-2015-0515 FEDORA-2015-0517 MDVSA-2015:058 RHSA-2015:1081 RHSA-2015:1137 http://rhn.redhat.com/errata/RHSA-2015-1137.html RHSA-2015:1138 http://rhn.redhat.com/errata/RHSA-2015-1138.html SUSE-SU-2015:0178 http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html SUSE-SU-2015:0652 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html SUSE-SU-2015:0736 SUSE-SU-2015:0812 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html USN-2490-1 http://www.ubuntu.com/usn/USN-2490-1 USN-2491-1 http://www.ubuntu.com/usn/USN-2491-1 USN-2492-1 http://www.ubuntu.com/usn/USN-2492-1 USN-2493-1 http://www.ubuntu.com/usn/USN-2493-1 USN-2515-1 USN-2516-1 USN-2517-1 USN-2518-1 [oss-security] 20141225 Re: CVE Request Linux kernel: fs: isofs: infinite loop in CE records http://www.openwall.com/lists/oss-security/2014/12/25/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f54e18f1b831c92f6512d2eedb224cd63d607d3d http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html https://bugzilla.redhat.com/show_bug.cgi?id=1175235 https://github.com/torvalds/linux/commit/f54e18f1b831c92f6512d2eedb224cd63d607d3d https://source.android.com/security/bulletin/2017-01-01.html openSUSE-SU-2015:0714 Common Vulnerability Exposure (CVE) ID: CVE-2014-9585 BugTraq ID: 71990 http://www.securityfocus.com/bid/71990 Debian Security Information: DSA-3170 (Google Search) http://www.debian.org/security/2015/dsa-3170 http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148480.html http://git.kernel.org/?p=linux/kernel/git/luto/linux.git;a=commit;h=bc3b94c31d65e761ddfe150d02932c65971b74e2 http://v0ids3curity.blogspot.in/2014/12/return-to-vdso-using-elf-auxiliary.html http://www.openwall.com/lists/oss-security/2014/12/09/10 http://www.openwall.com/lists/oss-security/2015/01/09/8 RedHat Security Advisories: RHSA-2015:1778 http://rhn.redhat.com/errata/RHSA-2015-1778.html RedHat Security Advisories: RHSA-2015:1787 http://rhn.redhat.com/errata/RHSA-2015-1787.html SuSE Security Announcement: SUSE-SU-2015:0178 (Google Search) SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html SuSE Security Announcement: SUSE-SU-2015:0652 (Google Search) SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://www.ubuntu.com/usn/USN-2513-1 http://www.ubuntu.com/usn/USN-2514-1
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.