English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.123411
Kategorie:Oracle Linux Local Security Checks
Titel:Oracle: Security Advisory (ELSA-2014-3034)
Zusammenfassung:The remote host is missing an update for the 'dtrace-modules-3.8.13-35.el6uek, kernel-uek' package(s) announced via the ELSA-2014-3034 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'dtrace-modules-3.8.13-35.el6uek, kernel-uek' package(s) announced via the ELSA-2014-3034 advisory.

Vulnerability Insight:
kernel-uek
[3.8.13-35.el6uek]
- n_tty: Fix n_tty_write crash when echoing in raw mode (Peter Hurley) [Orabug: 18754908] {CVE-2014-0196} {CVE-2014-0196}

[3.8.13-34.el6uek]
- aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18721960] {CVE-2013-6383}
- vhost: fix total length when packets are too short (Michael S. Tsirkin) [Orabug: 18721975] {CVE-2014-0077}

[3.8.13-33.el6uek]
- dtrace: ensure one can try to get user pages without locking or faulting (Kris Van Hees) [Orabug: 18653173]
- ipv6: don't set DST_NOCOUNT for remotely added routes (Sabrina Dubroca) [Orabug: 18681501] {CVE-2014-2309}
- kvm: x86: fix emulator buffer overflow (CVE-2014-0049) (Andrew Honig) [Orabug: 18681519] {CVE-2014-0049}
- ib_core: fmr pool hard lock up when cache enabled (Shamir Rabinovitch) [Orabug: 18408531]
- bnx2x: disable PTP clock support (Jerry Snitselaar) [Orabug: 18605376]
- x86, mm: Revert back good_end setting for 64bit (Brian Maly) [Orabug: 17648536]
- IB/sdp: disable APM by default (Shamir Rabinovitch) [Orabug: 18443201]
- vxlan: kernel panic when bringing up vxlan (Venkat Venkatsubra) [Orabug: 18295741]
- ocfs2: call ocfs2_update_inode_fsync_trans when updating any inode (Darrick J. Wong) [Orabug: 18257094]
- ocfs2: improve fsync efficiency and fix deadlock between aio_write and sync_file (Darrick J. Wong) [Orabug: 18257094]
- Revert 'ocfs2: fix i_mutex deadlock between aio_write and sync_file' (Jerry Snitselaar) [Orabug: 18257094]
- config: align with rhck (Jerry Snitselaar) [Orabug: 18685975]
- config: disable atmel drivers for ol7 (Jerry Snitselaar) [Orabug: 18665656]
- config: enable support for squashfs features (Jerry Snitselaar) [Orabug: 18655723]
- qla4xxx: Update driver version to v5.04.00.05.06.02-uek3 (Tej Parkash) [Orabug: 18552248]
- net: ipv4: current group_info should be put after using. (Wang, Xiaoming) [Orabug: 18603519] {CVE-2014-2851}

[3.8.13-32.el6uek]
- mm / dtrace: Allow DTrace to entirely disable page faults. (Nick Alcock) [Orabug: 18412802]
- mm: allow __get_user_pages() callers to avoid triggering page faults. (Nick Alcock) [Orabug: 18412802]
- config: enable nfs client support for rdma (Jerry Snitselaar) [Orabug: 18560595]
- NFS: Fix negative overflow in SETATTR timestamps (Chuck Lever) [Orabug: 18476361]
- NFS: Transfer full int64 for NFSv4 SETATTR timestamps (Chuck Lever) [Orabug: 18476361]
- NFS: Block file size updates during async READ (Chuck Lever) [Orabug: 18391310]
- NFS: Use an RPC/RDMA long request for NFS symlink operations (Chuck Lever) [Orabug: 18261861]
- SUNRPC: Support long RPC/RDMA requests (Chuck Lever) [Orabug: 18261861]
- xprtrdma: Split the completion queue (Chuck Lever) [Orabug: 18560595]
- xprtrdma: Make rpcrdma_ep_destroy() return void (Chuck Lever) [Orabug: 18560595]
- xprtrdma: Simplify rpcrdma_deregister_external() synopsis (Chuck Lever) [Orabug: 18560595]
- xprtrdma: Remove support for MEMWINDOWS ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'dtrace-modules-3.8.13-35.el6uek, kernel-uek' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
7.4

CVSS Vector:
AV:A/AC:M/Au:S/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-4587
USN-2109-1
http://www.ubuntu.com/usn/USN-2109-1
USN-2110-1
http://www.ubuntu.com/usn/USN-2110-1
USN-2113-1
http://www.ubuntu.com/usn/USN-2113-1
USN-2117-1
http://www.ubuntu.com/usn/USN-2117-1
USN-2128-1
http://www.ubuntu.com/usn/USN-2128-1
USN-2129-1
http://www.ubuntu.com/usn/USN-2129-1
USN-2135-1
http://www.ubuntu.com/usn/USN-2135-1
USN-2136-1
http://www.ubuntu.com/usn/USN-2136-1
USN-2138-1
http://www.ubuntu.com/usn/USN-2138-1
USN-2139-1
http://www.ubuntu.com/usn/USN-2139-1
USN-2141-1
http://www.ubuntu.com/usn/USN-2141-1
[oss-security] 20131212 Re: [vs-plain] kvm issues
http://www.openwall.com/lists/oss-security/2013/12/12/12
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=338c7dbadd2671189cec7faf64c84d01071b3f96
https://bugzilla.redhat.com/show_bug.cgi?id=1030986
https://github.com/torvalds/linux/commit/338c7dbadd2671189cec7faf64c84d01071b3f96
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.54
openSUSE-SU-2014:0204
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html
openSUSE-SU-2014:0205
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.html
openSUSE-SU-2014:0247
http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-6885
1029415
http://www.securitytracker.com/id/1029415
55840
http://secunia.com/advisories/55840
63983
http://www.securityfocus.com/bid/63983
DSA-3128
http://www.debian.org/security/2015/dsa-3128
FEDORA-2013-22754
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123553.html
FEDORA-2013-22866
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124199.html
FEDORA-2013-22888
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124195.html
GLSA-201407-03
http://security.gentoo.org/glsa/glsa-201407-03.xml
RHSA-2014:0285
http://rhn.redhat.com/errata/RHSA-2014-0285.html
SUSE-SU-2014:0372
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html
SUSE-SU-2014:0373
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html
SUSE-SU-2014:0411
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html
SUSE-SU-2014:0446
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html
SUSE-SU-2014:0459
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html
SUSE-SU-2014:0470
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html
[kernel] 20111225 Buildworld loop seg-fault update -- I believe it is hardware
http://lists.dragonflybsd.org/pipermail/kernel/2011-December/046594.html
[oss-security] 20131127 CVE-2013-6885 AMD Publ. 51810 Errata 793 system hang
http://openwall.com/lists/oss-security/2013/11/28/1
[oss-security] 20131202 Xen Security Advisory 82 (CVE-2013-6885) - Guest triggerable AMD CPU erratum may cause host to hang
http://www.openwall.com/lists/oss-security/2013/12/02/1
http://support.amd.com/TechDocs/51810_16h_00h-0Fh_Rev_Guide.pdf
http://www.zdnet.com/blog/hardware/amd-owns-up-to-cpu-bug/18924
https://bugzilla.redhat.com/show_bug.cgi?id=1035823
xen-cve20136885-dos(89335)
https://exchange.xforce.ibmcloud.com/vulnerabilities/89335
Common Vulnerability Exposure (CVE) ID: CVE-2013-7266
http://www.openwall.com/lists/oss-security/2013/12/31/7
http://secunia.com/advisories/55882
http://secunia.com/advisories/56036
Common Vulnerability Exposure (CVE) ID: CVE-2014-0038
31346
http://www.exploit-db.com/exploits/31346
31347
http://www.exploit-db.com/exploits/31347
40503
https://www.exploit-db.com/exploits/40503/
56669
http://secunia.com/advisories/56669
65255
http://www.securityfocus.com/bid/65255
MDVSA-2014:038
http://www.mandriva.com/security/advisories?name=MDVSA-2014:038
USN-2094-1
http://www.ubuntu.com/usn/USN-2094-1
USN-2095-1
http://www.ubuntu.com/usn/USN-2095-1
USN-2096-1
http://www.ubuntu.com/usn/USN-2096-1
[oss-security] 20140131 Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038)
http://www.openwall.com/lists/oss-security/2014/01/31/2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2def2ef2ae5f3990aabdbe8a755911902707d268
http://pastebin.com/raw.php?i=DH3Lbg54
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.2
https://bugzilla.redhat.com/show_bug.cgi?id=1060023
https://code.google.com/p/chromium/issues/detail?id=338594
https://github.com/saelo/cve-2014-0038
https://github.com/torvalds/linux/commit/2def2ef2ae5f3990aabdbe8a755911902707d268
Common Vulnerability Exposure (CVE) ID: CVE-2014-0049
[oss-security] 20140303 CVE-2014-0049 -- Linux kernel: kvm: mmio_fragments out-of-the-bounds access
http://www.openwall.com/lists/oss-security/2014/03/03/1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a08d3b3b99efd509133946056531cdf8f3a0c09b
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.6
https://bugzilla.redhat.com/show_bug.cgi?id=1062368
https://github.com/torvalds/linux/commit/a08d3b3b99efd509133946056531cdf8f3a0c09b
Common Vulnerability Exposure (CVE) ID: CVE-2014-0196
106646
http://www.osvdb.org/106646
33516
http://www.exploit-db.com/exploits/33516
59218
http://secunia.com/advisories/59218
59262
http://secunia.com/advisories/59262
59599
http://secunia.com/advisories/59599
DSA-2926
http://www.debian.org/security/2014/dsa-2926
DSA-2928
http://www.debian.org/security/2014/dsa-2928
RHSA-2014:0512
http://rhn.redhat.com/errata/RHSA-2014-0512.html
SUSE-SU-2014:0667
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html
SUSE-SU-2014:0683
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html
USN-2196-1
http://www.ubuntu.com/usn/USN-2196-1
USN-2197-1
http://www.ubuntu.com/usn/USN-2197-1
USN-2198-1
http://www.ubuntu.com/usn/USN-2198-1
USN-2199-1
http://www.ubuntu.com/usn/USN-2199-1
USN-2200-1
http://www.ubuntu.com/usn/USN-2200-1
USN-2201-1
http://www.ubuntu.com/usn/USN-2201-1
USN-2202-1
http://www.ubuntu.com/usn/USN-2202-1
USN-2203-1
http://www.ubuntu.com/usn/USN-2203-1
USN-2204-1
http://www.ubuntu.com/usn/USN-2204-1
[oss-security] 20140429 CVE-2014-0196: Linux kernel pty layer race condition memory corruption
http://www.openwall.com/lists/oss-security/2014/05/05/6
http://bugzilla.novell.com/show_bug.cgi?id=875690
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00
http://linux.oracle.com/errata/ELSA-2014-0771.html
http://pastebin.com/raw.php?i=yTSFUBgZ
http://source.android.com/security/bulletin/2016-07-01.html
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html
https://bugzilla.redhat.com/show_bug.cgi?id=1094232
https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00
Common Vulnerability Exposure (CVE) ID: CVE-2014-2309
BugTraq ID: 66095
http://www.securityfocus.com/bid/66095
http://www.openwall.com/lists/oss-security/2014/03/08/1
http://www.securitytracker.com/id/1029894
http://secunia.com/advisories/57250
SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
CopyrightCopyright (C) 2015 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.