Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2012-0480-1)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.123937

Kategorie: Oracle Linux Local Security Checks

Titel: Oracle: Security Advisory (ELSA-2012-0480-1)

Zusammenfassung: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-308.4.1.0.1.el5, oracleasm-2.6.18-308.4.1.0.1.el5' package(s) announced via the ELSA-2012-0480-1 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'kernel, ocfs2-2.6.18-308.4.1.0.1.el5, oracleasm-2.6.18-308.4.1.0.1.el5' package(s) announced via the ELSA-2012-0480-1 advisory.

Vulnerability Insight:
[2.6.18-308.4.1.0.1.el5]
- [net] bonding: fix carrier detect when bond is down [orabug 12377284]
- [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075]
- fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan)
- [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan)
- [x86] Fix lvt0 reset when hvm boot up with noapic param
- [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason)
[orabug 12342275]
- [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346]
- [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566]
- [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042]
- [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646]
- [scsi] fix scsi hotplug and rescan race [orabug 10260172]
- fix filp_close() race (Joe Jin) [orabug 10335998]
- make xenkbd.abs_pointer=1 by default [orabug 67188919]
- [xen] check to see if hypervisor supports memory reservation change
(Chuck Anderson) [orabug 7556514]
- [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki)
[orabug 10315433]
- [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258]
- [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839]
- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]
- [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105]
RDS: Fix BUG_ONs to not fire when in a tasklet
ipoib: Fix lockup of the tx queue
RDS: Do not call set_page_dirty() with irqs off (Sherman Pun)
RDS: Properly unmap when getting a remote access error (Tina Yang)
RDS: Fix locking in rds_send_drop_to()
- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)
[orabug 9107465]
- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)
[orabug 9764220]
- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]
- fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro,
Guru Anbalagane) [orabug 6124033]
- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]
- [ib] fix memory corruption (Andy Grover) [orabug 9972346]

[2.6.18-308.4.1.el5]
- [net] ipv6: fix skb double free in xfrm6_tunnel (Jiri Benc) [752305 743375] {CVE-2012-1583}

[2.6.18-308.3.1.el5]
- [net] be2net: cancel be_worker during EEH recovery (Ivan Vecera) [805462 773735]
- [net] be2net: add vlan/rx-mode/flow-control config to be_setup (Ivan Vecera) [805462 773735]
- [x86] disable TSC synchronization when using kvmclock (Marcelo Tosatti) [805460 799170]
- [fs] vfs: fix LOOKUP_DIRECTORY not propagated to managed_dentry (Ian Kent) [801726 798809]
- [fs] vfs: fix d_instantiate_unique (Ian Kent) [801726 798809]
- [fs] nfs: allow high priority COMMITs to bypass inode commit lock (Jeff Layton) [799941 773777]
- [fs] nfs: don't skip COMMITs if system ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'kernel, ocfs2-2.6.18-308.4.1.0.1.el5, oracleasm-2.6.18-308.4.1.0.1.el5' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2012-1583
1026930
http://www.securitytracker.com/id?1026930
48881
http://secunia.com/advisories/48881
53139
http://www.securityfocus.com/bid/53139
HPSBMU02776
http://marc.info/?l=bugtraq&m=133951357207000&w=2
RHSA-2012:0488
http://rhn.redhat.com/errata/RHSA-2012-0488.html
SSRT100852
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d0772b70faaf8e9f2013b6c4273d94d5eac8047a
https://bugzilla.redhat.com/show_bug.cgi?id=752304
https://github.com/torvalds/linux/commit/d0772b70faaf8e9f2013b6c4273d94d5eac8047a

Copyright Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.123937
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2012-0480-1)
Zusammenfassung:	The remote host is missing an update for the 'kernel, ocfs2-2.6.18-308.4.1.0.1.el5, oracleasm-2.6.18-308.4.1.0.1.el5' package(s) announced via the ELSA-2012-0480-1 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-308.4.1.0.1.el5, oracleasm-2.6.18-308.4.1.0.1.el5' package(s) announced via the ELSA-2012-0480-1 advisory. Vulnerability Insight: [2.6.18-308.4.1.0.1.el5] - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-308.4.1.el5] - [net] ipv6: fix skb double free in xfrm6_tunnel (Jiri Benc) [752305 743375] {CVE-2012-1583} [2.6.18-308.3.1.el5] - [net] be2net: cancel be_worker during EEH recovery (Ivan Vecera) [805462 773735] - [net] be2net: add vlan/rx-mode/flow-control config to be_setup (Ivan Vecera) [805462 773735] - [x86] disable TSC synchronization when using kvmclock (Marcelo Tosatti) [805460 799170] - [fs] vfs: fix LOOKUP_DIRECTORY not propagated to managed_dentry (Ian Kent) [801726 798809] - [fs] vfs: fix d_instantiate_unique (Ian Kent) [801726 798809] - [fs] nfs: allow high priority COMMITs to bypass inode commit lock (Jeff Layton) [799941 773777] - [fs] nfs: don't skip COMMITs if system ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel, ocfs2-2.6.18-308.4.1.0.1.el5, oracleasm-2.6.18-308.4.1.0.1.el5' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1583 1026930 http://www.securitytracker.com/id?1026930 48881 http://secunia.com/advisories/48881 53139 http://www.securityfocus.com/bid/53139 HPSBMU02776 http://marc.info/?l=bugtraq&m=133951357207000&w=2 RHSA-2012:0488 http://rhn.redhat.com/errata/RHSA-2012-0488.html SSRT100852 http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d0772b70faaf8e9f2013b6c4273d94d5eac8047a https://bugzilla.redhat.com/show_bug.cgi?id=752304 https://github.com/torvalds/linux/commit/d0772b70faaf8e9f2013b6c4273d94d5eac8047a
Copyright	Copyright (C) 2015 Greenbone AG