Test Kennung:	1.3.6.1.4.1.25623.1.0.123956
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2012-2003)
Zusammenfassung:	The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-300.11.1.el5uek, mlnx_en-2.6.32-300.11.1.el6uek, ofa-2.6.32-300.11.1.el5uek, ofa-2.6.32-300.11.1.el6uek' package(s) announced via the ELSA-2012-2003 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-300.11.1.el5uek, mlnx_en-2.6.32-300.11.1.el6uek, ofa-2.6.32-300.11.1.el5uek, ofa-2.6.32-300.11.1.el6uek' package(s) announced via the ELSA-2012-2003 advisory. Vulnerability Insight: [2.6.32-300.11.1.el6uek] - [fs] xfs: Fix possible memory corruption in xfs_readlink (Carlos Maiolino) {CVE-2011-4077} - [scsi] increase qla2xxx firmware ready time-out (Joe Jin) - [scsi] qla2xxx: Module parameter to control use of async or sync port login (Joe Jin) - [net] tg3: Fix single-vector MSI-X code (Joe Jin) - [net] qlge: fix size of external list for TX address descriptors (Joe Jin) - [net] e1000e: Avoid wrong check on TX hang (Joe Jin) - crypto: ghash - Avoid null pointer dereference if no key is set (Nick Bowler) {CVE-2011-4081} - jbd/jbd2: validate sb->s_first in journal_get_superblock() (Eryu Guan) {CVE-2011-4132} - KVM: Device assignment permission checks (Joe Jin) {CVE-2011-4347} - KVM: x86: Prevent starting PIT timers in the absence of irqchip support (Jan Kiszka) {CVE-2011-4622} - xfs: validate acl count (Joe Jin) {CVE-2012-0038} - KVM: x86: fix missing checks in syscall emulation (Joe Jin) {CVE-2012-0045} - KVM: x86: extend 'struct x86_emulate_ops' with 'get_cpuid' (Joe Jin) {CVE-2012-0045} - igmp: Avoid zero delay when receiving odd mixture of IGMP queries (Ben Hutchings) {CVE-2012-0207} - ipv4: correct IGMP behavior on v3 query during v2-compatibility mode (David Stevens) - fuse: fix fuse request unique id (Srinivas Eeda) [orabug 13816349] [2.6.32-300.10.1.el6uek] - net: remove extra register in ip_gre (Guru Anbalagane) [Orabug: 13633287] [2.6.32-300.9.1.el6uek] - [netdrv] fnic: return zero on fnic_reset() success (Joe Jin) - [e1000e] Add entropy generation back for network interrupts (John Sobecki) - [nfs4] LINUX CLIENT TREATS NFS4ERR_GRACE AS A PERMANENT ERROR [orabug 13476821] (John Sobecki) - [nfs] NFS CLIENT CONNECTS TO SERVER THEN DISCONNECTS [orabug 13516759] (John Sobecki) - [sunrpc] Add patch for a mount crash in __rpc_create_common [orabug 13322773] (John Sobecki) [2.6.32-300.8.1.el6uek] - SPEC: fix dependency on firmware/mkinitrd (Guru Anbalagane) [orabug 13637902] - xfs: fix acl count validation in xfs_acl_from_disk() (Dan Carpenter) - [SCSI] scsi_dh: check queuedata pointer before proceeding further (Moger Babu) [orabug 13615419] Affected Software/OS: 'kernel-uek, mlnx_en-2.6.32-300.11.1.el5uek, mlnx_en-2.6.32-300.11.1.el6uek, ofa-2.6.32-300.11.1.el5uek, ofa-2.6.32-300.11.1.el6uek' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4077 48964 http://secunia.com/advisories/48964 HPSBGN02970 http://marc.info/?l=bugtraq&m=139447903326211&w=2 [oss-security] 20111026 CVE Request -- kernel: xfs: potential buffer overflow in xfs_readlink() http://www.openwall.com/lists/oss-security/2011/10/26/1 [oss-security] 20111026 Re: CVE Request -- kernel: xfs: potential buffer overflow in xfs_readlink() http://www.openwall.com/lists/oss-security/2011/10/26/3 [xfs] 20111018 [PATCH] Fix possible memory corruption in xfs_readlink http://oss.sgi.com/archives/xfs/2011-10/msg00345.html http://xorl.wordpress.com/2011/12/07/cve-2011-4077-linux-kernel-xfs-readlink-memory-corruption/ https://bugzilla.redhat.com/show_bug.cgi?id=749156 Common Vulnerability Exposure (CVE) ID: CVE-2011-4081 [oss-security] 20111027 Re: CVE request: kernel: crypto: ghash: null pointer deref if no key is set http://www.openwall.com/lists/oss-security/2011/10/27/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7ed47b7d142ec99ad6880bbbec51e9f12b3af74c http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 https://bugzilla.redhat.com/show_bug.cgi?id=749475 https://github.com/torvalds/linux/commit/7ed47b7d142ec99ad6880bbbec51e9f12b3af74c Common Vulnerability Exposure (CVE) ID: CVE-2011-4132 1026325 http://securitytracker.com/id?1026325 48898 http://secunia.com/advisories/48898 50663 http://www.securityfocus.com/bid/50663 SUSE-SU-2012:0554 http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html SUSE-SU-2015:0812 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html [oss-security] 20111111 CVE Request -- kernel: jbd/jbd2: invalid value of first log block leads to oops http://www.openwall.com/lists/oss-security/2011/11/11/6 [oss-security] 20111113 Re: CVE Request -- kernel: jbd/jbd2: invalid value of first log block leads to oops http://www.openwall.com/lists/oss-security/2011/11/13/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=8762202dd0d6e46854f786bdb6fb3780a1625efe http://xorl.wordpress.com/2011/12/08/cve-2011-4132-linux-kernel-jbdjbd2-local-dos/ https://bugzilla.redhat.com/show_bug.cgi?id=753341 Common Vulnerability Exposure (CVE) ID: CVE-2011-4347 [oss-security] 20111124 Re: CVE request -- kernel: kvm: device assignment DoS http://www.openwall.com/lists/oss-security/2011/11/24/7 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.10 https://bugzilla.redhat.com/show_bug.cgi?id=756084 https://github.com/torvalds/linux/commit/c4e7f9022e506c6635a5037713c37118e23193e4 Common Vulnerability Exposure (CVE) ID: CVE-2011-4622 1026559 http://www.securitytracker.com/id?1026559 51172 http://www.securityfocus.com/bid/51172 RHSA-2012:0051 http://www.redhat.com/support/errata/RHSA-2012-0051.html SUSE-SU-2012:0616 http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html [kvm] 20111214 [PATCH 1/2] KVM: x86: Prevent starting PIT timers in the absence of irqchip support http://permalink.gmane.org/gmane.comp.emulators.kvm.devel/83564 [oss-security] 20111221 Re: kernel: kvm: pit timer with no irqchip crashes the system http://www.openwall.com/lists/oss-security/2011/12/21/7 https://bugzilla.redhat.com/show_bug.cgi?id=769721 openSUSE-SU-2013:0925 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2012-0038 [oss-security] 20120110 Re: CVE request: kernel: xfs heap overflow http://www.openwall.com/lists/oss-security/2012/01/10/11 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=093019cf1b18dd31b2c3b77acce4e000e2cbc9ce http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa8b18edd752a8b4e9d1ee2cd615b82c93cf8bba http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.9 https://bugzilla.redhat.com/show_bug.cgi?id=773280 https://github.com/torvalds/linux/commit/093019cf1b18dd31b2c3b77acce4e000e2cbc9ce https://github.com/torvalds/linux/commit/fa8b18edd752a8b4e9d1ee2cd615b82c93cf8bba Common Vulnerability Exposure (CVE) ID: CVE-2012-0045 [oss-security] 20120111 Re: CVE request -- kernel: kvm: syscall instruction induced guest panic http://www.openwall.com/lists/oss-security/2012/01/12/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c2226fc9e87ba3da060e47333657cd6616652b84 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.14 https://bugzilla.redhat.com/show_bug.cgi?id=773370 https://github.com/torvalds/linux/commit/c2226fc9e87ba3da060e47333657cd6616652b84 Common Vulnerability Exposure (CVE) ID: CVE-2012-0207 http://www.openwall.com/lists/oss-security/2012/01/10/5
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.