| Beschreibung: | Summary:
The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2012-0350 advisory.
Vulnerability Insight:
[2.6.32-220.7.1.el6]
- [netdrv] tg3: Fix single-vector MSI-X code (John Feeney) [787162 703555]
- [mm] export remove_from_page_cache() to modules (Jerome Marchand) [772687 751419]
- [block] cfq-iosched: fix cfq_cic_link() race confition (Vivek Goyal) [786022 765673]
- [fs] cifs: lower default wsize when unix extensions are not used (Jeff Layton) [789058 773705]
- [net] svcrpc: fix double-free on shutdown of nfsd after changing pool mode (J. Bruce Fields) [787580 753030]
- [net] svcrpc: avoid memory-corruption on pool shutdown (J. Bruce Fields) [787580 753030]
- [net] svcrpc: destroy server sockets all at once (J. Bruce Fields) [787580 753030]
- [net] svcrpc: simplify svc_close_all (J. Bruce Fields) [787580 753030]
- [net] svcrpc: fix list-corrupting race on nfsd shutdown (J. Bruce Fields) [787580 753030]
- [fs] xfs: Fix missing xfs_iunlock() on error recovery path in xfs_readlink() (Carlos Maiolino) [749161 694702] {CVE-2011-4077}
- [fs] xfs: Fix memory corruption in xfs_readlink (Carlos Maiolino) [749161 694702] {CVE-2011-4077}
- [x86] hpet: Disable per-cpu hpet timer if ARAT is supported (Prarit Bhargava) [772884 750201]
- [x86] Improve TSC calibration using a delayed workqueue (Prarit Bhargava) [772884 750201]
- [kernel] clocksource: Add clocksource_register_hz/khz interface (Prarit Bhargava) [772884 750201]
- [kernel] clocksource: Provide a generic mult/shift factor calculation (Prarit Bhargava) [772884 750201]
- [block] cfq-iosched: fix a kbuild regression (Vivek Goyal) [769208 705698]
- [block] cfq-iosched: rethink seeky detection for SSDs (Vivek Goyal) [769208 705698]
- [block] cfq-iosched: rework seeky detection (Vivek Goyal) [769208 705698]
- [block] cfq-iosched: don't regard requests with long distance as close (Vivek Goyal) [769208 705698]
[2.6.32-220.6.1.el6]
- [scsi] qla2xxx: Module parameter to control use of async or sync port login (Chad Dupuis) [788003 769007]
[2.6.32-220.5.1.el6]
- [net] igmp: Avoid zero delay when receiving odd mixture of IGMP queries (Jiri Pirko) [772870 772871] {CVE-2012-0207}
- [fs] xfs: validate acl count (Eric Sandeen) [773282 773283] {CVE-2012-0038}
- [fs] Fix sendfile write-side file position (Steven Whitehouse) [771870 770023]
- [virt] kvm: x86: fix missing checks in syscall emulation (Marcelo Tosatti) [773390 773391] {CVE-2012-0045}
- [virt] kvm: x86: extend 'struct x86_emulate_ops' with 'get_cpuid' (Marcelo Tosatti) [773390 773391] {CVE-2012-0045}
- [fs] nfs: when attempting to open a directory, fall back on normal lookup (Jeff Layton) [771981 755380]
- [kernel] crypto: ghash - Avoid null pointer dereference if no key is set (Jiri Benc) [749481 749482] {CVE-2011-4081}
- [fs] jbd2: validate sb->s_first in journal_get_superblock() (Eryu Guan) [753344 693981] {CVE-2011-4132}
- [net] fix unsafe pointer access in sendmmsg (Jiri Benc) [761668 760798] {CVE-2011-4594}
- [scsi] increase qla2xxx firmware ready time-out (Mark Goodwin) ... [Please see the references for more information on the vulnerabilities]
Affected Software/OS:
'kernel' package(s) on Oracle Linux 6.
Solution:
Please install the updated package(s).
CVSS Score:
7.8
CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
