Test ID:	1.3.6.1.4.1.25623.1.0.122018
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2011-2038)
Summary:	The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-300.4.1.el6uek, ofa-2.6.32-300.4.1.el5uek, ofa-2.6.32-300.4.1.el6uek' package(s) announced via the ELSA-2011-2038 advisory.
Description:	Summary: The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-300.4.1.el6uek, ofa-2.6.32-300.4.1.el5uek, ofa-2.6.32-300.4.1.el6uek' package(s) announced via the ELSA-2011-2038 advisory. Vulnerability Insight: kernel-uek [2.6.32-300.4.1.el6uek] - [pci] intel-iommu: Default to non-coherent for domains unattached to iommus (Joe Jin) - [dm] do not forward ioctls from logical volumes to the underlying device (Joe Jin) {CVE-2011-4127} - [block] fail SCSI passthrough ioctls on partition devices (Joe Jin) {CVE-2011-4127} - [block] add and use scsi_blk_cmd_ioctl (Joe Jin) {CVE-2011-4127} - [net] gro: reset vlan_tci on reuse (Dan Carpenter) {CVE-2011-1576} - [net] rose: Add length checks to CALL_REQUEST parsing (Ben Hutchings) {CVE-2011-1493} - [net] rose_loopback_timer sets VC number <= ROSE_DEFAULT_MAXVC (Bernard Pidoux F6BVP) {CVE-2011-1493} Affected Software/OS: 'kernel-uek, mlnx_en-2.6.32-300.4.1.el6uek, ofa-2.6.32-300.4.1.el5uek, ofa-2.6.32-300.4.1.el6uek' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1493 SUSE-SU-2015:0812 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html [oss-security] 20110405 Re: CVE request: kernel: multiple issues in ROSE http://www.openwall.com/lists/oss-security/2011/04/05/19 http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=be20250c13f88375345ad99950190685eda51eb8 https://bugzilla.redhat.com/show_bug.cgi?id=770777 https://github.com/torvalds/linux/commit/be20250c13f88375345ad99950190685eda51eb8 Common Vulnerability Exposure (CVE) ID: CVE-2011-1576 1025853 http://www.securitytracker.com/id?1025853 48907 http://www.securityfocus.com/bid/48907 RHSA-2011:0927 http://rhn.redhat.com/errata/RHSA-2011-0927.html RHSA-2011:1090 http://www.redhat.com/support/errata/RHSA-2011-1090.html RHSA-2011:1106 http://www.redhat.com/support/errata/RHSA-2011-1106.html https://bugzilla.redhat.com/show_bug.cgi?id=695173 Common Vulnerability Exposure (CVE) ID: CVE-2011-4127 48898 http://secunia.com/advisories/48898 SUSE-SU-2012:0554 http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html [oss-security] 20111222 CVE-2011-4127 kernel: possible privilege escalation via SG_IO ioctl http://www.openwall.com/lists/oss-security/2011/12/22/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0bfc96cb77224736dfa35c3c555d37b3646ef35e http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec8013beddd717d1740cfefb1a9b900deef85462 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.2 https://bugzilla.redhat.com/show_bug.cgi?id=752375 https://github.com/torvalds/linux/commit/0bfc96cb77224736dfa35c3c555d37b3646ef35e https://github.com/torvalds/linux/commit/ec8013beddd717d1740cfefb1a9b900deef85462
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.