English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.122091
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2011-1212)
Summary:The remote host is missing an update for the 'kernel, ocfs2-2.6.18-274.3.1.0.1.el5, oracleasm-2.6.18-274.3.1.0.1.el5' package(s) announced via the ELSA-2011-1212 advisory.
Description:Summary:
The remote host is missing an update for the 'kernel, ocfs2-2.6.18-274.3.1.0.1.el5, oracleasm-2.6.18-274.3.1.0.1.el5' package(s) announced via the ELSA-2011-1212 advisory.

Vulnerability Insight:
[2.6.18-274.3.1.0.1.el5]
- [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646]
- [scsi] fix scsi hotplug and rescan race [orabug 10260172]
- fix filp_close() race (Joe Jin) [orabug 10335998]
- fix missing aio_complete() in end_io (Joel Becker) [orabug 10365195]
- make xenkbd.abs_pointer=1 by default [orabug 67188919]
- [xen] check to see if hypervisor supports memory reservation change
(Chuck Anderson) [orabug 7556514]
- [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki)
[orabug 10315433]
- [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258]
- [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839]
- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]
- [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105]
RDS: Fix BUG_ONs to not fire when in a tasklet
ipoib: Fix lockup of the tx queue
RDS: Do not call set_page_dirty() with irqs off (Sherman Pun)
RDS: Properly unmap when getting a remote access error (Tina Yang)
RDS: Fix locking in rds_send_drop_to()
- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)
[orabug 9107465]
- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)
[orabug 9764220]
- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]
- fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro,
Guru Anbalagane) [orabug 6124033]
- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]
- [ib] fix memory corruption (Andy Grover) [orabug 9972346]
- [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782]
- [loop] Do not call loop_unplug for not configured loop device (orabug 10314497)

[2.6.18-274.3.1.el5]
- [xen] fix off-by-one shift in x86_64 __addr_ok (Laszlo Ersek) [728043 719850] {CVE-2011-2901}

[2.6.18-274.2.1.el5]
- Fix up some fallout from RHEL5.7 kernel package structure changes

[2.6.18-274.1.1.el5]
- [net] sctp: fix memory reclaim and panic in sctp_sock_rfree (Thomas Graf) [714869 714867]
- [x86_64] Revert ACPI APIC mode test (Prarit Bhargava) [728163 721361]
- [net] sctp: reset packet information after packet transmit (Thomas Graf) [727592 725573]
- [fs] block: initialise bd_super in bdget (Lachlan McIlroy) [726628 707425]
- [fs] nfs: Remove bogus call to nfs4_drop_state_owner (Jeff Layton) [726625 724923]
- [net] be2net: clear interrupt bit in be_probe (Ivan Vecera) [723552 713703]
- [net] be2net: remove certain cmd failure logging (Ivan Vecera) [726619 716821]
- [wireless] nl80211: check for valid SSID size in scan operation (Stanislaw Gruszka) [718154 718155] {CVE-2011-2517}
- [fs] xfs: handle NULL mount struct in error reports (Eric Sandeen) [727835 720551]
- [fs] proc: restrict access to /proc/PID/io (Oleg Nesterov) [716827 716828] {CVE-2011-2495}
- [fs] lockd: don't use file's credentials on RPCSEC_GSS mounts (Max ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'kernel, ocfs2-2.6.18-274.3.1.0.1.el5, oracleasm-2.6.18-274.3.1.0.1.el5' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-2482
RHSA-2011:1212
http://rhn.redhat.com/errata/RHSA-2011-1212.html
[oss-security] 20110830 kernel: CVE-2011-2482/2519
http://www.openwall.com/lists/oss-security/2011/08/30/1
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d
https://bugzilla.redhat.com/show_bug.cgi?id=714867
https://github.com/torvalds/linux/commit/ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d
Common Vulnerability Exposure (CVE) ID: CVE-2011-2491
[oss-security] 20110623 Re: CVE request: kernel: NLM: Don't hang forever on NLM unlock requests
http://www.openwall.com/lists/oss-security/2011/06/23/6
http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0b760113a3a155269a3fba93a409c640031dd68f
https://bugzilla.redhat.com/show_bug.cgi?id=709393
https://github.com/torvalds/linux/commit/0b760113a3a155269a3fba93a409c640031dd68f
Common Vulnerability Exposure (CVE) ID: CVE-2011-2495
[oss-security] 20110627 Re: CVE request: kernel: taskstats/procfs io infoleak
http://www.openwall.com/lists/oss-security/2011/06/27/1
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1d1221f375c94ef961ba8574ac4f85c8870ddd51
https://bugzilla.redhat.com/show_bug.cgi?id=716825
https://github.com/torvalds/linux/commit/1d1221f375c94ef961ba8574ac4f85c8870ddd51
Common Vulnerability Exposure (CVE) ID: CVE-2011-2517
[oss-security] 20110701 Re: CVE request: kernel: nl80211: missing check for valid SSID size in scan operations
http://www.openwall.com/lists/oss-security/2011/07/01/4
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=208c72f4fe44fe09577e7975ba0e7fa0278f3d03
https://bugzilla.redhat.com/show_bug.cgi?id=718152
https://github.com/torvalds/linux/commit/208c72f4fe44fe09577e7975ba0e7fa0278f3d03
Common Vulnerability Exposure (CVE) ID: CVE-2011-2519
[oss-security] 20130830 kernel: CVE-2011-2482/2519
http://xenbits.xen.org/hg/xen-3.1-testing.hg/rev/15644
https://bugzilla.redhat.com/show_bug.cgi?id=718882
Common Vulnerability Exposure (CVE) ID: CVE-2011-2901
55082
http://secunia.com/advisories/55082
GLSA-201309-24
http://security.gentoo.org/glsa/glsa-201309-24.xml
[oss-security] 20110902 Xen Security Advisory 4 (CVE-2011-2901) - Xen 3.3 vaddr validation
http://www.openwall.com/lists/oss-security/2011/09/02/2
https://bugzilla.redhat.com/show_bug.cgi?id=728042
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.