| Description: | Summary:
The remote host is missing an update for the 'kernel-uek, ofa-2.6.32-200.19.1.el5uek, ofa-2.6.32-200.19.1.el6uek' package(s) announced via the ELSA-2011-2025 advisory.
Vulnerability Insight:
[2.6.32-200.19.1.el6uek]
- Apply new fix for CVE-2011-1576.
[2.6.32-200.18.1.el6uek]
- Revert 'proc: fix a race in do_io_accounting'
[2.6.32-200.17.1.el6uek]
- net: Fix memory leak/corruption on VLAN GRO_DROP {CVE-2011-1576}
- iommu-api: Extension to check for interrupt remapping {CVE-2011-1898}
- KVM: IOMMU: Disable device assignment without interrupt remapping {CVE-2011-1898}
- ext4: Fix max file size and logical block counting of extent format file {CVE-2011-2695}
- nl80211: fix overflow in ssid_len {CVE-2011-2517}
- Bluetooth: Prevent buffer overflow in l2cap config request {CVE-2011-2497}
- proc: fix a race in do_io_accounting() {CVE-2011-2495}
- proc: restrict access to /proc/PID/io {CVE-2011-2495}
- Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace {CVE-2011-2492}
- NLM: Don't hang forever on NLM unlock requests {CVE-2011-2491}
- ksm: fix NULL pointer dereference in scan_get_next_rmap_item() {CVE-2011-2183}
Affected Software/OS:
'kernel-uek, ofa-2.6.32-200.19.1.el5uek, ofa-2.6.32-200.19.1.el6uek' package(s) on Oracle Linux 5, Oracle Linux 6.
Solution:
Please install the updated package(s).
CVSS Score:
8.3
CVSS Vector:
AV:A/AC:L/Au:N/C:C/I:C/A:C
|
