 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.122122 |
| Category: | Oracle Linux Local Security Checks |
| Title: | Oracle: Security Advisory (ELSA-2011-1065) |
| Summary: | The remote host is missing an update for the 'kernel, ocfs2-2.6.18-274.el5, oracleasm-2.6.18-274.el5' package(s) announced via the ELSA-2011-1065 advisory. |
| Description: | Summary: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-274.el5, oracleasm-2.6.18-274.el5' package(s) announced via the ELSA-2011-1065 advisory. Vulnerability Insight: [2.6.18-274.el5] - [xen] svm: fix invlpg emulator regression (Paolo Bonzini) [719894] [2.6.18-273.el5] - Revert: [fs] proc: Fix rmmod/read/write races in /proc entries (Jarod Wilson) [717068] - [xen] disregard trailing bytes in an invalid page (Paolo Bonzini) [717742] - [xen] prep __get_instruction_length_from_list for partial buffers (Paolo Bonzini) [717742] - [xen] remove unused argument to __get_instruction_length (Paolo Bonzini) [717742] - [xen] let __get_instruction_length always read into own buffer (Paolo Bonzini) [717742] [2.6.18-272.el5] - [xen] x86: spinlock support for up to 255 CPUs (Laszlo Ersek) [713123] - [xen] remove block scope mtrr identifiers shadowing file scope (Laszlo Ersek) [713123] - [xen] Actually hold back MTRR init while booting secondary CPUs (Laszlo Ersek) [713123] - [xen] remove unused mtrr_bp_restore (Laszlo Ersek) [713123] - [xen] x86: Fix crash on amd iommu systems (Igor Mammedov) [714275] [2.6.18-271.el5] - [net] igmp: ip_mc_clear_src only when we no users of ip_mc_list (Veaceslav Falico) [707179] - [scsi] cxgb3i: fix programming of dma page sizes (Neil Horman) [710498] - [xen] hvm: secure vmx cpuid (Andrew Jones) [706325] {CVE-2011-1936} - [xen] hvm: secure svm_cr_access (Andrew Jones) [703716] {CVE-2011-1780} - [xen] hvm: svm support cleanups (Andrew Jones) [703716] {CVE-2011-1780} [2.6.18-270.el5] - [fs] proc: fix compile warning in pdeaux addition (Jarod Wilson) [675781] - [net] bluetooth: l2cap and rfcomm: fix info leak to userspace (Thomas Graf) [703021] - [net] inet_diag: fix inet_diag_bc_audit data validation (Thomas Graf) [714539] {CVE-2011-2213} - [misc] signal: fix kill signal spoofing issue (Oleg Nesterov) [690031] {CVE-2011-1182} - [fs] proc: fix signedness issue in next_pidmap (Oleg Nesterov) [697827] {CVE-2011-1593} - [char] agp: fix OOM and buffer overflow (Jerome Marchand) [699010] {CVE-2011-1746} - [char] agp: fix arbitrary kernel memory writes (Jerome Marchand) [699006] {CVE-2011-1745 CVE-2011-2022} - [net] be2net: fix queue creation order and pci error recovery (Ivan Vecera) [711653] - [infiniband] core: Handle large number of entries in poll CQ (Jay Fenlason) [668371] {CVE-2010-4649 CVE-2011-1044} - [infiniband] core: fix panic in ib_cm:cm_work_handler (Jay Fenlason) [679996] {CVE-2011-0695} - [fs] validate size of EFI GUID partition entries (Anton Arapov) [703026] {CVE-2011-1776} [2.6.18-269.el5] - [mm] only throttle page dirtying for specially marked BDIs (Jeff Layton) [711450] - Revert: [base] Fix potential deadlock in driver core (Don Zickus) [703084] - [fs] proc: Fix rmmod/read/write races in /proc entries (David Howells) [675781] - [scsi] qla4xxx: Update driver version to V5.02.04.01.05.07-d0 (Chad Dupuis) [704153] - [scsi] qla4xxx: clear SCSI COMPLETION INTR bit during F/W init (Chad Dupuis) [704153] - [usb] wacom: add support for DTU-2231 (Aristeu Rozanski) [683549] - [xen] fix MAX_EVTCHNS definition ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel, ocfs2-2.6.18-274.el5, oracleasm-2.6.18-274.el5' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-1780 RHSA-2011:1065 http://rhn.redhat.com/errata/RHSA-2011-1065.html RHSA-2011:1163 http://rhn.redhat.com/errata/RHSA-2011-1163.html [oss-security] 20110707 CVE-2011-1780, CVE-2011-1936, kernel/xen issues http://www.openwall.com/lists/oss-security/2011/07/07/3 https://bugzilla.redhat.com/show_bug.cgi?id=702657 Common Vulnerability Exposure (CVE) ID: CVE-2011-2525 [netdev] 20100521 tc: RTM_GETQDISC causes kernel OOPS http://kerneltrap.org/mailarchive/linux-netdev/2010/5/21/6277805 [oss-security] 20110712 CVE-2011-2525 kernel: kernel: net_sched: fix qdisc_notify() http://openwall.com/lists/oss-security/2011/07/12/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=53b0f08042f04813cd1a7473dacd3edfacb28eb3 http://mirror.anl.gov/pub/linux/kernel/v2.6/ChangeLog-2.6.35 https://bugzilla.redhat.com/show_bug.cgi?id=720552 Common Vulnerability Exposure (CVE) ID: CVE-2011-2689 1025776 http://securitytracker.com/id?1025776 45193 http://secunia.com/advisories/45193 48677 http://www.securityfocus.com/bid/48677 HPSBGN02970 http://marc.info/?l=bugtraq&m=139447903326211&w=2 [oss-security] 20110713 CVE-2011-2689 kernel: gfs2: make sure fallocate bytes is a multiple of blksize http://www.openwall.com/lists/oss-security/2011/07/13/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6905d9e4dda6112f007e9090bca80507da158e63 http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc1 https://bugzilla.redhat.com/show_bug.cgi?id=720861 linux-kernel-gfs2-dos(68557) https://exchange.xforce.ibmcloud.com/vulnerabilities/68557 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |