English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.122179
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2011-0498)
Summary:The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2011-0498 advisory.
Description:Summary:
The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2011-0498 advisory.

Vulnerability Insight:
[2.6.32-71.29.1.el6]
- [mm] Revert '[mm] pdpte registers are not flushed when PGD entry is changed in x86 PAE mode' (Larry Woodman) [695256 691310]

[2.6.32-71.28.1.el6]
- [net] bonding: fix jiffy comparison issues (Andy Gospodarek) [698109 696337]
- [drm] radeon/kms: check AA resolve registers on r300 + regression fix (Dave Airlie) [680001 680002] {CVE-2011-1016}
- [infiniband] uverbs: Handle large number of entries in poll CQ (Eugene Teo) [688429 696137] {CVE-2011-1044 CVE-2010-4649}
- [net] sctp: fix the INIT/INIT-ACK chunk length calculation (Thomas Graf) [695386 690743] {CVE-2011-1573}
- [net] CAN: Use inode instead of kernel address for /proc file (Danny Feng) [664560 664561] {CVE-2010-4565}
- [fs] inotify: fix double free/corruption of struct user (Eric Paris) [656831 656832] {CVE-2010-4250}
- [net] netfilter: ipt_CLUSTERIP: fix buffer overflow (Jiri Pirko) [689341 689342]
- [net] bonding: change test for presence of VLANs (Jiri Pirko) [696487 683496]
- [scsi] scsi_dh: fix reference counting in scsi_dh_activate error path (Mike Snitzer) [696889 680140]
- [net] enable VLAN NULL tagging (Neil Horman) [683810 633571]
- [scsi] scsi_dh: propagate SCSI device deletion (Mike Snitzer) [698114 669411]
- [fs] inotify: stop kernel memory leak on file creation failure (Eric Paris) [656831 656832] {CVE-2010-4250}

[2.6.32-71.27.1.el6]
- [scsi] megaraid: give FW more time to recover from reset (Tomas Henzl) [695322 692673]
- [netdrv] ixgbe: fix for 82599 erratum on Header Splitting (Andy Gospodarek) [683820 669231]
- [sound] ALSA: hda - nvhdmi: Add missing codec IDs, unify names (Jaroslav Kysela) [683817 636922]
- [mm] pdpte registers are not flushed when PGD entry is changed in x86 PAE mode (Larry Woodman) [695256 691310]
- [net] fix ebtables stack infoleak (Eugene Teo) [681322 681323] {CVE-2011-1080}
- [drm] fix unsigned vs signed comparison issue in modeset ctl ioctl (Don Howard) [679927 679928] {CVE-2011-1013}
- [pci] Enable ASPM state clearing regardless of policy (Alex Williamson) [694073 681017]
- [pci] Disable ASPM if BIOS asks us to (Alex Williamson) [694073 681017]
- [mm] do not keep kswapd awake for an unreclaimable zone (Johannes Weiner) [694186 633825]

[2.6.32-71.26.1.el6]
- [net] bnep: fix buffer overflow (Don Howard) [681315 681316] {CVE-2011-1079}
- [scsi] aic94xx: world-writable sysfs update_bios file (Don Howard) [679306 679307]
- [x86] tc1100-wmi: world-writable sysfs wireless and jogdial files (Don Howard) [679306 679307]
- [x86] acer-wmi: world-writable sysfs threeg file (Don Howard) [679306 679307]
- [mfd] ab3100: world-writable debugfs *_priv files (Don Howard) [679306 679307]
- [v4l] sn9c102: world-wirtable sysfs files (Don Howard) [679306 679307]
- [x86] Fix EFI pagetable to map whole memory (Takao Indoh) [670850 664364]
- [kernel] CAP_SYS_MODULE bypass via CAP_NET_ADMIN (Phillip Lougher) [681772 681773] {CVE-2011-1019}
- [kernel] failure to revert ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'kernel' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-4250
[oss-security] 20101124 Re: CVE request: kernel: inotify memory leak
http://www.openwall.com/lists/oss-security/2010/11/24/11
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a2ae4cc9a16e211c8a128ba10d22a85431f093ab
https://bugzilla.redhat.com/show_bug.cgi?id=656830
https://github.com/torvalds/linux/commit/a2ae4cc9a16e211c8a128ba10d22a85431f093ab
Common Vulnerability Exposure (CVE) ID: CVE-2010-4565
BugTraq ID: 44661
http://www.securityfocus.com/bid/44661
http://www.mandriva.com/security/advisories?name=MDVSA-2011:029
https://bugzilla.redhat.com/show_bug.cgi?id=664544
http://www.spinics.net/lists/netdev/msg145796.html
http://www.spinics.net/lists/netdev/msg145791.html
http://www.spinics.net/lists/netdev/msg146270.html
http://www.spinics.net/lists/netdev/msg146468.html
http://openwall.com/lists/oss-security/2010/11/03/3
http://openwall.com/lists/oss-security/2010/11/04/4
http://openwall.com/lists/oss-security/2010/12/20/2
http://openwall.com/lists/oss-security/2010/12/21/1
Common Vulnerability Exposure (CVE) ID: CVE-2010-4649
46073
http://www.securityfocus.com/bid/46073
RHSA-2011:0927
http://rhn.redhat.com/errata/RHSA-2011-0927.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7182afea8d1afd432a17c18162cc3fd441d0da93
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37
https://bugzilla.redhat.com/show_bug.cgi?id=667916
Common Vulnerability Exposure (CVE) ID: CVE-2011-0006
[oss-security] 20110106 Re: CVE Request: kernel [Re: Security review of 2.6.32.28]
http://www.openwall.com/lists/oss-security/2011/01/06/18
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=867c20265459d30a01b021a9c1e81fb4c5832aa9
https://bugzilla.redhat.com/show_bug.cgi?id=667912
https://github.com/torvalds/linux/commit/867c20265459d30a01b021a9c1e81fb4c5832aa9
Common Vulnerability Exposure (CVE) ID: CVE-2011-0711
46417
http://www.securityfocus.com/bid/46417
70950
http://osvdb.org/70950
[oss-security] 20110216 CVE request - kernel: xfs infoleak
http://openwall.com/lists/oss-security/2011/02/16/4
[oss-security] 20110216 Re: CVE request - kernel: xfs infoleak
http://openwall.com/lists/oss-security/2011/02/16/10
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3a3675b7f23f83ca8c67c9c2b6edf707fd28d1ba
http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.38-rc6-git3.log
https://bugzilla.redhat.com/show_bug.cgi?id=677260
https://patchwork.kernel.org/patch/555461/
Common Vulnerability Exposure (CVE) ID: CVE-2011-0712
46419
http://www.securityfocus.com/bid/46419
USN-1146-1
http://www.ubuntu.com/usn/USN-1146-1
[oss-security] 20110216 Re: kernel: ALSA: caiaq - Fix possible string-buffer overflow
http://www.openwall.com/lists/oss-security/2011/02/16/11
http://www.openwall.com/lists/oss-security/2011/02/16/12
[oss-security] 20110216 kernel: ALSA: caiaq - Fix possible string-buffer overflow
http://www.openwall.com/lists/oss-security/2011/02/16/5
http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=eaae55dac6b64c0616046436b294e69fc5311581
http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.38-rc4-next-20110215.bz2
https://bugzilla.redhat.com/show_bug.cgi?id=677881
kernel-usbdevice-bo(65461)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65461
Common Vulnerability Exposure (CVE) ID: CVE-2011-0726
BugTraq ID: 47791
http://www.securityfocus.com/bid/47791
https://lkml.org/lkml/2011/3/11/380
http://www.spinics.net/lists/mm-commits/msg82726.html
RedHat Security Advisories: RHSA-2011:0833
http://rhn.redhat.com/errata/RHSA-2011-0833.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-1013
47639
http://www.securityfocus.com/bid/47639
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1922756124ddd53846877416d92ba4a802bc658f
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/drm_irq.c
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/drm_irq.c.diff?r1=1.41%3Br2=1.42%3Bf=h
https://bugzilla.redhat.com/show_bug.cgi?id=679925
kernel-drmioctl-priv-escalation(67199)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67199
Common Vulnerability Exposure (CVE) ID: CVE-2011-1016
46557
http://www.securityfocus.com/bid/46557
[oss-security] 20110224 CVE request: kernel: drm/radeon/kms: check AA resolve registers on r300
http://openwall.com/lists/oss-security/2011/02/24/3
[oss-security] 20110224 Re: CVE request: kernel: drm/radeon/kms: check AA resolve registers on r300
http://openwall.com/lists/oss-security/2011/02/24/11
[oss-security] 20110225 Re: CVE request: kernel: drm/radeon/kms: check AA resolve registers on r300
http://openwall.com/lists/oss-security/2011/02/25/4
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fff1ce4dc6113b6fdc4e3a815ca5fd229408f8ef
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.38-rc5
https://bugzilla.redhat.com/show_bug.cgi?id=680000
kernel-atiradeon-sec-bypass(65691)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65691
Common Vulnerability Exposure (CVE) ID: CVE-2011-1019
[oss-security] 20110225 Re: CVE request: kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN
http://www.openwall.com/lists/oss-security/2011/02/25/1
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8909c9ad8ff03611c9c96c9a92656213e4bb495b
https://bugzilla.redhat.com/show_bug.cgi?id=680360
https://github.com/torvalds/linux/commit/8909c9ad8ff03611c9c96c9a92656213e4bb495b
Common Vulnerability Exposure (CVE) ID: CVE-2011-1044
BugTraq ID: 46488
http://www.securityfocus.com/bid/46488
RedHat Security Advisories: RHSA-2011:0927
XForce ISS Database: kernel-ibuverbspollcq-info-disclosure(65563)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65563
Common Vulnerability Exposure (CVE) ID: CVE-2011-1079
RHSA-2011:0833
[oss-security] 20110301 Re: CVE request: kernel: two bluetooth and one ebtables infoleaks/DoSes
http://www.openwall.com/lists/oss-security/2011/03/01/10
http://downloads.avaya.com/css/P8/documents/100145416
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=43629f8f5ea32a998d06d1bb41eefa0e821ff573
http://packetstormsecurity.com/files/153799/Kernel-Live-Patch-Security-Notice-LSN-0053-1.html
https://bugzilla.redhat.com/show_bug.cgi?id=681260
https://github.com/torvalds/linux/commit/43629f8f5ea32a998d06d1bb41eefa0e821ff573
Common Vulnerability Exposure (CVE) ID: CVE-2011-1080
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d846f71195d57b0bbb143382647c2c6638b04c5a
https://bugzilla.redhat.com/show_bug.cgi?id=681262
https://github.com/torvalds/linux/commit/d846f71195d57b0bbb143382647c2c6638b04c5a
Common Vulnerability Exposure (CVE) ID: CVE-2011-1093
46793
http://www.securityfocus.com/bid/46793
[oss-security] 20110308 CVE request: kernel: dccp: fix oops on Reset after close
http://openwall.com/lists/oss-security/2011/03/08/4
[oss-security] 20110308 Re: CVE request: kernel: dccp: fix oops on Reset after close
http://openwall.com/lists/oss-security/2011/03/08/19
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=720dc34bbbe9493c7bd48b2243058b4e447a929d
https://bugzilla.redhat.com/show_bug.cgi?id=682954
Common Vulnerability Exposure (CVE) ID: CVE-2011-1573
[oss-security] 20110411 CVE request - kernel: sctp: fix to calc the INIT/INIT-ACK chunk length correctly to set
http://openwall.com/lists/oss-security/2011/04/11/4
[oss-security] 20110411 Re: CVE request - kernel: sctp: fix to calc the INIT/INIT-ACK chunk length correctly to set
http://openwall.com/lists/oss-security/2011/04/11/12
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8170c35e738d62e9919ce5b109cf4ed66e95bde
http://mirror.anl.gov/pub/linux/kernel/v2.6/ChangeLog-2.6.34
https://bugzilla.redhat.com/show_bug.cgi?id=695383
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.