English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.122198
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2011-0421)
Summary:The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2011-0421 advisory.
Description:Summary:
The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2011-0421 advisory.

Vulnerability Insight:
[2.6.32-71.24.1.el6]
- [fs] Revert '[fs] inotify: stop kernel memory leak on file creation failure' (Eric Paris) [656831 656832] {CVE-2010-4250}

[2.6.32-71.23.1.el6]
- [x86] Revert '[x86] mtrr: Assume SYS_CFG[Tom2ForceMemTypeWB] exists on all future AMD CPUs' (Frank Arnold) [683813 652208]

[2.6.32-71.22.1.el6]
- rebuild

[2.6.32-71.21.1.el6]
- [netdrv] ixgbe: limit VF access to network traffic (Frantisek Hrbata) [684129 678717]
- [netdrv] ixgbe: work around for DDP last buffer size (Frantisek Hrbata) [684129 678717]
- [net] gro: reset dev and skb_iff on skb reuse (Andy Gospodarek) [688311 681970]
- [x86] mtrr: Assume SYS_CFG[Tom2ForceMemTypeWB] exists on all future AMD CPUs (Frank Arnold) [683813 652208]
- [virt] virtio_net: Add schedule check to napi_enable call (Michael S. Tsirkin) [684268 676579]
- [s390x] mm: add devmem_is_allowed() for STRICT_DEVMEM checking (Hendrik Brueckner) [684267 647365]
- [powerpc] Don't use kernel stack with translation off (Steve Best) [684266 628951]
- [powerpc] Initialise paca->kstack before early_setup_secondary (Steve Best) [684266 628951]

[2.6.32-71.20.1.el6]
- [dvb] kernel: av7110 negative array offset (Mauro Carvalho Chehab) [672403 672404] {CVE-2011-0521}
- [fs] sunrpc: Correct a misapplied patch (J. Bruce Fields) [678094 678146] {CVE-2011-0714}
- [netdrv] orinoco: fix TKIP countermeasure behaviour (Stanislaw Gruszka) [667908 667909] {CVE-2010-4648}
- [kernel] /proc/vmcore: speed up access to vmcore file (Neil Horman) [683442 672937]
- [netdrv] cnic: Fix big endian bug (Steve Best) [678484 676640]
- [scsi] fcoe: drop FCoE LOGO in FIP mode (Mike Christie) [683814 668114]
- [s390x] remove task_show_regs (Danny Feng) [677854 677855] {CVE-2011-0710}
- [ib] cm: Bump reference count on cm_id before invoking callback (Doug Ledford) [676190 676191] {CVE-2011-0695}
- [rdma] cm: Fix crash in request handlers (Doug Ledford) [676190 676191] {CVE-2011-0695}
- [net] bridge: Fix mglist corruption that leads to memory corruption (Herbert Xu) [678172 659421] {CVE-2011-0716}
- [netdrv] r8169: use RxFIFO overflow workaround and prevent RxFIFO induced infinite loops (Ivan Vecera) [680080 630810]
- [s390x] kernel: nohz vs cpu hotplug system hang (Hendrik Brueckner) [683815 668470]
- [netdrv] cxgb3/cxgb3_main.c: prevent reading uninitialized stack memory (Doug Ledford) [633156 633157] {CVE-2010-3296}
- [configs] redhat: added CONFIG_SECURITY_DMESG_RESTRICT option (Frantisek Hrbata) [683822 653245]
- [kernel] restrict unprivileged access to kernel syslog (Frantisek Hrbata) [683822 653245]
- [fs] cifs: allow matching of tcp sessions in CifsNew state (Jeff Layton) [683812 629085]
- [fs] cifs: fix potential double put of TCP session reference (Jeff Layton) [683812 629085]
- [fs] cifs: prevent possible memory corruption in cifs_demultiplex_thread (Jeff Layton) [683812 629085]
- [fs] cifs: eliminate some more premature cifsd exits (Jeff Layton) [683812 ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'kernel' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-3296
20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console
http://www.securityfocus.com/archive/1/520102/100/0/threaded
41440
http://secunia.com/advisories/41440
42758
http://secunia.com/advisories/42758
42884
http://secunia.com/advisories/42884
43221
http://www.securityfocus.com/bid/43221
46397
http://secunia.com/advisories/46397
ADV-2011-0070
http://www.vupen.com/english/advisories/2011/0070
ADV-2011-0298
http://www.vupen.com/english/advisories/2011/0298
DSA-2126
http://www.debian.org/security/2010/dsa-2126
RHSA-2011:0017
http://www.redhat.com/support/errata/RHSA-2011-0017.html
SUSE-SA:2010:050
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html
SUSE-SA:2010:054
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html
SUSE-SA:2011:007
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
USN-1041-1
http://www.ubuntu.com/usn/USN-1041-1
[linux-kernel] 20100911 [PATCH] drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack memory
http://lkml.org/lkml/2010/9/11/170
[oss-security] 20100914 CVE request: kernel: numerous infoleaks
http://www.openwall.com/lists/oss-security/2010/09/14/2
[oss-security] 20100914 Re: CVE request: kernel: numerous infoleaks
http://www.openwall.com/lists/oss-security/2010/09/14/7
http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=49c37c0334a9b85d30ab3d6b5d1acb05ef2ef6de
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc5
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
https://bugzilla.redhat.com/show_bug.cgi?id=633149
Common Vulnerability Exposure (CVE) ID: CVE-2010-4346
42570
http://secunia.com/advisories/42570
45323
http://www.securityfocus.com/bid/45323
MDVSA-2011:029
http://www.mandriva.com/security/advisories?name=MDVSA-2011:029
[linux-kernel] 20101209 [PATCH] install_special_mapping skips security_file_mmap check.
https://lkml.org/lkml/2010/12/9/222
[oss-security] 20101209 Re: [taviso@cmpxchg8b.com: [PATCH] install_special_mapping skips security_file_mmap check.]
http://openwall.com/lists/oss-security/2010/12/09/13
[oss-security] 20101209 [taviso@cmpxchg8b.com: [PATCH] install_special_mapping skips security_file_mmap check.]
http://openwall.com/lists/oss-security/2010/12/09/12
[oss-security] 20101210 Re: Subject: CVE request: kernel: install_special_mapping skips security_file_mmap check
http://openwall.com/lists/oss-security/2010/12/10/3
[oss-security] 20101210 Subject: CVE request: kernel: install_special_mapping skips security_file_mmap check
http://openwall.com/lists/oss-security/2010/12/10/2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=462e635e5b73ba9a4c03913b77138cd57ce4b050
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc6
https://bugzilla.redhat.com/show_bug.cgi?id=662189
Common Vulnerability Exposure (CVE) ID: CVE-2010-4526
42964
http://secunia.com/advisories/42964
45661
http://www.securityfocus.com/bid/45661
ADV-2011-0169
http://www.vupen.com/english/advisories/2011/0169
RHSA-2011:0163
http://www.redhat.com/support/errata/RHSA-2011-0163.html
[oss-security] 20110104 CVE-2010-4526 kernel: sctp: a race between ICMP protocol unreachable and connect()
http://www.openwall.com/lists/oss-security/2011/01/04/3
[oss-security] 20110104 Re: CVE-2010-4526 kernel: sctp: a race between ICMP protocol unreachable and connect()
http://www.openwall.com/lists/oss-security/2011/01/04/13
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=50b5d6ad63821cea324a5a7a19854d4de1a0a819
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4526
kernel-icmp-message-dos(64616)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64616
Common Vulnerability Exposure (CVE) ID: CVE-2010-4648
[oss-security] 20110106 Re: CVE Request: kernel [Re: Security review of 2.6.32.28]
http://www.openwall.com/lists/oss-security/2011/01/06/18
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0a54917c3fc295cb61f3fb52373c173fd3b69f48
https://bugzilla.redhat.com/show_bug.cgi?id=667907
https://github.com/torvalds/linux/commit/0a54917c3fc295cb61f3fb52373c173fd3b69f48
Common Vulnerability Exposure (CVE) ID: CVE-2010-4655
45972
http://www.securityfocus.com/bid/45972
USN-1146-1
http://www.ubuntu.com/usn/USN-1146-1
[linux-kernel] 20101007 [PATCH] net: clear heap allocations for privileged ethtool actions
https://lkml.org/lkml/2010/10/7/297
[oss-security] 20110124 CVE request: linux kernel heap issues
http://openwall.com/lists/oss-security/2011/01/24/9
[oss-security] 20110124 Re: CVE request: linux kernel heap issues
http://openwall.com/lists/oss-security/2011/01/25/3
[oss-security] 20110125 Re: CVE request: linux kernel heap issues
http://openwall.com/lists/oss-security/2011/01/25/4
http://openwall.com/lists/oss-security/2011/01/25/5
[oss-security] 20110128 Re: CVE request: linux kernel heap issues
http://openwall.com/lists/oss-security/2011/01/28/1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b00916b189d13a615ff05c9242201135992fcda3
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36
https://bugzilla.redhat.com/show_bug.cgi?id=672428
Common Vulnerability Exposure (CVE) ID: CVE-2010-4656
46069
http://www.securityfocus.com/bid/46069
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3ed780117dbe5acb64280d218f0347f238dafed0
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37
https://bugzilla.redhat.com/show_bug.cgi?id=672420
Common Vulnerability Exposure (CVE) ID: CVE-2011-0521
1025195
http://www.securitytracker.com/id?1025195
43009
http://secunia.com/advisories/43009
45986
http://www.securityfocus.com/bid/45986
[oss-security] 20110125 Linux kernel av7110 negative array offset
http://openwall.com/lists/oss-security/2011/01/24/2
[oss-security] 20110125 Re: Linux kernel av7110 negative array offset
http://openwall.com/lists/oss-security/2011/01/25/2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cb26a24ee9706473f31d34cc259f4dcf45cd0644
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.38-rc2
kernel-av7110ca-privilege-escalation(64988)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64988
Common Vulnerability Exposure (CVE) ID: CVE-2011-0695
43693
http://secunia.com/advisories/43693
46839
http://www.securityfocus.com/bid/46839
RHSA-2011:0927
http://rhn.redhat.com/errata/RHSA-2011-0927.html
[linux-rdma] 20110223 [PATCH 1/2] rdma/cm: Fix crash in request handlers
http://www.spinics.net/lists/linux-rdma/msg07447.html
[linux-rdma] 20110223 [PATCH 2/2] ib/cm: Bump reference count on cm_id before invoking callback
http://www.spinics.net/lists/linux-rdma/msg07448.html
[oss-security] 20110311 CVE-2011-0695 kernel: panic in ib_cm:cm_work_handler
http://www.openwall.com/lists/oss-security/2011/03/11/1
kernel-infiniband-dos(66056)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66056
Common Vulnerability Exposure (CVE) ID: CVE-2011-0710
46421
http://www.securityfocus.com/bid/46421
[oss-security] 20110216 CVE request - kernel: s390 task_show_regs infoleak
http://openwall.com/lists/oss-security/2011/02/16/3
[oss-security] 20110216 Re: CVE request - kernel: s390 task_show_regs infoleak
http://openwall.com/lists/oss-security/2011/02/16/9
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=261cd298a8c363d7985e3482946edb4bfedacf98
http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.38-rc4-next-20110216.bz2
https://bugzilla.redhat.com/show_bug.cgi?id=677850
kernel-taskshowregs-info-disclosure(65464)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65464
Common Vulnerability Exposure (CVE) ID: CVE-2011-0716
[oss-security] 20110217 Re: CVE request -- kernel: deficiency in processing igmp host membership reports in br_multicast
http://www.openwall.com/lists/oss-security/2011/02/17/2
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6b0d6a9b4296fa16a28d10d416db7a770fc03287
https://bugzilla.redhat.com/show_bug.cgi?id=678169
https://github.com/torvalds/linux/commit/6b0d6a9b4296fa16a28d10d416db7a770fc03287
Common Vulnerability Exposure (CVE) ID: CVE-2011-1478
8480
http://securityreason.com/securityalert/8480
[oss-security] 20110328 CVE-2011-1478 kernel: gro: reset dev and skb_iff on skb reuse
http://openwall.com/lists/oss-security/2011/03/28/1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=66c46d741e2e60f0e8b625b80edb0ab820c46d7a
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6d152e23ad1a7a5b40fef1f42e017d66e6115159
http://mirror.anl.gov/pub/linux/kernel/v2.6/ChangeLog-2.6.38
https://bugzilla.redhat.com/show_bug.cgi?id=691270
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.