Test ID:	1.3.6.1.4.1.25623.1.0.122285
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2011-0004)
Summary:	The remote host is missing an update for the 'kernel, ocfs2-2.6.18-194.32.1.0.1.el5, oracleasm-2.6.18-194.32.1.0.1.el5' package(s) announced via the ELSA-2011-0004 advisory.
Description:	Summary: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-194.32.1.0.1.el5, oracleasm-2.6.18-194.32.1.0.1.el5' package(s) announced via the ELSA-2011-0004 advisory. Vulnerability Insight: [2.6.18-194.32.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - make xenkbd.abs_pointer=1 by default (John Haxby) [orabug 67188919] - fix filp_close() race (Joe Jin) [orabug 10335998] [2.6.18-194.32.1.el5] - [fs] nfs: set lock_context field in nfs_readpage_sync (Jeff Layton) [664416 663853] [2.6.18-194.31.1.el5] - [fs] nfs: set lock_context field in nfs_writepage_sync (Jeff Layton) [663381 660580] - [fs] nfs: remove problematic calls to nfs_clear_request (Jeff Layton) [663353 656492] - [fs] nfs: handle alloc failures in nfs_create_request (Jeff Layton) [663353 656492] - [fs] nfs: clean up nfs_create_request (Jeff Layton) [663353 656492] - [virt] xen: fix netback hotplug regression in xenbus fix (Laszlo Ersek) [636412 635999] {CVE-2010-3699} [2.6.18-194.30.1.el5] - [scsi] lpfc: set heartbeat timer off by default (Rob Evers) [658079 655119] - [misc] posix-cpu-timers: workaround for mt exec problems (Oleg Nesterov) [656265 656266] {CVE-2010-4248} - [fs] setup_arg_pages: diagnose excessive argument size (Oleg Nesterov) [645226 645227] {CVE-2010-3858} - [net] inet_diag: make sure we run audited bytecode (Jiri Pirko) [651266 651267] {CVE-2010-3880} - [net] limit sendto/recvfrom/iovec total length to INT_MAX (Jiri Pirko) [645871 645872] {CVE-2010-3859} - [bluetooth] hci_ldisc: fix missing ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel, ocfs2-2.6.18-194.32.1.0.1.el5, oracleasm-2.6.18-194.32.1.0.1.el5' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3432 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console http://www.securityfocus.com/archive/1/520102/100/0/threaded 42400 http://secunia.com/advisories/42400 42778 http://secunia.com/advisories/42778 42789 http://secunia.com/advisories/42789 43480 http://www.securityfocus.com/bid/43480 46397 http://secunia.com/advisories/46397 ADV-2010-3113 http://www.vupen.com/english/advisories/2010/3113 ADV-2011-0012 http://www.vupen.com/english/advisories/2011/0012 ADV-2011-0024 http://www.vupen.com/english/advisories/2011/0024 ADV-2011-0298 http://www.vupen.com/english/advisories/2011/0298 DSA-2126 http://www.debian.org/security/2010/dsa-2126 RHSA-2010:0842 http://www.redhat.com/support/errata/RHSA-2010-0842.html RHSA-2010:0936 http://www.redhat.com/support/errata/RHSA-2010-0936.html RHSA-2010:0958 http://www.redhat.com/support/errata/RHSA-2010-0958.html RHSA-2011:0004 http://www.redhat.com/support/errata/RHSA-2011-0004.html SUSE-SA:2011:001 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html SUSE-SA:2011:007 http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html USN-1000-1 http://www.ubuntu.com/usn/USN-1000-1 [netdev] 20100915 [PATCH] net: SCTP remote/local Denial of Service vulnerability description and fix http://marc.info/?l=linux-netdev&m=128453869227715&w=3 [oss-security] 20100924 CVE Request -- Linux/SCTP DoS in sctp_packet_config() http://marc.info/?l=oss-security&m=128534569803598&w=2 [oss-security] 20100925 Re: CVE Request -- Linux/SCTP DoS in sctp_packet_config() http://marc.info/?l=oss-security&m=128537701808336&w=2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4bdab43323b459900578b200a4b8cf9713ac8fab http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.6 http://www.vmware.com/security/advisories/VMSA-2011-0012.html https://bugzilla.redhat.com/show_bug.cgi?id=637675 Common Vulnerability Exposure (CVE) ID: CVE-2010-3442 42745 http://secunia.com/advisories/42745 42801 http://secunia.com/advisories/42801 43291 http://secunia.com/advisories/43291 43787 http://www.securityfocus.com/bid/43787 ADV-2010-3321 http://www.vupen.com/english/advisories/2010/3321 ADV-2011-0375 http://www.vupen.com/english/advisories/2011/0375 FEDORA-2010-18983 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html MDVSA-2010:257 http://www.mandriva.com/security/advisories?name=MDVSA-2010:257 SUSE-SA:2010:060 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html SUSE-SA:2011:002 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html SUSE-SA:2011:008 http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html [oss-security] 20100929 CVE request - kernel: prevent heap corruption in snd_ctl_new() http://www.openwall.com/lists/oss-security/2010/09/29/2 [oss-security] 20100929 Re: CVE request - kernel: prevent heap corruption in snd_ctl_new() http://www.openwall.com/lists/oss-security/2010/09/29/3 http://www.openwall.com/lists/oss-security/2010/09/29/4 http://www.openwall.com/lists/oss-security/2010/09/29/9 http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=5591bf07225523600450edd9e6ad258bb877b779 http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc5-next-20100928.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=638478 Common Vulnerability Exposure (CVE) ID: CVE-2010-3699 1024786 http://www.securitytracker.com/id?1024786 42372 http://secunia.com/advisories/42372 43056 http://secunia.com/advisories/43056 45039 http://www.securityfocus.com/bid/45039 ADV-2011-0213 http://www.vupen.com/english/advisories/2011/0213 SUSE-SA:2011:005 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/59f097ef181b Common Vulnerability Exposure (CVE) ID: CVE-2010-3858 15619 http://www.exploit-db.com/exploits/15619 42758 http://secunia.com/advisories/42758 44301 http://www.securityfocus.com/bid/44301 ADV-2011-0070 http://www.vupen.com/english/advisories/2011/0070 USN-1041-1 http://www.ubuntu.com/usn/USN-1041-1 [oss-security] 20101021 CVE request: kernel: setup_arg_pages: diagnose excessive argument size http://www.openwall.com/lists/oss-security/2010/10/21/1 [oss-security] 20101022 Re: CVE request: kernel: setup_arg_pages: diagnose excessive argument size http://www.openwall.com/lists/oss-security/2010/10/22/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1b528181b2ffa14721fb28ad1bd539fe1732c583 http://grsecurity.net/~spender/64bit_dos.c http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36 https://bugzilla.redhat.com/show_bug.cgi?id=645222 Common Vulnerability Exposure (CVE) ID: CVE-2010-3859 42963 http://secunia.com/advisories/42963 44354 http://www.securityfocus.com/bid/44354 ADV-2011-0168 http://www.vupen.com/english/advisories/2011/0168 MDVSA-2011:029 http://www.mandriva.com/security/advisories?name=MDVSA-2011:029 RHSA-2011:0162 http://www.redhat.com/support/errata/RHSA-2011-0162.html [netdev] 20101021 TIPC security issues http://marc.info/?l=linux-netdev&m=128770476511716&w=2 [netdev] 20101027 Re: [PATCH 1/4] tipc: Fix bugs in tipc_msg_calc_data_size() http://www.spinics.net/lists/netdev/msg145248.html [netdev] 20101027 [PATCH 0/4] RFC: tipc int vs size_t fixes http://www.spinics.net/lists/netdev/msg145247.html [netdev] 20101027 [PATCH 1/4] tipc: Fix bugs in tipc_msg_calc_data_size() http://www.spinics.net/lists/netdev/msg145263.html [netdev] 20101027 [PATCH 2/4] tipc: Fix bugs in tipc_msg_build() http://www.spinics.net/lists/netdev/msg145265.html [netdev] 20101027 [PATCH 3/4] tipc: Update arguments to use size_t for iovec array sizes http://www.spinics.net/lists/netdev/msg145262.html [netdev] 20101027 [PATCH 4/4] tipc: Fix bugs in sending of large amounts of byte-stream data http://www.spinics.net/lists/netdev/msg145264.html [netdev] 20101028 Re: [PATCH 2/4] tipc: Fix bugs in tipc_msg_build() http://www.spinics.net/lists/netdev/msg145352.html [oss-security] 20101022 CVE request: kernel: heap overflow in TIPC http://www.openwall.com/lists/oss-security/2010/10/22/2 [oss-security] 20101022 Re: CVE request: kernel: heap overflow in TIPC http://www.openwall.com/lists/oss-security/2010/10/22/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=253eacc070b114c2ec1f81b067d2fed7305467b0 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8acfe468b0384e834a303f08ebc4953d72fb690a http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2 https://bugzilla.redhat.com/show_bug.cgi?id=645867 Common Vulnerability Exposure (CVE) ID: CVE-2010-3865 42890 http://secunia.com/advisories/42890 44549 http://www.securityfocus.com/bid/44549 RHSA-2011:0007 http://www.redhat.com/support/errata/RHSA-2011-0007.html SUSE-SA:2010:057 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00004.html [netdev] 20101028 Re: [Security] TIPC security issues http://www.spinics.net/lists/netdev/msg145359.html http://www.spinics.net/lists/netdev/msg145397.html [oss-security] 20101029 CVE request: kernel: iovec overflow in rds_rdma_pages() http://www.openwall.com/lists/oss-security/2010/10/29/1 [oss-security] 20101101 Re: CVE request: kernel: iovec overflow in rds_rdma_pages() http://www.openwall.com/lists/oss-security/2010/11/01/1 kernel-rdsrdmapages-overflow(62881) https://exchange.xforce.ibmcloud.com/vulnerabilities/62881 Common Vulnerability Exposure (CVE) ID: CVE-2010-3876 44630 http://www.securityfocus.com/bid/44630 [netdev] 20101031 [PATCH 2/3] net: packet: fix information leak to userland http://marc.info/?l=linux-netdev&m=128854507220908&w=2 [oss-security] 20101102 CVE request: kernel stack infoleaks http://openwall.com/lists/oss-security/2010/11/02/7 [oss-security] 20101102 Re: CVE request: kernel stack infoleaks http://openwall.com/lists/oss-security/2010/11/02/10 http://openwall.com/lists/oss-security/2010/11/02/12 http://openwall.com/lists/oss-security/2010/11/02/9 [oss-security] 20101104 Re: CVE request: kernel stack infoleaks http://openwall.com/lists/oss-security/2010/11/04/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67286640f638f5ad41a946b9a3dc75327950248f http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc2 https://bugzilla.redhat.com/show_bug.cgi?id=649715 Common Vulnerability Exposure (CVE) ID: CVE-2010-3880 42126 http://secunia.com/advisories/42126 44665 http://www.securityfocus.com/bid/44665 [netdev] 20101103 [PATCH 2/2] inet_diag: Make sure we actually run the same bytecode we audited. http://www.spinics.net/lists/netdev/msg145899.html [oss-security] 20101104 CVE request: kernel: logic error in INET_DIAG bytecode auditing http://openwall.com/lists/oss-security/2010/11/04/9 [oss-security] 20101105 Re: CVE request: kernel: logic error in INET_DIAG bytecode auditing http://openwall.com/lists/oss-security/2010/11/05/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=22e76c849d505d87c5ecf3d3e6742a65f0ff4860 https://bugzilla.redhat.com/show_bug.cgi?id=651264 Common Vulnerability Exposure (CVE) ID: CVE-2010-4083 BugTraq ID: 43809 http://www.securityfocus.com/bid/43809 Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search) Debian Security Information: DSA-2126 (Google Search) http://www.mandriva.com/security/advisories?name=MDVSA-2011:051 http://www.spinics.net/lists/mm-commits/msg80234.html http://www.openwall.com/lists/oss-security/2010/09/25/2 http://www.openwall.com/lists/oss-security/2010/10/06/6 http://www.openwall.com/lists/oss-security/2010/10/07/1 http://www.openwall.com/lists/oss-security/2010/10/25/3 http://secunia.com/advisories/42932 SuSE Security Announcement: SUSE-SA:2010:060 (Google Search) SuSE Security Announcement: SUSE-SA:2011:001 (Google Search) SuSE Security Announcement: SUSE-SA:2011:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html SuSE Security Announcement: SUSE-SA:2011:007 (Google Search) SuSE Security Announcement: SUSE-SA:2011:008 (Google Search) http://www.vupen.com/english/advisories/2011/0124 Common Vulnerability Exposure (CVE) ID: CVE-2010-4157 42932 44648 http://www.securityfocus.com/bid/44648 ADV-2011-0124 SUSE-SA:2011:004 [linux-scsi] 20101008 [patch] gdth: integer overflow in ioctl http://ns3.spinics.net/lists/linux-scsi/msg47361.html [oss-security] 20101108 CVE request: kernel: gdth: integer overflow in ioc_general() http://openwall.com/lists/oss-security/2010/11/09/1 [oss-security] 20101108 Re: CVE request: kernel: gdth: integer overflow in ioc_general() http://openwall.com/lists/oss-security/2010/11/09/3 [oss-security] 20101109 Re: CVE request: kernel: gdth: integer overflow in ioc_general() http://openwall.com/lists/oss-security/2010/11/09/4 http://openwall.com/lists/oss-security/2010/11/09/5 [oss-security] 20101110 Re: CVE request: kernel: gdth: integer overflow in ioc_general() http://openwall.com/lists/oss-security/2010/11/10/12 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f63ae56e4e97fb12053590e41a4fa59e7daa74a4 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.1 https://bugzilla.redhat.com/show_bug.cgi?id=651147 Common Vulnerability Exposure (CVE) ID: CVE-2010-4161 20101118 Re: Kernel 0-day http://www.securityfocus.com/archive/1/514845 [netdev] 20101110 Re: [PATCH] Prevent reading uninitialized memory with socket filters http://www.spinics.net/lists/netdev/msg146404.html https://bugzilla.redhat.com/show_bug.cgi?id=651698 https://bugzilla.redhat.com/show_bug.cgi?id=652534 kernel-udpqueuercvskb-dos(64497) https://exchange.xforce.ibmcloud.com/vulnerabilities/64497 Common Vulnerability Exposure (CVE) ID: CVE-2010-4242 45014 http://www.securityfocus.com/bid/45014 [linux-kernel] 20101007 Peculiar stuff in hci_ath3k/badness in hci_uart https://lkml.org/lkml/2010/10/7/255 http://git.kernel.org/linus/c19483cc5e56ac5e22dd19cf25ba210ab1537773 http://xorl.wordpress.com/2010/12/01/cve-2010-4242-linux-kernel-bluetooth-hci-uart-invalid-pointer-access/ https://bugzilla.redhat.com/show_bug.cgi?id=641410 kernel-hciuartttyopen-dos(64617) https://exchange.xforce.ibmcloud.com/vulnerabilities/64617 Common Vulnerability Exposure (CVE) ID: CVE-2010-4247 35093 http://secunia.com/advisories/35093 45029 http://www.securityfocus.com/bid/45029 [oss-security] 20101123 CVE request: xen: request-processing loop is unbounded in blkback http://www.openwall.com/lists/oss-security/2010/11/23/1 [oss-security] 20101124 Re: CVE request: xen: request-processing loop is unbounded in blkback http://www.openwall.com/lists/oss-security/2010/11/24/8 http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/7070d34f251c http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/77f831cbb91d https://bugzilla.redhat.com/show_bug.cgi?id=656206 Common Vulnerability Exposure (CVE) ID: CVE-2010-4248 45028 http://www.securityfocus.com/bid/45028 [oss-security] 20101123 CVE request: kernel: posix-cpu-timers: workaround to suppress the problems with mt exec http://www.openwall.com/lists/oss-security/2010/11/23/2 [oss-security] 20101124 Re: CVE request: kernel: posix-cpu-timers: workaround to suppress the problems with mt exec http://www.openwall.com/lists/oss-security/2010/11/24/9 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e0a70217107e6f9844628120412cb27bb4cea194 https://bugzilla.redhat.com/show_bug.cgi?id=656264
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.