English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.122384
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2010-0147)
Summary:The remote host is missing an update for the 'kernel, ocfs2-2.6.18-164.15.1.0.1.el5, oracleasm-2.6.18-164.15.1.0.1.el5' package(s) announced via the ELSA-2010-0147 advisory.
Description:Summary:
The remote host is missing an update for the 'kernel, ocfs2-2.6.18-164.15.1.0.1.el5, oracleasm-2.6.18-164.15.1.0.1.el5' package(s) announced via the ELSA-2010-0147 advisory.

Vulnerability Insight:
[2.6.18-164.15.1.0.1.el5]
- [xen] check to see if hypervisor supports memory reservation change
(Chuck Anderson) [orabug 7556514]
- Add entropy support to igb ( John Sobecki) [orabug 7607479]
- [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332]
- [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043]
[bz 7258]
- [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839]
- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]
- [nfsd] fix failure of file creation from hpux client (Wen gang Wang)
[orabug 7579314]
- FP register state is corrupted during the handling a SIGSEGV (Chuck Anderson)
[orabug 7708133]
- [x86_64] PCI space below 4GB forces mem remap above 1TB (Larry Woodman)
[523522]
- [cpufreq] P-state limit: limit can never be increased (Stanislaw Gruszka)
[489566]
- [rds] patch rds to 4.0-ora-1.4.2-10 (Andy Grover, Tina Yang)
[orabug 9168046] [RHBZ 546374]

[2.6.18-164.15.1.el5]
- [net] sctp: backport cleanups for ootb handling V2 (Neil Horman) [555666 555667] {CVE-2010-0008}
- Reverting: [net] sctp: backport cleanups for ootb handling (Neil Horman) [555666 555667] {CVE-2010-0008}

[2.6.18-164.14.1.el5]
- [fs] ext4: Avoid null pointer dereference when decoding EROFS w/o a journal (Jiri Pirko) [547256 547257] {CVE-2009-4308}
- [net] sctp: backport cleanups for ootb handling (Neil Horman) [555666 555667] {CVE-2010-0008}
- [mm] fix sys_move_pages infoleak (Eugene Teo) [562589 562590] {CVE-2010-0415}
- [x86_64] wire up compat sched_rr_get_interval (Danny Feng) [557684 557092]
- [net] netfilter: enforce CAP_NET_ADMIN in ebtables (Danny Feng) [555242 555243] {CVE-2010-0007}
- [misc] fix kernel info leak with print-fatal-signals=1 (Danny Feng) [554583 554584] {CVE-2010-0003}
- [net] ipv6: fix OOPS in ip6_dst_lookup_tail (Thomas Graf) [559238 552354]
- [kvm] pvclock on i386 suffers from double registering (Glauber Costa) [561454 557095]
- [pci] VF can't be enabled in dom0 (Don Dutile) [560665 547980]
- [kvm] kvmclock won't restore properly after resume (Glauber Costa) [560640 539521]
- [mm] prevent performance hit for 32-bit apps on x86_64 (Larry Woodman) [562746 544448]
- [fs] fix possible inode corruption on unlock (Eric Sandeen) [564281 545612]
- [gfs2] careful unlinking inodes (Steven Whitehouse ) [564288 519049]
- [gfs2] gfs2_delete_inode failing on RO filesystem (Abhijith Das ) [564290 501359]

[2.6.18-164.13.1.el5]
- [net] e1000e: fix broken wol (Andy Gospodarek) [559335 557974]
- [net] gro: fix illegal merging of trailer trash (Herbert Xu) [561417 537876]
- [xen] hook sched rebalance logic to opt_hardvirt (Christopher Lalancette ) [562777 529271]
- [xen] crank the correct stat in the scheduler (Christopher Lalancette ) [562777 529271]
- [xen] whitespace fixups in xen scheduler (Christopher Lalancette ) [562777 529271]
- [scsi] cciss: ignore stale commands after reboot (Tomas Henzl ) [562772 525440]
- [scsi] cciss: ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'kernel, ocfs2-2.6.18-164.15.1.0.1.el5, oracleasm-2.6.18-164.15.1.0.1.el5' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-4308
Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search)
http://www.securityfocus.com/archive/1/516397/100/0/threaded
Debian Security Information: DSA-2005 (Google Search)
http://www.debian.org/security/2010/dsa-2005
http://www.mandriva.com/security/advisories?name=MDVSA-2010:198
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11103
http://www.redhat.com/support/errata/RHSA-2010-0147.html
http://secunia.com/advisories/37658
http://secunia.com/advisories/38017
http://secunia.com/advisories/38276
http://secunia.com/advisories/43315
SuSE Security Announcement: SUSE-SA:2010:001 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html
SuSE Security Announcement: SUSE-SA:2010:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html
SuSE Security Announcement: SUSE-SA:2010:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
Common Vulnerability Exposure (CVE) ID: CVE-2010-0003
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
37724
http://www.securityfocus.com/bid/37724
38333
http://secunia.com/advisories/38333
38492
http://secunia.com/advisories/38492
38779
http://secunia.com/advisories/38779
39033
http://secunia.com/advisories/39033
43315
DSA-1996
http://www.debian.org/security/2010/dsa-1996
DSA-2005
FEDORA-2010-0919
http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034250.html
RHSA-2010:0146
https://rhn.redhat.com/errata/RHSA-2010-0146.html
RHSA-2010:0147
RHSA-2010:0161
http://www.redhat.com/support/errata/RHSA-2010-0161.html
SUSE-SA:2010:010
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html
SUSE-SA:2010:012
SUSE-SA:2010:014
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html
[oss-security] 20100112 CVE request - kernel: infoleak if print-fatal-signals=1
http://www.openwall.com/lists/oss-security/2010/01/12/1
[oss-security] 20100113 Re: CVE request - kernel: infoleak if print-fatal-signals=1
http://www.openwall.com/lists/oss-security/2010/01/13/4
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b45c6e76bc2c72f6426c14bed64fdcbc9bf37cb0
http://patchwork.kernel.org/patch/69752/
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.4
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
https://bugzilla.redhat.com/show_bug.cgi?id=554578
oval:org.mitre.oval:def:10550
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10550
Common Vulnerability Exposure (CVE) ID: CVE-2010-0007
37762
http://www.securityfocus.com/bid/37762
38133
http://secunia.com/advisories/38133
38296
http://secunia.com/advisories/38296
ADV-2010-0109
http://www.vupen.com/english/advisories/2010/0109
MDVSA-2011:051
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
SUSE-SA:2010:007
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00008.html
SUSE-SA:2010:013
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html
[oss-security] 20100113 CVE Request: kernel ebtables perm check
http://www.openwall.com/lists/oss-security/2010/01/14/1
[oss-security] 20100114 Re: CVE Request: kernel ebtables perm check
http://www.openwall.com/lists/oss-security/2010/01/14/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dce766af541f6605fa9889892c0280bab31c66ab
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc4
https://bugzilla.redhat.com/show_bug.cgi?id=555238
kernel-ebtables-security-bypass(55602)
https://exchange.xforce.ibmcloud.com/vulnerabilities/55602
oval:org.mitre.oval:def:9630
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9630
Common Vulnerability Exposure (CVE) ID: CVE-2010-0008
39295
http://secunia.com/advisories/39295
RHSA-2010:0342
http://www.redhat.com/support/errata/RHSA-2010-0342.html
[oss-security] 20100317 CVE-2010-0008 kernel: sctp remote denial of service
http://www.openwall.com/lists/oss-security/2010/03/17/2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ece25dfa0991f65c4e1d26beb1c3c45bda4239b8
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23
https://bugzilla.redhat.com/show_bug.cgi?id=555658
oval:org.mitre.oval:def:11160
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11160
Common Vulnerability Exposure (CVE) ID: CVE-2010-0415
38144
http://www.securityfocus.com/bid/38144
38557
http://secunia.com/advisories/38557
38922
http://secunia.com/advisories/38922
ADV-2010-0638
http://www.vupen.com/english/advisories/2010/0638
FEDORA-2010-1787
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html
FEDORA-2010-1804
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035070.html
MDVSA-2010:066
http://www.mandriva.com/security/advisories?name=MDVSA-2010:066
MDVSA-2010:198
SUSE-SA:2010:018
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00006.html
USN-914-1
http://www.ubuntu.com/usn/USN-914-1
[oss-security] 20100207 CVE request: information leak / potential crash in sys_move_pages
http://www.openwall.com/lists/oss-security/2010/02/07/1
[oss-security] 20100207 Re: CVE request: information leak / potential crash in sys_move_pages
http://www.openwall.com/lists/oss-security/2010/02/07/2
[oss-security] 20100208 Re: CVE request: information leak / potential crash in sys_move_pages
http://www.openwall.com/lists/oss-security/2010/02/08/2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6f5a55f1a6c5abee15a0e878e5c74d9f1569b8b0
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc7
https://bugzilla.redhat.com/show_bug.cgi?id=562582
oval:org.mitre.oval:def:9399
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9399
Common Vulnerability Exposure (CVE) ID: CVE-2010-0437
[oss-security] 20100211 CVE request - kernel: ip6_dst_lookup_tail() NULL pointer dereference
http://www.openwall.com/lists/oss-security/2010/02/11/1
[oss-security] 20100304 Re: CVE request - kernel: ip6_dst_lookup_tail() NULL pointer dereference
http://www.openwall.com/lists/oss-security/2010/03/04/4
http://bugzilla.kernel.org/show_bug.cgi?id=11469
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e550dfb0c2c31b6363aa463a035fc9f8dcaa3c9b
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27
https://bugzilla.redhat.com/show_bug.cgi?id=563781
oval:org.mitre.oval:def:10061
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10061
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.