Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2009-1455)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.122433

Category: Oracle Linux Local Security Checks

Title: Oracle: Security Advisory (ELSA-2009-1455)

Summary: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-164.2.1.0.1.el5, oracleasm-2.6.18-164.2.1.0.1.el5' package(s) announced via the ELSA-2009-1455 advisory.

Description: Summary:
The remote host is missing an update for the 'kernel, ocfs2-2.6.18-164.2.1.0.1.el5, oracleasm-2.6.18-164.2.1.0.1.el5' package(s) announced via the ELSA-2009-1455 advisory.

Vulnerability Insight:
[2.6.18-164.2.1.0.1.el5]
- [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514]
- Add entropy support to igb ( John Sobecki) [orabug 7607479]
- [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332]
- [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258]
- [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839]
- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]
- [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314]

[2.6.18-164.2.1.el5]
- [x86_64] kvm: bound last_kvm to prevent backwards time (Glauber Costa ) [524527 524076]
- [x86] kvm: fix vsyscall going backwards (Glauber Costa ) [524527 524076]
- [misc] fix RNG to not use first generated random block (Neil Horman ) [523289 522860]
- [x86] kvm: mark kvmclock_init as cpuinit (Glauber Costa ) [524151 523450]
- [x86_64] kvm: allow kvmclock to be overwritten (Glauber Costa ) [524150 523447]
- [x86] kvmclock: fix bogus wallclock value (Glauber Costa ) [524152 519771]
- [scsi] scsi_dh_rdace: add more sun hardware (mchristi@redhat.com ) [523237 518496]
- [misc] cprng: fix cont test to be fips compliant (Neil Horman ) [523290 523259]
- [net] bridge: fix LRO crash with tun (Andy Gospodarek ) [522636 483646]
- Revert: [x86_64] fix gettimeoday TSC overflow issue - 1 (Don Zickus ) [489847 467942]
- Revert: [net] atalk/irda: memory leak to user in getname (Danny Feng ) [519309 519310] {CVE-2009-3001 CVE-2009-3002}

[2.6.18-164.1.1.el5]
- [net] sky2: revert some phy power refactoring changes (Neil Horman ) [517976 509891]
- [net] atalk/irda: memory leak to user in getname (Danny Feng ) [519309 519310] {CVE-2009-3001 CVE-2009-3002}
- [x86_64] fix gettimeoday TSC overflow issue - 1 (Prarit Bhargava ) [489847 467942]
- [md] prevent crash when accessing suspend_* sysfs attr (Danny Feng ) [518135 518136] {CVE-2009-2849}
- [nfs] nlm_lookup_host: don't return invalidated nlm_host (Sachin S. Prabhu ) [517967 507549]
- [net] bonding: tlb/alb: set active slave when enslaving (Jiri Pirko ) [517971 499884]
- [nfs] r/w I/O perf degraded by FLUSH_STABLE page flush (Peter Staubach ) [521244 498433]
- [SELinux] allow preemption b/w transition perm checks (Eric Paris ) [520919 516216]
- [scsi] scsi_transport_fc: fc_user_scan correction (David Milburn ) [521239 515176]
- [net] tg3: refrain from touching MPS (John Feeney ) [521241 516123]
- [net] qlge: fix hangs and read performance (Marcus Barrow ) [519783 517893]
- [scsi] qla2xxx: allow use of MSI when MSI-X disabled (Marcus Barrow ) [519782 517922]
- [net] mlx4_en fix for vlan traffic (Doug Ledford ) [520906 514141]
- [net] mlx4_core: fails to load on large systems (Doug Ledford ) [520908 514147]
- [x86] disable kvmclock by default (Glauber Costa ) [520685 476075]
- [x86] disable kvmclock when shutting the machine down (Glauber Costa ) [520685 476075]
- [x86] ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'kernel, ocfs2-2.6.18-164.2.1.0.1.el5, oracleasm-2.6.18-164.2.1.0.1.el5' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
4.7

CVSS Vector:
AV:L/AC:M/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-2849
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html
http://xorl.wordpress.com/2009/07/21/linux-kernel-md-driver-null-pointer-dereference/
http://www.openwall.com/lists/oss-security/2009/07/24/1
http://www.openwall.com/lists/oss-security/2009/07/26/1
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10396
RedHat Security Advisories: RHSA-2009:1540
https://rhn.redhat.com/errata/RHSA-2009-1540.html
http://www.securitytracker.com/id?1022961
http://secunia.com/advisories/36501
http://secunia.com/advisories/37105
http://secunia.com/advisories/38794
http://secunia.com/advisories/38834
http://www.ubuntu.com/usn/USN-852-1
http://www.vupen.com/english/advisories/2010/0528
XForce ISS Database: kernel-mddriver-dos(52858)
https://exchange.xforce.ibmcloud.com/vulnerabilities/52858

Copyright Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.122433
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2009-1455)
Summary:	The remote host is missing an update for the 'kernel, ocfs2-2.6.18-164.2.1.0.1.el5, oracleasm-2.6.18-164.2.1.0.1.el5' package(s) announced via the ELSA-2009-1455 advisory.
Description:	Summary: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-164.2.1.0.1.el5, oracleasm-2.6.18-164.2.1.0.1.el5' package(s) announced via the ELSA-2009-1455 advisory. Vulnerability Insight: [2.6.18-164.2.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb ( John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258] - [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] [2.6.18-164.2.1.el5] - [x86_64] kvm: bound last_kvm to prevent backwards time (Glauber Costa ) [524527 524076] - [x86] kvm: fix vsyscall going backwards (Glauber Costa ) [524527 524076] - [misc] fix RNG to not use first generated random block (Neil Horman ) [523289 522860] - [x86] kvm: mark kvmclock_init as cpuinit (Glauber Costa ) [524151 523450] - [x86_64] kvm: allow kvmclock to be overwritten (Glauber Costa ) [524150 523447] - [x86] kvmclock: fix bogus wallclock value (Glauber Costa ) [524152 519771] - [scsi] scsi_dh_rdace: add more sun hardware (mchristi@redhat.com ) [523237 518496] - [misc] cprng: fix cont test to be fips compliant (Neil Horman ) [523290 523259] - [net] bridge: fix LRO crash with tun (Andy Gospodarek ) [522636 483646] - Revert: [x86_64] fix gettimeoday TSC overflow issue - 1 (Don Zickus ) [489847 467942] - Revert: [net] atalk/irda: memory leak to user in getname (Danny Feng ) [519309 519310] {CVE-2009-3001 CVE-2009-3002} [2.6.18-164.1.1.el5] - [net] sky2: revert some phy power refactoring changes (Neil Horman ) [517976 509891] - [net] atalk/irda: memory leak to user in getname (Danny Feng ) [519309 519310] {CVE-2009-3001 CVE-2009-3002} - [x86_64] fix gettimeoday TSC overflow issue - 1 (Prarit Bhargava ) [489847 467942] - [md] prevent crash when accessing suspend_* sysfs attr (Danny Feng ) [518135 518136] {CVE-2009-2849} - [nfs] nlm_lookup_host: don't return invalidated nlm_host (Sachin S. Prabhu ) [517967 507549] - [net] bonding: tlb/alb: set active slave when enslaving (Jiri Pirko ) [517971 499884] - [nfs] r/w I/O perf degraded by FLUSH_STABLE page flush (Peter Staubach ) [521244 498433] - [SELinux] allow preemption b/w transition perm checks (Eric Paris ) [520919 516216] - [scsi] scsi_transport_fc: fc_user_scan correction (David Milburn ) [521239 515176] - [net] tg3: refrain from touching MPS (John Feeney ) [521241 516123] - [net] qlge: fix hangs and read performance (Marcus Barrow ) [519783 517893] - [scsi] qla2xxx: allow use of MSI when MSI-X disabled (Marcus Barrow ) [519782 517922] - [net] mlx4_en fix for vlan traffic (Doug Ledford ) [520906 514141] - [net] mlx4_core: fails to load on large systems (Doug Ledford ) [520908 514147] - [x86] disable kvmclock by default (Glauber Costa ) [520685 476075] - [x86] disable kvmclock when shutting the machine down (Glauber Costa ) [520685 476075] - [x86] ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel, ocfs2-2.6.18-164.2.1.0.1.el5, oracleasm-2.6.18-164.2.1.0.1.el5' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 4.7 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2849 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html http://xorl.wordpress.com/2009/07/21/linux-kernel-md-driver-null-pointer-dereference/ http://www.openwall.com/lists/oss-security/2009/07/24/1 http://www.openwall.com/lists/oss-security/2009/07/26/1 http://lists.vmware.com/pipermail/security-announce/2010/000082.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10396 RedHat Security Advisories: RHSA-2009:1540 https://rhn.redhat.com/errata/RHSA-2009-1540.html http://www.securitytracker.com/id?1022961 http://secunia.com/advisories/36501 http://secunia.com/advisories/37105 http://secunia.com/advisories/38794 http://secunia.com/advisories/38834 http://www.ubuntu.com/usn/USN-852-1 http://www.vupen.com/english/advisories/2010/0528 XForce ISS Database: kernel-mddriver-dos(52858) https://exchange.xforce.ibmcloud.com/vulnerabilities/52858
Copyright	Copyright (C) 2015 Greenbone AG