| Description: | Summary:
The remote host is missing an update for the 'kernel, ocfs2-2.6.18-128.1.14.0.1.el5, oracleasm-2.6.18-128.1.14.0.1.el5' package(s) announced via the ELSA-2009-1106 advisory.
Vulnerability Insight:
[2.6.18-128.1.14.0.1.el5]
- [NET] Add entropy support to e1000 and bnx2 (John Sobecki,Guru Anbalagane) [orabug 6045759]
- [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839]
- [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258]
- [nfs] convert ENETUNREACH to ENOTCONN (Guru Anbalagane) [orabug 7689332]
- [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514]
- [MM] balloon code needs to adjust totalhigh_pages (Chuck Anderson) [orabug 8300888]
[2.6.18-128.1.14.el5]
- [nfs] v4: client handling of MAY_EXEC in nfs_permission (Peter Staubach ) [500301 500302] {CVE-2009-1630}
- [fs] proc: avoid info leaks to non-privileged processes (Amerigo Wang ) [499546 499541]
- [net] tg3: Fix firmware event timeouts (Jiri Pirko ) [502837 481715]
- [scsi] libiscsi: fix nop response/reply and session cleanup race (Jiri Pirko ) [502916 497411]
- [fs] cifs: fix pointer and checks in cifs_follow_symlink (Jeff Layton ) [496576 496577] {CVE-2009-1633}
- [fs] cifs: fix error handling in parse_DFS_referrals (Jeff Layton ) [496576 496577] {CVE-2009-1633}
- [fs] cifs: buffer overruns when converting strings (Jeff Layton ) [496576 496577] {CVE-2009-1633}
- [fs] cifs: unicode alignment and buffer sizing problems (Jeff Layton ) [494279 494280] {CVE-2009-1439}
- [x86] xen: fix local denial of service (Chris Lalancette ) [500950 500951] {CVE-2009-1758}
- [misc] compile: add -fwrapv to gcc CFLAGS (Don Zickus ) [501751 491266]
- [misc] random: make get_random_int more random (Amerigo Wang ) [499783 499776]
- [gfs2] fix uninterruptible quotad sleeping (Steven Whitehouse ) [501742 492943]
- [mm] cow vs gup race fix (Andrea Arcangeli ) [486921 471613]
- [mm] fork vs gup race fix (Andrea Arcangeli ) [486921 471613]
- [nfs] fix hangs during heavy write workloads (Peter Staubach ) [486926 469848]
[2.6.18-128.1.13.el5]
- [misc] add some long-missing capabilities to CAP_FS_MASK (Eric Paris ) [499075 497271 499076 497272] {CVE-2009-1072}
- [agp] zero pages before sending to userspace (Jiri Olsa ) [497025 497026] {CVE-2009-1192}
- [fs] keep eventpoll from locking up the box (Josef Bacik ) [497322 487585]
- [misc] waitpid reports stopped process more than once (Vitaly Mayatskikh ) [486945 481199]
- [ata] libata: ahci enclosure management bios workaround (David Milburn ) [500120 488471]
[2.6.18-128.1.12.el5]
- [ia64] fix regression in nanosleep syscall (Prarit Bhargava ) [500349 499289]
[2.6.18-128.1.11.el5]
- [nfs] race with nfs_access_cache_shrinker() and umount (Peter Staubach ) [498653 469225]
Affected Software/OS:
'kernel, ocfs2-2.6.18-128.1.14.0.1.el5, oracleasm-2.6.18-128.1.14.0.1.el5' package(s) on Oracle Linux 5.
Solution:
Please install the updated package(s).
CVSS Score:
7.8
CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:N/A:N
|
