| Description: | Summary:
The remote host is missing an update for the 'kernel, ocfs2-2.6.18-128.1.6.0.1.el5, oracleasm-2.6.18-128.1.6.0.1.el5' package(s) announced via the ELSA-2009-0326 advisory.
Vulnerability Insight:
[2.6.18-128.1.6.0.1.el5]
- [NET] Add entropy support to e1000 and bnx2 (John Sobecki,Guru Anbalagane) [orabug 6045759]
- [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839]
- [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258]
- [nfs] convert ENETUNREACH to ENOTCONN (Guru Anbalagane) [orabug 7689332]
- [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514]
- [MM] balloon code needs to adjust totalhigh_pages (Chuck Anderson) [orabug 8300888]
[2.6.18-128.1.6.el5]
- [x86] add nonstop_tsc flag in /proc/cpuinfo (Luming Yu ) [489310 474091]
[2.6.18-128.1.5.el5]
- Revert: [x86_64] fix gettimeoday TSC overflow issue (Prarit Bhargava ) [489847 467942]
[2.6.18-128.1.4.el5]
- [x86_64] mce: do not clear an unrecoverable error status (Aristeu Rozanski ) [490433 489692]
- [wireless] iwlwifi: booting with RF-kill switch enabled (John W. Linville ) [489846 482990]
- [x86_64] fix gettimeoday TSC overflow issue (Prarit Bhargava ) [489847 467942]
- [misc] signal: modify locking to handle large loads (AMEET M. PARANJAPE ) [489457 487376]
- [x86] TSC keeps running in C3+ (Luming Yu ) [489310 474091]
- [net] fix icmp_send and icmpv6_send host re-lookup code (Jiri Pirko ) [489253 439670] {CVE-2009-0778}
[2.6.18-128.1.3.el5]
- [net] skfp_ioctl inverted logic flaw (Eugene Teo ) [486539 486540] {CVE-2009-0675}
- [net] memory disclosure in SO_BSDCOMPAT gsopt (Eugene Teo ) [486517 486518] {CVE-2009-0676}
- [x86] limit max_cstate to use TSC on some platforms (Tony Camuso ) [488239 470572]
- [ptrace] correctly handle ptrace_update return value (Jerome Marchand ) [487394 483814]
- [misc] minor signal handling vulnerability (Oleg Nesterov ) [479963 479964] {CVE-2009-0028}
- [firmware] dell_rbu: prevent oops (Don Howard ) [482941 482942]
- [gfs2] panic in debugfs_remove when unmounting (Abhijith Das ) [485910 483617]
[2.6.18-128.1.2.el5]
- [scsi] libata: sas_ata fixup sas_sata_ops (David Milburn ) [485909 483171]
- [fs] ecryptfs: readlink flaw (Eric Sandeen ) [481606 481607] {CVE-2009-0269}
- [qla2xxx] correct endianness during flash manipulation (Marcus Barrow ) [485908 481691]
- [net] ixgbe: frame reception and ring parameter issues (Andy Gospodarek ) [483210 475625]
- [misc] fix memory leak during pipe failure (Benjamin Marzinski ) [481576 478643]
- [block] enforce a minimum SG_IO timeout (Eugene Teo ) [475405 475406] {CVE-2008-5700}
- [nfs] handle attribute timeout and u32 jiffies wrap (Jeff Layton ) [483201 460133]
- [fs] ext[234]: directory corruption DoS (Eugene Teo ) [459601 459604] {CVE-2008-3528}
- [net] deadlock in Hierarchical token bucket scheduler (Neil Horman ) [481746 474797]
- [wireless] iwl: fix BUG_ON in driver (Neil Horman ) [483206 477671]
Affected Software/OS:
'kernel, ocfs2-2.6.18-128.1.6.0.1.el5, oracleasm-2.6.18-128.1.6.0.1.el5' package(s) on Oracle Linux 5.
Solution:
Please install the updated package(s).
CVSS Score:
7.1
CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C
|
