English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.122728
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2015-1978)
Summary:The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2015-1978 advisory.
Description:Summary:
The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2015-1978 advisory.

Vulnerability Insight:
[3.10.0-229.20.1.OL7]
- Oracle Linux certificates (Alexey Petrenko)

[3.10.0-229.20.1]
- Revert: [crypto] nx - Check for bogus firmware properties (Phillip Lougher) [1247127 1190103]
- Revert: [crypto] nx - Moving NX-AES-CBC to be processed logic (Phillip Lougher) [1247127 1190103]
- Revert: [crypto] nx - Moving NX-AES-CCM to be processed logic and sg_list bounds (Phillip Lougher) [1247127 1190103]
- Revert: [crypto] nx - Moving limit and bound logic in CTR and fix IV vector (Phillip Lougher) [1247127 1190103]
- Revert: [crypto] nx - Moving NX-AES-ECB to be processed logic (Phillip Lougher) [1247127 1190103]
- Revert: [crypto] nx - Moving NX-AES-GCM to be processed logic (Phillip Lougher) [1247127 1190103]
- Revert: [crypto] nx - Moving NX-AES-XCBC to be processed logic (Phillip Lougher) [1247127 1190103]
- Revert: [crypto] nx - Fix SHA concurrence issue and sg limit bounds (Phillip Lougher) [1247127 1190103]
- Revert: [crypto] nx - Fixing the limit number of bytes to be processed (Phillip Lougher) [1247127 1190103]

[3.10.0-229.19.1]
- Revert: [fs] xfs: DIO write completion size updates race (Phillip Lougher) [1258942 1213370]
- Revert: [fs] xfs: direct IO EOF zeroing needs to drain AIO (Phillip Lougher) [1258942 1213370]

[3.10.0-229.18.1]
- [scsi] sd: split sd_init_command (Ewan Milne) [1264141 1109348]
- [scsi] sd: retry discard commands (Ewan Milne) [1264141 1109348]
- [scsi] sd: retry write same commands (Ewan Milne) [1264141 1109348]
- [scsi] sd: don't use scsi_setup_blk_pc_cmnd for discard requests (Ewan Milne) [1264141 1109348]
- [scsi] sd: don't use scsi_setup_blk_pc_cmnd for write same requests (Ewan Milne) [1264141 1109348]
- [scsi] sd: don't use scsi_setup_blk_pc_cmnd for flush requests (Ewan Milne) [1264141 1109348]
- [scsi] set sc_data_direction in common code (Ewan Milne) [1264141 1109348]
- [scsi] restructure command initialization for TYPE_FS requests (Ewan Milne) [1264141 1109348]
- [scsi] move the nr_phys_segments assert into scsi_init_io (Ewan Milne) [1264141 1109348]
- [fs] xfs: remove bitfield based superblock updates (Brian Foster) [1261781 1225075]
- [netdrv] ixgbe: fix X540 Completion timeout (John Greene) [1257633 1173786]
- [lib] radix-tree: handle allocation failure in radix_tree_insert() (Seth Jennings) [1264142 1260613]
- [crypto] nx - Fixing the limit number of bytes to be processed (Herbert Xu) [1247127 1190103]
- [crypto] nx - Fix SHA concurrence issue and sg limit bounds (Herbert Xu) [1247127 1190103]
- [crypto] nx - Moving NX-AES-XCBC to be processed logic (Herbert Xu) [1247127 1190103]
- [crypto] nx - Moving NX-AES-GCM to be processed logic (Herbert Xu) [1247127 1190103]
- [crypto] nx - Moving NX-AES-ECB to be processed logic (Herbert Xu) [1247127 1190103]
- [crypto] nx - Moving limit and bound logic in CTR and fix IV vector (Herbert Xu) [1247127 1190103]
- [crypto] nx - Moving NX-AES-CCM to be processed logic and sg_list bounds ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'kernel' package(s) on Oracle Linux 7.

Solution:
Please install the updated package(s).

CVSS Score:
6.1

CVSS Vector:
AV:A/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-8559
BugTraq ID: 70854
http://www.securityfocus.com/bid/70854
Debian Security Information: DSA-3170 (Google Search)
http://www.debian.org/security/2015/dsa-3170
https://lkml.org/lkml/2014/10/25/171
https://lkml.org/lkml/2014/10/25/179
https://lkml.org/lkml/2014/10/25/180
https://lkml.org/lkml/2014/10/26/101
https://lkml.org/lkml/2014/10/26/116
https://lkml.org/lkml/2014/10/26/128
https://lkml.org/lkml/2014/10/26/129
http://www.openwall.com/lists/oss-security/2014/10/30/7
RedHat Security Advisories: RHSA-2015:1976
http://rhn.redhat.com/errata/RHSA-2015-1976.html
RedHat Security Advisories: RHSA-2015:1978
http://rhn.redhat.com/errata/RHSA-2015-1978.html
http://www.securitytracker.com/id/1034051
http://secunia.com/advisories/62801
SuSE Security Announcement: SUSE-SU-2015:0178 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html
SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
SuSE Security Announcement: SUSE-SU-2015:0529 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html
SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
SuSE Security Announcement: openSUSE-SU-2015:0714 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html
http://www.ubuntu.com/usn/USN-2492-1
http://www.ubuntu.com/usn/USN-2493-1
http://www.ubuntu.com/usn/USN-2515-1
http://www.ubuntu.com/usn/USN-2516-1
http://www.ubuntu.com/usn/USN-2517-1
http://www.ubuntu.com/usn/USN-2518-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-5156
1034045
http://www.securitytracker.com/id/1034045
76230
http://www.securityfocus.com/bid/76230
DSA-3364
http://www.debian.org/security/2015/dsa-3364
FEDORA-2015-0253d1f070
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171454.html
FEDORA-2015-c15f00eb95
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169378.html
RHSA-2015:1978
RHSA-2016:0855
http://rhn.redhat.com/errata/RHSA-2016-0855.html
SUSE-SU-2015:1727
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html
SUSE-SU-2015:2292
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html
USN-2773-1
http://www.ubuntu.com/usn/USN-2773-1
USN-2774-1
http://www.ubuntu.com/usn/USN-2774-1
USN-2777-1
http://www.ubuntu.com/usn/USN-2777-1
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=48900cb6af4282fa0fb6ff4d72a81aa3dadb5c39
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
https://bugzilla.redhat.com/show_bug.cgi?id=1243852
https://github.com/torvalds/linux/commit/48900cb6af4282fa0fb6ff4d72a81aa3dadb5c39
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.