Test ID:	1.3.6.1.4.1.25623.1.0.122886
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2016-3519)
Summary:	The remote host is missing an update for the 'dtrace-modules-3.8.13-118.3.2.el6uek, dtrace-modules-3.8.13-118.3.2.el7uek, kernel-uek' package(s) announced via the ELSA-2016-3519 advisory.
Description:	Summary: The remote host is missing an update for the 'dtrace-modules-3.8.13-118.3.2.el6uek, dtrace-modules-3.8.13-118.3.2.el7uek, kernel-uek' package(s) announced via the ELSA-2016-3519 advisory. Vulnerability Insight: kernel-uek [3.8.13-118.3.2] - x86/nmi/64: Use DF to avoid userspace RSP confusing nested NMI detection (Andy Lutomirski) [Orabug: 22742507] {CVE-2015-5157} - x86/nmi/64: Reorder nested NMI checks (Andy Lutomirski) [Orabug: 22742507] {CVE-2015-5157} - x86/nmi/64: Improve nested NMI comments (Andy Lutomirski) [Orabug: 22742507] {CVE-2015-5157} - x86/nmi/64: Switch stacks on userspace NMI entry (Andy Lutomirski) [Orabug: 22742507] {CVE-2015-5157} - x86/paravirt: Replace the paravirt nop with a bona fide empty function (Andy Lutomirski) [Orabug: 22742507] {CVE-2015-5157} Affected Software/OS: 'dtrace-modules-3.8.13-118.3.2.el6uek, dtrace-modules-3.8.13-118.3.2.el7uek, kernel-uek' package(s) on Oracle Linux 6, Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5157 76005 http://www.securityfocus.com/bid/76005 DSA-3313 http://www.debian.org/security/2015/dsa-3313 RHSA-2016:0185 http://rhn.redhat.com/errata/RHSA-2016-0185.html RHSA-2016:0212 http://rhn.redhat.com/errata/RHSA-2016-0212.html RHSA-2016:0224 http://rhn.redhat.com/errata/RHSA-2016-0224.html RHSA-2016:0715 http://rhn.redhat.com/errata/RHSA-2016-0715.html SUSE-SU-2015:1727 http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html SUSE-SU-2015:2108 http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html SUSE-SU-2015:2339 http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html SUSE-SU-2015:2350 http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html SUSE-SU-2016:0354 http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html USN-2687-1 http://www.ubuntu.com/usn/USN-2687-1 USN-2688-1 http://www.ubuntu.com/usn/USN-2688-1 USN-2689-1 http://www.ubuntu.com/usn/USN-2689-1 USN-2690-1 http://www.ubuntu.com/usn/USN-2690-1 USN-2691-1 http://www.ubuntu.com/usn/USN-2691-1 [oss-security] 20150722 Linux x86_64 NMI security issues http://www.openwall.com/lists/oss-security/2015/07/22/7 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.6 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html https://github.com/torvalds/linux/commit/9b6e6a8334d56354853f9c255d1395c2ba570e0a
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.