English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.123047
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2015-3053)
Summary:The remote host is missing an update for the 'dtrace-modules-3.8.13-68.3.5.el6uek, dtrace-modules-3.8.13-68.3.5.el7uek, kernel-uek' package(s) announced via the ELSA-2015-3053 advisory.
Description:Summary:
The remote host is missing an update for the 'dtrace-modules-3.8.13-68.3.5.el6uek, dtrace-modules-3.8.13-68.3.5.el7uek, kernel-uek' package(s) announced via the ELSA-2015-3053 advisory.

Vulnerability Insight:
kernel-uek
[3.8.13-68.3.5]
- KVM: x86: SYSENTER emulation is broken (Nadav Amit) [Orabug: 21502739] {CVE-2015-0239} {CVE-2015-0239}
- fs: take i_mutex during prepare_binprm for set[ug]id executables (Jann Horn) [Orabug: 21502254] {CVE-2015-3339}
- eCryptfs: Remove buggy and unnecessary write in file name decode routine (Michael Halcrow) [Orabug: 21502065] {CVE-2014-9683}

Affected Software/OS:
'dtrace-modules-3.8.13-68.3.5.el6uek, dtrace-modules-3.8.13-68.3.5.el7uek, kernel-uek' package(s) on Oracle Linux 6, Oracle Linux 7.

Solution:
Please install the updated package(s).

CVSS Score:
6.2

CVSS Vector:
AV:L/AC:H/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-9683
BugTraq ID: 72643
http://www.securityfocus.com/bid/72643
Debian Security Information: DSA-3170 (Google Search)
http://www.debian.org/security/2015/dsa-3170
http://www.mandriva.com/security/advisories?name=MDVSA-2015:058
http://www.openwall.com/lists/oss-security/2015/02/17/9
RedHat Security Advisories: RHSA-2015:1272
http://rhn.redhat.com/errata/RHSA-2015-1272.html
http://www.securitytracker.com/id/1031860
SuSE Security Announcement: SUSE-SU-2015:1478 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
http://www.ubuntu.com/usn/USN-2515-1
http://www.ubuntu.com/usn/USN-2516-1
http://www.ubuntu.com/usn/USN-2517-1
http://www.ubuntu.com/usn/USN-2518-1
http://www.ubuntu.com/usn/USN-2541-1
http://www.ubuntu.com/usn/USN-2542-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-0239
72842
http://www.securityfocus.com/bid/72842
DSA-3170
MDVSA-2015:058
RHSA-2015:1272
USN-2513-1
http://www.ubuntu.com/usn/USN-2513-1
USN-2514-1
http://www.ubuntu.com/usn/USN-2514-1
USN-2515-1
USN-2516-1
USN-2517-1
USN-2518-1
[bk-commits-head] 20150123 KVM: x86: SYSENTER emulation is broken
http://permalink.gmane.org/gmane.linux.kernel.commits.head/502245
[oss-security] 20150127 KVM SYSENTER emulation vulnerability - CVE-2015-0239
http://www.openwall.com/lists/oss-security/2015/01/27/6
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f3747379accba8e95d70cec0eae0582c8c182050
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.5
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
https://bugzilla.redhat.com/show_bug.cgi?id=1186448
https://github.com/torvalds/linux/commit/f3747379accba8e95d70cec0eae0582c8c182050
Common Vulnerability Exposure (CVE) ID: CVE-2015-3339
Debian Security Information: DSA-3237 (Google Search)
http://www.debian.org/security/2015/dsa-3237
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157897.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158804.html
http://www.openwall.com/lists/oss-security/2015/04/20/5
http://www.securitytracker.com/id/1032412
SuSE Security Announcement: SUSE-SU-2015:1487 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html
SuSE Security Announcement: SUSE-SU-2015:1488 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html
SuSE Security Announcement: SUSE-SU-2015:1489 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html
SuSE Security Announcement: SUSE-SU-2015:1491 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html
SuSE Security Announcement: SUSE-SU-2016:2074 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
SuSE Security Announcement: openSUSE-SU-2015:1382 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.