Test ID:	1.3.6.1.4.1.25623.1.0.123124
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2015-3032)
Summary:	The remote host is missing an update for the 'dtrace-modules-3.8.13-68.1.3.el6uek, dtrace-modules-3.8.13-68.1.3.el7uek, kernel-uek' package(s) announced via the ELSA-2015-3032 advisory.
Description:	Summary: The remote host is missing an update for the 'dtrace-modules-3.8.13-68.1.3.el6uek, dtrace-modules-3.8.13-68.1.3.el7uek, kernel-uek' package(s) announced via the ELSA-2015-3032 advisory. Vulnerability Insight: kernel-uek [3.8.13-68.1.3] - isofs: Fix unchecked printing of ER records (Jan Kara) [Orabug: 20930551] {CVE-2014-9584} - KEYS: close race between key lookup and freeing (Sasha Levin) [Orabug: 20930548] {CVE-2014-9529} {CVE-2014-9529} - mm: memcg: do not allow task about to OOM kill to bypass the limit (Johannes Weiner) [Orabug: 20930539] {CVE-2014-8171} - mm: memcg: do not declare OOM from __GFP_NOFAIL allocations (Johannes Weiner) [Orabug: 20930539] {CVE-2014-8171} - fs: buffer: move allocation failure loop into the allocator (Johannes Weiner) [Orabug: 20930539] {CVE-2014-8171} - mm: memcg: handle non-error OOM situations more gracefully (Johannes Weiner) [Orabug: 20930539] {CVE-2014-8171} - mm: memcg: do not trap chargers with full callstack on OOM (Johannes Weiner) [Orabug: 20930539] {CVE-2014-8171} - mm: memcg: rework and document OOM waiting and wakeup (Johannes Weiner) [Orabug: 20930539] {CVE-2014-8171} - mm: memcg: enable memcg OOM killer only for user faults (Johannes Weiner) [Orabug: 20930539] {CVE-2014-8171} - x86: finish user fault error path with fatal signal (Johannes Weiner) [Orabug: 20930539] {CVE-2014-8171} - arch: mm: pass userspace fault flag to generic fault handler (Johannes Weiner) [Orabug: 20930539] {CVE-2014-8171} - selinux: Permit bounded transitions under NO_NEW_PRIVS or NOSUID. (Stephen Smalley) [Orabug: 20930501] {CVE-2014-3215} Affected Software/OS: 'dtrace-modules-3.8.13-68.1.3.el6uek, dtrace-modules-3.8.13-68.1.3.el7uek, kernel-uek' package(s) on Oracle Linux 6, Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3215 BugTraq ID: 67341 http://www.securityfocus.com/bid/67341 http://www.mandriva.com/security/advisories?name=MDVSA-2015:156 http://openwall.com/lists/oss-security/2014/04/29/7 http://openwall.com/lists/oss-security/2014/04/30/4 http://openwall.com/lists/oss-security/2014/05/08/1 RedHat Security Advisories: RHSA-2015:0864 http://rhn.redhat.com/errata/RHSA-2015-0864.html http://secunia.com/advisories/59007 SuSE Security Announcement: openSUSE-SU-2014:0749 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-06/msg00008.html Common Vulnerability Exposure (CVE) ID: CVE-2014-8171 74293 http://www.securityfocus.com/bid/74293 RHSA-2015:0864 RHSA-2015:2152 http://rhn.redhat.com/errata/RHSA-2015-2152.html RHSA-2015:2411 http://rhn.redhat.com/errata/RHSA-2015-2411.html RHSA-2016:0068 http://rhn.redhat.com/errata/RHSA-2016-0068.html https://bugzilla.redhat.com/show_bug.cgi?id=1198109 Common Vulnerability Exposure (CVE) ID: CVE-2014-9529 BugTraq ID: 71880 http://www.securityfocus.com/bid/71880 Debian Security Information: DSA-3128 (Google Search) http://www.debian.org/security/2015/dsa-3128 http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147973.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:058 http://www.openwall.com/lists/oss-security/2015/01/06/10 RedHat Security Advisories: RHSA-2015:1137 http://rhn.redhat.com/errata/RHSA-2015-1137.html RedHat Security Advisories: RHSA-2015:1138 http://rhn.redhat.com/errata/RHSA-2015-1138.html http://www.securitytracker.com/id/1036763 SuSE Security Announcement: openSUSE-SU-2015:0714 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html http://www.ubuntu.com/usn/USN-2511-1 http://www.ubuntu.com/usn/USN-2512-1 http://www.ubuntu.com/usn/USN-2513-1 http://www.ubuntu.com/usn/USN-2514-1 http://www.ubuntu.com/usn/USN-2515-1 http://www.ubuntu.com/usn/USN-2516-1 http://www.ubuntu.com/usn/USN-2517-1 http://www.ubuntu.com/usn/USN-2518-1 XForce ISS Database: linux-kernel-cve20149529-dos(99641) https://exchange.xforce.ibmcloud.com/vulnerabilities/99641 Common Vulnerability Exposure (CVE) ID: CVE-2014-9584 71883 http://www.securityfocus.com/bid/71883 DSA-3128 MDVSA-2015:058 RHSA-2015:1137 RHSA-2015:1138 SUSE-SU-2015:0481 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html SUSE-SU-2015:0529 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html SUSE-SU-2015:0652 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html SUSE-SU-2015:0736 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html SUSE-SU-2015:0812 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html USN-2511-1 USN-2512-1 USN-2513-1 USN-2514-1 USN-2515-1 USN-2516-1 USN-2517-1 USN-2518-1 [oss-security] 20150109 Re: CVE request Linux kernel: isofs: unchecked printing of ER records http://www.openwall.com/lists/oss-security/2015/01/09/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e2024624e678f0ebb916e6192bd23c1f9fdf696 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2 http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html https://bugzilla.redhat.com/show_bug.cgi?id=1180119 https://github.com/torvalds/linux/commit/4e2024624e678f0ebb916e6192bd23c1f9fdf696 openSUSE-SU-2015:0566 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html openSUSE-SU-2015:0714
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.