English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.123167
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2015-0290)
Summary:The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2015-0290 advisory.
Description:Summary:
The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2015-0290 advisory.

Vulnerability Insight:
[3.10.0-229]
- Oracle Linux certificates (Alexey Petrenko)

[3.10.0-229]
- [net] rtnetlink: allow to register ops without ops->setup set (Jiri Benc) [1186492]

[3.10.0-228]
- [fs] NFSv4.1: Fix an Oops in nfs41_walk_client_list (Steve Dickson) [1185784]
- [misc] redhat: don't suppress Revert patches from changelog (Jarod Wilson) [1187353]
- [infiniband] Revert: ipoib: Consolidate rtnl_lock tasks in workqueue (Doug Ledford) [1179740]
- [infiniband] Revert: ipoib: Make the carrier_on_task race aware (Doug Ledford) [1179740]
- [infiniband] Revert: ipoib: fix MCAST_FLAG_BUSY usage (Doug Ledford) [1179740]
- [infiniband] Revert: ipoib: fix mcast_dev_flush/mcast_restart_task race (Doug Ledford) [1179740]
- [infiniband] Revert: ipoib: change init sequence ordering (Doug Ledford) [1179740]
- [infiniband] Revert: ipoib: Use dedicated workqueues per interface (Doug Ledford) [1179740]
- [infiniband] Revert: ipoib: Make ipoib_mcast_stop_thread flush the workqueue (Doug Ledford) [1179740]
- [infiniband] Revert: ipoib: No longer use flush as a parameter (Doug Ledford) [1179740]
- [fs] fix deadlock in cifs_ioctl_clone() (Sachin Prabhu) [1183980]
- [md] dm-cache: fix missing ERR_PTR returns and handling (Mike Snitzer) [1182665]
- [fs] cifs: fix regression in cifs_create_mf_symlink() (Sachin Prabhu) [1186324]
- [net] ipv4: try to cache dst_entries which would cause a redirect (Hannes Frederic Sowa) [1181819]
- [fs] coredump: add new P variable in core_pattern (Jiri Olsa) [1186360]
- [drm] fix fb-helper vs MST dangling connector ptrs (Rob Clark) [1184968]
- [net] bridge: Program port vlan filters only if filtering is enabled in bridge (Vlad Yasevich) [1183958]
- [fs] cifs: Complete oplock break jobs before closing file handle (Sachin Prabhu) [1177215]
- [fs] LOCKD: Fix a race when initialising nlmsvc_timeout (Benjamin Coddington) [1144982]
- [scsi] hpsa: add in P840ar controller model name (Joseph Szczypek) [1185467]
- [scsi] hpsa: add in gen9 controller model names (Joseph Szczypek) [1185467]

[3.10.0-227]
- [fs] ext4: fix overwrite race condition (Jacob Tanenbaum) [1152607] {CVE-2014-8086}
- [media] ttusb-dec: buffer overflow in ioctl (Alexander Gordeev) [1167116] {CVE-2014-8884}
- [drm] i915: demote opregion excessive timeout WARN_ONCE to DRM_INFO_ONCE (Rob Clark) [1145627]
- [md] Revert: raid56: Don't perform reads to support writes until stripe is ready (Jes Sorensen) [1153796]
- [md] Revert: raid5: avoid livelock caused by non-aligned writes (Jes Sorensen) [1153796]
- [drm] i915: further quiet i915 (Rob Clark) [1163074]
- [scsi] megaraid_sas: endianness related bug fixes and code optimization (Tomas Henzl) [1179748]
- [s390] crypto: kernel oops at insmod of the z90crypt device driver (Hendrik Brueckner) [1172136]
- [drm] mgag200: Add command line option to specify preferred depth (Dave Airlie) [1044555]
- [drm] mgag200: Consolidate depth/bpp handling (Dave Airlie) [1044555]
- [fs] ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'kernel' package(s) on Oracle Linux 7.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-3690
60174
http://secunia.com/advisories/60174
70691
http://www.securityfocus.com/bid/70691
DSA-3060
http://www.debian.org/security/2014/dsa-3060
MDVSA-2015:058
http://www.mandriva.com/security/advisories?name=MDVSA-2015:058
RHSA-2015:0290
http://rhn.redhat.com/errata/RHSA-2015-0290.html
RHSA-2015:0782
http://rhn.redhat.com/errata/RHSA-2015-0782.html
RHSA-2015:0864
http://rhn.redhat.com/errata/RHSA-2015-0864.html
SUSE-SU-2015:0178
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html
SUSE-SU-2015:0481
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
SUSE-SU-2015:0736
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
USN-2417-1
http://www.ubuntu.com/usn/USN-2417-1
USN-2418-1
http://www.ubuntu.com/usn/USN-2418-1
USN-2419-1
http://www.ubuntu.com/usn/USN-2419-1
USN-2420-1
http://www.ubuntu.com/usn/USN-2420-1
USN-2421-1
http://www.ubuntu.com/usn/USN-2421-1
[oss-security] 20141021 CVE-2014-3690: KVM DoS triggerable by malicious host userspace
http://www.openwall.com/lists/oss-security/2014/10/21/4
[oss-security] 20141029 Re: CVE-2014-3690: KVM DoS triggerable by malicious host userspace
http://www.openwall.com/lists/oss-security/2014/10/29/7
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d974baa398f34393db76be45f7d4d04fbdbb4a0a
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.2
https://bugzilla.redhat.com/show_bug.cgi?id=1153322
https://github.com/torvalds/linux/commit/d974baa398f34393db76be45f7d4d04fbdbb4a0a
openSUSE-SU-2015:0566
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3940
BugTraq ID: 67786
http://www.securityfocus.com/bid/67786
https://lkml.org/lkml/2014/3/18/784
http://www.openwall.com/lists/oss-security/2014/06/02/5
RedHat Security Advisories: RHSA-2015:0290
RedHat Security Advisories: RHSA-2015:1272
http://rhn.redhat.com/errata/RHSA-2015-1272.html
http://secunia.com/advisories/59011
http://secunia.com/advisories/61310
Common Vulnerability Exposure (CVE) ID: CVE-2014-7825
70972
http://www.securityfocus.com/bid/70972
RHSA-2014:1943
http://rhn.redhat.com/errata/RHSA-2014-1943.html
[oss-security] 20141106 Exploitable issues in Linux perf/ftrace subsystems
http://www.openwall.com/lists/oss-security/2014/11/06/11
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=086ba77a6db00ed858ff07451bedee197df868c9
https://bugzilla.redhat.com/show_bug.cgi?id=1161565
https://github.com/torvalds/linux/commit/086ba77a6db00ed858ff07451bedee197df868c9
linux-kernel-cve20147825-dos(98557)
https://exchange.xforce.ibmcloud.com/vulnerabilities/98557
Common Vulnerability Exposure (CVE) ID: CVE-2014-7826
70971
http://www.securityfocus.com/bid/70971
linux-kernel-cve20147826-dos(98556)
https://exchange.xforce.ibmcloud.com/vulnerabilities/98556
Common Vulnerability Exposure (CVE) ID: CVE-2014-8086
BugTraq ID: 70376
http://www.securityfocus.com/bid/70376
http://www.spinics.net/lists/linux-ext4/msg45685.html
http://www.spinics.net/lists/linux-ext4/msg45683.html
https://lkml.org/lkml/2014/10/8/545
https://lkml.org/lkml/2014/10/9/129
http://www.openwall.com/lists/oss-security/2014/10/09/25
RedHat Security Advisories: RHSA-2015:0694
http://rhn.redhat.com/errata/RHSA-2015-0694.html
SuSE Security Announcement: SUSE-SU-2015:1478 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
XForce ISS Database: linux-kernel-cve20148086-dos(96922)
https://exchange.xforce.ibmcloud.com/vulnerabilities/96922
Common Vulnerability Exposure (CVE) ID: CVE-2014-8160
72061
http://www.securityfocus.com/bid/72061
DSA-3170
http://www.debian.org/security/2015/dsa-3170
MDVSA-2015:057
http://www.mandriva.com/security/advisories?name=MDVSA-2015:057
RHSA-2015:0284
http://rhn.redhat.com/errata/RHSA-2015-0284.html
RHSA-2015:0674
http://rhn.redhat.com/errata/RHSA-2015-0674.html
SUSE-SU-2015:0529
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html
SUSE-SU-2015:0652
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html
USN-2513-1
http://www.ubuntu.com/usn/USN-2513-1
USN-2514-1
http://www.ubuntu.com/usn/USN-2514-1
USN-2515-1
http://www.ubuntu.com/usn/USN-2515-1
USN-2516-1
http://www.ubuntu.com/usn/USN-2516-1
USN-2517-1
http://www.ubuntu.com/usn/USN-2517-1
USN-2518-1
http://www.ubuntu.com/usn/USN-2518-1
[netfilter-devel] 20140925 [PATCH nf] netfilter: conntrack: disable generic protocol tracking
http://www.spinics.net/lists/netfilter-devel/msg33430.html
[oss-security] 20150114 CVE-2014-8160 Linux Kernel: SCTP firewalling fails until SCTP module is loaded
http://www.openwall.com/lists/oss-security/2015/01/14/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=db29a9508a9246e77087c5531e45b2c88ec6988b
https://bugzilla.redhat.com/show_bug.cgi?id=1182059
https://github.com/torvalds/linux/commit/db29a9508a9246e77087c5531e45b2c88ec6988b
openSUSE-SU-2015:0714
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-8172
RHSA-2015:0694
[oss-security] 20150309 CVE-2014-8172
http://www.openwall.com/lists/oss-security/2015/03/09/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=eee5cc2702929fd41cce28058dc6d6717f723f87
https://bugzilla.redhat.com/show_bug.cgi?id=1198503
https://github.com/torvalds/linux/commit/eee5cc2702929fd41cce28058dc6d6717f723f87
Common Vulnerability Exposure (CVE) ID: CVE-2014-8173
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ee53664bda169f519ce3c6a22d378f0b946c8178
https://bugzilla.redhat.com/show_bug.cgi?id=1198457
https://github.com/torvalds/linux/commit/ee53664bda169f519ce3c6a22d378f0b946c8178
Common Vulnerability Exposure (CVE) ID: CVE-2014-8709
BugTraq ID: 70965
http://www.securityfocus.com/bid/70965
http://www.openwall.com/lists/oss-security/2014/11/09/1
http://www.securitytracker.com/id/1037968
SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:0652 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search)
XForce ISS Database: linux-kernel-cve20148709-info-disclsoure(98922)
https://exchange.xforce.ibmcloud.com/vulnerabilities/98922
Common Vulnerability Exposure (CVE) ID: CVE-2014-8884
Debian Security Information: DSA-3093 (Google Search)
http://www.debian.org/security/2014/dsa-3093
http://www.openwall.com/lists/oss-security/2014/11/14/7
RedHat Security Advisories: RHSA-2015:0782
RedHat Security Advisories: RHSA-2015:0864
http://secunia.com/advisories/62305
Common Vulnerability Exposure (CVE) ID: CVE-2015-0274
1031853
http://www.securitytracker.com/id/1031853
USN-2543-1
http://www.ubuntu.com/usn/USN-2543-1
USN-2544-1
http://www.ubuntu.com/usn/USN-2544-1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8275cdd0e7ac550dcce2b3ef6d2fb3b808c1ae59
https://bugzilla.redhat.com/show_bug.cgi?id=1195248
https://github.com/torvalds/linux/commit/8275cdd0e7ac550dcce2b3ef6d2fb3b808c1ae59
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.