English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.123193
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2015-0087)
Summary:The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2015-0087 advisory.
Description:Summary:
The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2015-0087 advisory.

Vulnerability Insight:
[2.6.32-504.8.1]
- [crypto] crc32c: Kill pointless CRYPTO_CRC32C_X86_64 option (Jarod Wilson) [1175509 1036212]
- [crypto] testmgr: add larger crc32c test vector to test FPU path in crc32c_intel (Jarod Wilson) [1175509 1036212]
- [crypto] tcrypt: Added speed test in tcrypt for crc32c (Jarod Wilson) [1175509 1036212]
- [crypto] crc32c: Optimize CRC32C calculation with PCLMULQDQ instruction (Jarod Wilson) [1175509 1036212]
- [crypto] crc32c: Rename crc32c-intel.c to crc32c-intel_glue.c (Jarod Wilson) [1175509 1036212]

[2.6.32-504.7.1]
- [kernel] ipc/sem: Fully initialize sem_array before making it visible (Rik van Riel) [1172029 1165277]
- [kernel] ipc/sem: synchronize semop and semctl with IPC_RMID (Rik van Riel) [1172029 1165277]
- [kernel] ipc/sem: update sem_otime for all operations (Larry Woodman) [1172025 1168588]
- [fs] fuse: prevent null and panic on dentry revalidate (Brian Foster) [1172022 1162782]
- [net] netfilter: ipset: timeout values corrupted on set resize (Marcelo Leitner) [1172764 1152754]
- [net] netfilter: fix xt_TCPOPTSTRIP in forwarding path (Marcelo Leitner) [1172027 1135650]
- [usb] ehci: Fix panic on hotplug race coandition (Don Zickus) [1172024 1107010]
- [usb] usb_wwan: replace release and disconnect with a port_remove hook (Stanislaw Gruszka) [1172030 1148615]
- [x86] traps: stop using IST for #SS (Petr Matousek) [1172810 1172811] {CVE-2014-9322}

[2.6.32-504.6.1]
- [fs] ext4: don't count external journal blocks as overhead (Eric Saandeen) [1168504 1163811]
- [net] sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet (Daniel Borkmann) [1163090 1153980] {CVE-2014-7841}
- [netdrv] e100: fix typo in MDI/MDI-X eeprom check in e100_phy_init (John Greene) [1165985 1156417]
- [powerpc] Add smp_mb()s to arch_spin_unlock_wait() (Gustavo Duarte) [1165986 1136224]
- [powerpc] Add smp_mb() to arch_spin_is_locked() (Gustavo Duarte) [1165986 1136224]
- [kernel] cpuset: PF_SPREAD_PAGE and PF_SPREAD_SLAB should be atomic flags (Aaron Tomlin) [1165002 1045310]
- [documentation] cpuset: Update the cpuset flag file (Aaron Tomlin) [1165002 1045310]
- [alsa] control: Make sure that id->iandex does not overflow (Jacob Tanenbaum) [1149140 1117312] {CVE-2014-4656}
- [alsa] control: Handle numid overflow (Jacob Tanenbaum) [1149140 1117312] {CVE-2014-4656}
- [s390] mm: fix SIGBUS handling (Heandrik Brueckner) [1169433 1145070]
- [fs] gfs2: fix bad inode i_goal values during block allocation (Abhijith Das) [1165001 1130684]
- [md] dm-thin: fix pool_io_hints to avoid looking at max_hw_sectors (Mike Snitzer) [1161420 1161421 1142773 1145230]

[2.6.32-504.5.1]
- [fs] nfsd: don't halt scanning the DRC LRU list when there's an RC_INPROG entry (J. Bruce Fields) [1168129 1150675]

[2.6.32-504.4.1]
- [fs] nfs: Make sure pre_change_attr is initialized correctly (Scott Mayhew) [1163214 1160042]
- [usb] ehci: Fix a regression in the ISO scheduler (Gustavo Duarte) [1162072 1145805]

Affected Software/OS:
'kernel' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-4656
http://www.openwall.com/lists/oss-security/2014/06/26/6
RedHat Security Advisories: RHSA-2014:1083
http://rhn.redhat.com/errata/RHSA-2014-1083.html
RedHat Security Advisories: RHSA-2015:0087
http://rhn.redhat.com/errata/RHSA-2015-0087.html
http://www.securitytracker.com/id/1038201
http://secunia.com/advisories/59434
http://secunia.com/advisories/59777
http://secunia.com/advisories/60545
http://secunia.com/advisories/60564
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
http://www.ubuntu.com/usn/USN-2334-1
http://www.ubuntu.com/usn/USN-2335-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-7841
62305
http://secunia.com/advisories/62305
62597
http://secunia.com/advisories/62597
62735
http://secunia.com/advisories/62735
71081
http://www.securityfocus.com/bid/71081
DSA-3093
http://www.debian.org/security/2014/dsa-3093
RHSA-2015:0087
RHSA-2015:0102
http://rhn.redhat.com/errata/RHSA-2015-0102.html
RHSA-2015:0284
http://rhn.redhat.com/errata/RHSA-2015-0284.html
RHSA-2015:0285
http://rhn.redhat.com/errata/RHSA-2015-0285.html
RHSA-2015:0695
http://rhn.redhat.com/errata/RHSA-2015-0695.html
SUSE-SU-2015:0481
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
SUSE-SU-2015:0529
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html
SUSE-SU-2015:0652
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html
[oss-security] 20141113 CVE-2014-7841 Linux kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet
http://www.openwall.com/lists/oss-security/2014/11/13/6
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e40607cbe270a9e8360907cb1e62ddf0736e4864
http://linux.oracle.com/errata/ELSA-2015-3004.html
http://linux.oracle.com/errata/ELSA-2015-3005.html
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4
https://bugzilla.redhat.com/show_bug.cgi?id=1163087
https://github.com/torvalds/linux/commit/e40607cbe270a9e8360907cb1e62ddf0736e4864
https://support.f5.com/kb/en-us/solutions/public/16000/000/sol16016.html
openSUSE-SU-2015:0566
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.