English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.123223
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2014-3104)
Summary:The remote host is missing an update for the 'kernel-uek' package(s) announced via the ELSA-2014-3104 advisory.
Description:Summary:
The remote host is missing an update for the 'kernel-uek' package(s) announced via the ELSA-2014-3104 advisory.

Vulnerability Insight:
[2.6.39-400.215.14]
- HID: magicmouse: sanity check report size in raw_event() callback (Jiri Kosina) [Orabug: 19849355] {CVE-2014-3181}
- ALSA: control: Protect user controls against concurrent access (Lars-Peter Clausen) [Orabug: 20192542] {CVE-2014-4652}
- target/rd: Refactor rd_build_device_space + rd_release_device_space (Nicholas Bellinger) [Orabug: 20192517] {CVE-2014-4027}
- media-device: fix infoleak in ioctl media_enum_entities() (Salva Peiro) [Orabug: 20192501] {CVE-2014-1739} {CVE-2014-1739}
- udf: Avoid infinite loop when processing indirect ICBs (Jan Kara) [Orabug: 20192449] {CVE-2014-6410}
- ALSA: control: Make sure that id->index does not overflow (Lars-Peter Clausen) [Orabug: 20192418] {CVE-2014-4656}
- ALSA: control: Handle numid overflow (Lars-Peter Clausen) [Orabug: 20192376] {CVE-2014-465}
- HID: picolcd: sanity check report size in raw_event() callback (Jiri Kosina) [Orabug: 20192205] {CVE-2014-3186}
- net: sctp: fix remote memory pressure from excessive queueing (Daniel Borkmann) [Orabug: 20192059] {CVE-2014-3688}

Affected Software/OS:
'kernel-uek' package(s) on Oracle Linux 5, Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-1739
BugTraq ID: 68048
http://www.securityfocus.com/bid/68048
http://speirofr.appspot.com/cve-2014-1739-kernel-infoleak-vulnerability-in-media_enum_entities.html
http://www.openwall.com/lists/oss-security/2014/06/15/1
http://www.securitytracker.com/id/1038201
http://secunia.com/advisories/59597
SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
http://www.ubuntu.com/usn/USN-2259-1
http://www.ubuntu.com/usn/USN-2261-1
http://www.ubuntu.com/usn/USN-2263-1
http://www.ubuntu.com/usn/USN-2264-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-3181
BugTraq ID: 69779
http://www.securityfocus.com/bid/69779
https://code.google.com/p/google-security-research/issues/detail?id=100
http://www.openwall.com/lists/oss-security/2014/09/11/21
RedHat Security Advisories: RHSA-2014:1318
http://rhn.redhat.com/errata/RHSA-2014-1318.html
SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
http://www.ubuntu.com/usn/USN-2376-1
http://www.ubuntu.com/usn/USN-2377-1
http://www.ubuntu.com/usn/USN-2378-1
http://www.ubuntu.com/usn/USN-2379-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-3186
BugTraq ID: 69763
http://www.securityfocus.com/bid/69763
https://code.google.com/p/google-security-research/issues/detail?id=101
http://www.openwall.com/lists/oss-security/2014/09/11/22
Common Vulnerability Exposure (CVE) ID: CVE-2014-3688
DSA-3060
http://www.debian.org/security/2014/dsa-3060
HPSBGN03282
http://marc.info/?l=bugtraq&m=142722544401658&w=2
HPSBGN03285
http://marc.info/?l=bugtraq&m=142722450701342&w=2
RHSA-2015:0062
http://rhn.redhat.com/errata/RHSA-2015-0062.html
RHSA-2015:0115
http://rhn.redhat.com/errata/RHSA-2015-0115.html
SUSE-SU-2015:0481
SUSE-SU-2015:0652
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html
SUSE-SU-2015:0736
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
USN-2417-1
http://www.ubuntu.com/usn/USN-2417-1
USN-2418-1
http://www.ubuntu.com/usn/USN-2418-1
[oss-security] 20141113 Linux kernel: SCTP issues
http://www.openwall.com/lists/oss-security/2014/11/13/8
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26b87c7881006311828bb0ab271a551a62dcceb4
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4
https://bugzilla.redhat.com/show_bug.cgi?id=1155745
https://github.com/torvalds/linux/commit/26b87c7881006311828bb0ab271a551a62dcceb4
openSUSE-SU-2015:0566
Common Vulnerability Exposure (CVE) ID: CVE-2014-4027
http://www.openwall.com/lists/oss-security/2014/06/11/1
http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618
http://secunia.com/advisories/59134
http://secunia.com/advisories/59777
http://secunia.com/advisories/60564
http://secunia.com/advisories/61310
http://www.ubuntu.com/usn/USN-2334-1
http://www.ubuntu.com/usn/USN-2335-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-4652
http://www.openwall.com/lists/oss-security/2014/06/26/6
RedHat Security Advisories: RHSA-2014:1083
http://rhn.redhat.com/errata/RHSA-2014-1083.html
RedHat Security Advisories: RHSA-2015:1272
http://rhn.redhat.com/errata/RHSA-2015-1272.html
http://secunia.com/advisories/59434
http://secunia.com/advisories/60545
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
XForce ISS Database: linux-kernel-cve20144652-info-disc(94412)
https://exchange.xforce.ibmcloud.com/vulnerabilities/94412
Common Vulnerability Exposure (CVE) ID: CVE-2014-4656
RedHat Security Advisories: RHSA-2015:0087
http://rhn.redhat.com/errata/RHSA-2015-0087.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-6410
BugTraq ID: 69799
http://www.securityfocus.com/bid/69799
HPdes Security Advisory: HPSBGN03282
HPdes Security Advisory: HPSBGN03285
http://www.openwall.com/lists/oss-security/2014/09/15/9
http://www.ubuntu.com/usn/USN-2374-1
http://www.ubuntu.com/usn/USN-2375-1
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.