Test ID:	1.3.6.1.4.1.25623.1.0.123227
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2014-3103)
Summary:	The remote host is missing an update for the 'dtrace-modules-3.8.13-55.1.1.el6uek, dtrace-modules-3.8.13-55.1.1.el7uek, kernel-uek' package(s) announced via the ELSA-2014-3103 advisory.
Description:	Summary: The remote host is missing an update for the 'dtrace-modules-3.8.13-55.1.1.el6uek, dtrace-modules-3.8.13-55.1.1.el7uek, kernel-uek' package(s) announced via the ELSA-2014-3103 advisory. Vulnerability Insight: kernel-uek [3.8.13-55.1.1] - ALSA: control: Protect user controls against concurrent access (Lars-Peter Clausen) [Orabug: 20192540] {CVE-2014-4652} - target/rd: Refactor rd_build_device_space + rd_release_device_space (Nicholas Bellinger) [Orabug: 20192516] {CVE-2014-4027} - HID: logitech: perform bounds checking on device_id early enough (Jiri Kosina) [Orabug: 20192477] {CVE-2014-3182} - udf: Avoid infinite loop when processing indirect ICBs (Jan Kara) [Orabug: 20192448] {CVE-2014-6410} - ALSA: control: Make sure that id->index does not overflow (Lars-Peter Clausen) [Orabug: 20192416] {CVE-2014-4656} - ALSA: control: Handle numid overflow (Lars-Peter Clausen) [Orabug: 20192367] {CVE-2014-4656} - HID: picolcd: sanity check report size in raw_event() callback (Jiri Kosina) [Orabug: 20192208] {CVE-2014-3186} - net: sctp: fix remote memory pressure from excessive queueing (Daniel Borkmann) [Orabug: 20192058] {CVE-2014-3688} Affected Software/OS: 'dtrace-modules-3.8.13-55.1.1.el6uek, dtrace-modules-3.8.13-55.1.1.el7uek, kernel-uek' package(s) on Oracle Linux 6, Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3182 BugTraq ID: 69770 http://www.securityfocus.com/bid/69770 https://code.google.com/p/google-security-research/issues/detail?id=89 http://www.openwall.com/lists/oss-security/2014/09/11/21 RedHat Security Advisories: RHSA-2014:1318 http://rhn.redhat.com/errata/RHSA-2014-1318.html Common Vulnerability Exposure (CVE) ID: CVE-2014-3186 BugTraq ID: 69763 http://www.securityfocus.com/bid/69763 https://code.google.com/p/google-security-research/issues/detail?id=101 http://www.openwall.com/lists/oss-security/2014/09/11/22 SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://www.ubuntu.com/usn/USN-2376-1 http://www.ubuntu.com/usn/USN-2377-1 http://www.ubuntu.com/usn/USN-2378-1 http://www.ubuntu.com/usn/USN-2379-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-3688 DSA-3060 http://www.debian.org/security/2014/dsa-3060 HPSBGN03282 http://marc.info/?l=bugtraq&m=142722544401658&w=2 HPSBGN03285 http://marc.info/?l=bugtraq&m=142722450701342&w=2 RHSA-2015:0062 http://rhn.redhat.com/errata/RHSA-2015-0062.html RHSA-2015:0115 http://rhn.redhat.com/errata/RHSA-2015-0115.html SUSE-SU-2015:0481 SUSE-SU-2015:0652 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html SUSE-SU-2015:0736 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html USN-2417-1 http://www.ubuntu.com/usn/USN-2417-1 USN-2418-1 http://www.ubuntu.com/usn/USN-2418-1 [oss-security] 20141113 Linux kernel: SCTP issues http://www.openwall.com/lists/oss-security/2014/11/13/8 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26b87c7881006311828bb0ab271a551a62dcceb4 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4 https://bugzilla.redhat.com/show_bug.cgi?id=1155745 https://github.com/torvalds/linux/commit/26b87c7881006311828bb0ab271a551a62dcceb4 openSUSE-SU-2015:0566 Common Vulnerability Exposure (CVE) ID: CVE-2014-4027 http://www.openwall.com/lists/oss-security/2014/06/11/1 http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618 http://secunia.com/advisories/59134 http://secunia.com/advisories/59777 http://secunia.com/advisories/60564 http://secunia.com/advisories/61310 SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html http://www.ubuntu.com/usn/USN-2334-1 http://www.ubuntu.com/usn/USN-2335-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-4652 http://www.openwall.com/lists/oss-security/2014/06/26/6 RedHat Security Advisories: RHSA-2014:1083 http://rhn.redhat.com/errata/RHSA-2014-1083.html RedHat Security Advisories: RHSA-2015:1272 http://rhn.redhat.com/errata/RHSA-2015-1272.html http://secunia.com/advisories/59434 http://secunia.com/advisories/60545 SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html XForce ISS Database: linux-kernel-cve20144652-info-disc(94412) https://exchange.xforce.ibmcloud.com/vulnerabilities/94412 Common Vulnerability Exposure (CVE) ID: CVE-2014-4656 RedHat Security Advisories: RHSA-2015:0087 http://rhn.redhat.com/errata/RHSA-2015-0087.html http://www.securitytracker.com/id/1038201 Common Vulnerability Exposure (CVE) ID: CVE-2014-6410 BugTraq ID: 69799 http://www.securityfocus.com/bid/69799 HPdes Security Advisory: HPSBGN03282 HPdes Security Advisory: HPSBGN03285 http://www.openwall.com/lists/oss-security/2014/09/15/9 http://www.ubuntu.com/usn/USN-2374-1 http://www.ubuntu.com/usn/USN-2375-1
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.