English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.123234
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2014-3096)
Summary:The remote host is missing an update for the 'dtrace-modules-3.8.13-55.el6uek, dtrace-modules-3.8.13-55.el7uek, kernel-uek' package(s) announced via the ELSA-2014-3096 advisory.
Description:Summary:
The remote host is missing an update for the 'dtrace-modules-3.8.13-55.el6uek, dtrace-modules-3.8.13-55.el7uek, kernel-uek' package(s) announced via the ELSA-2014-3096 advisory.

Vulnerability Insight:
kernel-uek
[3.8.13-55]
- freezer: set PF_SUSPEND_TASK flag on tasks that call freeze_processes (Colin Cross) [Orabug: 20082843]

[3.8.13-54]
- netfilter: nf_nat: fix oops on netns removal (Florian Westphal) [Orabug: 19988779]
- tcp: tsq: restore minimal amount of queueing (Eric Dumazet) [Orabug: 19909542]
- qedf: Fixes for compilation issues on oracle uek3r4. (Saurav Kashyap) [Orabug: 20027243]
- qla2xxx: fix wrongly report 'PCI EEH busy' when get_thermal_temp (Vaughan Cao) [Orabug: 19916135]
- Revert 'ib_cm: reduce latency when destroying large number of ids' (Guangyu Sun) [Orabug: 20012864]
- Revert 'rds: avoid duplicate connection drops for active bonding' (Guangyu Sun) [Orabug: 20012864]
- xen/pciback: Restore configuration space when detaching from a guest. (Konrad Rzeszutek Wilk) [Orabug: 19970142]
- cpufreq: remove race while accessing cur_policy (Bibek Basu) [Orabug: 19945473]
- cpufreq: serialize calls to __cpufreq_governor() (Viresh Kumar) [Orabug: 19945473]
- cpufreq: don't allow governor limits to be changed when it is disabled (Viresh Kumar) [Orabug: 19945473]
- net: sctp: fix panic on duplicate ASCONF chunks (Daniel Borkmann) [Orabug: 19953088] {CVE-2014-3687}
- net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks (Daniel Borkmann) [Orabug: 19953087] {CVE-2014-3673}
- perf/x86: Check all MSRs before passing hw check (George Dunlap) [Orabug: 19803968]
- o2dlm: fix NULL pointer dereference in o2dlm_blocking_ast_wrapper (Srinivas Eeda) [Orabug: 19825227]
- RDS: add module parameter to allow module unload or not (Wengang Wang) [Orabug: 19927376]
- dwarf2ctf: don't use O_PATH in rel_abs_file_name(). (Jamie Iles) [Orabug: 19957565]
- dwarf2ctf: don't leak directory fd. (Jamie Iles) [Orabug: 19957565]

[3.8.13-53]
- net: reset mac header in dev_start_xmit() (Eric Dumazet) [Orabug: 19951043]

[3.8.13-52]
- xen/efi: rebased version of xen.efi (Jan Beulich) [Orabug: 19878307]

[3.8.13-51]
- config: enable pm80xx module (Guangyu Sun) [Orabug: 19890236]
- free ib_device related resource (Wengang Wang) [Orabug: 19479464]
- srq initialization and cleanup -v3.1 (Wengang Wang) [Orabug: 19010606]
- rds: avoid duplicate connection drops for active bonding (Ajaykumar Hotchandani) [Orabug: 19870095]
- ib_cm: reduce latency when destroying large number of ids (Ajaykumar Hotchandani) [Orabug: 19870101]
- IPoIB: Change default IPOIB_RX_RING_SIZE to 2048 (Chien-Hua Yen) [Orabug: 19870157]
- ipv6: ip6_dst_check needs to check for expired dst_entries (Hannes Frederic Sowa) [Orabug: 19073604]
- netxen: Fix bug in Tx completion path. (Manish Chopra) [Orabug: 19877613]
- netxen: Fix BUG 'sleeping function called from invalid context' (Manish Chopra) [Orabug: 19877613]
- drivers/net: Convert remaining uses of pr_warning to pr_warn (Joe Perches) [Orabug: 19877613]
- treewide: Fix typo in printk (Masanari Iida) [Orabug: 19877613]
- PCI: Remove DEFINE_PCI_DEVICE_TABLE macro ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'dtrace-modules-3.8.13-55.el6uek, dtrace-modules-3.8.13-55.el7uek, kernel-uek' package(s) on Oracle Linux 6, Oracle Linux 7.

Solution:
Please install the updated package(s).

CVSS Score:
6.2

CVSS Vector:
AV:L/AC:H/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-1739
BugTraq ID: 68048
http://www.securityfocus.com/bid/68048
http://speirofr.appspot.com/cve-2014-1739-kernel-infoleak-vulnerability-in-media_enum_entities.html
http://www.openwall.com/lists/oss-security/2014/06/15/1
http://www.securitytracker.com/id/1038201
http://secunia.com/advisories/59597
SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
http://www.ubuntu.com/usn/USN-2259-1
http://www.ubuntu.com/usn/USN-2261-1
http://www.ubuntu.com/usn/USN-2263-1
http://www.ubuntu.com/usn/USN-2264-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-3184
BugTraq ID: 69768
http://www.securityfocus.com/bid/69768
https://code.google.com/p/google-security-research/issues/detail?id=91
http://www.openwall.com/lists/oss-security/2014/09/11/21
RedHat Security Advisories: RHSA-2014:1318
http://rhn.redhat.com/errata/RHSA-2014-1318.html
RedHat Security Advisories: RHSA-2015:1272
http://rhn.redhat.com/errata/RHSA-2015-1272.html
SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
SuSE Security Announcement: SUSE-SU-2015:0652 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
http://www.ubuntu.com/usn/USN-2374-1
http://www.ubuntu.com/usn/USN-2375-1
http://www.ubuntu.com/usn/USN-2376-1
http://www.ubuntu.com/usn/USN-2377-1
http://www.ubuntu.com/usn/USN-2378-1
http://www.ubuntu.com/usn/USN-2379-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-4014
BugTraq ID: 67988
http://www.securityfocus.com/bid/67988
http://www.exploit-db.com/exploits/33824
http://www.openwall.com/lists/oss-security/2014/06/10/4
http://www.securitytracker.com/id/1030394
http://secunia.com/advisories/59220
Common Vulnerability Exposure (CVE) ID: CVE-2014-4171
BugTraq ID: 68157
http://www.securityfocus.com/bid/68157
http://marc.info/?l=linux-mm-commits&m=140303745420549&w=2
http://www.openwall.com/lists/oss-security/2014/06/18/11
RedHat Security Advisories: RHSA-2015:0102
http://rhn.redhat.com/errata/RHSA-2015-0102.html
http://www.securitytracker.com/id/1030450
http://secunia.com/advisories/59777
http://secunia.com/advisories/60564
http://www.ubuntu.com/usn/USN-2334-1
http://www.ubuntu.com/usn/USN-2335-1
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.