English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.123267
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2014-1724)
Summary:The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-1724 advisory.
Description:Summary:
The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-1724 advisory.

Vulnerability Insight:
[3.10.0-123.9.2]
- Oracle Linux certificates (Alexey Petrenko)

[3.10.0-123.9.2]
- [virt] kvm: fix PIT timer race condition (Petr Matousek) [1144879 1144880] {CVE-2014-3611}
- [virt] kvm/vmx: handle invept and invvpid vm exits gracefully (Petr Matousek) [1145449 1116936] [1144828 1144829] {CVE-2014-3645 CVE-2014-3646}

[3.10.0-123.9.1]
- [md] raid6: avoid data corruption during recovery of double-degraded RAID6 (Jes Sorensen) [1143850 1130905]
- [fs] ext4: fix type declaration of ext4_validate_block_bitmap (Lukas Czerner) [1140978 1091055]
- [fs] ext4: error out if verifying the block bitmap fails (Lukas Czerner) [1140978 1091055]
- [powerpc] sched: stop updating inside arch_update_cpu_topology() when nothing to be update (Gustavo Duarte) [1140300 1098372]
- [powerpc] 64bit sendfile is capped at 2GB (Gustavo Duarte) [1139126 1107774]
- [s390] fix restore of invalid floating-point-control (Hendrik Brueckner) [1138733 1121965]
- [kernel] sched/fair: Rework sched_fair time accounting (Rik van Riel) [1134717 1123731]
- [kernel] math64: Add mul_u64_u32_shr() (Rik van Riel) [1134717 1123731]
- [kernel] workqueue: zero cpumask of wq_numa_possible_cpumask on init (Motohiro Kosaki) [1134715 1117184]
- [cpufreq] acpi-cpufreq: skip loading acpi_cpufreq after intel_pstate (Motohiro Kosaki) [1134716 1123250]
- [security] selinux: Increase ebitmap_node size for 64-bit configuration (Paul Moore) [1132076 922752]
- [security] selinux: Reduce overhead of mls_level_isvalid() function call (Paul Moore) [1132076 922752]
- [ethernet] cxgb4: allow large buffer size to have page size (Gustavo Duarte) [1130548 1078977]
- [kernel] sched/autogroup: Fix race with task_groups list (Gustavo Duarte) [1129990 1081406]
- [net] sctp: inherit auth_capable on INIT collisions (Daniel Borkmann) [1124337 1123763] {CVE-2014-5077}
- [sound] alsa/control: Don't access controls outside of protected regions (Radomir Vrbovsky) [1117330 1117331] {CVE-2014-4653}

Affected Software/OS:
'kernel' package(s) on Oracle Linux 7.

Solution:
Please install the updated package(s).

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-3611
DSA-3060
http://www.debian.org/security/2014/dsa-3060
RHSA-2015:0126
http://rhn.redhat.com/errata/RHSA-2015-0126.html
RHSA-2015:0284
http://rhn.redhat.com/errata/RHSA-2015-0284.html
RHSA-2015:0869
http://rhn.redhat.com/errata/RHSA-2015-0869.html
USN-2394-1
http://www.ubuntu.com/usn/USN-2394-1
USN-2417-1
http://www.ubuntu.com/usn/USN-2417-1
USN-2418-1
http://www.ubuntu.com/usn/USN-2418-1
USN-2491-1
http://www.ubuntu.com/usn/USN-2491-1
[oss-security] 20141024 kvm issues
http://www.openwall.com/lists/oss-security/2014/10/24/9
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2febc839133280d5a5e8e1179c94ea674489dae2
https://bugzilla.redhat.com/show_bug.cgi?id=1144878
https://github.com/torvalds/linux/commit/2febc839133280d5a5e8e1179c94ea674489dae2
Common Vulnerability Exposure (CVE) ID: CVE-2014-3645
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bfd0a56b90005f8c8a004baf407ad90045c2b11e
https://bugzilla.redhat.com/show_bug.cgi?id=1144835
https://github.com/torvalds/linux/commit/bfd0a56b90005f8c8a004baf407ad90045c2b11e
Common Vulnerability Exposure (CVE) ID: CVE-2014-3646
SUSE-SU-2015:0481
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a642fc305053cc1c6e47e4f4df327895747ab485
https://bugzilla.redhat.com/show_bug.cgi?id=1144825
https://github.com/torvalds/linux/commit/a642fc305053cc1c6e47e4f4df327895747ab485
openSUSE-SU-2015:0566
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-4653
BugTraq ID: 68164
http://www.securityfocus.com/bid/68164
http://www.openwall.com/lists/oss-security/2014/06/26/6
RedHat Security Advisories: RHSA-2014:1083
http://rhn.redhat.com/errata/RHSA-2014-1083.html
http://secunia.com/advisories/59434
http://secunia.com/advisories/59777
http://secunia.com/advisories/60545
http://secunia.com/advisories/60564
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
http://www.ubuntu.com/usn/USN-2334-1
http://www.ubuntu.com/usn/USN-2335-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-5077
1030681
http://www.securitytracker.com/id/1030681
59777
60430
http://secunia.com/advisories/60430
60545
60564
60744
http://secunia.com/advisories/60744
62563
http://secunia.com/advisories/62563
68881
http://www.securityfocus.com/bid/68881
RHSA-2014:1083
RHSA-2014:1668
http://rhn.redhat.com/errata/RHSA-2014-1668.html
RHSA-2014:1763
http://rhn.redhat.com/errata/RHSA-2014-1763.html
SUSE-SU-2014:1316
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
SUSE-SU-2014:1319
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
USN-2334-1
USN-2335-1
USN-2358-1
http://www.ubuntu.com/usn/USN-2358-1
USN-2359-1
http://www.ubuntu.com/usn/USN-2359-1
[oss-security] 20140725 Re: CVE request Linux Kernel: net: SCTP: NULL pointer dereference
http://www.openwall.com/lists/oss-security/2014/07/26/1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1be9a950c646c9092fb3618197f7b6bfb50e82aa
https://bugzilla.redhat.com/show_bug.cgi?id=1122982
https://github.com/torvalds/linux/commit/1be9a950c646c9092fb3618197f7b6bfb50e82aa
linux-kernel-cve20145077-dos(95134)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95134
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.