Test ID:	1.3.6.1.4.1.25623.1.0.123317
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2014-1167)
Summary:	The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-1167 advisory.
Description:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-1167 advisory. Vulnerability Insight: [2.6.32-431.29.2] - [kernel] futex: Fix errors in nested key ref-counting (Denys Vlasenko) [1094457 1094458] {CVE-2014-0205} - [net] vxlan: fix NULL pointer dereference (Jiri Benc) [1114549 1096351] {CVE-2014-3535} [2.6.32-431.29.1] - [mm] hugetlb: ensure hugepage access is denied if hugepages are not supported (Gustavo Duarte) [1118782 1086450] - [security] keys: Increase root_maxkeys and root_maxbytes sizes (Steve Dickson) [1115542 1113607] - [fs] lockd: Ensure that nlmclnt_block resets block->b_status after a server reboot (Steve Dickson) [1110180 959006] - [net] filter: add vlan tag access (Jiri Benc) [1108526 1082097] - [net] filter: add XOR operation (Jiri Benc) [1108526 1082097] - [net] filter: add SKF_AD_RXHASH and SKF_AD_CPU (Jiri Benc) [1108526 1082097] - [net] filter: Socket filter ancillary data access for skb->dev->type (Jiri Benc) [1108526 1082097] - [net] filter: Add SKF_AD_QUEUE instruction (Jiri Benc) [1108526 1082097] - [net] filter: ingress socket filter by mark (Jiri Benc) [1108526 1082097] - [netdrv] bonding: look for bridge IPs in arp monitoring (Veaceslav Falico) [1102794 704190] - [s390] af_iucv: wrong mapping of sent and confirmed skbs (Hendrik Brueckner) [1112390 1102248] - [s390] af_iucv: recvmsg problem for SOCK_STREAM sockets (Hendrik Brueckner) [1112390 1102248] - [s390] af_iucv: fix recvmsg by replacing skb_pull() function (Hendrik Brueckner) [1112390 1102248] - [s390] kernel: avoid page table walk on user space access (Hendrik Brueckner) [1111194 1099146] - [s390] qeth: postpone freeing of qdio memory (Hendrik Brueckner) [1112134 1094379] - [s390] qeth: Fix retry logic in hardsetup (Hendrik Brueckner) [1112134 1094379] - [s390] qeth: Recognize return codes of ccw_device_set_online (Hendrik Brueckner) [1112134 1094379] - [s390] qdio: remove API wrappers (Hendrik Brueckner) [1112134 1094379] - [scsi] Ensure medium access timeout counter resets (David Jeffery) [1117153 1036884] - [scsi] Fix error handling when no ULD is attached (David Jeffery) [1117153 1036884] - [scsi] Handle disk devices which can not process medium access commands (David Jeffery) [1117153 1036884] - [fs] nfs: Fix calls to drop_nlink() (Steve Dickson) [1099607 1093819] - [mm] swap: do not skip lowest_bit in scan_swap_map() scan loop (Rafael Aquini) [1099728 1060886] - [mm] swap: fix shmem swapping when more than 8 areas (Rafael Aquini) [1099728 1060886] - [mm] swap: fix swapon size off-by-one (Rafael Aquini) [1099728 1060886] - [md] avoid deadlock when dirty buffers during md_stop (Jes Sorensen) [1121541 994724] - [x86] hyperv: bypass the timer_irq_works() check (Jason Wang) [1112226 1040349] [2.6.32-431.28.1] - [kernel] auditsc: audit_krule mask accesses need bounds checking (Denys Vlasenko) [1102704 1102705] {CVE-2014-3917} - [net] ipv4: fix route cache rebuilds (Jiri Pirko) [1113824 1111631] - [fs] nfsd: notify_change needs elevated write count (Mateusz Guzik) ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0205 RHSA-2014:1365 http://rhn.redhat.com/errata/RHSA-2014-1365.html RHSA-2014:1763 http://rhn.redhat.com/errata/RHSA-2014-1763.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7ada876a8703f23befbb20a7465a702ee39b1704 http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.37 https://bugzilla.redhat.com/show_bug.cgi?id=1094455 https://github.com/torvalds/linux/commit/7ada876a8703f23befbb20a7465a702ee39b1704 Common Vulnerability Exposure (CVE) ID: CVE-2014-3535 69721 http://www.securityfocus.com/bid/69721 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=256df2f3879efdb2e9808bdb1b54b16fbb11fa38 http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.36 https://bugzilla.redhat.com/show_bug.cgi?id=1114540 https://github.com/torvalds/linux/commit/256df2f3879efdb2e9808bdb1b54b16fbb11fa38 Common Vulnerability Exposure (CVE) ID: CVE-2014-3917 http://article.gmane.org/gmane.linux.kernel/1713179 http://www.openwall.com/lists/oss-security/2014/05/29/5 RedHat Security Advisories: RHSA-2014:1143 http://rhn.redhat.com/errata/RHSA-2014-1143.html RedHat Security Advisories: RHSA-2014:1281 http://rhn.redhat.com/errata/RHSA-2014-1281.html http://secunia.com/advisories/59777 http://secunia.com/advisories/60011 http://secunia.com/advisories/60564 SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://www.ubuntu.com/usn/USN-2334-1 http://www.ubuntu.com/usn/USN-2335-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-4667 BugTraq ID: 68224 http://www.securityfocus.com/bid/68224 Debian Security Information: DSA-2992 (Google Search) http://www.debian.org/security/2014/dsa-2992 http://www.openwall.com/lists/oss-security/2014/06/27/11 http://secunia.com/advisories/59790 http://secunia.com/advisories/60596 SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.