Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2014-0285)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.123451
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2014-0285)
Summary:	The remote host is missing an update for the 'kernel, ocfs2-2.6.18-371.6.1.el5, oracleasm-2.6.18-371.6.1.el5' package(s) announced via the ELSA-2014-0285 advisory.
Description:	Summary: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-371.6.1.el5, oracleasm-2.6.18-371.6.1.el5' package(s) announced via the ELSA-2014-0285 advisory. Vulnerability Insight: kernel [2.6.18-371.6.1] - [net] be2net: don't use skb_get_queue_mapping() (Ivan Vecera) [1066302 1063955] - [ipc] change refcount to atomic_t (Phillip Lougher) [1024866 1024868] {CVE-2013-4483} - [s390] qeth: buffer overflow in snmp ioctl (Jacob Tanenbaum) [1034402 1034404] {CVE-2013-6381} - [scsi] AACRAID Driver compat IOCTL missing capability check (Jacob Tanenbaum) [1033531 1033532] {CVE-2013-6383} - [xen] x86/AMD: work around erratum 793 (Radim Krcmar) [1035834 1035836] {CVE-2013-6885} - [xen] do not expose hypercalls to rings 1 and 2 of HVM guests (Andrew Jones) [1029112 1029113] {CVE-2013-4554} - [redhat] kabi: Adding symbol print_hex_dump (Jiri Olsa) [1054055 662558] - [scsi] Add 'eh_deadline' to limit SCSI EH runtime (Ewan Milne) [1050097 956132] - [scsi] remove check for 'resetting' (Ewan Milne) [1050097 956132] - [scsi] dc395: Move 'last_reset' into internal host structure (Ewan Milne) [1050097 956132] - [scsi] tmscsim: Move 'last_reset' into host structure (Ewan Milne) [1050097 956132] - [scsi] advansys: Remove 'last_reset' references (Ewan Milne) [1050097 956132] - [scsi] dpt_i2o: return SCSI_MLQUEUE_HOST_BUSY when in reset (Ewan Milne) [1050097 956132] - [scsi] dpt_i2o: Remove DPTI_STATE_IOCTL (Ewan Milne) [1050097 956132] - [net] ipv6: fix leaking uninit port number of offender sockaddr (Florian Westphal) [1035880 1035881] {CVE-2013-7264 CVE-2013-7265 CVE-2013-7281 CVE-2013-7263} - [net] fix addr_len/msg->msg_namelen assign in recv_error funcs (Florian Westphal) [1035880 1035881] {CVE-2013-7264 CVE-2013-7265 CVE-2013-7281 CVE-2013-7263} - [net] prevent leakage of uninitialized memory to user in recv (Florian Westphal) [1035880 1035881] {CVE-2013-7264 CVE-2013-7265 CVE-2013-7281 CVE-2013-7263} - [net] be2net: prevent Tx stall on SH-R when packet size < 32 (Ivan Vecera) [1051535 1007995] - [net] be2net: Trim padded packets for Lancer (Ivan Vecera) [1051535 1007995] - [net] be2net: Pad skb to meet min Tx pkt size in lancer (Ivan Vecera) [1051535 1007995] - [net] be2net: refactor HW workarounds in be_xmit() (Ivan Vecera) [1051535 1007995] - [fs] exec/ptrace: fix get_dumpable() incorrect tests (Petr Oros) [1039483 1039484] {CVE-2013-2929} [2.6.18-371.5.1] - [fs] cifs: stop trying to use virtual circuits (Sachin Prabhu) [1044328 1013469] Affected Software/OS: 'kernel, ocfs2-2.6.18-371.6.1.el5, oracleasm-2.6.18-371.6.1.el5' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2929 BugTraq ID: 64111 http://www.securityfocus.com/bid/64111 RedHat Security Advisories: RHSA-2014:0100 http://rhn.redhat.com/errata/RHSA-2014-0100.html RedHat Security Advisories: RHSA-2014:0159 http://rhn.redhat.com/errata/RHSA-2014-0159.html RedHat Security Advisories: RHSA-2014:0285 http://rhn.redhat.com/errata/RHSA-2014-0285.html RedHat Security Advisories: RHSA-2018:1252 https://access.redhat.com/errata/RHSA-2018:1252 SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://www.ubuntu.com/usn/USN-2070-1 http://www.ubuntu.com/usn/USN-2075-1 http://www.ubuntu.com/usn/USN-2109-1 http://www.ubuntu.com/usn/USN-2110-1 http://www.ubuntu.com/usn/USN-2111-1 http://www.ubuntu.com/usn/USN-2112-1 http://www.ubuntu.com/usn/USN-2114-1 http://www.ubuntu.com/usn/USN-2115-1 http://www.ubuntu.com/usn/USN-2116-1 http://www.ubuntu.com/usn/USN-2128-1 http://www.ubuntu.com/usn/USN-2129-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-4483 RHSA-2014:0285 RHSA-2015:0284 http://rhn.redhat.com/errata/RHSA-2015-0284.html [oss-security] 20131030 Re: CVE Request -- Linux kernel: ipc: ipc_rcu_putref refcount races http://www.openwall.com/lists/oss-security/2013/10/30/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6062a8dc0517bce23e3c2f7d2fea5e22411269a3 https://bugzilla.redhat.com/show_bug.cgi?id=1024854 https://github.com/torvalds/linux/commit/6062a8dc0517bce23e3c2f7d2fea5e22411269a3 https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.10.bz2 openSUSE-SU-2014:0247 http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html Common Vulnerability Exposure (CVE) ID: CVE-2013-4554 GLSA-201407-03 http://security.gentoo.org/glsa/glsa-201407-03.xml SUSE-SU-2014:0372 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html SUSE-SU-2014:0411 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html SUSE-SU-2014:0446 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html SUSE-SU-2014:0470 http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html [oss-security] 20131126 Xen Security Advisory 76 (CVE-2013-4554) - Hypercalls exposed to privilege rings 1 and 2 of HVM guests http://www.openwall.com/lists/oss-security/2013/11/26/9 openSUSE-SU-2013:1876 http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html Common Vulnerability Exposure (CVE) ID: CVE-2013-6381 63890 http://www.securityfocus.com/bid/63890 RHSA-2014:0159 RHSA-2014:0284 http://rhn.redhat.com/errata/RHSA-2014-0284.html [oss-security] 20131122 Linux kernel CVE fixes http://www.openwall.com/lists/oss-security/2013/11/22/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fb392b1a63ae36c31f62bc3fc8630b49d602b62 https://bugzilla.redhat.com/show_bug.cgi?id=1033600 https://github.com/torvalds/linux/commit/6fb392b1a63ae36c31f62bc3fc8630b49d602b62 Common Vulnerability Exposure (CVE) ID: CVE-2013-6383 RHSA-2014:0100 USN-2066-1 http://www.ubuntu.com/usn/USN-2066-1 USN-2067-1 http://www.ubuntu.com/usn/USN-2067-1 USN-2068-1 http://www.ubuntu.com/usn/USN-2068-1 USN-2069-1 http://www.ubuntu.com/usn/USN-2069-1 USN-2070-1 USN-2071-1 http://www.ubuntu.com/usn/USN-2071-1 USN-2072-1 http://www.ubuntu.com/usn/USN-2072-1 USN-2073-1 http://www.ubuntu.com/usn/USN-2073-1 USN-2074-1 http://www.ubuntu.com/usn/USN-2074-1 USN-2075-1 USN-2076-1 http://www.ubuntu.com/usn/USN-2076-1 USN-2107-1 http://www.ubuntu.com/usn/USN-2107-1 USN-2108-1 http://www.ubuntu.com/usn/USN-2108-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f856567b930dfcdbc3323261bf77240ccdde01f5 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.8 https://bugzilla.redhat.com/show_bug.cgi?id=1033530 https://github.com/torvalds/linux/commit/f856567b930dfcdbc3323261bf77240ccdde01f5 Common Vulnerability Exposure (CVE) ID: CVE-2013-6885 1029415 http://www.securitytracker.com/id/1029415 55840 http://secunia.com/advisories/55840 63983 http://www.securityfocus.com/bid/63983 DSA-3128 http://www.debian.org/security/2015/dsa-3128 FEDORA-2013-22754 http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123553.html FEDORA-2013-22866 http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124199.html FEDORA-2013-22888 http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124195.html SUSE-SU-2014:0373 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html SUSE-SU-2014:0459 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html [kernel] 20111225 Buildworld loop seg-fault update -- I believe it is hardware http://lists.dragonflybsd.org/pipermail/kernel/2011-December/046594.html [oss-security] 20131127 CVE-2013-6885 AMD Publ. 51810 Errata 793 system hang http://openwall.com/lists/oss-security/2013/11/28/1 [oss-security] 20131202 Xen Security Advisory 82 (CVE-2013-6885) - Guest triggerable AMD CPU erratum may cause host to hang http://www.openwall.com/lists/oss-security/2013/12/02/1 http://support.amd.com/TechDocs/51810_16h_00h-0Fh_Rev_Guide.pdf http://www.zdnet.com/blog/hardware/amd-owns-up-to-cpu-bug/18924 https://bugzilla.redhat.com/show_bug.cgi?id=1035823 xen-cve20136885-dos(89335) https://exchange.xforce.ibmcloud.com/vulnerabilities/89335 Common Vulnerability Exposure (CVE) ID: CVE-2013-7263 http://www.openwall.com/lists/oss-security/2013/11/28/13 http://seclists.org/oss-sec/2014/q1/29 http://secunia.com/advisories/55882 http://secunia.com/advisories/56036 SuSE Security Announcement: SUSE-SU-2014:0459 (Google Search) SuSE Security Announcement: SUSE-SU-2015:0652 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html http://www.ubuntu.com/usn/USN-2113-1 http://www.ubuntu.com/usn/USN-2117-1 http://www.ubuntu.com/usn/USN-2135-1 http://www.ubuntu.com/usn/USN-2136-1 http://www.ubuntu.com/usn/USN-2138-1 http://www.ubuntu.com/usn/USN-2139-1 http://www.ubuntu.com/usn/USN-2141-1
Copyright	Copyright (C) 2015 Greenbone AG