English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.123469
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2014-0159)
Summary:The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-0159 advisory.
Description:Summary:
The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2014-0159 advisory.

Vulnerability Insight:
[2.6.32-431.5.1]
- [net] sctp: fix checksum marking for outgoing packets (Daniel Borkmann) [1046041 1040385]
- [kernel] ptrace: Cleanup useless header (Aaron Tomlin) [1046043 1036312]
- [kernel] ptrace: kill BKL in ptrace syscall (Aaron Tomlin) [1046043 1036312]
- [fs] nfs: Prevent a 3-way deadlock between layoutreturn, open and state recovery (Steve Dickson) [1045094 1034487]
- [fs] nfs: Ensure that rmdir() waits for sillyrenames to complete (Steve Dickson) [1051395 1034348]
- [fs] nfs: wait on recovery for async session errors (Steve Dickson) [1051393 1030049]
- [fs] nfs: Re-use exit code in nfs4_async_handle_error() (Steve Dickson) [1051393 1030049]
- [fs] nfs: Update list of irrecoverable errors on DELEGRETURN (Steve Dickson) [1051393 1030049]
- [exec] ptrace: fix get_dumpable() incorrect tests (Petr Oros) [1039486 1039487] {CVE-2013-2929}
- [net] ipv6: router reachability probing (Jiri Benc) [1043779 1029585]
- [net] ipv6: remove the unnecessary statement in find_match() (Jiri Benc) [1043779 1029585]
- [net] ipv6: fix route selection if kernel is not compiled with CONFIG_IPV6_ROUTER_PREF (Jiri Benc) [1043779 1029585]
- [net] ipv6: Fix default route failover when CONFIG_IPV6_ROUTER_PREF=n (Jiri Benc) [1043779 1029585]
- [net] ipv6: probe routes asynchronous in rt6_probe (Jiri Benc) [1040826 1030094]
- [net] ndisc: Update neigh->updated with write lock (Jiri Benc) [1040826 1030094]
- [net] ipv6: prevent fib6_run_gc() contention (Jiri Benc) [1040826 1030094]
- [net] netfilter: push reasm skb through instead of original frag skbs (Jiri Pirko) [1049590 1011214]
- [net] ip6_output: fragment outgoing reassembled skb properly (Jiri Pirko) [1049590 1011214]
- [net] netfilter: nf_conntrack_ipv6: improve fragmentation handling (Jiri Pirko) [1049590 1011214]
- [net] ipv4: fix path MTU discovery with connection tracking (Jiri Pirko) [1049590 1011214]
- [net] ipv6: Make IP6CB(skb)->nhoff 16-bit (Jiri Pirko) [1049590 1011214]
- [edac] Add error decoding support for AMD Fam16h processors (Prarit Bhargava) [1051394 1020290]
- [netdrv] bnx2x: correct VF-PF channel locking scheme (Michal Schmidt) [1040498 1029203]
- [netdrv] bnx2x: handle known but unsupported VF messages (Michal Schmidt) [1040498 1029203]
- [netdrv] bnx2x: Lock DMAE when used by statistic flow (Michal Schmidt) [1040497 1029200]
- [net] ipv6: fix leaking uninitialized port number of offender sockaddr (Florian Westphal) [1035882 1035883] {CVE-2013-6405}
- [net] inet: fix addr_len/msg->msg_namelen assignment in recv_error functions (Florian Westphal) [1035882 1035883] {CVE-2013-6405}
- [net] inet: prevent leakage of uninitialized memory to user in recv syscalls (Florian Westphal) [1035882 1035883] {CVE-2013-6405}
- [net] ipvs: Add boundary check on ioctl arguments (Denys Vlasenko) [1030817 1030818] {CVE-2013-4588}
- [s390] qeth: avoid buffer overflow in snmp ioctl (Hendrik Brueckner) [1038935 1034266]
- [md] fix ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'kernel' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-2929
BugTraq ID: 64111
http://www.securityfocus.com/bid/64111
RedHat Security Advisories: RHSA-2014:0100
http://rhn.redhat.com/errata/RHSA-2014-0100.html
RedHat Security Advisories: RHSA-2014:0159
http://rhn.redhat.com/errata/RHSA-2014-0159.html
RedHat Security Advisories: RHSA-2014:0285
http://rhn.redhat.com/errata/RHSA-2014-0285.html
RedHat Security Advisories: RHSA-2018:1252
https://access.redhat.com/errata/RHSA-2018:1252
SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
http://www.ubuntu.com/usn/USN-2070-1
http://www.ubuntu.com/usn/USN-2075-1
http://www.ubuntu.com/usn/USN-2109-1
http://www.ubuntu.com/usn/USN-2110-1
http://www.ubuntu.com/usn/USN-2111-1
http://www.ubuntu.com/usn/USN-2112-1
http://www.ubuntu.com/usn/USN-2114-1
http://www.ubuntu.com/usn/USN-2115-1
http://www.ubuntu.com/usn/USN-2116-1
http://www.ubuntu.com/usn/USN-2128-1
http://www.ubuntu.com/usn/USN-2129-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-6381
63890
http://www.securityfocus.com/bid/63890
RHSA-2014:0159
RHSA-2014:0284
http://rhn.redhat.com/errata/RHSA-2014-0284.html
RHSA-2014:0285
[oss-security] 20131122 Linux kernel CVE fixes
http://www.openwall.com/lists/oss-security/2013/11/22/5
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fb392b1a63ae36c31f62bc3fc8630b49d602b62
https://bugzilla.redhat.com/show_bug.cgi?id=1033600
https://github.com/torvalds/linux/commit/6fb392b1a63ae36c31f62bc3fc8630b49d602b62
Common Vulnerability Exposure (CVE) ID: CVE-2013-7263
http://www.openwall.com/lists/oss-security/2013/11/28/13
http://seclists.org/oss-sec/2014/q1/29
http://secunia.com/advisories/55882
http://secunia.com/advisories/56036
SuSE Security Announcement: SUSE-SU-2014:0459 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html
SuSE Security Announcement: SUSE-SU-2015:0652 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html
SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
http://www.ubuntu.com/usn/USN-2107-1
http://www.ubuntu.com/usn/USN-2108-1
http://www.ubuntu.com/usn/USN-2113-1
http://www.ubuntu.com/usn/USN-2117-1
http://www.ubuntu.com/usn/USN-2135-1
http://www.ubuntu.com/usn/USN-2136-1
http://www.ubuntu.com/usn/USN-2138-1
http://www.ubuntu.com/usn/USN-2139-1
http://www.ubuntu.com/usn/USN-2141-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-7265
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.