Test ID:	1.3.6.1.4.1.25623.1.0.123494
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2013-2589)
Summary:	The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-400.33.4.el5uek, mlnx_en-2.6.32-400.33.4.el6uek, ofa-2.6.32-400.33.4.el5uek, ofa-2.6.32-400.33.4.el6uek' package(s) announced via the ELSA-2013-2589 advisory.
Description:	Summary: The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-400.33.4.el5uek, mlnx_en-2.6.32-400.33.4.el6uek, ofa-2.6.32-400.33.4.el5uek, ofa-2.6.32-400.33.4.el6uek' package(s) announced via the ELSA-2013-2589 advisory. Vulnerability Insight: kernel-uek [2.6.32-400.33.4uek] - kernel/signal.c: stop info leak via the tkill and the tgkill syscalls (Emese Revfy) [Orabug: 17951083] {CVE-2013-2141} - ip_output: do skb ufo init for peeked non ufo skb as well (Jiri Pirko) [Orabug: 17951078] {CVE-2013-4470} - KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367) (Andy Honig) [Orabug: 17951073] {CVE-2013-6367} Affected Software/OS: 'kernel-uek, mlnx_en-2.6.32-400.33.4.el5uek, mlnx_en-2.6.32-400.33.4.el6uek, ofa-2.6.32-400.33.4.el5uek, ofa-2.6.32-400.33.4.el6uek' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2141 55055 http://secunia.com/advisories/55055 DSA-2766 http://www.debian.org/security/2013/dsa-2766 MDVSA-2013:176 http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 RHSA-2013:1801 http://rhn.redhat.com/errata/RHSA-2013-1801.html USN-1899-1 http://www.ubuntu.com/usn/USN-1899-1 USN-1900-1 http://www.ubuntu.com/usn/USN-1900-1 [oss-security] 20130604 Re: CVE Request: kernel info leak in tkill/tgkill http://www.openwall.com/lists/oss-security/2013/06/04/10 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b9e146d8eb3b9ecae5086d373b50fa0c1f3e7f0f http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9 https://bugzilla.redhat.com/show_bug.cgi?id=970873 https://github.com/torvalds/linux/commit/b9e146d8eb3b9ecae5086d373b50fa0c1f3e7f0f openSUSE-SU-2013:1971 http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html Common Vulnerability Exposure (CVE) ID: CVE-2013-4470 63359 http://www.securityfocus.com/bid/63359 RHSA-2014:0100 http://rhn.redhat.com/errata/RHSA-2014-0100.html RHSA-2014:0284 http://rhn.redhat.com/errata/RHSA-2014-0284.html SUSE-SU-2014:0459 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html USN-2040-1 http://www.ubuntu.com/usn/USN-2040-1 USN-2042-1 http://www.ubuntu.com/usn/USN-2042-1 USN-2043-1 http://www.ubuntu.com/usn/USN-2043-1 USN-2044-1 http://www.ubuntu.com/usn/USN-2044-1 USN-2046-1 http://www.ubuntu.com/usn/USN-2046-1 USN-2049-1 http://www.ubuntu.com/usn/USN-2049-1 USN-2050-1 http://www.ubuntu.com/usn/USN-2050-1 USN-2066-1 http://www.ubuntu.com/usn/USN-2066-1 USN-2067-1 http://www.ubuntu.com/usn/USN-2067-1 USN-2069-1 http://www.ubuntu.com/usn/USN-2069-1 USN-2073-1 http://www.ubuntu.com/usn/USN-2073-1 [oss-security] 20131025 Re: CVE request: Linux kernel: net: memory corruption with UDP_CORK and UFO http://www.openwall.com/lists/oss-security/2013/10/25/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e93b7d748be887cd7639b113ba7d7ef792a7efb9 https://bugzilla.redhat.com/show_bug.cgi?id=1023477 https://github.com/torvalds/linux/commit/c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b https://github.com/torvalds/linux/commit/e93b7d748be887cd7639b113ba7d7ef792a7efb9 https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2 Common Vulnerability Exposure (CVE) ID: CVE-2013-6367 64270 http://www.securityfocus.com/bid/64270 RHSA-2014:0163 http://rhn.redhat.com/errata/RHSA-2014-0163.html USN-2109-1 http://www.ubuntu.com/usn/USN-2109-1 USN-2110-1 http://www.ubuntu.com/usn/USN-2110-1 USN-2113-1 http://www.ubuntu.com/usn/USN-2113-1 USN-2117-1 http://www.ubuntu.com/usn/USN-2117-1 USN-2128-1 http://www.ubuntu.com/usn/USN-2128-1 USN-2129-1 http://www.ubuntu.com/usn/USN-2129-1 USN-2135-1 http://www.ubuntu.com/usn/USN-2135-1 USN-2136-1 http://www.ubuntu.com/usn/USN-2136-1 USN-2138-1 http://www.ubuntu.com/usn/USN-2138-1 USN-2139-1 http://www.ubuntu.com/usn/USN-2139-1 USN-2141-1 http://www.ubuntu.com/usn/USN-2141-1 [oss-security] 20131212 Re: [vs-plain] kvm issues http://www.openwall.com/lists/oss-security/2013/12/12/12 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b963a22e6d1a266a67e9eecc88134713fd54775c https://bugzilla.redhat.com/show_bug.cgi?id=1032207 https://github.com/torvalds/linux/commit/b963a22e6d1a266a67e9eecc88134713fd54775c https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.54 openSUSE-SU-2014:0204 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html openSUSE-SU-2014:0205 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.html openSUSE-SU-2014:0247 http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.