English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.123528
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2013-1645)
Summary:The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2013-1645 advisory.
Description:Summary:
The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2013-1645 advisory.

Vulnerability Insight:
[2.6.32-431]
- [md] Disabling of TRIM on RAID5 for RHEL6.5 was too aggressive (Jes Sorensen) [1028426]

[2.6.32-430]
- [x86] Revert 'efi: be more paranoid about available space when creating variables' (Rafael Aquini) [1012370 1023173]
- [x86] Revert 'efivars: firmware bug workarounds should be in platform code' (Rafael Aquini) [1012370 1023173]
- [x86] Revert 'efi: Export efi_query_variable_store() for efivars.ko' (Rafael Aquini) [1012370 1023173]
- [x86] Revert 'efi: Check max_size only if it is non-zero' (Rafael Aquini) [1012370 1023173]
- [x86] Revert 'efi: Distinguish between 'remaining space' and actually used space' (Rafael Aquini) [1012370 1023173]
- [x86] Revert 'efi: Implement efi_no_storage_paranoia parameter' (Rafael Aquini) [1012370 1023173]
- [x86] Revert 'Modify UEFI anti-bricking code' (Rafael Aquini) [1012370 1023173]
- [x86] Revert 'efi: Fix dummy variable buffer allocation' (Rafael Aquini) [1012370 1023173]

[2.6.32-429]
- [fs] revert xfs: prevent deadlock trying to cover an active log (Eric Sandeen) [1014867]

[2.6.32-428]
- [fs] Revert 'vfs: allow umount to handle mountpoints without revalidating them' (Rafael Aquini) [1024607]
- [fs] Revert 'vfs: massage umount_lookup_last() a bit to reduce nesting' (Rafael Aquini) [1024607]
- [fs] Revert 'vfs: rename user_path_umountat() to user_path_mountpoint_at()' (Rafael Aquini) [1024607]
- [fs] Revert 'vfs: introduce kern_path_mountpoint()' (Rafael Aquini) [1024607]
- [fs] Revert 'autofs4: fix device ioctl mount lookup' (Rafael Aquini) [1024607]

[2.6.32-427]
- [tools] perf: Add ref-cycles into array of tested events (Jiri Olsa) [968806]
- [pci] Revert 'make SRIOV resources optional' (Myron Stowe) [1022270]
- [pci] Revert 'ability to relocate assigned pci-resources' (Myron Stowe) [1022270]
- [pci] Revert 'honor child buses add_size in hot plug configuration' (Myron Stowe) [1022270]
- [pci] Revert 'make cardbus-bridge resources optional' (Myron Stowe) [1022270]
- [pci] Revert 'code and comments cleanup' (Myron Stowe) [1022270]
- [pci] Revert 'make re-allocation try harder by reassigning ranges higher in the heirarchy' (Myron Stowe) [1022270]
- [pci] Revert 'Calculate right add_size' (Myron Stowe) [1022270]

[2.6.32-426]
- [block] loop: unplug_fn only when backing file is attached (Lukas Czerner) [1022997]
- [fs] ext4: Remove warning from ext4_da_update_reserve_space() (Lukas Czerner) [1011876]
- [kernel] async: Revert MAX_THREADS to 256 (Neil Horman) [1021705]
- [net] ipv6: restrict neighbor entry creation to output flow (Jiri Pirko) [997103]
- [net] ipv6: udp packets following an UFO enqueued packet need also be handled by UFO (Jiri Pirko) [1011930] {CVE-2013-4387}
- [net] ipv4: blackhole route should always be recalculated (Herbert Xu) [1010347]
- [net] unix: revert/fix race in stream sockets with SOCK_PASS* flags (Daniel Borkmann) [1019343]
- [net] Loosen constraints for recalculating checksum in ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'kernel' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
6.2

CVSS Vector:
AV:L/AC:H/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-6542
http://www.openwall.com/lists/oss-security/2013/03/05/13
RedHat Security Advisories: RHSA-2013:1645
http://rhn.redhat.com/errata/RHSA-2013-1645.html
http://www.ubuntu.com/usn/USN-1805-1
http://www.ubuntu.com/usn/USN-1808-1
Common Vulnerability Exposure (CVE) ID: CVE-2012-6545
Common Vulnerability Exposure (CVE) ID: CVE-2013-0343
RHSA-2013:1449
http://rhn.redhat.com/errata/RHSA-2013-1449.html
RHSA-2013:1490
http://rhn.redhat.com/errata/RHSA-2013-1490.html
RHSA-2013:1645
USN-1976-1
http://www.ubuntu.com/usn/USN-1976-1
USN-1977-1
http://www.ubuntu.com/usn/USN-1977-1
USN-2019-1
http://www.ubuntu.com/usn/USN-2019-1
USN-2020-1
http://www.ubuntu.com/usn/USN-2020-1
USN-2021-1
http://www.ubuntu.com/usn/USN-2021-1
USN-2022-1
http://www.ubuntu.com/usn/USN-2022-1
USN-2023-1
http://www.ubuntu.com/usn/USN-2023-1
USN-2024-1
http://www.ubuntu.com/usn/USN-2024-1
USN-2038-1
http://www.ubuntu.com/usn/USN-2038-1
USN-2039-1
http://www.ubuntu.com/usn/USN-2039-1
USN-2050-1
http://www.ubuntu.com/usn/USN-2050-1
[oss-security] 20121205 Re: Linux kernel handling of IPv6 temporary addresses
http://openwall.com/lists/oss-security/2012/12/05/4
[oss-security] 20130116 Re: Linux kernel handling of IPv6 temporary addresses
http://openwall.com/lists/oss-security/2013/01/16/7
[oss-security] 20130121 Re: Linux kernel handling of IPv6 temporary addresses
http://openwall.com/lists/oss-security/2013/01/21/11
[oss-security] 20130222 Re: Linux kernel handling of IPv6 temporary addresses
http://www.openwall.com/lists/oss-security/2013/02/22/6
https://bugzilla.redhat.com/show_bug.cgi?id=914664
openSUSE-SU-2014:0204
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-1928
SUSE-SU-2013:0856
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00000.html
USN-1829-1
http://www.ubuntu.com/usn/USN-1829-1
[oss-security] 20130405 Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE
http://www.openwall.com/lists/oss-security/2013/04/06/2
[oss-security] 20130409 Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE
http://www.openwall.com/lists/oss-security/2013/04/09/6
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=12176503366885edd542389eed3aaf94be163fdb
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.5
https://bugzilla.redhat.com/show_bug.cgi?id=949567
https://github.com/torvalds/linux/commit/12176503366885edd542389eed3aaf94be163fdb
openSUSE-SU-2013:0847
http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-1929
FEDORA-2013-5368
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101836.html
MDVSA-2013:176
http://www.mandriva.com/security/advisories?name=MDVSA-2013:176
SUSE-SU-2013:1473
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html
SUSE-SU-2013:1474
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html
USN-1834-1
http://www.ubuntu.com/usn/USN-1834-1
USN-1835-1
http://www.ubuntu.com/usn/USN-1835-1
USN-1836-1
http://www.ubuntu.com/usn/USN-1836-1
USN-1838-1
http://www.ubuntu.com/usn/USN-1838-1
[oss-security] 20130405 Re: CVE Request: tg3 VPD firmware -> driver injection
http://www.openwall.com/lists/oss-security/2013/04/06/3
http://cansecwest.com/slides/2013/PrivateCore%20CSW%202013.pdf
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=715230a44310a8cf66fbfb5a46f9a62a9b2de424
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.6
https://bugzilla.redhat.com/show_bug.cgi?id=949932
https://github.com/torvalds/linux/commit/715230a44310a8cf66fbfb5a46f9a62a9b2de424
openSUSE-SU-2013:1971
http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-2164
DSA-2766
http://www.debian.org/security/2013/dsa-2766
RHSA-2013:1166
http://rhn.redhat.com/errata/RHSA-2013-1166.html
USN-1912-1
http://www.ubuntu.com/usn/USN-1912-1
USN-1913-1
http://www.ubuntu.com/usn/USN-1913-1
USN-1941-1
http://www.ubuntu.com/usn/USN-1941-1
USN-1942-1
http://www.ubuntu.com/usn/USN-1942-1
[oss-security] 20130610 Re: CVE Request: Linux Kernel - Leak information in cdrom driver.
http://www.openwall.com/lists/oss-security/2013/06/10/9
http://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git/commit/drivers/cdrom/cdrom.c?id=050e4b8fb7cdd7096c987a9cd556029c622c7fe2
https://bugzilla.redhat.com/show_bug.cgi?id=973100
Common Vulnerability Exposure (CVE) ID: CVE-2013-2234
USN-1938-1
http://www.ubuntu.com/usn/USN-1938-1
USN-1943-1
http://www.ubuntu.com/usn/USN-1943-1
USN-1944-1
http://www.ubuntu.com/usn/USN-1944-1
USN-1945-1
http://www.ubuntu.com/usn/USN-1945-1
USN-1946-1
http://www.ubuntu.com/usn/USN-1946-1
USN-1947-1
http://www.ubuntu.com/usn/USN-1947-1
[oss-security] 20130702 Re: CVE Request: information leak in AF_KEY notify messages
http://www.openwall.com/lists/oss-security/2013/07/02/7
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a5cc68f3d63306d0d288f31edfc2ae6ef8ecd887
https://bugzilla.redhat.com/show_bug.cgi?id=980995
https://github.com/torvalds/linux/commit/a5cc68f3d63306d0d288f31edfc2ae6ef8ecd887
https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.10.bz2
Common Vulnerability Exposure (CVE) ID: CVE-2013-2851
Debian Security Information: DSA-2766 (Google Search)
http://marc.info/?l=linux-kernel&m=137055204522556&w=2
http://www.openwall.com/lists/oss-security/2013/06/06/13
RedHat Security Advisories: RHSA-2013:1783
http://rhn.redhat.com/errata/RHSA-2013-1783.html
RedHat Security Advisories: RHSA-2014:0284
http://rhn.redhat.com/errata/RHSA-2014-0284.html
SuSE Security Announcement: SUSE-SU-2013:1473 (Google Search)
SuSE Security Announcement: SUSE-SU-2013:1474 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:1971 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2013-2888
http://marc.info/?l=linux-input&m=137772180514608&w=1
http://openwall.com/lists/oss-security/2013/08/28/13
RedHat Security Advisories: RHSA-2013:1490
http://www.ubuntu.com/usn/USN-1995-1
http://www.ubuntu.com/usn/USN-1998-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-2889
BugTraq ID: 62042
http://www.securityfocus.com/bid/62042
http://marc.info/?l=linux-input&m=137772182014614&w=1
http://www.ubuntu.com/usn/USN-2015-1
http://www.ubuntu.com/usn/USN-2016-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-2892
BugTraq ID: 62049
http://www.securityfocus.com/bid/62049
http://marc.info/?l=linux-input&m=137772185414625&w=1
Common Vulnerability Exposure (CVE) ID: CVE-2013-3231
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103750.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104480.html
https://lkml.org/lkml/2013/4/14/107
http://www.openwall.com/lists/oss-security/2013/04/14/3
SuSE Security Announcement: SUSE-SU-2013:1182 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00016.html
SuSE Security Announcement: openSUSE-SU-2013:1187 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html
http://www.ubuntu.com/usn/USN-1837-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-4345
62740
http://www.securityfocus.com/bid/62740
USN-2064-1
http://www.ubuntu.com/usn/USN-2064-1
USN-2065-1
http://www.ubuntu.com/usn/USN-2065-1
USN-2068-1
http://www.ubuntu.com/usn/USN-2068-1
USN-2070-1
http://www.ubuntu.com/usn/USN-2070-1
USN-2071-1
http://www.ubuntu.com/usn/USN-2071-1
USN-2072-1
http://www.ubuntu.com/usn/USN-2072-1
USN-2074-1
http://www.ubuntu.com/usn/USN-2074-1
USN-2075-1
http://www.ubuntu.com/usn/USN-2075-1
USN-2076-1
http://www.ubuntu.com/usn/USN-2076-1
USN-2109-1
http://www.ubuntu.com/usn/USN-2109-1
USN-2110-1
http://www.ubuntu.com/usn/USN-2110-1
USN-2158-1
http://www.ubuntu.com/usn/USN-2158-1
[linux-crypto] 20130917 [PATCH] ansi_cprng: Fix off by one error in non-block size request
http://marc.info/?l=linux-crypto-vger&m=137942122902845&w=2
https://bugzilla.redhat.com/show_bug.cgi?id=1007690
Common Vulnerability Exposure (CVE) ID: CVE-2013-4387
RHSA-2014:0284
USN-2041-1
http://www.ubuntu.com/usn/USN-2041-1
USN-2045-1
http://www.ubuntu.com/usn/USN-2045-1
USN-2049-1
http://www.ubuntu.com/usn/USN-2049-1
[oss-security] 20130928 Re: linux kernel memory corruption with ipv6 udp offloading
http://www.openwall.com/lists/oss-security/2013/09/29/1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2811ebac2521ceac84f2bdae402455baa6a7fb47
https://bugzilla.redhat.com/show_bug.cgi?id=1011927
https://github.com/torvalds/linux/commit/2811ebac2521ceac84f2bdae402455baa6a7fb47
Common Vulnerability Exposure (CVE) ID: CVE-2013-4591
63791
http://www.securityfocus.com/bid/63791
[oss-security] 20131118 CVE-2013-4591 -- Linux kernel: kernel: nfs: missing check for buffer length in __nfs4_get_acl_uncached
http://www.openwall.com/lists/oss-security/2013/11/18/2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7d3e91a89b7adbc2831334def9e494dd9892f9af
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.2
https://bugzilla.redhat.com/show_bug.cgi?id=1031678
https://github.com/torvalds/linux/commit/7d3e91a89b7adbc2831334def9e494dd9892f9af
Common Vulnerability Exposure (CVE) ID: CVE-2013-4592
USN-2066-1
http://www.ubuntu.com/usn/USN-2066-1
USN-2067-1
http://www.ubuntu.com/usn/USN-2067-1
USN-2111-1
http://www.ubuntu.com/usn/USN-2111-1
USN-2112-1
http://www.ubuntu.com/usn/USN-2112-1
USN-2114-1
http://www.ubuntu.com/usn/USN-2114-1
USN-2115-1
http://www.ubuntu.com/usn/USN-2115-1
USN-2116-1
http://www.ubuntu.com/usn/USN-2116-1
[oss-security] 20131118 CVE-2013-4592 -- Linux kernel: kvm: memory leak when memory slot is moved with assigned device
http://www.openwall.com/lists/oss-security/2013/11/18/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=12d6e7538e2d418c08f082b1b44ffa5fb7270ed8
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e40f193f5bb022e927a57a4f5d5194e4f12ddb74
https://bugzilla.redhat.com/show_bug.cgi?id=1031702
https://github.com/torvalds/linux/commit/12d6e7538e2d418c08f082b1b44ffa5fb7270ed8
https://github.com/torvalds/linux/commit/e40f193f5bb022e927a57a4f5d5194e4f12ddb74
https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.9.bz2
openSUSE-SU-2014:0247
http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.