English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.123567
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2013-1292)
Summary:The remote host is missing an update for the 'kernel, ocfs2-2.6.18-348.18.1.el5, oracleasm-2.6.18-348.18.1.el5' package(s) announced via the ELSA-2013-1292 advisory.
Description:Summary:
The remote host is missing an update for the 'kernel, ocfs2-2.6.18-348.18.1.el5, oracleasm-2.6.18-348.18.1.el5' package(s) announced via the ELSA-2013-1292 advisory.

Vulnerability Insight:
kernel
[2.6.18-348.18.1]
- [net] be2net: enable polling prior enabling interrupts globally (Ivan Vecera) [1005239 987539]
- [kernel] signals: stop info leak via tkill and tgkill syscalls (Oleg Nesterov) [970874 970875] {CVE-2013-2141}
- [net] ipv6: do udp_push_pending_frames AF_INET sock pending data (Jiri Benc) [987647 987648] {CVE-2013-4162}
- [mm] use-after-free in madvise_remove() (Jacob Tanenbaum) [849735 849736] {CVE-2012-3511}
- [fs] autofs: remove autofs dentry mount check (Ian Kent) [1001488 928098]

[2.6.18-348.17.1]
- [net] be2net: Fix to avoid hardware workaround when not needed (Ivan Vecera) [999819 995961]
- [net] be2net: Mark checksum fail for IP fragmented packets (Ivan Vecera) [983864 956322]
- [net] be2net: Avoid double insertion of vlan tags (Ivan Vecera) [983864 956322]
- [net] be2net: disable TX in be_close() (Ivan Vecera) [983864 956322]
- [net] be2net: fix EQ from getting full while cleaning RX CQ (Ivan Vecera) [983864 956322]
- [net] be2net: avoid napi_disable() when not enabled (Ivan Vecera) [983864 956322]
- [net] be2net: Fix receive Multicast Packets w/ Promiscuous mode (Ivan Vecera) [983864 956322]
- [net] be2net: Fixed memory leak (Ivan Vecera) [983864 956322]
- [net] be2net: Fix PVID tag offload for packets w/ inline VLAN tag (Ivan Vecera) [983864 956322]
- [net] be2net: fix a Tx stall bug caused by a specific ipv6 packet (Ivan Vecera) [983864 956322]
- [net] be2net: Remove an incorrect pvid check in Tx (Ivan Vecera) [983864 956322]
- [net] be2net: Fix issues in error recovery with wrong queue state (Ivan Vecera) [983864 956322]
- [net] netpoll: revert 6bdb7fe3104 and fix be_poll() instead (Ivan Vecera) [983864 956322]
- [net] be2net: Fix to parse RSS hash Receive completions correctly (Ivan Vecera) [983864 956322]
- [net] be2net: Fix cleanup path when EQ creation fails (Ivan Vecera) [983864 956322]
- [net] be2net: Fix Endian (Ivan Vecera) [983864 956322]
- [net] be2net: Fix to trim skb for padded vlan packets (Ivan Vecera) [983864 956322]
- [net] be2net: Explicitly clear reserved field in Tx Descriptor (Ivan Vecera) [983864 956322]
- [net] be2net: remove unnecessary usage of unlikely() (Ivan Vecera) [983864 956322]
- [net] be2net: do not modify PCI MaxReadReq size (Ivan Vecera) [983864 956322]
- [net] be2net: cleanup be_vid_config() (Ivan Vecera) [983864 956322]
- [net] be2net: don't call vid_config() when there no vlan config (Ivan Vecera) [983864 956322]
- [net] be2net: Ignore status of some ioctls during driver load (Ivan Vecera) [983864 956322]
- [net] be2net: Fix wrong status getting returned for MCC commands (Ivan Vecera) [983864 956322]
- [net] be2net: Fix VLAN/multicast packet reception (Ivan Vecera) [983864 956322]
- [net] be2net: fix wrong frag_idx reported by RX CQ (Ivan Vecera) [983864 956322]

Affected Software/OS:
'kernel, ocfs2-2.6.18-348.18.1.el5, oracleasm-2.6.18-348.18.1.el5' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
6.2

CVSS Vector:
AV:L/AC:H/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-3511
50633
http://secunia.com/advisories/50633
50732
http://secunia.com/advisories/50732
55055
http://secunia.com/advisories/55055
55151
http://www.securityfocus.com/bid/55151
USN-1529-1
http://ubuntu.com/usn/usn-1529-1
USN-1567-1
http://www.ubuntu.com/usn/USN-1567-1
USN-1572-1
http://www.ubuntu.com/usn/USN-1572-1
USN-1577-1
http://www.ubuntu.com/usn/USN-1577-1
[oss-security] 20120820 Re: CVE Request -- kernel: mm: use-after-free in madvise_remove()
http://www.openwall.com/lists/oss-security/2012/08/20/13
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9ab4233dd08036fe34a89c7dc6f47a8bf2eb29eb
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5
https://bugzilla.redhat.com/show_bug.cgi?id=849734
https://github.com/torvalds/linux/commit/9ab4233dd08036fe34a89c7dc6f47a8bf2eb29eb
Common Vulnerability Exposure (CVE) ID: CVE-2013-2141
DSA-2766
http://www.debian.org/security/2013/dsa-2766
MDVSA-2013:176
http://www.mandriva.com/security/advisories?name=MDVSA-2013:176
RHSA-2013:1801
http://rhn.redhat.com/errata/RHSA-2013-1801.html
USN-1899-1
http://www.ubuntu.com/usn/USN-1899-1
USN-1900-1
http://www.ubuntu.com/usn/USN-1900-1
[oss-security] 20130604 Re: CVE Request: kernel info leak in tkill/tgkill
http://www.openwall.com/lists/oss-security/2013/06/04/10
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b9e146d8eb3b9ecae5086d373b50fa0c1f3e7f0f
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9
https://bugzilla.redhat.com/show_bug.cgi?id=970873
https://github.com/torvalds/linux/commit/b9e146d8eb3b9ecae5086d373b50fa0c1f3e7f0f
openSUSE-SU-2013:1971
http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-4162
54148
http://secunia.com/advisories/54148
61411
http://www.securityfocus.com/bid/61411
RHSA-2013:1436
http://rhn.redhat.com/errata/RHSA-2013-1436.html
RHSA-2013:1460
http://rhn.redhat.com/errata/RHSA-2013-1460.html
RHSA-2013:1520
http://rhn.redhat.com/errata/RHSA-2013-1520.html
SUSE-SU-2013:1473
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html
SUSE-SU-2013:1474
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html
USN-1938-1
http://www.ubuntu.com/usn/USN-1938-1
USN-1939-1
http://www.ubuntu.com/usn/USN-1939-1
USN-1941-1
http://www.ubuntu.com/usn/USN-1941-1
USN-1942-1
http://www.ubuntu.com/usn/USN-1942-1
USN-1943-1
http://www.ubuntu.com/usn/USN-1943-1
USN-1944-1
http://www.ubuntu.com/usn/USN-1944-1
USN-1945-1
http://www.ubuntu.com/usn/USN-1945-1
USN-1946-1
http://www.ubuntu.com/usn/USN-1946-1
USN-1947-1
http://www.ubuntu.com/usn/USN-1947-1
[oss-security] 20130723 Re: CVE Request: Linux kernel: panic while pushing pending data out of an IPv6 socket with UDP_CORK enabled.
http://www.openwall.com/lists/oss-security/2013/07/23/9
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8822b64a0fa64a5dd1dfcf837c5b0be83f8c05d1
https://bugzilla.redhat.com/show_bug.cgi?id=987627
https://github.com/torvalds/linux/commit/8822b64a0fa64a5dd1dfcf837c5b0be83f8c05d1
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.