English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.123597
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2013-1051)
Summary:The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2013-1051 advisory.
Description:Summary:
The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2013-1051 advisory.

Vulnerability Insight:
[2.6.32-358.14.1]
- [x86] apic: Add probe() for apic_flat (Prarit Bhargava) [975086 953342]

[2.6.32-358.13.1]
- [wireless] b43: stop format string leaking into error msgs (John Linville) [971387 971389] {CVE-2013-2852}
- [pci] make sriov work with hotplug remove (Takahiro MUNEDA) [973555 965002]
- [net] rtnl: fix info leak on RTM_GETLINK request for VF devices (Flavio Leitner) [923657 923659] {CVE-2013-2634 CVE-2013-2635}
- [net] dcbnl: fix various netlink info leaks (Flavio Leitner) [923657 923659] {CVE-2013-2634 CVE-2013-2635}
- [net] bonding: fix enslaving in alb mode when link down (Veaceslav Falico) [969306 965132]
- [net] tcp: Fix oops from tcp_collapse() when using splice() (Nikola Pajkovsky) [968871 863512] {CVE-2013-2128}
- [usb] uhci: fix IRQ race during initialization (Dave Young) [968557 915834]
- [netdrv] e1000e: enable VLAN RX/TX in PROMISC mode (Stefan Assmann) [963564 886420]
- [netdrv] bnx2x: strip VLAN header in PROMISC mode (Stefan Assmann) [963564 886420]
- [net] vlan: handle packets with empty vlan_group via VLAN code (Stefan Assmann) [963564 886420]
- [fs] namei.c: Don't allow to create hardlink for deleted file (Brian Foster) [956296 908158]
- [fs] gfs2: Reinstate withdraw ack system (Robert S Peterson) [927308 908093]
- [fs] nfs: open a file descriptor for fsync in nfs4 recovery (J. Bruce Fields) [964046 915479]
- [net] macvlan: remove bogus check in macvlan_handle_frame() (Jiri Pirko) [962370 952785]
- [net] macvlan: fix passthru mode race between dev removal and rx path (Jiri Pirko) [962370 952785]
- [kernel] rcu: Replace list_first_entry_rcu() with list_first_or_null_rcu() (Jiri Pirko) [962370 952785]
- [net] bluetooth/rfcomm: Fix missing msg_namelen update in rfcomm_sock_recvmsg() (Weiping Pan) [955653 955654] {CVE-2013-3225}
- [net] bluetooth: fix possible info leak in bt_sock_recvmsg() (Radomir Vrbovsky) [955603 955604] {CVE-2013-3224}
- [fs] gfs2: Issue discards in 512b sectors (Robert S Peterson) [927317 922779]
- [fs] udf: avoid info leak on export (Nikola Pajkovsky) [922354 922355] {CVE-2012-6548}
- [scsi] lpfc: Fixed deadlock between hbalock and nlp_lock use (Rob Evers) [962368 960717]
- [kernel] tracing: Fix possible NULL pointer dereferences (Weiping Pan) [952212 952213] {CVE-2013-3301}
- [kernel] tracing: Fix panic when lseek() called on 'trace' opened for writing (Weiping Pan) [952212 952213] {CVE-2013-3301}
- [net] atm: update msg_namelen in vcc_recvmsg() (Nikola Pajkovsky) [955224 955225] {CVE-2013-3222}
- [x86] apic: Work around boot failure on HP ProLiant DL980 G7 Server systems (Prarit Bhargava) [969326 912963]
- [x86] apic: Use probe routines to simplify apic selection (Prarit Bhargava) [969326 912963]
- [x86] x2apic: Simplify apic init in SMP and UP builds (Prarit Bhargava) [969326 912963]
- [kvm] vmx: provide the vmclear function and a bitmap to support VMCLEAR in kdump (Andrew Jones) [962372 908608]
- [x86] kexec: VMCLEAR ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'kernel' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-6548
http://www.mandriva.com/security/advisories?name=MDVSA-2013:176
http://www.openwall.com/lists/oss-security/2013/03/05/13
RedHat Security Advisories: RHSA-2013:1051
http://rhn.redhat.com/errata/RHSA-2013-1051.html
SuSE Security Announcement: openSUSE-SU-2013:1187 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html
http://www.ubuntu.com/usn/USN-1805-1
http://www.ubuntu.com/usn/USN-1808-1
http://www.ubuntu.com/usn/USN-1809-1
http://www.ubuntu.com/usn/USN-1811-1
http://www.ubuntu.com/usn/USN-1812-1
http://www.ubuntu.com/usn/USN-1813-1
http://www.ubuntu.com/usn/USN-1814-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-0914
http://www.openwall.com/lists/oss-security/2013/03/11/8
SuSE Security Announcement: openSUSE-SU-2013:1971 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html
http://www.ubuntu.com/usn/USN-1787-1
http://www.ubuntu.com/usn/USN-1788-1
http://www.ubuntu.com/usn/USN-1792-1
http://www.ubuntu.com/usn/USN-1793-1
http://www.ubuntu.com/usn/USN-1794-1
http://www.ubuntu.com/usn/USN-1795-1
http://www.ubuntu.com/usn/USN-1796-1
http://www.ubuntu.com/usn/USN-1797-1
http://www.ubuntu.com/usn/USN-1798-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-1848
MDVSA-2013:176
RHSA-2013:0928
http://rhn.redhat.com/errata/RHSA-2013-0928.html
RHSA-2013:1026
http://rhn.redhat.com/errata/RHSA-2013-1026.html
RHSA-2013:1051
USN-1809-1
USN-1811-1
USN-1812-1
USN-1813-1
USN-1814-1
[oss-security] 20130320 CVE-2013-1848 -- Linux kernel: ext3: format string issues
http://www.openwall.com/lists/oss-security/2013/03/20/8
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d0c2d10dd72c5292eda7a06231056a4c972e4cc
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.4
https://bugzilla.redhat.com/show_bug.cgi?id=920783
https://github.com/torvalds/linux/commit/8d0c2d10dd72c5292eda7a06231056a4c972e4cc
openSUSE-SU-2013:0925
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-2128
[oss-security] 20130529 Re: CVE request: Linux kernel: net: oops from tcp_collapse() when using splice(2)
http://www.openwall.com/lists/oss-security/2013/05/29/11
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=baff42ab1494528907bf4d5870359e31711746ae
https://bugzilla.redhat.com/show_bug.cgi?id=968484
https://github.com/torvalds/linux/commit/baff42ab1494528907bf4d5870359e31711746ae
Common Vulnerability Exposure (CVE) ID: CVE-2013-2634
http://www.openwall.com/lists/oss-security/2013/03/20/1
http://www.ubuntu.com/usn/USN-1829-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-2635
Common Vulnerability Exposure (CVE) ID: CVE-2013-2852
Debian Security Information: DSA-2766 (Google Search)
http://www.debian.org/security/2013/dsa-2766
http://www.openwall.com/lists/oss-security/2013/06/06/13
RedHat Security Advisories: RHSA-2013:1450
http://rhn.redhat.com/errata/RHSA-2013-1450.html
SuSE Security Announcement: SUSE-SU-2013:1473 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html
http://www.ubuntu.com/usn/USN-1899-1
http://www.ubuntu.com/usn/USN-1900-1
http://www.ubuntu.com/usn/USN-1914-1
http://www.ubuntu.com/usn/USN-1915-1
http://www.ubuntu.com/usn/USN-1916-1
http://www.ubuntu.com/usn/USN-1917-1
http://www.ubuntu.com/usn/USN-1918-1
http://www.ubuntu.com/usn/USN-1919-1
http://www.ubuntu.com/usn/USN-1920-1
http://www.ubuntu.com/usn/USN-1930-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-3222
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103750.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104480.html
https://lkml.org/lkml/2013/4/14/107
http://www.openwall.com/lists/oss-security/2013/04/14/3
SuSE Security Announcement: SUSE-SU-2013:1182 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00016.html
http://www.ubuntu.com/usn/USN-1837-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-3224
Common Vulnerability Exposure (CVE) ID: CVE-2013-3225
Common Vulnerability Exposure (CVE) ID: CVE-2013-3301
SUSE-SU-2013:1473
USN-1834-1
http://www.ubuntu.com/usn/USN-1834-1
USN-1835-1
http://www.ubuntu.com/usn/USN-1835-1
USN-1836-1
http://www.ubuntu.com/usn/USN-1836-1
USN-1838-1
http://www.ubuntu.com/usn/USN-1838-1
[oss-security] 20130415 CVE request - Linux kernel: tracing NULL pointer dereference
http://www.openwall.com/lists/oss-security/2013/04/15/1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6a76f8c0ab19f215af2a3442870eeb5f0e81998d
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.8
https://bugzilla.redhat.com/show_bug.cgi?id=952197
https://github.com/torvalds/linux/commit/6a76f8c0ab19f215af2a3442870eeb5f0e81998d
openSUSE-SU-2013:1971
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.