 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.123600 |
| Category: | Oracle Linux Local Security Checks |
| Title: | Oracle: Security Advisory (ELSA-2013-1034) |
| Summary: | The remote host is missing an update for the 'kernel, ocfs2-2.6.18-348.12.1.el5, oracleasm-2.6.18-348.12.1.el5' package(s) announced via the ELSA-2013-1034 advisory. |
| Description: | Summary: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-348.12.1.el5, oracleasm-2.6.18-348.12.1.el5' package(s) announced via the ELSA-2013-1034 advisory. Vulnerability Insight: kernel [2.6.18-348.12.1] - Revert: [fs] afs: export a couple of core functions for AFS write support (Lukas Czerner) [960014 692071] - Revert: [fs] ext4: drop ec_type from the ext4_ext_cache structure (Lukas Czerner) [960014 692071] - Revert: [fs] ext4: handle NULL p_ext in ext4_ext_next_allocated_block() (Lukas Czerner) [960014 692071] - Revert: [fs] ext4: make FIEMAP and delayed allocation play well together (Lukas Czerner) [960014 692071] - Revert: [fs] ext4: Fix possibly very long loop in fiemap (Lukas Czerner) [960014 692071] - Revert: [fs] ext4: prevent race while walking extent tree for fiemap (Lukas Czerner) [960014 692071] [2.6.18-348.11.1] - Revert: [kernel] kmod: make request_module() killable (Frantisek Hrbata) [858752 858753] {CVE-2012-4398} - Revert: [kernel] kmod: avoid deadlock from recursive kmod call (Frantisek Hrbata) [858752 858753] {CVE-2012-4398} - Revert: [kernel] wait_for_helper: remove unneeded do_sigaction() (Frantisek Hrbata) [858752 858753] {CVE-2012-4398} - Revert: [kernel] Fix ____call_usermodehelper errs being silently ignored (Frantisek Hrbata) [858752 858753] {CVE-2012-4398} - Revert: [kernel] wait_for_helper: SIGCHLD from u/s cause use-after-free (Frantisek Hrbata) [858752 858753] {CVE-2012-4398} - Revert: [kernel] kmod: avoid deadlock from recursive request_module call (Frantisek Hrbata) [957152 949568] - Revert: [x86-64] non lazy sleazy fpu implementation (Prarit Bhargava) [948187 731531] - Revert: [i386] add sleazy FPU optimization (Prarit Bhargava) [948187 731531] - Revert: [x86] fpu: fix CONFIG_PREEMPT=y corruption of FPU stack (Prarit Bhargava) [948187 731531] - Revert: [ia64] fix KABI breakage on ia64 (Prarit Bhargava) [966878 960783] [2.6.18-348.10.1] - [net] Bluetooth: fix possible info leak in bt_sock_recvmsg() (Radomir Vrbovsky) [955600 955601] {CVE-2013-3224} - [net] Bluetooth: HCI & L2CAP information leaks (Jacob Tanenbaum) [922415 922416] {CVE-2012-6544} - [misc] signal: use __ARCH_HAS_SA_RESTORER instead of SA_RESTORER (Nikola Pajkovsky) [920503 920504] {CVE-2013-0914} - [misc] signal: always clear sa_restorer on execve (Nikola Pajkovsky) [920503 920504] {CVE-2013-0914} - [misc] signal: Def __ARCH_HAS_SA_RESTORER for sa_restorer clear (Nikola Pajkovsky) [920503 920504] {CVE-2013-0914} - [net] cxgb4: zero out another firmware request struct (Jay Fenlason) [971872 872531] - [net] cxgb4: clear out most firmware request structures (Jay Fenlason) [971872 872531] - [kernel] Make futex_wait() use an hrtimer for timeout (Prarit Bhargava) [958021 864648] [2.6.18-348.9.1] - [net] tg3: buffer overflow in VPD firmware parsing (Jacob Tanenbaum) [949939 949940] {CVE-2013-1929} - [net] atm: update msg_namelen in vcc_recvmsg() (Nikola Pajkovsky) [955222 955223] {CVE-2013-3222} - [fs] ext4: prevent race while walking extent tree for fiemap (Lukas Czerner) [960014 692071] - [fs] ext4: Fix possibly very long loop in fiemap (Lukas Czerner) ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel, ocfs2-2.6.18-348.12.1.el5, oracleasm-2.6.18-348.12.1.el5' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-6544 http://www.openwall.com/lists/oss-security/2013/03/05/13 RedHat Security Advisories: RHSA-2013:1173 http://rhn.redhat.com/errata/RHSA-2013-1173.html http://www.ubuntu.com/usn/USN-1805-1 http://www.ubuntu.com/usn/USN-1808-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-6545 RedHat Security Advisories: RHSA-2013:1645 http://rhn.redhat.com/errata/RHSA-2013-1645.html Common Vulnerability Exposure (CVE) ID: CVE-2013-0914 http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 http://www.openwall.com/lists/oss-security/2013/03/11/8 RedHat Security Advisories: RHSA-2013:1051 http://rhn.redhat.com/errata/RHSA-2013-1051.html SuSE Security Announcement: openSUSE-SU-2013:1187 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html SuSE Security Announcement: openSUSE-SU-2013:1971 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html http://www.ubuntu.com/usn/USN-1787-1 http://www.ubuntu.com/usn/USN-1788-1 http://www.ubuntu.com/usn/USN-1792-1 http://www.ubuntu.com/usn/USN-1793-1 http://www.ubuntu.com/usn/USN-1794-1 http://www.ubuntu.com/usn/USN-1795-1 http://www.ubuntu.com/usn/USN-1796-1 http://www.ubuntu.com/usn/USN-1797-1 http://www.ubuntu.com/usn/USN-1798-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-1929 FEDORA-2013-5368 http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101836.html MDVSA-2013:176 RHSA-2013:1645 SUSE-SU-2013:1473 http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html SUSE-SU-2013:1474 http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html USN-1834-1 http://www.ubuntu.com/usn/USN-1834-1 USN-1835-1 http://www.ubuntu.com/usn/USN-1835-1 USN-1836-1 http://www.ubuntu.com/usn/USN-1836-1 USN-1838-1 http://www.ubuntu.com/usn/USN-1838-1 [oss-security] 20130405 Re: CVE Request: tg3 VPD firmware -> driver injection http://www.openwall.com/lists/oss-security/2013/04/06/3 http://cansecwest.com/slides/2013/PrivateCore%20CSW%202013.pdf http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=715230a44310a8cf66fbfb5a46f9a62a9b2de424 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.6 https://bugzilla.redhat.com/show_bug.cgi?id=949932 https://github.com/torvalds/linux/commit/715230a44310a8cf66fbfb5a46f9a62a9b2de424 openSUSE-SU-2013:1971 Common Vulnerability Exposure (CVE) ID: CVE-2013-3222 http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103750.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104480.html https://lkml.org/lkml/2013/4/14/107 http://www.openwall.com/lists/oss-security/2013/04/14/3 SuSE Security Announcement: SUSE-SU-2013:1182 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00016.html http://www.ubuntu.com/usn/USN-1837-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-3224 Common Vulnerability Exposure (CVE) ID: CVE-2013-3231 Common Vulnerability Exposure (CVE) ID: CVE-2013-3235 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |