English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.123733
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2013-0223)
Summary:The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2013-0223 advisory.
Description:Summary:
The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2013-0223 advisory.

Vulnerability Insight:
[2.6.32-279.22.1]
- [virt] kvm: invalid opcode oops on SET_SREGS with OSXSAVE bit set (Petr Matousek) [862903 862904] {CVE-2012-4461}
- [fs] fuse: optimize __fuse_direct_io() (Brian Foster) [865305 858850]
- [fs] fuse: optimize fuse_get_user_pages() (Brian Foster) [865305 858850]
- [fs] fuse: use get_user_pages_fast() (Brian Foster) [865305 858850]
- [fs] fuse: pass iov[] to fuse_get_user_pages() (Brian Foster) [865305 858850]
- [fs] mm: minor cleanup of iov_iter_single_seg_count() (Brian Foster) [865305 858850]
- [fs] fuse: use req->page_descs[] for argpages cases (Brian Foster) [865305 858850]
to fuse_req (Brian Foster) [865305 858850]
- [fs] fuse: rework fuse_do_ioctl() (Brian Foster) [865305 858850]
- [fs] fuse: rework fuse_perform_write() (Brian Foster) [865305 858850]
- [fs] fuse: rework fuse_readpages() (Brian Foster) [865305 858850]
- [fs] fuse: categorize fuse_get_req() (Brian Foster) [865305 858850]
- [fs] fuse: general infrastructure for pages[] of variable size (Brian Foster) [865305 858850]
- [fs] exec: do not leave bprm->interp on stack (Josh Poimboeuf) [880145 880146] {CVE-2012-4530}
- [fs] exec: use -ELOOP for max recursion depth (Josh Poimboeuf) [880145 880146] {CVE-2012-4530}
- [scsi] have scsi_internal_device_unblock take new state (Frantisek Hrbata) [878774 854140]
- [scsi] add new SDEV_TRANSPORT_OFFLINE state (Chris Leech) [878774 854140]
- [kernel] cpu: fix cpu_chain section mismatch (Frederic Weisbecker) [876090 852148]
- [kernel] sched: Don't modify cpusets during suspend/resume (Frederic Weisbecker) [876090 852148]
- [kernel] sched, cpuset: Drop __cpuexit from cpu hotplug callbacks (Frederic Weisbecker) [876090 852148]
- [kernel] sched: adjust when cpu_active and cpuset configurations are updated during cpu on/offlining (Frantisek Hrbata) [876090 852148]
- [kernel] cpu: return better errno on cpu hotplug failure (Frederic Weisbecker) [876090 852148]
- [kernel] cpu: introduce cpu_notify(), __cpu_notify(), cpu_notify_nofail() (Frederic Weisbecker) [876090 852148]
- [fs] nfs: Properly handle the case where the delegation is revoked (Steve Dickson) [846840 842435]
- [fs] nfs: Move cl_delegations to the nfs_server struct (Steve Dickson) [846840 842435]
- [fs] nfs: Introduce nfs_detach_delegations() (Steve Dickson) [846840 842435]
- [fs] nfs: Fix a number of RCU issues in the NFSv4 delegation code (Steve Dickson) [846840 842435]

[2.6.32-279.21.1]
- [scsi] mpt2sas: fix for driver fails EEH recovery from injected pci bus error (Tomas Henzl) [888818 829149]
- [net] bonding: Bonding driver does not consider the gso_max_size setting of slave devices (Ivan Vecera) [886618 883643]
- [netdrv] tg3: Do not set TSS for 5719 and 5720 (John Feeney) [888215 823371]
- [kernel] kmod: make __request_module() killable (Oleg Nesterov) [858755 819529] {CVE-2012-4398}
- [kernel] kmod: introduce call_modprobe() helper (Oleg Nesterov) [858755 819529] {CVE-2012-4398}
- ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'kernel' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
4.9

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-4398
55077
http://secunia.com/advisories/55077
55361
http://www.securityfocus.com/bid/55361
RHSA-2013:0223
http://rhn.redhat.com/errata/RHSA-2013-0223.html
RHSA-2013:1348
http://rhn.redhat.com/errata/RHSA-2013-1348.html
SUSE-SU-2015:0481
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
[linux-kernel] 20120207 [PATCH 5/5] kmod: make __request_module() killable
http://lkml.indiana.edu/hypermail/linux/kernel/1202.0/03340.html
[oss-security] 20120902 CVE Request -- kernel: request_module() OOM local DoS
http://www.openwall.com/lists/oss-security/2012/09/02/3
http://www.kernel.org/pub/linux/kernel/v3.x/linux-3.4.tar.bz2
https://bugzilla.redhat.com/show_bug.cgi?id=853474
openSUSE-SU-2015:0566
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-4461
51160
http://secunia.com/advisories/51160
56414
http://www.securityfocus.com/bid/56414
RHSA-2013:0882
http://rhn.redhat.com/errata/RHSA-2013-0882.html
SUSE-SU-2012:1679
https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html
[oss-security] 20121106 CVE-2012-4461 -- kernel: kvm: invalid opcode oops on SET_SREGS with OSXSAVE bit set
http://www.openwall.com/lists/oss-security/2012/11/06/14
http://article.gmane.org/gmane.comp.emulators.kvm.devel/100742
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git%3Ba=commit%3Bh=6d1068b3a98519247d8ba4ec85cd40ac136dbdf9
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.9
https://bugzilla.redhat.com/show_bug.cgi?id=862900
openSUSE-SU-2013:0925
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-4530
SUSE-SU-2013:0674
http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html
[oss-security] 20121019 Re: CVE Request -- kernel stack disclosure in binfmt_script load_script()
http://www.openwall.com/lists/oss-security/2012/10/19/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b66c5984017533316fd1951770302649baf1aa33
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.2
https://bugzilla.redhat.com/show_bug.cgi?id=868285
https://github.com/torvalds/linux/commit/b66c5984017533316fd1951770302649baf1aa33
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.