 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.123745 |
| Category: | Oracle Linux Local Security Checks |
| Title: | Oracle: Security Advisory (ELSA-2013-0168-1) |
| Summary: | The remote host is missing an update for the 'kernel, ocfs2-2.6.18-348.1.1.0.1.el5, oracleasm-2.6.18-348.1.1.0.1.el5' package(s) announced via the ELSA-2013-0168-1 advisory. |
| Description: | Summary: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-348.1.1.0.1.el5, oracleasm-2.6.18-348.1.1.0.1.el5' package(s) announced via the ELSA-2013-0168-1 advisory. Vulnerability Insight: kernel [2.6.18-348.1.1.0.1] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-348.1.1] - [pci] intel-iommu: reduce max num of domains supported (Don Dutile) [886876 885125] - [fs] gfs2: Fix leak of cached directory hash table (Steven Whitehouse) [886124 831330] - [x86] mm: randomize SHLIB_BASE (Petr Matousek) [804953 804954] {CVE-2012-1568} - [net] be2net: create RSS rings even in multi-channel ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel, ocfs2-2.6.18-348.1.1.0.1.el5, oracleasm-2.6.18-348.1.1.0.1.el5' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-1568 [oss-security] 20120320 Re: CVE request -- kernel: execshield: predictable ascii armour base address http://www.openwall.com/lists/oss-security/2012/03/20/4 [oss-security] 20120321 Re: CVE request -- kernel: execshield: predictable ascii armour base address http://openwall.com/lists/oss-security/2012/03/21/3 http://scarybeastsecurity.blogspot.com/2012/03/some-random-observations-on-linux-aslr.html https://bugzilla.redhat.com/show_bug.cgi?id=804947 https://oss.oracle.com/git/?p=redpatch.git%3Ba=commit%3Bh=302a4fc15aebf202b6dffd6c804377c6058ee6e4 Common Vulnerability Exposure (CVE) ID: CVE-2012-4444 RHSA-2012:1580 http://rhn.redhat.com/errata/RHSA-2012-1580.html SUSE-SU-2013:0856 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00000.html USN-1660-1 http://www.ubuntu.com/usn/USN-1660-1 USN-1661-1 http://www.ubuntu.com/usn/USN-1661-1 [oss-security] 20121109 Re: CVE request --- acceptation of overlapping ipv6 fragments http://www.openwall.com/lists/oss-security/2012/11/09/2 http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=70789d7052239992824628db8133de08dc78e593 https://bugzilla.redhat.com/show_bug.cgi?id=874835 https://github.com/torvalds/linux/commit/70789d7052239992824628db8133de08dc78e593 https://media.blackhat.com/bh-eu-12/Atlasis/bh-eu-12-Atlasis-Attacking_IPv6-WP.pdf Common Vulnerability Exposure (CVE) ID: CVE-2012-5515 51397 http://secunia.com/advisories/51397 51468 http://secunia.com/advisories/51468 51486 http://secunia.com/advisories/51486 51487 http://secunia.com/advisories/51487 51495 http://secunia.com/advisories/51495 55082 http://secunia.com/advisories/55082 56798 http://www.securityfocus.com/bid/56798 88127 http://www.osvdb.org/88127 DSA-2582 http://www.debian.org/security/2012/dsa-2582 GLSA-201309-24 http://security.gentoo.org/glsa/glsa-201309-24.xml SUSE-SU-2012:1606 http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00000.html SUSE-SU-2012:1615 http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html SUSE-SU-2014:0446 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html SUSE-SU-2014:0470 http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html [Xen-announce] 20121203 Xen Security Advisory 31 (CVE-2012-5515) - Several memory hypercall operations allow invalid extent order values http://lists.xen.org/archives/html/xen-announce/2012-12/msg00001.html [oss-security] 20121203 Xen Security Advisory 31 (CVE-2012-5515) - Several memory hypercall operations allow invalid extent order values http://www.openwall.com/lists/oss-security/2012/12/03/9 http://support.citrix.com/article/CTX135777 openSUSE-SU-2012:1685 http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html openSUSE-SU-2012:1687 http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00019.html openSUSE-SU-2013:0133 http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00011.html openSUSE-SU-2013:0636 http://lists.opensuse.org/opensuse-updates/2013-04/msg00051.html openSUSE-SU-2013:0637 http://lists.opensuse.org/opensuse-updates/2013-04/msg00052.html xen-extentorder-dos(80479) https://exchange.xforce.ibmcloud.com/vulnerabilities/80479 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |