Test ID:	1.3.6.1.4.1.25623.1.0.123767
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2012-2048)
Summary:	The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-300.39.2.el5uek, mlnx_en-2.6.32-300.39.2.el6uek, ofa-2.6.32-300.39.2.el5uek, ofa-2.6.32-300.39.2.el6uek' package(s) announced via the ELSA-2012-2048 advisory.
Description:	Summary: The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-300.39.2.el5uek, mlnx_en-2.6.32-300.39.2.el6uek, ofa-2.6.32-300.39.2.el5uek, ofa-2.6.32-300.39.2.el6uek' package(s) announced via the ELSA-2012-2048 advisory. Vulnerability Insight: [2.6.32-300.39.2] - ext4: fix undefined behavior in ext4_fill_flex_info() (Xi Wang) [orabug 16020245] {CVE-2012-2100} - Divide by zero in TCP congestion control Algorithm (Jesper Dangaard Brouer) [orabug 16020447] {CVE-2012-4565} - ipv6: discard overlapping fragment (Luis Henriques) [orabug 16021354] {CVE-2012-4444} Affected Software/OS: 'kernel-uek, mlnx_en-2.6.32-300.39.2.el5uek, mlnx_en-2.6.32-300.39.2.el6uek, ofa-2.6.32-300.39.2.el5uek, ofa-2.6.32-300.39.2.el6uek' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2100 53414 http://www.securityfocus.com/bid/53414 RHSA-2012:1445 http://rhn.redhat.com/errata/RHSA-2012-1445.html RHSA-2012:1580 http://rhn.redhat.com/errata/RHSA-2012-1580.html [oss-security] 20120412 Re: fix to CVE-2009-4307 http://www.openwall.com/lists/oss-security/2012/04/12/11 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d50f2ab6f050311dbf7b8f5501b25f0bf64a439b http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.2 https://bugzilla.redhat.com/show_bug.cgi?id=809687 https://github.com/torvalds/linux/commit/d50f2ab6f050311dbf7b8f5501b25f0bf64a439b Common Vulnerability Exposure (CVE) ID: CVE-2012-4444 SUSE-SU-2013:0856 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00000.html USN-1660-1 http://www.ubuntu.com/usn/USN-1660-1 USN-1661-1 http://www.ubuntu.com/usn/USN-1661-1 [oss-security] 20121109 Re: CVE request --- acceptation of overlapping ipv6 fragments http://www.openwall.com/lists/oss-security/2012/11/09/2 http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=70789d7052239992824628db8133de08dc78e593 https://bugzilla.redhat.com/show_bug.cgi?id=874835 https://github.com/torvalds/linux/commit/70789d7052239992824628db8133de08dc78e593 https://media.blackhat.com/bh-eu-12/Atlasis/bh-eu-12-Atlasis-Attacking_IPv6-WP.pdf Common Vulnerability Exposure (CVE) ID: CVE-2012-4565 51409 http://secunia.com/advisories/51409 56346 http://www.securityfocus.com/bid/56346 FEDORA-2012-17479 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091110.html USN-1644-1 http://www.ubuntu.com/usn/USN-1644-1 USN-1645-1 http://www.ubuntu.com/usn/USN-1645-1 USN-1646-1 http://www.ubuntu.com/usn/USN-1646-1 USN-1647-1 http://www.ubuntu.com/usn/USN-1647-1 USN-1648-1 http://www.ubuntu.com/usn/USN-1648-1 USN-1649-1 http://www.ubuntu.com/usn/USN-1649-1 USN-1650-1 http://www.ubuntu.com/usn/USN-1650-1 USN-1651-1 http://www.ubuntu.com/usn/USN-1651-1 USN-1652-1 http://www.ubuntu.com/usn/USN-1652-1 [oss-security] 20121031 Re: CVE Request -- kernel: net: divide by zero in tcp algorithm illinois http://www.openwall.com/lists/oss-security/2012/10/31/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8f363b77ee4fbf7c3bbcf5ec2c5ca482d396d664 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.19 https://bugzilla.redhat.com/show_bug.cgi?id=871848 https://github.com/torvalds/linux/commit/8f363b77ee4fbf7c3bbcf5ec2c5ca482d396d664
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.