Test ID:	1.3.6.1.4.1.25623.1.0.123769
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2012-1580)
Summary:	The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2012-1580 advisory.
Description:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2012-1580 advisory. Vulnerability Insight: [2.6.32-279.19.1.el6] - [drm] i915: don't clobber the pipe param in sanitize_modesetting (Frantisek Hrbata) [876549 857792] - [drm] i915: Sanitize BIOS debugging bits from PIPECONF (Frantisek Hrbata) [876549 857792] - [net] fix divide by zero in tcp algorithm illinois (Flavio Leitner) [871920 866514] {CVE-2012-4565} - [fs] xfs: fix reading of wrapped log data (Dave Chinner) [876499 874322] - [x86] mm: fix signedness issue in mmap_rnd() (Petr Matousek) [876496 875036] - [net] WARN if struct ip_options was allocated directly by kmalloc (Jiri Pirko) [877950 872799] - [fs] block_dev: Fix crash when block device is read and block size is changed at the same time (Frantisek Hrbata) [864826 855906] - [mm] tracing: Move include of trace/events/kmem.h out of header into slab.c (Jeff Moyer) [864826 855906] - [mm] slab: Move kmalloc tracepoint out of inline code (Jeff Moyer) [864826 855906] - [netdrv] bnx2x: organize BDs calculation for stop/resume (Frantisek Hrbata) [874022 819842] - [netdrv] bnx2x: fix panic when TX ring is full (Michal Schmidt) [874022 819842] [2.6.32-279.18.1.el6] - [scsi] sd: fix crash when UA received on DIF enabled device (Ewan Milne) [876487 865682] - [mm] hugetlb: fix non-atomic enqueue of huge page (Rafael Aquini) [876101 869750] - [x86] amd_iommu: attach device fails on the last pci device (Don Dutile) [876493 861164] - [net] nfs: Fix buffer overflow checking in __nfs4_get_acl_uncached (Frantisek Hrbata) [811794 822871] {CVE-2012-2375} - [net] nfs: Fix the acl cache size calculation (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [net] nfs: Fix range checking in __nfs4_get_acl_uncached and __nfs4_proc_set_acl (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [net] nfs: nfs_getaclargs.acl_len is a size_t (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [net] nfs: Don't use private xdr_stream fields in decode_getacl (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [net] nfs: Fix pointer arithmetic in decode_getacl (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [net] nfs: Simplify the GETATTR attribute length calculation (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [net] sunrpc: Add the helper xdr_stream_pos (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [net] sunrpc: Don't decode beyond the end of the RPC reply message (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [net] sunrpc: Clean up xdr_set_iov() (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [net] sunrpc: xdr_read_pages needs to clear xdr->page_ptr (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [fs] nfs: Avoid beyond bounds copy while caching ACL (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [fs] nfs: Avoid reading past buffer when calling GETACL (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [scsi] ibmvfc: Fix double completion on abort timeout (Steve Best) [876088 865115] - [net] core: allocate skbs on local node (Andy Gospodarek) [876491 ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2100 53414 http://www.securityfocus.com/bid/53414 RHSA-2012:1445 http://rhn.redhat.com/errata/RHSA-2012-1445.html RHSA-2012:1580 http://rhn.redhat.com/errata/RHSA-2012-1580.html [oss-security] 20120412 Re: fix to CVE-2009-4307 http://www.openwall.com/lists/oss-security/2012/04/12/11 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d50f2ab6f050311dbf7b8f5501b25f0bf64a439b http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.2 https://bugzilla.redhat.com/show_bug.cgi?id=809687 https://github.com/torvalds/linux/commit/d50f2ab6f050311dbf7b8f5501b25f0bf64a439b Common Vulnerability Exposure (CVE) ID: CVE-2012-2375 HPSBGN02970 http://marc.info/?l=bugtraq&m=139447903326211&w=2 [oss-security] 20120518 Re: CVE Request -- kernel: incomplete fix for CVE-2011-4131 http://www.openwall.com/lists/oss-security/2012/05/18/13 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=20e0fa98b751facf9a1101edaefbc19c82616a68 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.2 https://bugzilla.redhat.com/show_bug.cgi?id=822869 https://github.com/torvalds/linux/commit/20e0fa98b751facf9a1101edaefbc19c82616a68 Common Vulnerability Exposure (CVE) ID: CVE-2012-4444 SUSE-SU-2013:0856 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00000.html USN-1660-1 http://www.ubuntu.com/usn/USN-1660-1 USN-1661-1 http://www.ubuntu.com/usn/USN-1661-1 [oss-security] 20121109 Re: CVE request --- acceptation of overlapping ipv6 fragments http://www.openwall.com/lists/oss-security/2012/11/09/2 http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=70789d7052239992824628db8133de08dc78e593 https://bugzilla.redhat.com/show_bug.cgi?id=874835 https://github.com/torvalds/linux/commit/70789d7052239992824628db8133de08dc78e593 https://media.blackhat.com/bh-eu-12/Atlasis/bh-eu-12-Atlasis-Attacking_IPv6-WP.pdf Common Vulnerability Exposure (CVE) ID: CVE-2012-4565 51409 http://secunia.com/advisories/51409 56346 http://www.securityfocus.com/bid/56346 FEDORA-2012-17479 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091110.html USN-1644-1 http://www.ubuntu.com/usn/USN-1644-1 USN-1645-1 http://www.ubuntu.com/usn/USN-1645-1 USN-1646-1 http://www.ubuntu.com/usn/USN-1646-1 USN-1647-1 http://www.ubuntu.com/usn/USN-1647-1 USN-1648-1 http://www.ubuntu.com/usn/USN-1648-1 USN-1649-1 http://www.ubuntu.com/usn/USN-1649-1 USN-1650-1 http://www.ubuntu.com/usn/USN-1650-1 USN-1651-1 http://www.ubuntu.com/usn/USN-1651-1 USN-1652-1 http://www.ubuntu.com/usn/USN-1652-1 [oss-security] 20121031 Re: CVE Request -- kernel: net: divide by zero in tcp algorithm illinois http://www.openwall.com/lists/oss-security/2012/10/31/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8f363b77ee4fbf7c3bbcf5ec2c5ca482d396d664 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.19 https://bugzilla.redhat.com/show_bug.cgi?id=871848 https://github.com/torvalds/linux/commit/8f363b77ee4fbf7c3bbcf5ec2c5ca482d396d664 Common Vulnerability Exposure (CVE) ID: CVE-2012-5517 56527 http://www.securityfocus.com/bid/56527 SUSE-SU-2012:1679 https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html USN-1671-1 http://www.ubuntu.com/usn/USN-1671-1 USN-1673-1 http://www.ubuntu.com/usn/USN-1673-1 USN-1677-1 http://www.ubuntu.com/usn/USN-1677-1 USN-1678-1 http://www.ubuntu.com/usn/USN-1678-1 USN-1679-1 http://www.ubuntu.com/usn/USN-1679-1 [oss-security] 20121113 Re: CVE request -- Linux kernel: mm/hotplug: failure in propagating hot-added memory to other nodes http://www.openwall.com/lists/oss-security/2012/11/13/11 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=08dff7b7d629807dbb1f398c68dd9cd58dd657a1 http://www.kernel.org/pub/linux/kernel/v3.x/ http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=875374 https://github.com/torvalds/linux/commit/08dff7b7d629807dbb1f398c68dd9cd58dd657a1 openSUSE-SU-2013:0925 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.