 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.123787 |
| Category: | Oracle Linux Local Security Checks |
| Title: | Oracle: Security Advisory (ELSA-2012-1426) |
| Summary: | The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2012-1426 advisory. |
| Description: | Summary: The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2012-1426 advisory. Vulnerability Insight: [2.6.32-279.14.1.el6] - [usb] usbhid: Fix use-after-free in USBHID (James Paradis) [864827 857518] - [usb] Add kernel parameter to force io_watchdog for Intel EHCI HCD (James Paradis) [865713 846024] - [block] Fix hanging kernel threads in blk_execute_rq() (James Paradis) [865308 855984] - [mm] hugetlb: do not use vma_hugecache_offset() for vma_prio_tree_foreach (Frederic Weisbecker) [843034 843035] {CVE-2012-2133} - [mm] hugepages: fix use after free bug in 'quota' handling (Frederic Weisbecker) [843034 843035] {CVE-2012-2133} - [mm] hugetlb: fix pgoff computation when unmapping page from vma (Frederic Weisbecker) [843034 843035] {CVE-2012-2133} - [mm] hugetlb: fix ENOSPC returned by handle_mm_fault() (Frederic Weisbecker) [843034 843035] {CVE-2012-2133} - [fs] gfs2: Write out dirty inode metadata in delayed deletes (Frantisek Hrbata) [859326 748827] - [usb] core: Fix device removal race condition (James Paradis) [864821 849188] - [mm] x86_32: fix SHLIB_BASE address typo (Aristeu S. Rozanski F) [804955 804956] {CVE-2012-1568} - [hid] hidraw: fix window in hidraw_release (Don Zickus) [841824 839973] - [hid] hidraw: protect hidraw_disconnect() better (Don Zickus) [841824 839973] - [hid] hidraw: remove excessive _EMERG messages from hidraw (Don Zickus) [841824 839973] - [hid] hidraw: fix hidraw_disconnect() (Don Zickus) [841824 839973] - [hid] fix a NULL pointer dereference in hidraw_write (Don Zickus) [841824 839973] - [hid] fix a NULL pointer dereference in hidraw_ioctl (Don Zickus) [841824 839973] - [hid] remove BKL from hidraw (Don Zickus) [841824 839973] - [mm] x86_32: randomize SHLIB_BASE (Aristeu Rozanski) [804955 804956] {CVE-2012-1568} - [block] fix up use after free in __blkdev_get (Jeff Moyer) [853943 847838] - [scsi] remove no longer valid BUG_ON in scsi_lld_busy (Jeff Garzik) [860640 842881] - [scsi] fix NULL request_queue in scsi_requeue_run_queue() (Jeff Garzik) [860640 842881] - [net] svcrpc: fix BUG() in svc_tcp_clear_pages (J. Bruce Fields) [856106 769045] - [scsi] lpfc: Fixed SCSI device reset escalation (Rob Evers) [861390 827566] - [scsi] lpfc: Fix abort status (Rob Evers) [861390 827566] - [kernel] cgroup: add cgroup_root_mutex (Frederic Weisbecker) [858954 844531] - [mm] Hold a file reference in madvise_remove (Jerome Marchand) [849738 849739] {CVE-2012-3511} - [base] driver-core: fix device_register race (Rob Evers) [860784 833098] - [netdrv] e1000e: drop check of RXCW.CW to eliminate link going up and down (Dean Nelson) [857055 847310] - [scsi] be2iscsi: Format the MAC_ADDR with sysfs (Rob Evers) [863147 827594] - [usb] usbdevfs: Add a USBDEVFS_GET_CAPABILITIES ioctl (Don Zickus) [841667 828271] - [fs] udf: fix return value on error path in udf_load_logicalvol (Nikola Pajkovsky) [843142 843143] {CVE-2012-3400} - [fs] udf: Improve table length check to avoid possible overflow (Nikola Pajkovsky) [843142 843143] {CVE-2012-3400} - [fs] udf: Fortify ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-1568 [oss-security] 20120320 Re: CVE request -- kernel: execshield: predictable ascii armour base address http://www.openwall.com/lists/oss-security/2012/03/20/4 [oss-security] 20120321 Re: CVE request -- kernel: execshield: predictable ascii armour base address http://openwall.com/lists/oss-security/2012/03/21/3 http://scarybeastsecurity.blogspot.com/2012/03/some-random-observations-on-linux-aslr.html https://bugzilla.redhat.com/show_bug.cgi?id=804947 https://oss.oracle.com/git/?p=redpatch.git%3Ba=commit%3Bh=302a4fc15aebf202b6dffd6c804377c6058ee6e4 Common Vulnerability Exposure (CVE) ID: CVE-2012-2133 53233 http://www.securityfocus.com/bid/53233 DSA-2469 http://www.debian.org/security/2012/dsa-2469 SUSE-SU-2012:0616 http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html [oss-security] 20120424 Re: CVE Request: use after free bug in "quota" handling in hugetlb code http://www.openwall.com/lists/oss-security/2012/04/24/12 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=90481622d75715bfcb68501280a917dbfe516029 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.6 https://bugzilla.redhat.com/show_bug.cgi?id=817430 https://github.com/torvalds/linux/commit/90481622d75715bfcb68501280a917dbfe516029 linux-kernel-hugepages-dos(75168) https://exchange.xforce.ibmcloud.com/vulnerabilities/75168 Common Vulnerability Exposure (CVE) ID: CVE-2012-3400 50506 http://secunia.com/advisories/50506 RHSA-2013:0594 http://rhn.redhat.com/errata/RHSA-2013-0594.html SUSE-SU-2015:0812 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html USN-1529-1 http://ubuntu.com/usn/usn-1529-1 USN-1555-1 http://www.ubuntu.com/usn/USN-1555-1 USN-1556-1 http://www.ubuntu.com/usn/USN-1556-1 USN-1557-1 http://www.ubuntu.com/usn/USN-1557-1 [oss-security] 20120709 Re: CVE Request: Stability fixes in UDF Logical Volume Descriptor handling http://www.openwall.com/lists/oss-security/2012/07/10/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1df2ae31c724e57be9d7ac00d78db8a5dabdd050 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=adee11b2085bee90bd8f4f52123ffb07882d6256 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5 https://bugzilla.redhat.com/show_bug.cgi?id=843139 https://github.com/torvalds/linux/commit/1df2ae31c724e57be9d7ac00d78db8a5dabdd050 https://github.com/torvalds/linux/commit/adee11b2085bee90bd8f4f52123ffb07882d6256 Common Vulnerability Exposure (CVE) ID: CVE-2012-3511 50633 http://secunia.com/advisories/50633 50732 http://secunia.com/advisories/50732 55055 http://secunia.com/advisories/55055 55151 http://www.securityfocus.com/bid/55151 USN-1567-1 http://www.ubuntu.com/usn/USN-1567-1 USN-1572-1 http://www.ubuntu.com/usn/USN-1572-1 USN-1577-1 http://www.ubuntu.com/usn/USN-1577-1 [oss-security] 20120820 Re: CVE Request -- kernel: mm: use-after-free in madvise_remove() http://www.openwall.com/lists/oss-security/2012/08/20/13 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9ab4233dd08036fe34a89c7dc6f47a8bf2eb29eb https://bugzilla.redhat.com/show_bug.cgi?id=849734 https://github.com/torvalds/linux/commit/9ab4233dd08036fe34a89c7dc6f47a8bf2eb29eb |
| Copyright | Copyright (C) 2015 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |