Test ID:	1.3.6.1.4.1.25623.1.0.123916
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2012-0676)
Summary:	The remote host is missing an update for the 'kvm' package(s) announced via the ELSA-2012-0676 advisory.
Description:	Summary: The remote host is missing an update for the 'kvm' package(s) announced via the ELSA-2012-0676 advisory. Vulnerability Insight: [kvm-83-249.0.1.el5_8.4] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch [kvm-83-249.el5_8.4] - kvm-kernel-KVM-unmap-pages-from-the-iommu-when-slots-are-remove.patch [bz#814151] - CVE: CVE-2012-2121 - Resolves: bz#814151 (CVE-2012-2121 kvm: device assignment page leak [rhel-5.8]) [kvm-83-249.el5_8.3] - kvm-fix-l1_map-buffer-overflow.patch [bz#816207] - Resolves: bz#816207 (qemu-kvm segfault in tb_invalidate_phys_page_range()) [kvm-83-249.el5_8.2] - kvm-kernel-KVM-Ensure-all-vcpus-are-consistent-with-in-kernel-i.patch [bz#808205] - Resolves: bz#808205 (CVE-2012-1601 kernel: kvm: irqchip_in_kernel() and vcpu->arch.apic inconsistency [rhel-5.8.z]) [kvm-83-249.el5_8.1] - kvm-posix-aio-compat-fix-thread-accounting-leak.patch [bz#802429] - Resolves: bz#802429 ([RHEL5.8 Snapshot2]RHEL5.8 KVMGuest hung during Guest OS booting up) Affected Software/OS: 'kvm' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1601 1026897 http://www.securitytracker.com/id?1026897 49928 http://secunia.com/advisories/49928 DSA-2469 http://www.debian.org/security/2012/dsa-2469 RHSA-2012:0571 http://rhn.redhat.com/errata/RHSA-2012-0571.html RHSA-2012:0676 http://rhn.redhat.com/errata/RHSA-2012-0676.html SUSE-SU-2012:1679 https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html [oss-security] 20120329 Re: CVE request -- kernel: kvm: irqchip_in_kernel() and vcpu->arch.apic inconsistency http://www.openwall.com/lists/oss-security/2012/03/30/1 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.6 https://bugzilla.redhat.com/show_bug.cgi?id=808199 https://github.com/torvalds/linux/commit/9c895160d25a76c21b65bad141b08e8d4f99afef openSUSE-SU-2013:0925 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2012-2121 1027083 http://www.securitytracker.com/id?1027083 50732 http://secunia.com/advisories/50732 RHSA-2012:0743 http://rhn.redhat.com/errata/RHSA-2012-0743.html USN-1577-1 http://www.ubuntu.com/usn/USN-1577-1 USN-2036-1 http://www.ubuntu.com/usn/USN-2036-1 USN-2037-1 http://www.ubuntu.com/usn/USN-2037-1 [oss-security] 20120419 Re: CVE request -- kernel: kvm: device assignment page leak http://www.openwall.com/lists/oss-security/2012/04/19/16 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.4 https://bugzilla.redhat.com/show_bug.cgi?id=814149 https://github.com/torvalds/linux/commit/09ca8e1173bcb12e2a449698c9ae3b86a8a10195
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.