Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.72583
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2012:1481
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory RHSA-2012:1481.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issue:

* A flaw was found in the way the Linux kernel's dl2k driver, used by
certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local,
unprivileged user could use this flaw to issue potentially harmful IOCTLs,
which could cause Ethernet adapters using the dl2k driver to malfunction
(for example, losing network connectivity). (CVE-2012-2313, Low)

Red Hat would like to thank Stephan Mueller for reporting this issue.

This update also fixes the following bugs:

* The QLogic netxen_nic driver has been upgraded to version 4.0.75, which
provides several bug fixes. This update also allows users to set speed and
automatic negotiation parameters for Gigabit Ethernet (GbE) ports. Note
that QLogic devices do not support half-duplex data transmission at the
moment. (BZ#865304)

* When the ext3_dx_add_entry() function had to split a directory index
node, it had to ensure that the name_len variable of the new dx_node's
fake_dirent structure was set to zero. Otherwise, the e2fsck tool did not
recognize it as an intermediate htree node and considered the htree node to
be corrupted. The dx_node's fake_dirent structure is now always explicitly
set to zero, which prevents the corruption in this scenario. (BZ#866548)

* Previously, the error cleanup logic was incorrect: once an error was
detected, the same error was reported on every polling cycle (the default
behavior is to poll every second). This caused an excessive amount of Error
Detection And Correction (EDAC) messages to be logged in the
/var/log/messages file. This update fixes the error cleanup logic, which
prevents the unnecessary messages from being logged. (BZ#866796)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2012-1481.html

Risk factor : Low

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-2313
BugTraq ID: 53965
http://www.securityfocus.com/bid/53965
HPdes Security Advisory: HPSBGN02970
http://marc.info/?l=bugtraq&m=139447903326211&w=2
http://www.openwall.com/lists/oss-security/2012/05/04/8
RedHat Security Advisories: RHSA-2012:1174
http://rhn.redhat.com/errata/RHSA-2012-1174.html
RedHat Security Advisories: RHSA-2012:1481
http://rhn.redhat.com/errata/RHSA-2012-1481.html
RedHat Security Advisories: RHSA-2012:1541
http://rhn.redhat.com/errata/RHSA-2012-1541.html
RedHat Security Advisories: RHSA-2012:1589
http://rhn.redhat.com/errata/RHSA-2012-1589.html
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.