English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.882159
Category:CentOS Local Security Checks
Title:CentOS Update for kernel CESA-2015:0783 centos5
Summary:Check the version of kernel
Description:Summary:
Check the version of kernel

Vulnerability Insight:
The kernel packages contain the Linux
kernel, the core of any Linux operating system.

* It was found that the Linux kernel's Infiniband subsystem did not
properly sanitize input parameters while registering memory regions from
user space via the (u)verbs API. A local user with access to a
/dev/infiniband/uverbsX device could use this flaw to crash the system or,
potentially, escalate their privileges on the system. (CVE-2014-8159,
Important)

* An insufficient bound checking flaw was found in the Xen hypervisor's
implementation of acceleration support for the 'REP MOVS' instructions.
A privileged HVM guest user could potentially use this flaw to crash the
host. (CVE-2014-8867, Important)

Red Hat would like to thank Mellanox for reporting CVE-2014-8159, and the
Xen project for reporting CVE-2014-8867.

This update also fixes the following bugs:

* Under memory pressure, cached data was previously flushed to the backing
server using the PID of the thread responsible for flushing the data in the
Server Message Block (SMB) headers instead of the PID of the thread which
actually wrote the data. As a consequence, when a file was locked by the
writing thread prior to writing, the server considered writes by the thread
flushing the pagecache as being a separate process from writing to a locked
file, and thus rejected the writes. In addition, the data to be written was
discarded. This update ensures that the correct PID is sent to the server,
and data corruption is avoided when data is being written from a client
under memory pressure. (BZ#1169304)

* This update adds support for new cryptographic hardware in toleration
mode for IBM System z. (BZ#1182522)

All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.

Affected Software/OS:
kernel on CentOS 5

Solution:
Please install the updated packages.

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-8159
1032224
http://www.securitytracker.com/id/1032224
73060
http://www.securityfocus.com/bid/73060
DSA-3237
http://www.debian.org/security/2015/dsa-3237
FEDORA-2015-4066
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152747.html
RHSA-2015:0674
http://rhn.redhat.com/errata/RHSA-2015-0674.html
RHSA-2015:0695
http://rhn.redhat.com/errata/RHSA-2015-0695.html
RHSA-2015:0726
http://rhn.redhat.com/errata/RHSA-2015-0726.html
RHSA-2015:0751
http://rhn.redhat.com/errata/RHSA-2015-0751.html
RHSA-2015:0782
http://rhn.redhat.com/errata/RHSA-2015-0782.html
RHSA-2015:0783
http://rhn.redhat.com/errata/RHSA-2015-0783.html
RHSA-2015:0803
http://rhn.redhat.com/errata/RHSA-2015-0803.html
RHSA-2015:0870
http://rhn.redhat.com/errata/RHSA-2015-0870.html
RHSA-2015:0919
http://rhn.redhat.com/errata/RHSA-2015-0919.html
SUSE-SU-2015:1478
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
SUSE-SU-2015:1487
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html
SUSE-SU-2015:1488
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html
SUSE-SU-2015:1489
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html
SUSE-SU-2015:1491
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html
USN-2525-1
http://www.ubuntu.com/usn/USN-2525-1
USN-2526-1
http://www.ubuntu.com/usn/USN-2526-1
USN-2527-1
http://www.ubuntu.com/usn/USN-2527-1
USN-2528-1
http://www.ubuntu.com/usn/USN-2528-1
USN-2529-1
http://www.ubuntu.com/usn/USN-2529-1
USN-2530-1
http://www.ubuntu.com/usn/USN-2530-1
USN-2561-1
http://www.ubuntu.com/usn/USN-2561-1
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
https://bugzilla.redhat.com/show_bug.cgi?id=1181166
Common Vulnerability Exposure (CVE) ID: CVE-2014-8867
BugTraq ID: 71331
http://www.securityfocus.com/bid/71331
Debian Security Information: DSA-3140 (Google Search)
http://www.debian.org/security/2015/dsa-3140
https://security.gentoo.org/glsa/201504-04
RedHat Security Advisories: RHSA-2015:0783
http://secunia.com/advisories/59949
http://secunia.com/advisories/62672
SuSE Security Announcement: openSUSE-SU-2015:0226 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html
SuSE Security Announcement: openSUSE-SU-2015:0256 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.