Test ID:	1.3.6.1.4.1.25623.1.1.4.2012.1708.1
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory (SUSE-SU-2012:1708-1)
Summary:	The remote host is missing an update for the 'ofed' package(s) announced via the SUSE-SU-2012:1708-1 advisory.
Description:	Summary: The remote host is missing an update for the 'ofed' package(s) announced via the SUSE-SU-2012:1708-1 advisory. Vulnerability Insight: This update of ofed fixed multiple issues (including security related flaws): * sdp: move histogram allocation from stack to heap (bnc#706175) * cma: Fix crash in request handlers (bnc#678795, CVE-2011-0695) * rds: set correct msg_namelen (bnc#773383, CVE-2012-3430) * cm: Bump reference count on cm_id before invoking (bnc#678795, CVE-2011-0695) * sdp / ipath: Added fixes for 64bit divide on 32bit builds * updated Infiniband sysconfig file to match openibd (bnc#721597) Security Issue reference: * CVE-2012-3430 > Affected Software/OS: 'ofed' package(s) on SUSE Linux Enterprise Server 10-SP4. Solution: Please install the updated package(s). CVSS Score: 5.7 CVSS Vector: AV:A/AC:M/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0695 43693 http://secunia.com/advisories/43693 46839 http://www.securityfocus.com/bid/46839 RHSA-2011:0927 http://rhn.redhat.com/errata/RHSA-2011-0927.html USN-1146-1 http://www.ubuntu.com/usn/USN-1146-1 [linux-rdma] 20110223 [PATCH 1/2] rdma/cm: Fix crash in request handlers http://www.spinics.net/lists/linux-rdma/msg07447.html [linux-rdma] 20110223 [PATCH 2/2] ib/cm: Bump reference count on cm_id before invoking callback http://www.spinics.net/lists/linux-rdma/msg07448.html [oss-security] 20110311 CVE-2011-0695 kernel: panic in ib_cm:cm_work_handler http://www.openwall.com/lists/oss-security/2011/03/11/1 kernel-infiniband-dos(66056) https://exchange.xforce.ibmcloud.com/vulnerabilities/66056 Common Vulnerability Exposure (CVE) ID: CVE-2012-3430 50633 http://secunia.com/advisories/50633 50732 http://secunia.com/advisories/50732 50811 http://secunia.com/advisories/50811 RHSA-2012:1323 http://rhn.redhat.com/errata/RHSA-2012-1323.html SUSE-SU-2012:1679 https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html USN-1567-1 http://www.ubuntu.com/usn/USN-1567-1 USN-1568-1 http://www.ubuntu.com/usn/USN-1568-1 USN-1572-1 http://www.ubuntu.com/usn/USN-1572-1 USN-1575-1 http://www.ubuntu.com/usn/USN-1575-1 USN-1577-1 http://www.ubuntu.com/usn/USN-1577-1 USN-1578-1 http://www.ubuntu.com/usn/USN-1578-1 USN-1579-1 http://www.ubuntu.com/usn/USN-1579-1 USN-1580-1 http://www.ubuntu.com/usn/USN-1580-1 [oss-security] 20120726 Re: CVE Request -- kernel: recv{from,msg}() on an rds socket can leak kernel memory http://www.openwall.com/lists/oss-security/2012/07/26/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=06b6a1cf6e776426766298d055bb3991957d90a7 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.44 https://bugzilla.redhat.com/show_bug.cgi?id=820039 https://github.com/torvalds/linux/commit/06b6a1cf6e776426766298d055bb3991957d90a7
Copyright	Copyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.