Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2011-2024)

This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.

Synopsis :

The remote Oracle Linux host is missing one or more security updates.

Description :

Description of changes:

- Revert change to restore DEFAULTKERNEL

- Add -u parameter to kernel_variant_post to make it work
properly for uek [orabug 12819958]

- Restore DEFAULTKERNEL value to 'kernel-uek' [orabug 12819958]

- make default kernel kernel-uek (Kevin Lyons) [orabug 12803424]

- SCSI: Fix oops dereferencing queue (Martin K. Petersen) [orabug 12741636]

- inet_diag: fix inet_diag_bc_audit() (Eric Dumazet) [CVE-2011-2213]

- block: export blk_{get,put}_queue() (Jens Axboe)
- [SCSI] Fix oops caused by queue refcounting failure (James Bottomley)
- [dm-mpath] maintain reference count for underlying devices (Martin K.

- [net] gre: fix netns vs proto registration ordering {CVE-2011-1767}
- [net] tunnels: fix netns vs proto registration ordering {CVE-2011-1768}
- [rps] don't free rx_queue until netdevice is freed (Dave Kleikamp)
[orabug 11071685]

- Add entropy generation to nics (John Sobecki) [10622900]
- [SCSI] compat_ioct: fix bsg SG_IO [orabug 12732464]
- ipc/sem.c: error path in try_atomic_semop() left spinlock locked

- update kabi

- block: Fix double free in blk_integrity_unregister [orabug 12707880]
- block: Make the integrity mapped property a bio flag [orabug 12707880]
- dm mpath: do not fail paths after integrity errors [orabug 12707880]
- dm ioctl: refactor dm_table_complete [orabug 12707880]
- block: Require subsystems to explicitly allocate bio_set integrity
mempool [orabug 12707880]
- dm: improve block integrity support [orabug 12707880]
- sd: Update protection mode strings [orabug 12707880]
- [SCSI] fix propogation of integrity errors [orabug 12707880]
- [SCSI] modify change_queue_depth to take in reason why it is being
called [orabug 12707880]
- [SCSI] scsi error: have scsi-ml call change_queue_depth to handle
QUEUE_FULL [orabug 12707880]
- [SCSI] add queue_depth ramp up code [orabug 12707880]
- [SCSI] scsi_dh: Change the scsidh_activate interface to be
asynchronous [orabug 12707880]
- [SCSI] add queue_depth ramp up code [orabug 12707880]
- [SCSI] scsi_dh: Change the scsidh_activate interface to be
asynchronous [orabug 12707880]
- SCSI: Updated RDAC device handler [orabug 12707880]
- [SCSI] scsi_dh: propagate SCSI device deletion [orabug 12707880]
- [SCSI] scsi_dh: fix reference counting in scsi_dh_activate error path
[orabug 12707880]
- qla2xxx: Driver update from QLogic [orabug 12707880]
- lpfc driver update from Emulex [orabug 12707880]
- Add Hydra (hxge) support [orabug 12314121]
- update hxge to 1.3.1 [orabug 12314121]
- Hide mwait, TSC invariance and MTRR capability in published CPUID

- [config] Revert 'Add some usb devices supported'
- [config] make all usb drivers part of the kernel.
- [fs] NFS: Don't SIGBUS if nfs_vm_page_mkwrite races with a cache
invalidation [orabug 10435482]

- [config] Add some usb devices supported.

- update kabi changes and revision to -200 series

See also :

Solution :

Update the affected unbreakable enterprise kernel packages.

Risk factor :

Medium / CVSS Base Score : 5.4

Family: Oracle Linux Local Security Checks

Nessus Plugin ID: 68420 ()

Bugtraq ID:

CVE ID: CVE-2011-1767