Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2025)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote Oracle Linux host is missing one or more security updates.

Description :

Description of changes:

[2.6.32-200.19.1.el5uek]
- Apply new fix for CVE-2011-1576.

[2.6.32-200.18.1.el5uek]
- Revert 'proc: fix a race in do_io_accounting'

[2.6.32-200.17.1.el5uek]
- net: Fix memory leak/corruption on VLAN GRO_DROP {CVE-2011-1576}
- iommu-api: Extension to check for interrupt remapping {CVE-2011-1898}
- KVM: IOMMU: Disable device assignment without interrupt remapping
{CVE-2011-1898}
- ext4: Fix max file size and logical block counting of extent format
file {CVE-2011-2695}
- nl80211: fix overflow in ssid_len {CVE-2011-2517}
- Bluetooth: Prevent buffer overflow in l2cap config request {CVE-2011-2497}
- proc: fix a race in do_io_accounting() {CVE-2011-2495}

See also :

https://oss.oracle.com/pipermail/el-errata/2011-August/002306.html
https://oss.oracle.com/pipermail/el-errata/2011-August/002305.html

Solution :

Update the affected unbreakable enterprise kernel packages.

Risk factor :

High / CVSS Base Score : 8.3
(CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C)

Family: Oracle Linux Local Security Checks

Nessus Plugin ID: 68421 ()

Bugtraq ID:

CVE ID: CVE-2011-1576
CVE-2011-1898
CVE-2011-2183
CVE-2011-2491
CVE-2011-2492
CVE-2011-2495
CVE-2011-2497
CVE-2011-2517
CVE-2011-2695