Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2523)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote Oracle Linux host is missing one or more security updates.

Description :

Description of changes:

[2.6.39-400.23.1.el5uek]
- Parallel mtrr init between cpus (Zhenzhong Duan) [Orabug: 16777774]
- Merge tag 'v2.6.39-400.21.1.16748891' of
git://ca-git.us.oracle.com/linux-uek-2.6.39-ofed into uek-2.6.39-400
(Maxim Uvarov) [Orabug: 16748891]
- xen-blkfront: use a different scatterlist for each request (Roger Pau
Monne)
- Fix EN driver to work with newer FWs based on latest mlx4_core (Yuval
Shaia) [Orabug: 16748891]

[2.6.39-400.22.1.el5uek]
- block: default SCSI command filter does not accomodate commands
overlap across device classes (Jamie Iles) [Orabug: 16387137]
{CVE-2012-4542}
- Merge tag 'v2.6.39-400.21.1#bug16684527' of
git://ca-git.us.oracle.com/linux-joejin-public into
uek-2.6.39-400_errata (Maxim Uvarov) [Orabug: 16684527]
- KVM: x86: Convert MSR_KVM_SYSTEM_TIME to use gfn_to_hva_cache
functions (CVE-2013-1797) (Andy Honig) [Orabug: 16711660] {CVE-2013-1797}
- Bluetooth: Fix incorrect strncpy() in hidp_setup_hid() (Anderson
Lizardo) [Orabug: 16711065] {CVE-2013-0349}
- USB: io_ti: Fix NULL dereference in chase_port() (Wolfgang Frisch)
[Orabug: 16425358] {CVE-2013-1774}
- keys: fix race with concurrent install_user_keyrings() (David Howells)
[Orabug: 16493354] {CVE-2013-1792}
- KVM: Fix bounds checking in ioapic indirect register reads
(CVE-2013-1798) (Andy Honig) [Orabug: 16710951] {CVE-2013-1798}
- KVM: x86: fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME
(CVE-2013-1796) (Andy Honig) [Orabug: 16710806] {CVE-2013-1796}
- tmpfs: fix use-after-free of mempolicy object (Greg Thelen) [Orabug:
16515833] {CVE-2013-1767}
- procfs: do not confuse jiffies with cputime64_t (Andreas Schwab)
[Orabug: 16673925]
- procfs: do not overflow get_{idle,iowait}_time for nohz (Michal Hocko)
[Orabug: 16673925]
- xen/evtchn: Handle VIRQ_TIMER before any other hardirq in event loop.
(Keir Fraser) [Orabug: 16093126]
- Fix device removal NULL pointer dereference (Joe Jin) [Orabug: 16684527]
- put stricter guards on queue dead checks (James Bottomley) [Orabug:
16684527]

See also :

https://oss.oracle.com/pipermail/el-errata/2013-May/003458.html
https://oss.oracle.com/pipermail/el-errata/2013-May/003459.html

Solution :

Update the affected unbreakable enterprise kernel packages.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:A/AC:H/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.9
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false