Oracle Linux 5 : kernel (ELSA-2015-0783)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote Oracle Linux host is missing one or more security updates.

Description :

From Red Hat Security Advisory 2015:0783 :

Updated kernel packages that fix two security issues and two bugs are
now available for Red Hat Enterprise Linux 5.

Red Hat Product Security has rated this update as having Important
security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

* It was found that the Linux kernel's Infiniband subsystem did not
properly sanitize input parameters while registering memory regions
from user space via the (u)verbs API. A local user with access to a
/dev/infiniband/uverbsX device could use this flaw to crash the system
or, potentially, escalate their privileges on the system.
(CVE-2014-8159, Important)

* An insufficient bound checking flaw was found in the Xen
hypervisor's implementation of acceleration support for the 'REP MOVS'
instructions. A privileged HVM guest user could potentially use this
flaw to crash the host. (CVE-2014-8867, Important)

Red Hat would like to thank Mellanox for reporting CVE-2014-8159, and
the Xen project for reporting CVE-2014-8867.

This update also fixes the following bugs :

* Under memory pressure, cached data was previously flushed to the
backing server using the PID of the thread responsible for flushing
the data in the Server Message Block (SMB) headers instead of the PID
of the thread which actually wrote the data. As a consequence, when a
file was locked by the writing thread prior to writing, the server
considered writes by the thread flushing the pagecache as being a
separate process from writing to a locked file, and thus rejected the
writes. In addition, the data to be written was discarded. This update
ensures that the correct PID is sent to the server, and data
corruption is avoided when data is being written from a client under
memory pressure. (BZ#1169304)

* This update adds support for new cryptographic hardware in
toleration mode for IBM System z. (BZ#1182522)

All kernel users are advised to upgrade to these updated packages,
which contain backported patches to correct these issues. The system
must be rebooted for this update to take effect.

See also :

https://oss.oracle.com/pipermail/el-errata/2015-April/004985.html

Solution :

Update the affected kernel packages.

Risk factor :

Medium / CVSS Base Score : 6.9
(CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 4.8
(CVSS2#E:U/RL:OF/RC:UR)
Public Exploit Available : false

Family: Oracle Linux Local Security Checks

Nessus Plugin ID: 82688 ()

Bugtraq ID: 71331
73060

CVE ID: CVE-2014-8159
CVE-2014-8867

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now