Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3514)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote Oracle Linux host is missing one or more security updates.

Description :

Description of changes:

kernel-uek
[4.1.12-61.1.27.el7uek]
- vfio/pci: Fix integer overflows, bitmask check (Vlad Tsyrklevich)
[Orabug: 25164094] {CVE-2016-9083} {CVE-2016-9084}
- Don't feed anything but regular iovec's to blk_rq_map_user_iov (Linus
Torvalds) [Orabug: 25231931] {CVE-2016-9576}
- kvm: x86: Check memopp before dereference (CVE-2016-8630) (Owen
Hofmann) [Orabug: 25417387] {CVE-2016-8630}
- crypto: algif_hash - Only export and import on sockets with data
(Herbert Xu) [Orabug: 25417799] {CVE-2016-8646}
- USB: usbfs: fix potential infoleak in devio (Kangjie Lu) [Orabug:
25462755] {CVE-2016-4482}
- net: fix infoleak in llc (Kangjie Lu) [Orabug: 25462799] {CVE-2016-4485}

[4.1.12-61.1.26.el7uek]
- xen-netback: fix extra_info handling in xenvif_tx_err() (Paul Durrant)
[Orabug: 25445336]
- net: Documentation: Fix default value tcp_limit_output_bytes (Niklas
Cassel) [Orabug: 25458076]
- tcp: double default TSQ output bytes limit (Wei Liu) [Orabug: 25458076]
- xenbus: fix deadlock on writes to /proc/xen/xenbus (David Vrabel)
[Orabug: 25430143]

See also :

https://oss.oracle.com/pipermail/el-errata/2017-February/006699.html
https://oss.oracle.com/pipermail/el-errata/2017-February/006700.html

Solution :

Update the affected unbreakable enterprise kernel packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: Oracle Linux Local Security Checks

Nessus Plugin ID: 97057 ()

Bugtraq ID:

CVE ID: CVE-2016-4482
CVE-2016-4485
CVE-2016-8630
CVE-2016-8646
CVE-2016-9083
CVE-2016-9084
CVE-2016-9576

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now