Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2015)

High Nessus Plugin ID 68416

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 6.7

Synopsis

The remote Oracle Linux host is missing one or more security updates.

Description

Description of changes:

[2.6.32-100.28.15.el6]
- sctp: fix to calc the INIT/INIT-ACK chunk length correctly is set {CVE-2011-1573}
- dccp: fix oops on Reset after close {CVE-2011-1093}
- bridge: netfilter: fix information leak {CVE-2011-1080}
- Bluetooth: bnep: fix buffer overflow
- net: don't allow CAP_NET_ADMIN to load non-netdev kernel modules {CVE-2011-1019}
- ipip: add module alias for tunl0 tunnel device
- gre: add module alias for gre0 tunnel device
- drm/radeon/kms: check AA resolve registers on r300 {CVE-2011-1016}
- drm/radeon: fix regression with AA resolve checking {CVE-2011-1016}
- drm: fix unsigned vs signed comparison issue in modeset ctl ioctl {CVE-2011-1013}
- proc: protect mm start_code/end_code in /proc/pid/stat {CVE-2011-0726}
- ALSA: caiaq - Fix possible string-buffer overflow {CVE-2011-0712}
- xfs: zero proper structure size for geometry calls {CVE-2011-0711}
- xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1 {CVE-2011-0711}
- ima: fix add LSM rule bug {CVE-2011-0006}
- IB/uverbs: Handle large number of entries in poll CQ {CVE-2010-4649, CVE-2011-1044}
- CAN: Use inode instead of kernel address for /proc file {CVE-2010-4565}

[2.6.32-100.28.14.el6]
- IB/qib: fix qib compile warning.
- IB/core: Allow device-specific per-port sysfs files.
- dm crypt: add plain64 iv.
- firmware: add firmware for qib.
- Infiniband: Add QLogic PCIe QLE InfiniBand host channel adapters support.

Solution

Update the affected unbreakable enterprise kernel packages.

See Also

https://oss.oracle.com/pipermail/el-errata/2011-May/002134.html

https://oss.oracle.com/pipermail/el-errata/2011-May/002135.html

Plugin Details

Severity: High

ID: 68416

File Name: oraclelinux_ELSA-2011-2015.nasl

Version: 1.12

Type: local

Agent: unix

Published: 2013/07/12

Updated: 2019/10/25

Dependencies: 122878, 12634

Risk Information

Risk Factor: High

VPR Score: 6.7

CVSS v2.0

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:kernel-uek, p-cpe:/a:oracle:linux:kernel-uek-debug, p-cpe:/a:oracle:linux:kernel-uek-debug-devel, p-cpe:/a:oracle:linux:kernel-uek-devel, p-cpe:/a:oracle:linux:kernel-uek-doc, p-cpe:/a:oracle:linux:kernel-uek-firmware, p-cpe:/a:oracle:linux:kernel-uek-headers, p-cpe:/a:oracle:linux:ofa-2.6.32-100.28.15.el5, p-cpe:/a:oracle:linux:ofa-2.6.32-100.28.15.el5debug, cpe:/o:oracle:linux:5, cpe:/o:oracle:linux:6

Required KB Items: Host/local_checks_enabled, Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2011/05/12

Vulnerability Publication Date: 2010/12/29

Reference Information

CVE: CVE-2010-4565, CVE-2010-4649, CVE-2011-0006, CVE-2011-0711, CVE-2011-0712, CVE-2011-0726, CVE-2011-1013, CVE-2011-1016, CVE-2011-1019, CVE-2011-1044, CVE-2011-1080, CVE-2011-1093, CVE-2011-1573