Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2015-3004)

Medium Nessus Plugin ID 81101


The remote Oracle Linux host is missing one or more security updates.


Description of changes:

- net: sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet (Daniel Borkmann) [Orabug: 20425333] {CVE-2014-7841}

- sched: Fix possible divide by zero in avg_atom() calculation (Mateusz Guzik) [Orabug: 20148169]
- include/linux/math64.h: add div64_ul() (Alex Shi)
- deadlock when two nodes are converting same lock from PR to EX and idletimeout closes conn (Tariq Saeed) [Orabug: 18639535]
- bonding: Bond master should reflect slave's features. (Ashish Samant) [Orabug: 20231825]
- x86, fpu: remove the logic of non-eager fpu mem allocation at the first usage (Annie Li) [Orabug: 20239143]
- x86, fpu: remove cpu_has_xmm check in the fx_finit() (Suresh Siddha) [Orabug: 20239143]
- x86, fpu: make eagerfpu= boot param tri-state (Suresh Siddha) [Orabug: 20239143]
- x86, fpu: enable eagerfpu by default for xsaveopt (Suresh Siddha) [Orabug: 20239143]
- x86, fpu: decouple non-lazy/eager fpu restore from xsave (Suresh Siddha) [Orabug: 20239143]
- x86, fpu: use non-lazy fpu restore for processors supporting xsave (Suresh Siddha) [Orabug: 20239143]
- lguest, x86: handle guest TS bit for lazy/non-lazy fpu host models (Suresh Siddha) [Orabug: 20239143]
- x86, fpu: always use kernel_fpu_begin/end() for in-kernel FPU usage (Suresh Siddha) [Orabug: 20239143]
- x86, kvm: use kernel_fpu_begin/end() in kvm_load/put_guest_fpu() (Suresh Siddha) [Orabug: 20239143]
- x86, fpu: remove unnecessary user_fpu_end() in save_xstate_sig() (Suresh Siddha) [Orabug: 20239143]
- raid5: add AVX optimized RAID5 checksumming (Jim Kukunas) [Orabug: 20239143]
- x86, fpu: drop the fpu state during thread exit (Suresh Siddha) [Orabug: 20239143]
- x32: Add a thread flag for x32 processes (H. Peter Anvin) [Orabug: 20239143]
- x86, fpu: Unify signal handling code paths for x86 and x86_64 kernels (Suresh Siddha) [Orabug: 20239143]
- x86, fpu: Consolidate inline asm routines for saving/restoring fpu state (Suresh Siddha) [Orabug: 20239143]
- x86, signal: Cleanup ifdefs and is_ia32, is_x32 (Suresh Siddha) [Orabug: 20239143] into exported and internal interfaces (Linus Torvalds) [Orabug: 20239143]
- i387: Uninline the generic FP helpers that we expose to kernel modules (Linus Torvalds) [Orabug: 20239143]
- i387: use 'restore_fpu_checking()' directly in task switching code (Linus Torvalds) [Orabug: 20239143]
- i387: fix up some fpu_counter confusion (Linus Torvalds) [Orabug: 20239143]


Update the affected unbreakable enterprise kernel packages.

See Also

Plugin Details

Severity: Medium

ID: 81101

File Name: oraclelinux_ELSA-2015-3004.nasl

Version: $Revision: 1.6 $

Type: local

Agent: unix

Published: 2015/01/30

Modified: 2015/12/01

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:kernel-uek, p-cpe:/a:oracle:linux:kernel-uek-debug, p-cpe:/a:oracle:linux:kernel-uek-debug-devel, p-cpe:/a:oracle:linux:kernel-uek-devel, p-cpe:/a:oracle:linux:kernel-uek-doc, p-cpe:/a:oracle:linux:kernel-uek-firmware, cpe:/o:oracle:linux:5, cpe:/o:oracle:linux:6

Required KB Items: Host/local_checks_enabled, Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2015/01/29

Reference Information

CVE: CVE-2014-7841

BID: 71081