Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2016-3502)

Medium Nessus Plugin ID 87835


The remote Oracle Linux host is missing one or more security updates.


Description of changes:

- KEYS: Don't permit request_key() to construct a new keyring (David Howells) [Orabug: 22373449] {CVE-2015-7872}

- crypto: add missing crypto module aliases (Mathias Krause) [Orabug: 22249656] {CVE-2013-7421} {CVE-2014-9644}
- crypto: include crypto- module prefix in template (Kees Cook) [Orabug: 22249656] {CVE-2013-7421} {CVE-2014-9644}
- crypto: prefix module autoloading with 'crypto-' (Kees Cook) [Orabug: 22249656] {CVE-2013-7421} {CVE-2014-9644}

- KVM: x86: Don't report guest userspace emulation error to userspace (Nadav Amit) [Orabug: 22249615] {CVE-2010-5313} {CVE-2014-7842}

- msg_unlock() in wrong spot after applying 'Initialize msg/shm IPC objects before doing ipc_addid()' (Chuck Anderson) [Orabug: 22250044] {CVE-2015-7613} {CVE-2015-7613}

- ipc/sem.c: fully initialize sem_array before making it visible (Manfred Spraul) [Orabug: 22250044] {CVE-2015-7613}
- Initialize msg/shm IPC objects before doing ipc_addid() (Linus Torvalds) [Orabug: 22250044] {CVE-2015-7613}

- KVM: svm: unconditionally intercept #DB (Paolo Bonzini) [Orabug: 22333698] {CVE-2015-8104} {CVE-2015-8104}
- KVM: x86: work around infinite loop in microcode when #AC is delivered (Eric Northup) [Orabug: 22333689] {CVE-2015-5307} {CVE-2015-5307}

- mlx4_core: Introduce restrictions for PD update (Ajaykumar Hotchandani) - IPoIB: Drop priv->lock before calling ipoib_send() (Wengang Wang) - IPoIB: serialize changing on tx_outstanding (Wengang Wang) [Orabug: 21861366] - IB/mlx4: Implement IB_QP_CREATE_USE_GFP_NOIO (Jiri Kosina) - IB: Add a QP creation flag to use GFP_NOIO allocations (Or Gerlitz) - IB: Return error for unsupported QP creation flags (Or Gerlitz) - IB/ipoib: Calculate csum only when skb->ip_summed is CHECKSUM_PARTIAL (Yuval Shaia) [Orabug: 20873175]


Update the affected unbreakable enterprise kernel packages.

See Also

Plugin Details

Severity: Medium

ID: 87835

File Name: oraclelinux_ELSA-2016-3502.nasl

Version: $Revision: 2.3 $

Type: local

Agent: unix

Published: 2016/01/11

Modified: 2016/10/28

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:kernel-uek, p-cpe:/a:oracle:linux:kernel-uek-debug, p-cpe:/a:oracle:linux:kernel-uek-debug-devel, p-cpe:/a:oracle:linux:kernel-uek-devel, p-cpe:/a:oracle:linux:kernel-uek-doc, p-cpe:/a:oracle:linux:kernel-uek-firmware, cpe:/o:oracle:linux:5, cpe:/o:oracle:linux:6

Required KB Items: Host/local_checks_enabled, Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2016/01/09

Reference Information

CVE: CVE-2010-5313, CVE-2013-7421, CVE-2014-7842, CVE-2014-9644, CVE-2015-5307, CVE-2015-7613, CVE-2015-7872, CVE-2015-8104