ID CVE-2014-8173
Summary The pmd_none_or_trans_huge_or_clear_bad function in include/asm-generic/pgtable.h in the Linux kernel before 3.13 on NUMA systems does not properly determine whether a Page Middle Directory (PMD) entry is a transparent huge-table entry, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted MADV_WILLNEED madvise system call that leverages the absence of a page-table lock.
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:3.12.9:-:-:-:-:-:numa_systems
    cpe:2.3:o:linux:linux_kernel:3.12.9:-:-:-:-:-:numa_systems
CVSS
Base: 7.2 (as of 19-11-2015 - 12:22)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2015-3014.NASL
    description Description of changes: [2.6.39-400.248.3.el6uek] - kvm: fix excessive pages un-pinning in kvm_iommu_map error path. (Quentin Casasnovas) [Orabug: 20687314] {CVE-2014-3601} {CVE-2014-8369} {CVE-2014-3601} - Revert 'mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support' (Guangyu Sun) [Orabug: 20673281] {CVE-2014-8173} [2.6.39-400.248.2.el6uek] - netfilter: conntrack: disable generic tracking for known protocols (Florian Westphal) [Orabug: 20679630] {CVE-2014-8160} - mac80211: fix fragmentation code, particularly for encryption (Johannes Berg) [Orabug: 20673313] {CVE-2014-8709} - mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support (Kirill A. Shutemov) [Orabug: 20673282] {CVE-2014-8173} - tracing/syscalls: Ignore numbers outside NR_syscalls' range (Rabin Vincent) [Orabug: 20673164] {CVE-2014-7825} {CVE-2014-7826} - tracing/syscalls: Fix perf syscall tracing when syscall_nr == -1 (Will Deacon) [Orabug: 20673164] {CVE-2014-7825} {CVE-2014-7826} [2.6.39-400.248.1.el6uek] - NVMe: Disable pci before clearing queue (Keith Busch) [Orabug: 20533100] - x86, fpu: disable eagerfpu by default (Santosh Shilimkar) [Orabug: 20521543]
    last seen 2019-02-21
    modified 2015-12-01
    plugin id 81872
    published 2015-03-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81872
    title Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2015-3014)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2015-0694.NASL
    description Updated kernel-rt packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's XFS file system handled replacing of remote attributes under certain conditions. A local user with access to XFS file system mount could potentially use this flaw to escalate their privileges on the system. (CVE-2015-0274, Important) * A flaw was found in the way the Linux kernel's splice() system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system. (CVE-2014-7822, Moderate) * A race condition flaw was found in the Linux kernel's ext4 file system implementation that allowed a local, unprivileged user to crash the system by simultaneously writing to a file and toggling the O_DIRECT flag using fcntl(F_SETFL) on that file. (CVE-2014-8086, Moderate) * It was found that due to excessive files_lock locking, a soft lockup could be triggered in the Linux kernel when performing asynchronous I/O operations. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-8172, Moderate) * A NULL pointer dereference flaw was found in the way the Linux kernel's madvise MADV_WILLNEED functionality handled page table locking. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-8173, Moderate) Red Hat would like to thank Eric Windisch of the Docker project for reporting CVE-2015-0274, and Akira Fujita of NEC for reporting CVE-2014-7822. Bug fixes : * A patch removing the xt_connlimit revision zero ABI was not reverted in the kernel-rt package, which caused problems because the iptables package requires this revision. A patch to remove the xt_connlimit revision 0 was reverted from the kernel-rt sources to allow the iptables command to execute correctly. (BZ#1169755) * With an older Mellanox Connect-IB (mlx4) driver present in the MRG Realtime kernel, a race condition could occur that would cause a loss of connection. The mlx4 driver was updated, resolving the race condition and allowing proper connectivity. (BZ#1182246) * The MRG Realtime kernel did not contain the appropriate code to resume after a device failed, causing the volume status after a repair to not be properly updated. A 'refresh needed' was still listed in the 'lvs' output after executing the 'lvchange --refresh' command. A patch was added that adds the ability to correctly restore a transiently failed device upon resume. (BZ#1159803) * The sosreport executable would hang when reading /proc/net/rpc/use-gss-proxy because of faulty wait_queue logic in the proc handler. This wait_queue logic was removed from the proc handler, allowing the reads to correctly return the current state. (BZ#1169900) Enhancements : * The MRG Realtime kernel-rt sources have been modified to take advantage of the updated 3.10 kernel sources that are available with the Red Hat Enterprise Linux 7 releases. (BZ#1172844) * The MRG Realtime version of the e1000e driver has been updated to provide support for the Intel I218-LM network adapter. (BZ#1191767) * The MRG Realtime kernel was updated to provide support for the Mellanox Connect-IB (mlx5). (BZ#1171363) * The rt-firmware package has been updated to provide additional firmware files required by the new version of the Red Hat Enterprise MRG 2.5 kernel (BZ#1184251) All kernel-rt users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 81905
    published 2015-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81905
    title RHEL 6 : MRG (RHSA-2015:0694)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2015-3013.NASL
    description Description of changes: kernel-uek [3.8.13-55.1.8.el7uek] - kvm: fix excessive pages un-pinning in kvm_iommu_map error path. (Quentin Casasnovas) [Orabug: 20687313] {CVE-2014-3601} {CVE-2014-8369} {CVE-2014-3601} [3.8.13-55.1.7.el7uek] - ttusb-dec: buffer overflow in ioctl (Dan Carpenter) [Orabug: 20673376] {CVE-2014-8884} - mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support (Kirill A. Shutemov) [Orabug: 20673281] {CVE-2014-8173} - netfilter: conntrack: disable generic tracking for known protocols (Florian Westphal) [Orabug: 20673239] {CVE-2014-8160} - tracing/syscalls: Ignore numbers outside NR_syscalls' range (Rabin Vincent) [Orabug: 20673163] {CVE-2014-7826}
    last seen 2019-02-21
    modified 2015-12-01
    plugin id 81871
    published 2015-03-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81871
    title Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2015-3013)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2015-0034.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - kvm: fix excessive pages un-pinning in kvm_iommu_map error path. (Quentin Casasnovas) [Orabug: 20687313] (CVE-2014-3601) (CVE-2014-8369) (CVE-2014-3601) - ttusb-dec: buffer overflow in ioctl (Dan Carpenter) [Orabug: 20673376] (CVE-2014-8884) - mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support (Kirill A. Shutemov) [Orabug: 20673281] (CVE-2014-8173) - netfilter: conntrack: disable generic tracking for known protocols (Florian Westphal) [Orabug: 20673239] (CVE-2014-8160) - tracing/syscalls: Ignore numbers outside NR_syscalls' range (Rabin Vincent) [Orabug: 20673163] (CVE-2014-7826) - uek-rpm: ol7: update update-el to 7.1 (Guangyu Sun) [Orabug: 20524579]
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 81904
    published 2015-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81904
    title OracleVM 3.3 : kernel-uek (OVMSA-2015-0034)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2015-3012.NASL
    description The remote Oracle Linux host is missing a security update for the Unbreakable Enterprise kernel package(s).
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 81966
    published 2015-03-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81966
    title Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2015-3012)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20150305_KERNEL_ON_SL7_X.NASL
    description * A flaw was found in the way the Linux kernel's XFS file system handled replacing of remote attributes under certain conditions. A local user with access to XFS file system mount could potentially use this flaw to escalate their privileges on the system. (CVE-2015-0274, Important) * It was found that the Linux kernel's KVM implementation did not ensure that the host CR4 control register value remained unchanged across VM entries on the same virtual CPU. A local, unprivileged user could use this flaw to cause denial of service on the system. (CVE-2014-3690, Moderate) * A flaw was found in the way Linux kernel's Transparent Huge Pages (THP) implementation handled non-huge page migration. A local, unprivileged user could use this flaw to crash the kernel by migrating transparent hugepages. (CVE-2014-3940, Moderate) * An out-of-bounds memory access flaw was found in the syscall tracing functionality of the Linux kernel's perf subsystem. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-7825, Moderate) * An out-of-bounds memory access flaw was found in the syscall tracing functionality of the Linux kernel's ftrace subsystem. On a system with ftrace syscall tracing enabled, a local, unprivileged user could use this flaw to crash the system, or escalate their privileges. (CVE-2014-7826, Moderate) * A race condition flaw was found in the Linux kernel's ext4 file system implementation that allowed a local, unprivileged user to crash the system by simultaneously writing to a file and toggling the O_DIRECT flag using fcntl(F_SETFL) on that file. (CVE-2014-8086, Moderate) * A flaw was found in the way the Linux kernel's netfilter subsystem handled generic protocol tracking. As demonstrated in the Stream Control Transmission Protocol (SCTP) case, a remote attacker could use this flaw to bypass intended iptables rule restrictions when the associated connection tracking module was not loaded on the system. (CVE-2014-8160, Moderate) * It was found that due to excessive files_lock locking, a soft lockup could be triggered in the Linux kernel when performing asynchronous I/O operations. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-8172, Moderate) * A NULL pointer dereference flaw was found in the way the Linux kernel's madvise MADV_WILLNEED functionality handled page table locking. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-8173, Moderate) * An information leak flaw was found in the Linux kernel's IEEE 802.11 wireless networking implementation. When software encryption was used, a remote attacker could use this flaw to leak up to 8 bytes of plaintext. (CVE-2014-8709, Low) * A stack-based buffer overflow flaw was found in the TechnoTrend/Hauppauge DEC USB device driver. A local user with write access to the corresponding device could use this flaw to crash the kernel or, potentially, elevate their privileges on the system. (CVE-2014-8884, Low) * Users of kernel modules may need to upgrade the module to maintain compatibility. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 82254
    published 2015-03-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82254
    title Scientific Linux Security Update : kernel on SL7.x x86_64
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2015-0290.NASL
    description Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 7. This is the first regular update. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's XFS file system handled replacing of remote attributes under certain conditions. A local user with access to XFS file system mount could potentially use this flaw to escalate their privileges on the system. (CVE-2015-0274, Important) * It was found that the Linux kernel's KVM implementation did not ensure that the host CR4 control register value remained unchanged across VM entries on the same virtual CPU. A local, unprivileged user could use this flaw to cause denial of service on the system. (CVE-2014-3690, Moderate) * A flaw was found in the way Linux kernel's Transparent Huge Pages (THP) implementation handled non-huge page migration. A local, unprivileged user could use this flaw to crash the kernel by migrating transparent hugepages. (CVE-2014-3940, Moderate) * An out-of-bounds memory access flaw was found in the syscall tracing functionality of the Linux kernel's perf subsystem. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-7825, Moderate) * An out-of-bounds memory access flaw was found in the syscall tracing functionality of the Linux kernel's ftrace subsystem. On a system with ftrace syscall tracing enabled, a local, unprivileged user could use this flaw to crash the system, or escalate their privileges. (CVE-2014-7826, Moderate) * A race condition flaw was found in the Linux kernel's ext4 file system implementation that allowed a local, unprivileged user to crash the system by simultaneously writing to a file and toggling the O_DIRECT flag using fcntl(F_SETFL) on that file. (CVE-2014-8086, Moderate) * A flaw was found in the way the Linux kernel's netfilter subsystem handled generic protocol tracking. As demonstrated in the Stream Control Transmission Protocol (SCTP) case, a remote attacker could use this flaw to bypass intended iptables rule restrictions when the associated connection tracking module was not loaded on the system. (CVE-2014-8160, Moderate) * It was found that due to excessive files_lock locking, a soft lockup could be triggered in the Linux kernel when performing asynchronous I/O operations. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-8172, Moderate) * A NULL pointer dereference flaw was found in the way the Linux kernel's madvise MADV_WILLNEED functionality handled page table locking. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-8173, Moderate) * An information leak flaw was found in the Linux kernel's IEEE 802.11 wireless networking implementation. When software encryption was used, a remote attacker could use this flaw to leak up to 8 bytes of plaintext. (CVE-2014-8709, Low) * A stack-based buffer overflow flaw was found in the TechnoTrend/Hauppauge DEC USB device driver. A local user with write access to the corresponding device could use this flaw to crash the kernel or, potentially, elevate their privileges on the system. (CVE-2014-8884, Low) Red Hat would like to thank Eric Windisch of the Docker project for reporting CVE-2015-0274, Andy Lutomirski for reporting CVE-2014-3690, and Robert Swiecki for reporting CVE-2014-7825 and CVE-2014-7826. This update also fixes several hundred bugs and adds numerous enhancements. Refer to the Red Hat Enterprise Linux 7.1 Release Notes for information on the most significant of these changes, and the following Knowledgebase article for further information: https://access.redhat.com/articles/1352803 All Red Hat Enterprise Linux 7 users are advised to install these updated packages, which correct these issues and add these enhancements. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 81626
    published 2015-03-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81626
    title RHEL 7 : kernel (RHSA-2015:0290)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-301.NASL
    description The Linux kernel was updated to fix various bugs and security issues. Following security issues were fixed : - CVE-2014-8173: A NULL pointer dereference flaw was found in the way the Linux kernels madvise MADV_WILLNEED functionality handled page table locking. A local, unprivileged user could have used this flaw to crash the system. - CVE-2015-1593: A integer overflow reduced the effectiveness of the stack randomization on 64-bit systems. - CVE-2014-7822: A flaw was found in the way the Linux kernels splice() system call validated its parameters. On certain file systems, a local, unprivileged user could have used this flaw to write past the maximum file size, and thus crash the system. - CVE-2014-9419: The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel did not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which made it easier for local users to bypass the ASLR protection mechanism via a crafted application that reads a TLS base address. - CVE-2014-8134: The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel used an improper paravirt_enabled setting for KVM guest kernels, which made it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value. - CVE-2014-8160: net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel generated incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allowed remote attackers to bypass intended access restrictions via packets with disallowed port numbers. - CVE-2014-9529: Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key. - CVE-2014-8559: The d_walk function in fs/dcache.c in the Linux kernel through did not properly maintain the semantics of rename_lock, which allowed local users to cause a denial of service (deadlock and system hang) via a crafted application. - CVE-2014-9420: The rock_continue function in fs/isofs/rock.c in the Linux kernel did not restrict the number of Rock Ridge continuation entries, which allowed local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image. - CVE-2014-9584: The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel did not validate a length value in the Extensions Reference (ER) System Use Field, which allowed local users to obtain sensitive information from kernel memory via a crafted iso9660 image. - CVE-2014-9585: The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel did not properly choose memory locations for the vDSO area, which made it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD. Following bugs were fixed : - HID: usbhid: enable always-poll quirk for Elan Touchscreen 0103 (bnc#920901). - HID: usbhid: enable always-poll quirk for Elan Touchscreen 016f (bnc#920901). - HID: usbhid: enable always-poll quirk for Elan Touchscreen 009b (bnc#920901). - HID: usbhid: add another mouse that needs QUIRK_ALWAYS_POLL (bnc#920901). - HID: usbhid: fix PIXART optical mouse (bnc#920901). - HID: usbhid: enable always-poll quirk for Elan Touchscreen (bnc#920901). - HID: usbhid: add always-poll quirk (bnc#920901). - storvsc: ring buffer failures may result in I/O freeze (bnc#914175). - mm, vmscan: prevent kswapd livelock due to pfmemalloc-throttled process being killed (VM Functionality bnc#910150). - Input: evdev - fix EVIOCG{type} ioctl (bnc#904899). - mnt: Implicitly add MNT_NODEV on remount when it was implicitly added by mount (bsc#907988). - DocBook: Do not exceed argument list limit. - DocBook: Make mandocs parallel-safe. - mm: free compound page with correct order (bnc#913695). - udf: Check component length before reading it. - udf: Check path length when reading symlink. - udf: Verify symlink size before loading it. - udf: Verify i_size when loading inode. - xfs: remote attribute overwrite causes transaction overrun.
    last seen 2019-02-21
    modified 2015-04-14
    plugin id 82755
    published 2015-04-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82755
    title openSUSE Security Update : the Linux Kernel (openSUSE-2015-301)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2015-0290.NASL
    description Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 7. This is the first regular update. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's XFS file system handled replacing of remote attributes under certain conditions. A local user with access to XFS file system mount could potentially use this flaw to escalate their privileges on the system. (CVE-2015-0274, Important) * It was found that the Linux kernel's KVM implementation did not ensure that the host CR4 control register value remained unchanged across VM entries on the same virtual CPU. A local, unprivileged user could use this flaw to cause denial of service on the system. (CVE-2014-3690, Moderate) * A flaw was found in the way Linux kernel's Transparent Huge Pages (THP) implementation handled non-huge page migration. A local, unprivileged user could use this flaw to crash the kernel by migrating transparent hugepages. (CVE-2014-3940, Moderate) * An out-of-bounds memory access flaw was found in the syscall tracing functionality of the Linux kernel's perf subsystem. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-7825, Moderate) * An out-of-bounds memory access flaw was found in the syscall tracing functionality of the Linux kernel's ftrace subsystem. On a system with ftrace syscall tracing enabled, a local, unprivileged user could use this flaw to crash the system, or escalate their privileges. (CVE-2014-7826, Moderate) * A race condition flaw was found in the Linux kernel's ext4 file system implementation that allowed a local, unprivileged user to crash the system by simultaneously writing to a file and toggling the O_DIRECT flag using fcntl(F_SETFL) on that file. (CVE-2014-8086, Moderate) * A flaw was found in the way the Linux kernel's netfilter subsystem handled generic protocol tracking. As demonstrated in the Stream Control Transmission Protocol (SCTP) case, a remote attacker could use this flaw to bypass intended iptables rule restrictions when the associated connection tracking module was not loaded on the system. (CVE-2014-8160, Moderate) * It was found that due to excessive files_lock locking, a soft lockup could be triggered in the Linux kernel when performing asynchronous I/O operations. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-8172, Moderate) * A NULL pointer dereference flaw was found in the way the Linux kernel's madvise MADV_WILLNEED functionality handled page table locking. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-8173, Moderate) * An information leak flaw was found in the Linux kernel's IEEE 802.11 wireless networking implementation. When software encryption was used, a remote attacker could use this flaw to leak up to 8 bytes of plaintext. (CVE-2014-8709, Low) * A stack-based buffer overflow flaw was found in the TechnoTrend/Hauppauge DEC USB device driver. A local user with write access to the corresponding device could use this flaw to crash the kernel or, potentially, elevate their privileges on the system. (CVE-2014-8884, Low) Red Hat would like to thank Eric Windisch of the Docker project for reporting CVE-2015-0274, Andy Lutomirski for reporting CVE-2014-3690, and Robert Święcki for reporting CVE-2014-7825 and CVE-2014-7826. This update also fixes several hundred bugs and adds numerous enhancements. Refer to the Red Hat Enterprise Linux 7.1 Release Notes for information on the most significant of these changes, and the following Knowledgebase article for further information: https://access.redhat.com/articles/1352803 All Red Hat Enterprise Linux 7 users are advised to install these updated packages, which correct these issues and add these enhancements. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2015-03-20
    plugin id 81885
    published 2015-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81885
    title CentOS 7 : kernel (CESA-2015:0290)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2017-0057.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2017-0057 for details.
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 99163
    published 2017-04-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99163
    title OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0057) (Dirty COW)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2015-0040.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2015-0040 for details.
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 82691
    published 2015-04-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82691
    title OracleVM 3.3 : kernel-uek (OVMSA-2015-0040)
redhat via4
advisories
  • rhsa
    id RHSA-2015:0290
  • rhsa
    id RHSA-2015:0694
rpms
  • kernel-0:3.10.0-229.el7
  • kernel-abi-whitelists-0:3.10.0-229.el7
  • kernel-bootwrapper-0:3.10.0-229.el7
  • kernel-debug-0:3.10.0-229.el7
  • kernel-debug-devel-0:3.10.0-229.el7
  • kernel-devel-0:3.10.0-229.el7
  • kernel-doc-0:3.10.0-229.el7
  • kernel-headers-0:3.10.0-229.el7
  • kernel-kdump-0:3.10.0-229.el7
  • kernel-kdump-devel-0:3.10.0-229.el7
  • kernel-tools-0:3.10.0-229.el7
  • kernel-tools-libs-0:3.10.0-229.el7
  • kernel-tools-libs-devel-0:3.10.0-229.el7
  • perf-0:3.10.0-229.el7
  • python-perf-0:3.10.0-229.el7
refmap via4
confirm
suse openSUSE-SU-2015:0714
Last major update 02-01-2017 - 21:59
Published 16-03-2015 - 06:59
Back to Top