oval:org.mitre.oval:def:28199

Definition Id: oval:org.mitre.oval:def:28199
 
Oval ID: oval:org.mitre.oval:def:28199
Title: DEPRECATED: ELSA-2011-0017 -- Oracle Linux 5.6 kernel security and bug fix update (important)
Description: This update fixes the following security issues: * A NULL pointer dereference flaw was found in the igb driver in the Linux kernel. If both the Single Root I/O Virtualization (SR-IOV) feature and promiscuous mode were enabled on an interface using igb, it could result in a denial of service when a tagged VLAN packet is received on that interface. (CVE-2010-4263, Important) * A missing sanity check was found in vbd_create() in the Xen hypervisor implementation. As CD-ROM drives are not supported by the blkback back-end driver, attempting to use a virtual CD-ROM drive with blkback could trigger a denial of service (crash) on the host system running the Xen hypervisor. (CVE-2010-4238, Moderate) * A flaw was found in the Linux kernel execve() system call implementation. A local, unprivileged user could cause large amounts of memory to be allocated but not visible to the OOM (Out of Memory) killer, triggering a denial of service. (CVE-2010-4243, Moderate) * A flaw was found in fixup_page_fault() in the Xen hypervisor implementation. If a 64-bit para-virtualized guest accessed a certain area of memory, it could cause a denial of service on the host system running the Xen hypervisor. (CVE-2010-4255, Moderate) * A missing initialization flaw was found in the bfa driver used by Brocade Fibre Channel Host Bus Adapters. A local, unprivileged user could use this flaw to cause a denial of service by reading a file in the "/sys/class/fc_host/host#/statistics/" directory. (CVE-2010-4343, Moderate) * Missing initialization flaws in the Linux kernel could lead to information leaks. (CVE-2010-3296, CVE-2010-3877, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4081, CVE-2010-4158, Low)
Family: unix Class: patch
Reference(s): ELSA-2011-0017
CVE-2010-3296
CVE-2010-3877
CVE-2010-4072
CVE-2010-4073
CVE-2010-4075
CVE-2010-4080
CVE-2010-4081
CVE-2010-4158
CVE-2010-4238
CVE-2010-4243
CVE-2010-4255
CVE-2010-4263
CVE-2010-4343
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15459
 
Oval ID: oval:org.mitre.oval:def:15459
Title: Oracle Linux 5.x
Description: The operating system installed on the system is Oracle Linux 5.x
Family: unix Class: inventory
Reference(s): cpe:/o:oracle:linux:5
Version: 7
Platform(s): Oracle Linux 5
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:28199