Patch  oval:org.mitre.oval:def:27566
DEPRECATED: ELSA-2012-1426 -- kernel security and bug fix update (moderate) (Deprecated)  

[2.6.32-279.14.1.el6] - [usb] usbhid: Fix use-after-free in USBHID (James Paradis) [864827 857518] - [usb] Add kernel parameter to force io_watchdog for Intel EHCI HCD (James Paradis) [865713 846024] - [block] Fix hanging kernel threads in blk_execute_rq() (James Paradis) [865308 855984] - [mm] hugetlb: do not use vma_hugecache_offset() for vma_prio_tree_foreach (Frederic Weisbecker) [843034 843035] {CVE-2012-2133} - [mm] hugepages: fix use after free bug in 'quota' handling (Frederic Weisbecker) [843034 843035] {CVE-2012-2133} - [mm] hugetlb: fix pgoff computation when unmapping page from vma (Frederic Weisbecker) [843034 843035] {CVE-2012-2133} - [mm] hugetlb: fix ENOSPC returned by handle_mm_fault() (Frederic Weisbecker) [843034 843035] {CVE-2012-2133} - [fs] gfs2: Write out dirty inode metadata in delayed deletes (Frantisek Hrbata) [859326 748827] - [usb] core: Fix device removal race condition (James Paradis) [864821 849188] - [mm] x86_32: fix SHLIB_BASE address typo (Aristeu S. Rozanski F) [804955 804956] {CVE-2012-1568} - [hid] hidraw: fix window in hidraw_release (Don Zickus) [841824 839973] - [hid] hidraw: protect hidraw_disconnect() better (Don Zickus) [841824 839973] - [hid] hidraw: remove excessive _EMERG messages from hidraw (Don Zickus) [841824 839973] - [hid] hidraw: fix hidraw_disconnect() (Don Zickus) [841824 839973] - [hid] fix a NULL pointer dereference in hidraw_write (Don Zickus) [841824 839973] - [hid] fix a NULL pointer dereference in hidraw_ioctl (Don Zickus) [841824 839973] - [hid] remove BKL from hidraw (Don Zickus) [841824 839973] - [mm] x86_32: randomize SHLIB_BASE (Aristeu Rozanski) [804955 804956] {CVE-2012-1568} - [block] fix up use after free in __blkdev_get (Jeff Moyer) [853943 847838] - [scsi] remove no longer valid BUG_ON in scsi_lld_busy (Jeff Garzik) [860640 842881] - [scsi] fix NULL request_queue in scsi_requeue_run_queue() (Jeff Garzik) [860640 842881] - [net] svcrpc: fix BUG() in svc_tcp_clear_pages (J. Bruce Fields) [856106 769045] - [scsi] lpfc: Fixed SCSI device reset escalation (Rob Evers) [861390 827566] - [scsi] lpfc: Fix abort status (Rob Evers) [861390 827566] - [kernel] cgroup: add cgroup_root_mutex (Frederic Weisbecker) [858954 844531] - [mm] Hold a file reference in madvise_remove (Jerome Marchand) [849738 849739] {CVE-2012-3511} - [base] driver-core: fix device_register race (Rob Evers) [860784 833098] - [netdrv] e1000e: drop check of RXCW.CW to eliminate link going up and down (Dean Nelson) [857055 847310] - [scsi] be2iscsi: Format the MAC_ADDR with sysfs (Rob Evers) [863147 827594] - [usb] usbdevfs: Add a USBDEVFS_GET_CAPABILITIES ioctl (Don Zickus) [841667 828271] - [fs] udf: fix retun value on error path in udf_load_logicalvol (Nikola Pajkovsky) [843142 843143] {CVE-2012-3400} - [fs] udf: Improve table length check to avoid possible overflow (Nikola Pajkovsky) [843142 843143] {CVE-2012-3400} - [fs] udf: Fortify loading of sparing table (Nikola Pajkovsky) [843142 843143] {CVE-2012-3400} - [fs] udf: Avoid run away loop when partition table length is corrupted (Nikola Pajkovsky) [843142 843143] {CVE-2012-3400} - [fs] udf: Use 'ret' instead of abusing 'i' in udf_load_logicalvol() (Nikola Pajkovsky) [843142 843143] {CVE-2012-3400} - [netdrv] bnx2x: Add remote-fault link detection (Michal Schmidt) [852450 814877] - [net] sunrpc: svc_xprt sends on closed socket should stop immediately (J. Bruce Fields) [853257 849702] - [mm] Never OOM kill tasks outside of memory cgroup when memory.limit_in_bytes is exceeded by a Transparent Huge Page (Larry Woodman) [860942 811255] - [powerpc] pseries: Support lower minimum entitlement for virtual processors (Steve Best) [860165 822651] - [usbhid] hiddev: Consolidate device existence checks in hiddev_ioctl (Don Zickus) [841824 839973] - [usbhid] hiddev: Fix race between disconnect and hiddev_ioctl (Don Zickus) [841824 839973] - [usbhid] hiddev: protect against disconnect/NULL-dereference race (Don Zickus) [841824 839973] - [crypto] algapi: Move larval completion into algboss (Herbert Xu) [854476 832135] - [fs] xfs: disable xfsaild idle mode (Brian Foster) [860787 813137] - [fs] xfs: fix the logspace waiting algorithm (Brian Foster) [860787 813137] - [fs] xfs: add AIL pushing tracepoints (Brian Foster) [860787 813137] - [fs] xfs: force the log if we encounter pinned buffers in .iop_pushbuf (Brian Foster) [860787 813137] - [fs] xfs: do not update xa_last_pushed_lsn for locked items (Brian Foster) [860787 813137]
Create Date: 2014-11-05 Last Update Date: 2015-02-10

Affected Platforms/Products

Affected Products (CPE + CVE references)
Platforms: unix (from OVAL definitions) Products: unix
  • Oracle Linux 6
  • kernel

References

Criteria

The patch should be installed
IF : All of the following are true
Prerequisites (Extended Definitions)
Oracle Linux 6.x oval:org.mitre.oval:def:16594
IF : Any one of the following are true Packages match section
IF : python-perf is earlier than 0:2.6.32-279.14.1.el6
Linux : RPM Test :  python-perf is earlier than 0:2.6.32-279.14.1.el6 
At least one of the objects listed below must exist on the system (Existence check)
Linux : RPM Package 
python-perf
RPM Version less than 0:2.6.32-279.14.1.el6 (datatype=evr_string)
version is earlier than 0:2.6.32-279.14.1.el6 linux : rpminfo_state 
IF : perf is earlier than 0:2.6.32-279.14.1.el6
Linux : RPM Test :  perf is earlier than 0:2.6.32-279.14.1.el6 
At least one of the objects listed below must exist on the system (Existence check)
RPM Version less than 0:2.6.32-279.14.1.el6 (datatype=evr_string)
version is earlier than 0:2.6.32-279.14.1.el6 linux : rpminfo_state 
IF : kernel-headers is earlier than 0:2.6.32-279.14.1.el6
Linux : RPM Test :  kernel-headers is earlier than 0:2.6.32-279.14.1.el6 
At least one of the objects listed below must exist on the system (Existence check)
Linux : RPM Package 
kernel-headers
RPM Version less than 0:2.6.32-279.14.1.el6 (datatype=evr_string)
version is earlier than 0:2.6.32-279.14.1.el6 linux : rpminfo_state 
IF : kernel-firmware is earlier than 0:2.6.32-279.14.1.el6
Linux : RPM Test :  kernel-firmware is earlier than 0:2.6.32-279.14.1.el6 
At least one of the objects listed below must exist on the system (Existence check)
Linux : RPM Package 
kernel-firmware
RPM Version less than 0:2.6.32-279.14.1.el6 (datatype=evr_string)
version is earlier than 0:2.6.32-279.14.1.el6 linux : rpminfo_state 
IF : kernel-doc is earlier than 0:2.6.32-279.14.1.el6
Linux : RPM Test :  kernel-doc is earlier than 0:2.6.32-279.14.1.el6 
At least one of the objects listed below must exist on the system (Existence check)
Linux : RPM Package 
kernel-doc
RPM Version less than 0:2.6.32-279.14.1.el6 (datatype=evr_string)
version is earlier than 0:2.6.32-279.14.1.el6 linux : rpminfo_state 
IF : kernel-devel is earlier than 0:2.6.32-279.14.1.el6
Linux : RPM Test :  kernel-devel is earlier than 0:2.6.32-279.14.1.el6 
At least one of the objects listed below must exist on the system (Existence check)
Linux : RPM Package 
kernel-devel
RPM Version less than 0:2.6.32-279.14.1.el6 (datatype=evr_string)
version is earlier than 0:2.6.32-279.14.1.el6 linux : rpminfo_state 
IF : kernel-debug-devel is earlier than 0:2.6.32-279.14.1.el6
Linux : RPM Test :  kernel-debug-devel is earlier than 0:2.6.32-279.14.1.el6 
At least one of the objects listed below must exist on the system (Existence check)
Linux : RPM Package 
kernel-debug-devel
RPM Version less than 0:2.6.32-279.14.1.el6 (datatype=evr_string)
version is earlier than 0:2.6.32-279.14.1.el6 linux : rpminfo_state 
IF : kernel is earlier than 0:2.6.32-279.14.1.el6
Linux : RPM Test :  kernel is earlier than 0:2.6.32-279.14.1.el6 
At least one of the objects listed below must exist on the system (Existence check)
RPM Version less than 0:2.6.32-279.14.1.el6 (datatype=evr_string)
version is earlier than 0:2.6.32-279.14.1.el6 linux : rpminfo_state 
IF : kernel-debug is earlier than 0:2.6.32-279.14.1.el6
Linux : RPM Test :  kernel-debug is earlier than 0:2.6.32-279.14.1.el6 
At least one of the objects listed below must exist on the system (Existence check)
Linux : RPM Package 
kernel-debug
RPM Version less than 0:2.6.32-279.14.1.el6 (datatype=evr_string)
version is earlier than 0:2.6.32-279.14.1.el6 linux : rpminfo_state 

Quick Help

evr_string datatype
Represents epoch, version, and release number as a single version string
Other Help Topics
Data Types
What is an Object?
What is a State?
What is a Test?
Other Help Topics
Regular Expression Patterns
Some object or state definitions are defined as regular expression patterns, you should interpret the regexp pattern while evaluating them.

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html