The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-3083 advisory.

    - [fs] exec: Limit arg stack to at most 75 of _STK_LIM (Yauheni Kaliuta) [1625991] {CVE-2018-14634}
    - [fs] exec: account for argv/envp pointers (Yauheni Kaliuta) [1625991] {CVE-2018-14634}
    - [cdrom] information leak in cdrom_ioctl_media_changed() (Sanskriti Sharma) [1578207] {CVE-2018-10940}
    - [fs] fs: get_rock_ridge_filename(): handle malformed NM entries (Bill O'Donnell) [1340778]     {CVE-2016-4913}
    - [mm] madvise: fix madvise() infinite loop under special circumstances (Rafael Aquini) [1552982]     {CVE-2017-18208}
    - [kernel] posix-timer: Properly check sigevent->sigev_notify (Phil Auld) [1613711] {CVE-2017-18344}
    - [sound] alsa: rawmidi: Change resized buffers atomically (Denys Vlasenko) [1593087] {CVE-2018-10902}
    - [fs] Fix up non-directory creation in SGID directories (Miklos Szeredi) [1600953] {CVE-2018-13405}
    - [scsi] libsas: fix memory leak in sas_smp_get_phy_events() (Tomas Henzl) [1558582] {CVE-2018-7757}
    - [vhost] fix info leak due to uninitialized memory (Jason Wang) [1573705] {CVE-2018-1118}
    - [net] ip: process in-order fragments efficiently (Sabrina Dubroca) [1613924] {CVE-2018-5391}
    - [net] ipv6: defrag: drop non-last frags smaller than min mtu (Sabrina Dubroca) [1613924] {CVE-2018-5391}
    - [net] ip: use rb trees for IP frag queue (Sabrina Dubroca) [1613924] {CVE-2018-5391}
    - [net] revert ipv4: use skb coalescing in defragmentation (Sabrina Dubroca) [1613924] {CVE-2018-5391}
    - [net] modify skb_rbtree_purge to return the truesize of all purged skbs (Sabrina Dubroca) [1613924]     {CVE-2018-5391}
    - [net] ip: discard IPv4 datagrams with overlapping segments (Sabrina Dubroca) [1613924] {CVE-2018-5391}
    - [net] speed up skb_rbtree_purge() (Sabrina Dubroca) [1613924] {CVE-2018-5391}
    - [fs] timerfd: Protect the might cancel mechanism proper (Bill O'Donnell) [1485407] {CVE-2017-10661}
    - [netdrv] bnx2x: disable GSO where gso_size is too big for hardware (Jonathan Toppins) [1546760]     {CVE-2018-1000026}
    - [net] create skb_gso_validate_mac_len() (Jonathan Toppins) [1546760] {CVE-2018-1000026}
    - [fs] aio: properly check iovec sizes (Jeff Moyer) [1337518] {CVE-2015-8830}
    - [fs] ext4: avoid running out of journal credits when appending to an inline file (Lukas Czerner)     [1609759] {CVE-2018-10883}
    - [fs] jbd2: don't mark block as modified if the handle is out of credits (Lukas Czerner) [1609759]     {CVE-2018-10883}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Oracle Linux 7 : kernel (ELSA-2018-3083)

high Nessus Plugin ID 118770

Version 1.16