The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3534 advisory.

    - Revert 'fix minor infoleak in get_user_ex()' (Brian Maly)  [Orabug: 25790392]  {CVE-2016-9644}
    - net: ping: check minimum size on ICMP header length (Kees Cook)  [Orabug: 25766911]  {CVE-2016-8399}
    - ipv6: stop sending PTB packets for MTU < 1280 (Hagen Paul Pfeifer)  [Orabug: 25765776]  {CVE-2016-10142}
    - sg_write()/bsg_write() is not fit to be called under KERNEL_DS (Al Viro)  [Orabug: 25765445]     {CVE-2016-10088}
    - scsi: sg: check length passed to SG_NEXT_CMD_LEN (peter chang)  [Orabug: 25751996]  {CVE-2017-7187}
    - tty: n_hdlc: get rid of racy n_hdlc.tbuf (Alexander Popov)  [Orabug: 25696686]  {CVE-2017-2636}
    - TTY: n_hdlc, fix lockdep false positive (Jiri Slaby)  [Orabug: 25696686]  {CVE-2017-2636}
    - drivers/tty/n_hdlc.c: replace kmalloc/memset by kzalloc (Fabian Frederick)  [Orabug: 25696686]     {CVE-2017-2636}
    - x86: bpf_jit: fix compilation of large bpf programs (Alexei Starovoitov)  [Orabug: 21305080]     {CVE-2015-4700}
    - firewire: net: guard against rx buffer overflows (Stefan Richter)  [Orabug: 25451530]  {CVE-2016-8633}
    - x86/mm/32: Enable full randomization on i386 and X86_32 (Hector Marco-Gisbert)  [Orabug: 25463927]     {CVE-2016-3672}
    - x86 get_unmapped_area: Access mmap_legacy_base through mm_struct member (Radu Caragea)  [Orabug:
    25463927]  {CVE-2016-3672}
    - pptp: verify sockaddr_len in pptp_bind() and pptp_connect() (WANG Cong)  [Orabug: 25490335]     {CVE-2015-8569}
    - sg_start_req(): make sure that there's not too many elements in iovec (Al Viro)  [Orabug: 25490372]     {CVE-2015-5707}
    - kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF) (Jim Mattson)  [Orabug: 25507195]     {CVE-2016-9588}
    - tcp: take care of truncations done by sk_filter() (Eric Dumazet)  [Orabug: 25507230]  {CVE-2016-8645}
    - rose: limit sk_filter trim to payload (Willem de Bruijn)  [Orabug: 25507230]  {CVE-2016-8645}
    - fix minor infoleak in get_user_ex() (Al Viro)  [Orabug: 25507281]  {CVE-2016-9178}
    - scsi: arcmsr: Simplify user_len checking (Borislav Petkov)  [Orabug: 25507328]  {CVE-2016-7425}
    - scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer() (Dan Carpenter)  [Orabug: 25507328]     {CVE-2016-7425}
    - net: fix a kernel infoleak in x25 module (Kangjie Lu)  [Orabug: 25512413]  {CVE-2016-4580}
    - USB: digi_acceleport: do sanity checking for the number of ports (Oliver Neukum)  [Orabug: 25512471]     {CVE-2016-3140}
    - ipv4: keep skb->dst around in presence of IP options (Eric Dumazet)  [Orabug: 25543892]  {CVE-2017-5970}
    - net/llc: avoid BUG_ON() in skb_orphan() (Eric Dumazet)  [Orabug: 25682430]  {CVE-2017-6345}
    - dccp: fix freeing skb too early for IPV6_RECVPKTINFO (Andrey Konovalov)   {CVE-2017-6074}
    - crypto: algif_hash - Only export and import on sockets with data (Herbert Xu)  [Orabug: 25417805]     {CVE-2016-8646}
    - USB: usbfs: fix potential infoleak in devio (Kangjie Lu)  [Orabug: 25462760]  {CVE-2016-4482}
    - net: fix infoleak in llc (Kangjie Lu)  [Orabug: 25462807]  {CVE-2016-4485}
    - af_unix: Guard against other == sk in unix_dgram_sendmsg (Rainer Weikusat)  [Orabug: 25463996]     {CVE-2013-7446}
    - unix: avoid use-after-free in ep_remove_wait_queue (Rainer Weikusat)  [Orabug: 25463996]     {CVE-2013-7446}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3534)

high Nessus Plugin ID 99160

Version 3.15