Oracle Linux 7 : kernel (ELSA-2017-0086)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0086 advisory. - net sctp: validate chunk len before actually using it Hangbin Liu 1399458 1399459 CVE-2016-9555 - net sctp: rename WORDTRUNC/ROUND macros Hangbin Liu...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3655)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-3655 advisory. kernel-uek 4.1.12-61.1.23 - net: Fix use after free in the recvmmsg exit path Arnaldo Carvalho de Melo Orabug: 25298601 CVE-2016-7117 Tenable has extracted...

Oracle Linux 5 : kernel (ELSA-2016-2962)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-2962 advisory. kernel 2.6.18-417 - virt hv: do not lose pending heartbeat vmbus packets Vitaly Kuznetsov 1391167 - net Fix use after free in the recvmmsg exit path Davide...

kernel: Use-after-free in the recvmmsg exit path

A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within sysrecvmmsg function...