Oracle Linux Bulletin - October 2015


Description

The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin. Oracle Linux Bulletins are published on the same day as Oracle Critical Patch Updates are released. These bulletins will also be updated on the Tuesday closest to the 17th of the following two months after their release (i.e., the two months between the normal quarterly Critical Patch Update publication dates) to cover all CVEs that had been resolved in those two months following the bulletin's publication. In addition, Oracle Linux Bulletins may also be updated for vulnerability fixes deemed too critical to wait for the next scheduled bulletin publication date.

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Oracle Linux Bulletin fixes as soon as possible.


Patch Availability

Please see ULN Advisory http://linux.oracle.com/ol-pad-bulletin


Oracle Linux Bulletin Schedule

Oracle Linux Bulletins are released on the Tuesday closest to the 17th day of January, April, July and October. The next four dates are:

  • 19 January 2016
  • 19 April 2016
  • 19 July 2016
  • 18 October 2016

References


Modification History


2015-December-21 Rev 3. New CVEs Added
2015-November-20 Rev 2. New CVEs Added
2015-October-20 Rev 1. Initial Release

 

Oracle Linux Executive Summary

 

This Oracle Linux Bulletin contains 227 new security fixes for the Oracle Linux.  156 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password. 

 

Oracle Linux Risk Matrix


Revision 3: Published on 2015-12-21



CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base Score Access Vector Access Complexity Authen-
tication
Confiden-
tiality
Integrity Avail-
ability
CVE-2015-1782 Oracle Linux libssh2 Yes 7.8 Network Low None None None Complete 7
CVE-2015-7501 Oracle Linux apache-commons-collections Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2015-7501 Oracle Linux jakarta-commons-collections Yes 7.5 Network Low None Partial Partial Partial 6
CVE-2015-7872 Oracle Linux kernel No 7.2 Local Low None Complete Complete Complete 6
CVE-2015-5287 Oracle Linux abrt and libreport No 6.9 Local Medium None Complete Complete Complete 7
CVE-2015-8370 Oracle Linux grub2 No 6.9 Local Medium None Complete Complete Complete 7
CVE-2014-8485 Oracle Linux binutils Yes 6.8 Network Medium None Partial Partial Partial 7
CVE-2015-7201 Oracle Linux firefox Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-7210 Oracle Linux firefox Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-7545 Oracle Linux git Yes 6.8 Network Medium None Partial Partial Partial 7
CVE-2015-4513 Oracle Linux thunderbird Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-7198 Oracle Linux thunderbird Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-7199 Oracle Linux thunderbird Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-7200 Oracle Linux thunderbird Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2014-8240 Oracle Linux tigervnc Yes 6.8 Network Medium None Partial Partial Partial 7
CVE-2014-8241 Oracle Linux tigervnc Yes 6.8 Network Medium None Partial Partial Partial 7
CVE-2015-7613 Oracle Linux kernel No 6.2 Local High None Complete Complete Complete 6
CVE-2015-0239 Oracle Linux kernel No 6.2 Local High None Complete Complete Complete 7
CVE-2015-3339 Oracle Linux kernel No 6.2 Local High None Complete Complete Complete 7
CVE-2015-7613 Oracle Linux kernel No 6.2 Local High None Complete Complete Complete 7
CVE-2015-6563 Oracle Linux openssh No 6.2 Local High None Complete Complete Complete 7
CVE-2015-7613 Oracle Linux Unbreakable Enterprise kernel No 6.2 Local High None Complete Complete Complete 6,7
CVE-2015-1821 Oracle Linux chrony No 6.0 Network Medium Single Partial Partial Partial 7
CVE-2015-1822 Oracle Linux chrony No 6.0 Network Medium Single Partial Partial Partial 7
CVE-2015-2925 Oracle Linux kernel No 6.0 Local High Single Complete Complete Complete 6
CVE-2015-2925 Oracle Linux kernel No 6.0 Local High Single Complete Complete Complete 7
CVE-2015-2694 Oracle Linux krb5 Yes 5.8 Network Medium None Partial Partial None 7
CVE-2015-5212 Oracle Linux libreoffice Yes 5.8 Network Medium None None Partial Partial 6,7
CVE-2015-5213 Oracle Linux libreoffice Yes 5.8 Network Medium None None Partial Partial 6,7
CVE-2015-5214 Oracle Linux libreoffice Yes 5.8 Network Medium None None Partial Partial 6,7
CVE-2015-3455 Oracle Linux squid Yes 5.8 Network Medium None Partial Partial None 7
CVE-2014-8171 Oracle Linux kernel No 5.7 Adjacent network Medium None None None Complete 7
CVE-2015-5307 Oracle Linux kernel No 5.2 Adjacent network Medium Single None None Complete 6,7
CVE-2015-8104 Oracle Linux kernel No 5.2 Adjacent network Medium Single None None Complete 6,7
CVE-2015-5307 Oracle Linux Unbreakable Enterprise kernel No 5.2 Adjacent network Medium Single None None Complete 6,7
CVE-2015-8104 Oracle Linux Unbreakable Enterprise kernel No 5.2 Adjacent network Medium Single None None Complete 6,7
CVE-2014-9112 Oracle Linux cpio Yes 5.1 Network High None Partial Partial Partial 7
CVE-2015-7205 Oracle Linux firefox Yes 5.1 Network High None Partial Partial Partial 5,6,7
CVE-2015-7212 Oracle Linux firefox Yes 5.1 Network High None Partial Partial Partial 5,6,7
CVE-2015-7213 Oracle Linux firefox Yes 5.1 Network High None Partial Partial Partial 5,6,7
CVE-2015-7222 Oracle Linux firefox Yes 5.1 Network High None Partial Partial Partial 5,6,7
CVE-2015-1781 Oracle Linux glibc Yes 5.1 Network High None Partial Partial Partial 7
CVE-2015-8126 Oracle Linux libpng Yes 5.1 Network High None Partial Partial Partial 6,7
CVE-2015-8472 Oracle Linux libpng Yes 5.1 Network High None Partial Partial Partial 6,7
CVE-2015-8126 Oracle Linux libpng12 Yes 5.1 Network High None Partial Partial Partial 7
CVE-2015-8472 Oracle Linux libpng12 Yes 5.1 Network High None Partial Partial Partial 7
CVE-2013-0334 Oracle Linux rubygem-bundler and rubygem-thor Yes 5.1 Network High None Partial Partial Partial 7
CVE-2015-7189 Oracle Linux thunderbird Yes 5.1 Network High None Partial Partial Partial 5,6,7
CVE-2015-7193 Oracle Linux thunderbird Yes 5.1 Network High None Partial Partial Partial 5,6,7
CVE-2014-5355 Oracle Linux krb5 Yes 5.0 Network Low None None None Partial 7
CVE-2014-9298 Oracle Linux ntp Yes 5.0 Network Low None Partial None None 7
CVE-2014-9751 Oracle Linux ntp Yes 5.0 Network Low None Partial None None 7
CVE-2014-4650 Oracle Linux python Yes 5.0 Network Low None Partial None None 7
CVE-2015-6526 Oracle Linux kernel No 4.9 Local Low None None None Complete 7
CVE-2015-4170 Oracle Linux kernel No 4.7 Local Medium None None None Complete 7
CVE-2015-5283 Oracle Linux kernel No 4.7 Local Medium None None None Complete 7
CVE-2015-5283 Oracle Linux Unbreakable Enterprise kernel No 4.7 Local Medium None None None Complete 6,7
CVE-2014-8169 Oracle Linux autofs No 4.6 Local Low None Partial Partial Partial 7
CVE-2015-3248 Oracle Linux openhpi No 4.6 Local Low None Partial Partial Partial 7
CVE-2014-3647 Oracle Linux kernel No 4.4 Local Medium Single None None Complete 7
CVE-2015-0272 Oracle Linux NetworkManager Yes 4.3 Network Medium None None None Partial 7
CVE-2015-5273 Oracle Linux abrt and libreport Yes 4.3 Network Medium None None Partial None 7
CVE-2015-8000 Oracle Linux bind Yes 4.3 Network Medium None None None Partial 5,6,7
CVE-2015-8000 Oracle Linux bind97 Yes 4.3 Network Medium None None None Partial 5
CVE-2014-8484 Oracle Linux binutils Yes 4.3 Network Medium None None None Partial 7
CVE-2015-1853 Oracle Linux chrony Yes 4.3 Network Medium None None None Partial 7
CVE-2014-3613 Oracle Linux curl Yes 4.3 Network Medium None None Partial None 7
CVE-2014-8150 Oracle Linux curl Yes 4.3 Network Medium None None Partial None 7
CVE-2014-0207 Oracle Linux file Yes 4.3 Network Medium None None None Partial 7
CVE-2014-0237 Oracle Linux file Yes 4.3 Network Medium None None None Partial 7
CVE-2014-0238 Oracle Linux file Yes 4.3 Network Medium None None None Partial 7
CVE-2014-3478 Oracle Linux file Yes 4.3 Network Medium None None None Partial 7
CVE-2014-3479 Oracle Linux file Yes 4.3 Network Medium None None None Partial 7
CVE-2014-3480 Oracle Linux file Yes 4.3 Network Medium None None None Partial 7
CVE-2014-3487 Oracle Linux file Yes 4.3 Network Medium None None None Partial 7
CVE-2014-3538 Oracle Linux file Yes 4.3 Network Medium None None None Partial 7
CVE-2014-3587 Oracle Linux file Yes 4.3 Network Medium None None None Partial 7
CVE-2014-3710 Oracle Linux file Yes 4.3 Network Medium None None None Partial 7
CVE-2014-8116 Oracle Linux file Yes 4.3 Network Medium None None None Partial 7
CVE-2014-8117 Oracle Linux file Yes 4.3 Network Medium None None None Partial 7
CVE-2014-9652 Oracle Linux file Yes 4.3 Network Medium None Partial None None 7
CVE-2015-7214 Oracle Linux firefox Yes 4.3 Network Medium None Partial None None 5,6,7
CVE-2015-4551 Oracle Linux libreoffice Yes 4.3 Network Medium None Partial None None 6,7
CVE-2015-5312 Oracle Linux libxml2 Yes 4.3 Network Medium None None None Partial 6,7
CVE-2015-7497 Oracle Linux libxml2 Yes 4.3 Network Medium None None None Partial 6,7
CVE-2015-7498 Oracle Linux libxml2 Yes 4.3 Network Medium None None None Partial 6,7
CVE-2015-7499 Oracle Linux libxml2 Yes 4.3 Network Medium None None None Partial 6,7
CVE-2015-7500 Oracle Linux libxml2 Yes 4.3 Network Medium None None None Partial 6,7
CVE-2015-7942 Oracle Linux libxml2 Yes 4.3 Network Medium None None None Partial 6,7
CVE-2015-8241 Oracle Linux libxml2 Yes 4.3 Network Medium None Partial None None 6,7
CVE-2015-8242 Oracle Linux libxml2 Yes 4.3 Network Medium None Partial None None 6,7
CVE-2015-8317 Oracle Linux libxml2 Yes 4.3 Network Medium None Partial None None 6,7
CVE-2014-3565 Oracle Linux net-snmp Yes 4.3 Network Medium None None None Partial 7
CVE-2015-1799 Oracle Linux ntp Yes 4.3 Network Medium None None None Partial 7
CVE-2015-3276 Oracle Linux openldap Yes 4.3 Network Medium None None Partial None 7
CVE-2015-5600 Oracle Linux openssh Yes 4.3 Network Medium None None Partial None 7
CVE-2015-3194 Oracle Linux openssl Yes 4.3 Network Medium None None None Partial 6,7
CVE-2015-3195 Oracle Linux openssl Yes 4.3 Network Medium None Partial None None 5,6,7
CVE-2015-3196 Oracle Linux openssl Yes 4.3 Network Medium None None None Partial 6,7
CVE-2013-1752 Oracle Linux python Yes 4.3 Network Medium None None None Partial 7
CVE-2013-1753 Oracle Linux python Yes 4.3 Network Medium None None None Partial 7
CVE-2015-2704 Oracle Linux realmd No 4.3 Adjacent network High None Partial Partial Partial 7
CVE-2015-7197 Oracle Linux thunderbird Yes 4.3 Network Medium None Partial None None 5,6,7
CVE-2014-8710 Oracle Linux wireshark Yes 4.3 Network Medium None None None Partial 7
CVE-2014-8711 Oracle Linux wireshark Yes 4.3 Network Medium None None None Partial 7
CVE-2014-8712 Oracle Linux wireshark Yes 4.3 Network Medium None None None Partial 7
CVE-2014-8713 Oracle Linux wireshark Yes 4.3 Network Medium None None None Partial 7
CVE-2014-8714 Oracle Linux wireshark Yes 4.3 Network Medium None None None Partial 7
CVE-2015-0562 Oracle Linux wireshark Yes 4.3 Network Medium None None None Partial 7
CVE-2015-0563 Oracle Linux wireshark Yes 4.3 Network Medium None None None Partial 7
CVE-2015-0564 Oracle Linux wireshark Yes 4.3 Network Medium None None None Partial 7
CVE-2015-3182 Oracle Linux wireshark Yes 4.3 Network Medium None None None Partial 7
CVE-2015-3810 Oracle Linux wireshark Yes 4.3 Network Medium None None None Partial 7
CVE-2015-3811 Oracle Linux wireshark Yes 4.3 Network Medium None None None Partial 7
CVE-2015-3812 Oracle Linux wireshark Yes 4.3 Network Medium None None None Partial 7
CVE-2015-3813 Oracle Linux wireshark Yes 4.3 Network Medium None None None Partial 7
CVE-2015-6243 Oracle Linux wireshark Yes 4.3 Network Medium None None None Partial 7
CVE-2015-6244 Oracle Linux wireshark Yes 4.3 Network Medium None None None Partial 7
CVE-2015-6245 Oracle Linux wireshark Yes 4.3 Network Medium None None None Partial 7
CVE-2015-6246 Oracle Linux wireshark Yes 4.3 Network Medium None None None Partial 7
CVE-2015-6248 Oracle Linux wireshark Yes 4.3 Network Medium None None None Partial 7
CVE-2015-3258 Oracle Linux cups-filters No 4.0 Adjacent network High Single Partial Partial Partial 7
CVE-2015-3279 Oracle Linux cups-filters No 4.0 Adjacent network High Single Partial Partial Partial 7
CVE-2014-3707 Oracle Linux curl Yes 4.0 Network High None Partial None Partial 7
CVE-2015-3143 Oracle Linux curl Yes 4.0 Network High None Partial Partial None 7
CVE-2015-3148 Oracle Linux curl Yes 4.0 Network High None Partial Partial None 7
CVE-2010-5313 Oracle Linux kernel No 4.0 Local High None None None Complete 7
CVE-2014-7842 Oracle Linux kernel No 4.0 Local High None None None Complete 7
CVE-2015-7981 Oracle Linux libpng No 4.0 Network Low Single Partial None None 6
CVE-2015-7981 Oracle Linux libpng12 No 4.0 Network Low Single Partial None None 7
CVE-2015-7941 Oracle Linux libxml2 No 4.0 Network Low Single Partial None None 6,7
CVE-2014-8119 Oracle Linux netcf No 4.0 Network Low Single None None Partial 7
CVE-2015-3405 Oracle Linux ntp Yes 4.0 Network High None Partial Partial None 7
CVE-2015-6564 Oracle Linux openssh Yes 4.0 Network High None Partial Partial None 7
CVE-2014-4616 Oracle Linux python Yes 4.0 Network High None Partial None Partial 7
CVE-2014-7185 Oracle Linux python Yes 4.0 Network High None Partial None Partial 7
CVE-2015-5277 Oracle Linux glibc No 3.7 Local High None Partial Partial Partial 7
CVE-2015-2924 Oracle Linux NetworkManager No 3.3 Adjacent network Low None None None Partial 7
CVE-2014-9653 Oracle Linux file No 3.3 Local Medium None Partial None Partial 7
CVE-2015-2188 Oracle Linux wireshark No 2.9 Adjacent network Medium None None None Partial 7
CVE-2015-2189 Oracle Linux wireshark No 2.9 Adjacent network Medium None None None Partial 7
CVE-2015-2191 Oracle Linux wireshark No 2.9 Adjacent network Medium None None None Partial 7
CVE-2015-5302 Oracle Linux abrt and libreport Yes 2.6 Network High None Partial None None 7
CVE-2014-8501 Oracle Linux binutils No 2.6 Local High None Partial None Partial 7
CVE-2014-8502 Oracle Linux binutils No 2.6 Local High None Partial None Partial 7
CVE-2014-8503 Oracle Linux binutils No 2.6 Local High None Partial None Partial 7
CVE-2014-8738 Oracle Linux binutils No 2.6 Local High None Partial None Partial 7
CVE-2015-1472 Oracle Linux glibc No 2.6 Local High None Partial None Partial 7
CVE-2015-1473 Oracle Linux glibc No 2.6 Local High None Partial None Partial 7
CVE-2015-5281 Oracle Linux grub2 No 2.6 Local High None Partial Partial None 7
CVE-2015-5302 Oracle Linux libreport Yes 2.6 Network High None Partial None None 6
CVE-2015-1819 Oracle Linux libxml2 Yes 2.6 Network High None None None Partial 7
CVE-2014-9297 Oracle Linux ntp Yes 2.6 Network High None Partial None None 7
CVE-2014-9750 Oracle Linux ntp Yes 2.6 Network High None Partial None None 7
CVE-2015-1798 Oracle Linux ntp Yes 2.6 Network High None None Partial None 7
CVE-2014-8602 Oracle Linux unbound Yes 2.6 Network High None None None Partial 7
CVE-2014-8737 Oracle Linux binutils No 2.1 Local Low None None Partial None 7
CVE-2013-7421 Oracle Linux kernel No 2.1 Local Low None None Partial None 7
CVE-2014-9644 Oracle Linux kernel No 2.1 Local Low None None Partial None 7
CVE-2015-2675 Oracle Linux rest No 2.1 Local Low None None None Partial 7
CVE-2015-5292 Oracle Linux sssd No 2.1 Network High Single None None Partial 7
CVE-2014-9419 Oracle Linux kernel No 1.9 Local Medium None Partial None None 7
CVE-2015-7837 Oracle Linux kernel No 1.9 Local Medium None None Partial None 7
CVE-2014-8504 Oracle Linux binutils No 1.2 Local High None Partial None None 7
CVE-2013-7423 Oracle Linux glibc No 1.2 Local High None Partial None None 7
CVE-2015-1345 Oracle Linux grep No 1.2 Local High None None None Partial 7
CVE-2012-2150 Oracle Linux xfsprogs No 1.2 Local High None Partial None None 7
 

 

Revision 2: Published on 2015-11-20



CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base Score Access Vector Access Complexity Authen-
tication
Confiden-
tiality
Integrity Avail-
ability
CVE-2015-6937 Oracle Linux Unbreakable Enterprise kernel Yes 7.1 Network Medium None None None Complete 6,7
CVE-2015-1805 Oracle Linux Unbreakable Enterprise kernel No 6.9 Local Medium None Complete Complete Complete 6,7
CVE-2015-4513 Oracle Linux firefox Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-7198 Oracle Linux firefox Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4805 Oracle Linux java-1.6.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4835 Oracle Linux java-1.6.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4843 Oracle Linux java-1.6.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4844 Oracle Linux java-1.6.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4860 Oracle Linux java-1.6.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4881 Oracle Linux java-1.6.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4883 Oracle Linux java-1.6.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4805 Oracle Linux java-1.7.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4835 Oracle Linux java-1.7.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4843 Oracle Linux java-1.7.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4844 Oracle Linux java-1.7.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4860 Oracle Linux java-1.7.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4881 Oracle Linux java-1.7.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4883 Oracle Linux java-1.7.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4805 Oracle Linux java-1.8.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2015-4835 Oracle Linux java-1.8.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2015-4843 Oracle Linux java-1.8.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2015-4844 Oracle Linux java-1.8.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2015-4860 Oracle Linux java-1.8.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2015-4881 Oracle Linux java-1.8.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2015-4883 Oracle Linux java-1.8.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2015-5156 Oracle Linux kernel No 6.8 Adjacent network High None Complete Complete Complete 7
CVE-2015-0848 Oracle Linux libwmf Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2015-4588 Oracle Linux libwmf Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2015-7181 Oracle Linux nss and nspr Yes 6.8 Network Medium None Partial Partial Partial 5
CVE-2015-7182 Oracle Linux nss and nspr Yes 6.8 Network Medium None Partial Partial Partial 5
CVE-2015-7183 Oracle Linux nss and nspr Yes 6.8 Network Medium None Partial Partial Partial 5
CVE-2015-7181 Oracle Linux nss, nss-util, and nspr Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2015-7182 Oracle Linux nss, nss-util, and nspr Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2015-7183 Oracle Linux nss, nss-util, and nspr Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2015-5156 Oracle Linux Unbreakable Enterprise kernel No 6.8 Adjacent network High None Complete Complete Complete 5,6,7
CVE-2015-5279 Oracle Linux kvm No 6.5 Adjacent network High Single Complete Complete Complete 5
CVE-2015-5279 Oracle Linux qemu-kvm No 6.5 Adjacent network High Single Complete Complete Complete 6
CVE-2015-5279 Oracle Linux xen No 6.5 Adjacent network High Single Complete Complete Complete 5
CVE-2015-7704 Oracle Linux ntp Yes 6.4 Network Low None None Partial Partial 6,7
CVE-2015-1779 Oracle Linux qemu-kvm No 5.7 Adjacent network Medium None None None Complete 7
CVE-2015-7189 Oracle Linux firefox Yes 5.1 Network High None Partial Partial Partial 5,6,7
CVE-2015-7193 Oracle Linux firefox Yes 5.1 Network High None Partial Partial Partial 5,6,7
CVE-2015-7194 Oracle Linux firefox Yes 5.1 Network High None Partial Partial Partial 5,6,7
CVE-2015-7196 Oracle Linux firefox Yes 5.1 Network High None Partial Partial Partial 5,6,7
CVE-2015-3240 Oracle Linux libreswan Yes 5.0 Network Low None None None Partial 7
CVE-2015-4695 Oracle Linux libwmf Yes 5.0 Network Low None None None Partial 6,7
CVE-2014-7822 Oracle Linux Unbreakable Enterprise kernel No 4.9 Local Low None None None Complete 6,7
CVE-2015-7188 Oracle Linux firefox Yes 4.3 Network Medium None None Partial None 5,6,7
CVE-2015-7197 Oracle Linux firefox Yes 4.3 Network Medium None Partial None None 5,6,7
CVE-2015-4734 Oracle Linux java-1.6.0-openjdk Yes 4.3 Network Medium None Partial None None 5,6,7
CVE-2015-4803 Oracle Linux java-1.6.0-openjdk Yes 4.3 Network Medium None None None Partial 5,6,7
CVE-2015-4806 Oracle Linux java-1.6.0-openjdk Yes 4.3 Network Medium None None Partial None 5,6,7
CVE-2015-4842 Oracle Linux java-1.6.0-openjdk Yes 4.3 Network Medium None Partial None None 5,6,7
CVE-2015-4872 Oracle Linux java-1.6.0-openjdk Yes 4.3 Network Medium None None Partial None 5,6,7
CVE-2015-4882 Oracle Linux java-1.6.0-openjdk Yes 4.3 Network Medium None None None Partial 5,6,7
CVE-2015-4893 Oracle Linux java-1.6.0-openjdk Yes 4.3 Network Medium None None None Partial 5,6,7
CVE-2015-4903 Oracle Linux java-1.6.0-openjdk Yes 4.3 Network Medium None Partial None None 5,6,7
CVE-2015-4911 Oracle Linux java-1.6.0-openjdk Yes 4.3 Network Medium None None None Partial 5,6,7
CVE-2015-4734 Oracle Linux java-1.7.0-openjdk Yes 4.3 Network Medium None Partial None None 5,6,7
CVE-2015-4803 Oracle Linux java-1.7.0-openjdk Yes 4.3 Network Medium None None None Partial 5,6,7
CVE-2015-4806 Oracle Linux java-1.7.0-openjdk Yes 4.3 Network Medium None None Partial None 5,6,7
CVE-2015-4840 Oracle Linux java-1.7.0-openjdk Yes 4.3 Network Medium None Partial None None 5,6,7
CVE-2015-4842 Oracle Linux java-1.7.0-openjdk Yes 4.3 Network Medium None Partial None None 5,6,7
CVE-2015-4872 Oracle Linux java-1.7.0-openjdk Yes 4.3 Network Medium None None Partial None 5,6,7
CVE-2015-4882 Oracle Linux java-1.7.0-openjdk Yes 4.3 Network Medium None None None Partial 5,6,7
CVE-2015-4893 Oracle Linux java-1.7.0-openjdk Yes 4.3 Network Medium None None None Partial 5,6,7
CVE-2015-4903 Oracle Linux java-1.7.0-openjdk Yes 4.3 Network Medium None Partial None None 5,6,7
CVE-2015-4911 Oracle Linux java-1.7.0-openjdk Yes 4.3 Network Medium None None None Partial 5,6,7
CVE-2015-4734 Oracle Linux java-1.8.0-openjdk Yes 4.3 Network Medium None Partial None None 6,7
CVE-2015-4803 Oracle Linux java-1.8.0-openjdk Yes 4.3 Network Medium None None None Partial 6,7
CVE-2015-4806 Oracle Linux java-1.8.0-openjdk Yes 4.3 Network Medium None None Partial None 6,7
CVE-2015-4840 Oracle Linux java-1.8.0-openjdk Yes 4.3 Network Medium None Partial None None 6,7
CVE-2015-4842 Oracle Linux java-1.8.0-openjdk Yes 4.3 Network Medium None Partial None None 6,7
CVE-2015-4868 Oracle Linux java-1.8.0-openjdk Yes 4.3 Network Medium None None Partial None 6,7
CVE-2015-4872 Oracle Linux java-1.8.0-openjdk Yes 4.3 Network Medium None None Partial None 6,7
CVE-2015-4882 Oracle Linux java-1.8.0-openjdk Yes 4.3 Network Medium None None None Partial 6,7
CVE-2015-4893 Oracle Linux java-1.8.0-openjdk Yes 4.3 Network Medium None None None Partial 6,7
CVE-2015-4903 Oracle Linux java-1.8.0-openjdk Yes 4.3 Network Medium None Partial None None 6,7
CVE-2015-4911 Oracle Linux java-1.8.0-openjdk Yes 4.3 Network Medium None None None Partial 6,7
CVE-2015-4696 Oracle Linux libwmf Yes 4.3 Network Medium None None None Partial 6,7
CVE-2015-5300 Oracle Linux ntp Yes 4.3 Network Medium None None Partial None 6,7
CVE-2015-5289 Oracle Linux postgresql Yes 4.3 Network Medium None None None Partial 7
CVE-2014-8559 Oracle Linux kernel No 4.0 Local High None None None Complete 7
CVE-2015-5288 Oracle Linux postgresql No 4.0 Network Low Single Partial None None 6,7
CVE-2015-5292 Oracle Linux sssd No 2.1 Network High Single None None Partial 6
 

 

Revision 1: Published on 2015-10-20



CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base Score Access Vector Access Complexity Authen-
tication
Confiden-
tiality
Integrity Avail-
ability
CVE-2015-4700 Oracle Linux kernel No 7.2 Local Low None Complete Complete Complete 7
CVE-2015-1335 Oracle Linux lxc No 7.2 Local Low None Complete Complete Complete 6,7
CVE-2015-5364 Oracle Linux kernel Yes 7.1 Network Medium None None None Complete 7
CVE-2015-5366 Oracle Linux kernel Yes 7.1 Network Medium None None None Complete 7
CVE-2015-4500 Oracle Linux firefox Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4509 Oracle Linux firefox Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4510 Oracle Linux firefox Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4500 Oracle Linux thunderbird Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4509 Oracle Linux thunderbird Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4517 Oracle Linux thunderbird Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4520 Oracle Linux thunderbird Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4521 Oracle Linux thunderbird Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-4522 Oracle Linux thunderbird Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-7174 Oracle Linux thunderbird Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-7175 Oracle Linux thunderbird Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-7176 Oracle Linux thunderbird Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-7177 Oracle Linux thunderbird Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-7180 Oracle Linux thunderbird Yes 6.8 Network Medium None Partial Partial Partial 5,6,7
CVE-2015-5260 Oracle Linux spice Yes 5.8 Network Medium None None Partial Partial 7
CVE-2015-5260 Oracle Linux spice-server Yes 5.8 Network Medium None None Partial Partial 6
CVE-2015-3212 Oracle Linux kernel No 5.6 Local Low None None Partial Complete 7
CVE-2015-3212 Oracle Linux Unbreakable Enterprise kernel No 5.6 Local Low None None Partial Complete 6,7
CVE-2015-6908 Oracle Linux openldap Yes 5.0 Network Low None None None Partial 5,6,7
CVE-2015-1333 Oracle Linux kernel No 4.9 Local Low None None None Complete 7
CVE-2015-1333 Oracle Linux Unbreakable Enterprise kernel No 4.9 Local Low None None None Complete 6,7
CVE-2015-0275 Oracle Linux kernel No 4.7 Local Medium None None None Complete 7
CVE-2015-5261 Oracle Linux spice No 4.3 Adjacent network Medium None Partial None Partial 7
CVE-2015-5261 Oracle Linux spice-server No 4.3 Adjacent network Medium None Partial None Partial 6
CVE-2015-4519 Oracle Linux thunderbird Yes 4.3 Network Medium None Partial None None 5,6,7
CVE-2015-5165 Oracle Linux qemu-kvm No 3.3 Adjacent network Low None Partial None None 7
CVE-2015-5165 Oracle Linux qemu-kvm No 3.3 Adjacent network Low None Partial None None 6
CVE-2014-9585 Oracle Linux kernel No 1.9 Local Medium None Partial None None 7
CVE-2014-8178 Oracle Linux docker-engine No 1.2 Local High None None Partial None 6,7
CVE-2014-8179 Oracle Linux docker-engine No 1.2 Local High None None Partial None 6,7