The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin. Oracle Linux Bulletins are published on the same day as Oracle Critical Patch Updates are released. These bulletins will also be updated on the Tuesday closest to the 17th of the following two months after their release (i.e., the two months between the normal quarterly Critical Patch Update publication dates) to cover all CVEs that had been resolved in those two months following the bulletin's publication. In addition, Oracle Linux Bulletins may also be updated for vulnerability fixes deemed too critical to wait for the next scheduled bulletin publication date.
Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Oracle Linux Bulletin fixes as soon as possible.
Please see ULN Advisory http://linux.oracle.com/ol-pad-bulletin
Oracle Linux Bulletins are released on the Tuesday closest to the 17th day of January, April, July and October. The next four dates are:
2015-December-21 | Rev 3. New CVEs Added |
2015-November-20 | Rev 2. New CVEs Added |
2015-October-20 | Rev 1. Initial Release |
This Oracle Linux Bulletin contains 227 new security fixes for the Oracle Linux. 156 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.
CVE# | Product | Component | Remote Exploit without Auth.? | CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) | Supported Versions Affected | ||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Base Score | Access Vector | Access Complexity | Authentication | Confidentiality | Integrity | Availability | |||||
CVE-2015-1782 | Oracle Linux | libssh2 | Yes | 7.8 | Network | Low | None | None | None | Complete | 7 |
CVE-2015-7501 | Oracle Linux | apache-commons-collections | Yes | 7.5 | Network | Low | None | Partial | Partial | Partial | 7 |
CVE-2015-7501 | Oracle Linux | jakarta-commons-collections | Yes | 7.5 | Network | Low | None | Partial | Partial | Partial | 6 |
CVE-2015-7872 | Oracle Linux | kernel | No | 7.2 | Local | Low | None | Complete | Complete | Complete | 6 |
CVE-2015-5287 | Oracle Linux | abrt and libreport | No | 6.9 | Local | Medium | None | Complete | Complete | Complete | 7 |
CVE-2015-8370 | Oracle Linux | grub2 | No | 6.9 | Local | Medium | None | Complete | Complete | Complete | 7 |
CVE-2014-8485 | Oracle Linux | binutils | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 7 |
CVE-2015-7201 | Oracle Linux | firefox | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-7210 | Oracle Linux | firefox | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-7545 | Oracle Linux | git | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 7 |
CVE-2015-4513 | Oracle Linux | thunderbird | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-7198 | Oracle Linux | thunderbird | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-7199 | Oracle Linux | thunderbird | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-7200 | Oracle Linux | thunderbird | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2014-8240 | Oracle Linux | tigervnc | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 7 |
CVE-2014-8241 | Oracle Linux | tigervnc | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 7 |
CVE-2015-7613 | Oracle Linux | kernel | No | 6.2 | Local | High | None | Complete | Complete | Complete | 6 |
CVE-2015-0239 | Oracle Linux | kernel | No | 6.2 | Local | High | None | Complete | Complete | Complete | 7 |
CVE-2015-3339 | Oracle Linux | kernel | No | 6.2 | Local | High | None | Complete | Complete | Complete | 7 |
CVE-2015-7613 | Oracle Linux | kernel | No | 6.2 | Local | High | None | Complete | Complete | Complete | 7 |
CVE-2015-6563 | Oracle Linux | openssh | No | 6.2 | Local | High | None | Complete | Complete | Complete | 7 |
CVE-2015-7613 | Oracle Linux | Unbreakable Enterprise kernel | No | 6.2 | Local | High | None | Complete | Complete | Complete | 6,7 |
CVE-2015-1821 | Oracle Linux | chrony | No | 6.0 | Network | Medium | Single | Partial | Partial | Partial | 7 |
CVE-2015-1822 | Oracle Linux | chrony | No | 6.0 | Network | Medium | Single | Partial | Partial | Partial | 7 |
CVE-2015-2925 | Oracle Linux | kernel | No | 6.0 | Local | High | Single | Complete | Complete | Complete | 6 |
CVE-2015-2925 | Oracle Linux | kernel | No | 6.0 | Local | High | Single | Complete | Complete | Complete | 7 |
CVE-2015-2694 | Oracle Linux | krb5 | Yes | 5.8 | Network | Medium | None | Partial | Partial | None | 7 |
CVE-2015-5212 | Oracle Linux | libreoffice | Yes | 5.8 | Network | Medium | None | None | Partial | Partial | 6,7 |
CVE-2015-5213 | Oracle Linux | libreoffice | Yes | 5.8 | Network | Medium | None | None | Partial | Partial | 6,7 |
CVE-2015-5214 | Oracle Linux | libreoffice | Yes | 5.8 | Network | Medium | None | None | Partial | Partial | 6,7 |
CVE-2015-3455 | Oracle Linux | squid | Yes | 5.8 | Network | Medium | None | Partial | Partial | None | 7 |
CVE-2014-8171 | Oracle Linux | kernel | No | 5.7 | Adjacent network | Medium | None | None | None | Complete | 7 |
CVE-2015-5307 | Oracle Linux | kernel | No | 5.2 | Adjacent network | Medium | Single | None | None | Complete | 6,7 |
CVE-2015-8104 | Oracle Linux | kernel | No | 5.2 | Adjacent network | Medium | Single | None | None | Complete | 6,7 |
CVE-2015-5307 | Oracle Linux | Unbreakable Enterprise kernel | No | 5.2 | Adjacent network | Medium | Single | None | None | Complete | 6,7 |
CVE-2015-8104 | Oracle Linux | Unbreakable Enterprise kernel | No | 5.2 | Adjacent network | Medium | Single | None | None | Complete | 6,7 |
CVE-2014-9112 | Oracle Linux | cpio | Yes | 5.1 | Network | High | None | Partial | Partial | Partial | 7 |
CVE-2015-7205 | Oracle Linux | firefox | Yes | 5.1 | Network | High | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-7212 | Oracle Linux | firefox | Yes | 5.1 | Network | High | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-7213 | Oracle Linux | firefox | Yes | 5.1 | Network | High | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-7222 | Oracle Linux | firefox | Yes | 5.1 | Network | High | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-1781 | Oracle Linux | glibc | Yes | 5.1 | Network | High | None | Partial | Partial | Partial | 7 |
CVE-2015-8126 | Oracle Linux | libpng | Yes | 5.1 | Network | High | None | Partial | Partial | Partial | 6,7 |
CVE-2015-8472 | Oracle Linux | libpng | Yes | 5.1 | Network | High | None | Partial | Partial | Partial | 6,7 |
CVE-2015-8126 | Oracle Linux | libpng12 | Yes | 5.1 | Network | High | None | Partial | Partial | Partial | 7 |
CVE-2015-8472 | Oracle Linux | libpng12 | Yes | 5.1 | Network | High | None | Partial | Partial | Partial | 7 |
CVE-2013-0334 | Oracle Linux | rubygem-bundler and rubygem-thor | Yes | 5.1 | Network | High | None | Partial | Partial | Partial | 7 |
CVE-2015-7189 | Oracle Linux | thunderbird | Yes | 5.1 | Network | High | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-7193 | Oracle Linux | thunderbird | Yes | 5.1 | Network | High | None | Partial | Partial | Partial | 5,6,7 |
CVE-2014-5355 | Oracle Linux | krb5 | Yes | 5.0 | Network | Low | None | None | None | Partial | 7 |
CVE-2014-9298 | Oracle Linux | ntp | Yes | 5.0 | Network | Low | None | Partial | None | None | 7 |
CVE-2014-9751 | Oracle Linux | ntp | Yes | 5.0 | Network | Low | None | Partial | None | None | 7 |
CVE-2014-4650 | Oracle Linux | python | Yes | 5.0 | Network | Low | None | Partial | None | None | 7 |
CVE-2015-6526 | Oracle Linux | kernel | No | 4.9 | Local | Low | None | None | None | Complete | 7 |
CVE-2015-4170 | Oracle Linux | kernel | No | 4.7 | Local | Medium | None | None | None | Complete | 7 |
CVE-2015-5283 | Oracle Linux | kernel | No | 4.7 | Local | Medium | None | None | None | Complete | 7 |
CVE-2015-5283 | Oracle Linux | Unbreakable Enterprise kernel | No | 4.7 | Local | Medium | None | None | None | Complete | 6,7 |
CVE-2014-8169 | Oracle Linux | autofs | No | 4.6 | Local | Low | None | Partial | Partial | Partial | 7 |
CVE-2015-3248 | Oracle Linux | openhpi | No | 4.6 | Local | Low | None | Partial | Partial | Partial | 7 |
CVE-2014-3647 | Oracle Linux | kernel | No | 4.4 | Local | Medium | Single | None | None | Complete | 7 |
CVE-2015-0272 | Oracle Linux | NetworkManager | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-5273 | Oracle Linux | abrt and libreport | Yes | 4.3 | Network | Medium | None | None | Partial | None | 7 |
CVE-2015-8000 | Oracle Linux | bind | Yes | 4.3 | Network | Medium | None | None | None | Partial | 5,6,7 |
CVE-2015-8000 | Oracle Linux | bind97 | Yes | 4.3 | Network | Medium | None | None | None | Partial | 5 |
CVE-2014-8484 | Oracle Linux | binutils | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-1853 | Oracle Linux | chrony | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2014-3613 | Oracle Linux | curl | Yes | 4.3 | Network | Medium | None | None | Partial | None | 7 |
CVE-2014-8150 | Oracle Linux | curl | Yes | 4.3 | Network | Medium | None | None | Partial | None | 7 |
CVE-2014-0207 | Oracle Linux | file | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2014-0237 | Oracle Linux | file | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2014-0238 | Oracle Linux | file | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2014-3478 | Oracle Linux | file | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2014-3479 | Oracle Linux | file | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2014-3480 | Oracle Linux | file | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2014-3487 | Oracle Linux | file | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2014-3538 | Oracle Linux | file | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2014-3587 | Oracle Linux | file | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2014-3710 | Oracle Linux | file | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2014-8116 | Oracle Linux | file | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2014-8117 | Oracle Linux | file | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2014-9652 | Oracle Linux | file | Yes | 4.3 | Network | Medium | None | Partial | None | None | 7 |
CVE-2015-7214 | Oracle Linux | firefox | Yes | 4.3 | Network | Medium | None | Partial | None | None | 5,6,7 |
CVE-2015-4551 | Oracle Linux | libreoffice | Yes | 4.3 | Network | Medium | None | Partial | None | None | 6,7 |
CVE-2015-5312 | Oracle Linux | libxml2 | Yes | 4.3 | Network | Medium | None | None | None | Partial | 6,7 |
CVE-2015-7497 | Oracle Linux | libxml2 | Yes | 4.3 | Network | Medium | None | None | None | Partial | 6,7 |
CVE-2015-7498 | Oracle Linux | libxml2 | Yes | 4.3 | Network | Medium | None | None | None | Partial | 6,7 |
CVE-2015-7499 | Oracle Linux | libxml2 | Yes | 4.3 | Network | Medium | None | None | None | Partial | 6,7 |
CVE-2015-7500 | Oracle Linux | libxml2 | Yes | 4.3 | Network | Medium | None | None | None | Partial | 6,7 |
CVE-2015-7942 | Oracle Linux | libxml2 | Yes | 4.3 | Network | Medium | None | None | None | Partial | 6,7 |
CVE-2015-8241 | Oracle Linux | libxml2 | Yes | 4.3 | Network | Medium | None | Partial | None | None | 6,7 |
CVE-2015-8242 | Oracle Linux | libxml2 | Yes | 4.3 | Network | Medium | None | Partial | None | None | 6,7 |
CVE-2015-8317 | Oracle Linux | libxml2 | Yes | 4.3 | Network | Medium | None | Partial | None | None | 6,7 |
CVE-2014-3565 | Oracle Linux | net-snmp | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-1799 | Oracle Linux | ntp | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-3276 | Oracle Linux | openldap | Yes | 4.3 | Network | Medium | None | None | Partial | None | 7 |
CVE-2015-5600 | Oracle Linux | openssh | Yes | 4.3 | Network | Medium | None | None | Partial | None | 7 |
CVE-2015-3194 | Oracle Linux | openssl | Yes | 4.3 | Network | Medium | None | None | None | Partial | 6,7 |
CVE-2015-3195 | Oracle Linux | openssl | Yes | 4.3 | Network | Medium | None | Partial | None | None | 5,6,7 |
CVE-2015-3196 | Oracle Linux | openssl | Yes | 4.3 | Network | Medium | None | None | None | Partial | 6,7 |
CVE-2013-1752 | Oracle Linux | python | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2013-1753 | Oracle Linux | python | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-2704 | Oracle Linux | realmd | No | 4.3 | Adjacent network | High | None | Partial | Partial | Partial | 7 |
CVE-2015-7197 | Oracle Linux | thunderbird | Yes | 4.3 | Network | Medium | None | Partial | None | None | 5,6,7 |
CVE-2014-8710 | Oracle Linux | wireshark | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2014-8711 | Oracle Linux | wireshark | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2014-8712 | Oracle Linux | wireshark | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2014-8713 | Oracle Linux | wireshark | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2014-8714 | Oracle Linux | wireshark | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-0562 | Oracle Linux | wireshark | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-0563 | Oracle Linux | wireshark | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-0564 | Oracle Linux | wireshark | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-3182 | Oracle Linux | wireshark | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-3810 | Oracle Linux | wireshark | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-3811 | Oracle Linux | wireshark | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-3812 | Oracle Linux | wireshark | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-3813 | Oracle Linux | wireshark | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-6243 | Oracle Linux | wireshark | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-6244 | Oracle Linux | wireshark | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-6245 | Oracle Linux | wireshark | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-6246 | Oracle Linux | wireshark | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-6248 | Oracle Linux | wireshark | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2015-3258 | Oracle Linux | cups-filters | No | 4.0 | Adjacent network | High | Single | Partial | Partial | Partial | 7 |
CVE-2015-3279 | Oracle Linux | cups-filters | No | 4.0 | Adjacent network | High | Single | Partial | Partial | Partial | 7 |
CVE-2014-3707 | Oracle Linux | curl | Yes | 4.0 | Network | High | None | Partial | None | Partial | 7 |
CVE-2015-3143 | Oracle Linux | curl | Yes | 4.0 | Network | High | None | Partial | Partial | None | 7 |
CVE-2015-3148 | Oracle Linux | curl | Yes | 4.0 | Network | High | None | Partial | Partial | None | 7 |
CVE-2010-5313 | Oracle Linux | kernel | No | 4.0 | Local | High | None | None | None | Complete | 7 |
CVE-2014-7842 | Oracle Linux | kernel | No | 4.0 | Local | High | None | None | None | Complete | 7 |
CVE-2015-7981 | Oracle Linux | libpng | No | 4.0 | Network | Low | Single | Partial | None | None | 6 |
CVE-2015-7981 | Oracle Linux | libpng12 | No | 4.0 | Network | Low | Single | Partial | None | None | 7 |
CVE-2015-7941 | Oracle Linux | libxml2 | No | 4.0 | Network | Low | Single | Partial | None | None | 6,7 |
CVE-2014-8119 | Oracle Linux | netcf | No | 4.0 | Network | Low | Single | None | None | Partial | 7 |
CVE-2015-3405 | Oracle Linux | ntp | Yes | 4.0 | Network | High | None | Partial | Partial | None | 7 |
CVE-2015-6564 | Oracle Linux | openssh | Yes | 4.0 | Network | High | None | Partial | Partial | None | 7 |
CVE-2014-4616 | Oracle Linux | python | Yes | 4.0 | Network | High | None | Partial | None | Partial | 7 |
CVE-2014-7185 | Oracle Linux | python | Yes | 4.0 | Network | High | None | Partial | None | Partial | 7 |
CVE-2015-5277 | Oracle Linux | glibc | No | 3.7 | Local | High | None | Partial | Partial | Partial | 7 |
CVE-2015-2924 | Oracle Linux | NetworkManager | No | 3.3 | Adjacent network | Low | None | None | None | Partial | 7 |
CVE-2014-9653 | Oracle Linux | file | No | 3.3 | Local | Medium | None | Partial | None | Partial | 7 |
CVE-2015-2188 | Oracle Linux | wireshark | No | 2.9 | Adjacent network | Medium | None | None | None | Partial | 7 |
CVE-2015-2189 | Oracle Linux | wireshark | No | 2.9 | Adjacent network | Medium | None | None | None | Partial | 7 |
CVE-2015-2191 | Oracle Linux | wireshark | No | 2.9 | Adjacent network | Medium | None | None | None | Partial | 7 |
CVE-2015-5302 | Oracle Linux | abrt and libreport | Yes | 2.6 | Network | High | None | Partial | None | None | 7 |
CVE-2014-8501 | Oracle Linux | binutils | No | 2.6 | Local | High | None | Partial | None | Partial | 7 |
CVE-2014-8502 | Oracle Linux | binutils | No | 2.6 | Local | High | None | Partial | None | Partial | 7 |
CVE-2014-8503 | Oracle Linux | binutils | No | 2.6 | Local | High | None | Partial | None | Partial | 7 |
CVE-2014-8738 | Oracle Linux | binutils | No | 2.6 | Local | High | None | Partial | None | Partial | 7 |
CVE-2015-1472 | Oracle Linux | glibc | No | 2.6 | Local | High | None | Partial | None | Partial | 7 |
CVE-2015-1473 | Oracle Linux | glibc | No | 2.6 | Local | High | None | Partial | None | Partial | 7 |
CVE-2015-5281 | Oracle Linux | grub2 | No | 2.6 | Local | High | None | Partial | Partial | None | 7 |
CVE-2015-5302 | Oracle Linux | libreport | Yes | 2.6 | Network | High | None | Partial | None | None | 6 |
CVE-2015-1819 | Oracle Linux | libxml2 | Yes | 2.6 | Network | High | None | None | None | Partial | 7 |
CVE-2014-9297 | Oracle Linux | ntp | Yes | 2.6 | Network | High | None | Partial | None | None | 7 |
CVE-2014-9750 | Oracle Linux | ntp | Yes | 2.6 | Network | High | None | Partial | None | None | 7 |
CVE-2015-1798 | Oracle Linux | ntp | Yes | 2.6 | Network | High | None | None | Partial | None | 7 |
CVE-2014-8602 | Oracle Linux | unbound | Yes | 2.6 | Network | High | None | None | None | Partial | 7 |
CVE-2014-8737 | Oracle Linux | binutils | No | 2.1 | Local | Low | None | None | Partial | None | 7 |
CVE-2013-7421 | Oracle Linux | kernel | No | 2.1 | Local | Low | None | None | Partial | None | 7 |
CVE-2014-9644 | Oracle Linux | kernel | No | 2.1 | Local | Low | None | None | Partial | None | 7 |
CVE-2015-2675 | Oracle Linux | rest | No | 2.1 | Local | Low | None | None | None | Partial | 7 |
CVE-2015-5292 | Oracle Linux | sssd | No | 2.1 | Network | High | Single | None | None | Partial | 7 |
CVE-2014-9419 | Oracle Linux | kernel | No | 1.9 | Local | Medium | None | Partial | None | None | 7 |
CVE-2015-7837 | Oracle Linux | kernel | No | 1.9 | Local | Medium | None | None | Partial | None | 7 |
CVE-2014-8504 | Oracle Linux | binutils | No | 1.2 | Local | High | None | Partial | None | None | 7 |
CVE-2013-7423 | Oracle Linux | glibc | No | 1.2 | Local | High | None | Partial | None | None | 7 |
CVE-2015-1345 | Oracle Linux | grep | No | 1.2 | Local | High | None | None | None | Partial | 7 |
CVE-2012-2150 | Oracle Linux | xfsprogs | No | 1.2 | Local | High | None | Partial | None | None | 7 |
CVE# | Product | Component | Remote Exploit without Auth.? | CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) | Supported Versions Affected | ||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Base Score | Access Vector | Access Complexity | Authentication | Confidentiality | Integrity | Availability | |||||
CVE-2015-6937 | Oracle Linux | Unbreakable Enterprise kernel | Yes | 7.1 | Network | Medium | None | None | None | Complete | 6,7 |
CVE-2015-1805 | Oracle Linux | Unbreakable Enterprise kernel | No | 6.9 | Local | Medium | None | Complete | Complete | Complete | 6,7 |
CVE-2015-4513 | Oracle Linux | firefox | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-7198 | Oracle Linux | firefox | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4805 | Oracle Linux | java-1.6.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4835 | Oracle Linux | java-1.6.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4843 | Oracle Linux | java-1.6.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4844 | Oracle Linux | java-1.6.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4860 | Oracle Linux | java-1.6.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4881 | Oracle Linux | java-1.6.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4883 | Oracle Linux | java-1.6.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4805 | Oracle Linux | java-1.7.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4835 | Oracle Linux | java-1.7.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4843 | Oracle Linux | java-1.7.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4844 | Oracle Linux | java-1.7.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4860 | Oracle Linux | java-1.7.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4881 | Oracle Linux | java-1.7.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4883 | Oracle Linux | java-1.7.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4805 | Oracle Linux | java-1.8.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 6,7 |
CVE-2015-4835 | Oracle Linux | java-1.8.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 6,7 |
CVE-2015-4843 | Oracle Linux | java-1.8.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 6,7 |
CVE-2015-4844 | Oracle Linux | java-1.8.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 6,7 |
CVE-2015-4860 | Oracle Linux | java-1.8.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 6,7 |
CVE-2015-4881 | Oracle Linux | java-1.8.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 6,7 |
CVE-2015-4883 | Oracle Linux | java-1.8.0-openjdk | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 6,7 |
CVE-2015-5156 | Oracle Linux | kernel | No | 6.8 | Adjacent network | High | None | Complete | Complete | Complete | 7 |
CVE-2015-0848 | Oracle Linux | libwmf | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 6,7 |
CVE-2015-4588 | Oracle Linux | libwmf | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 6,7 |
CVE-2015-7181 | Oracle Linux | nss and nspr | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5 |
CVE-2015-7182 | Oracle Linux | nss and nspr | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5 |
CVE-2015-7183 | Oracle Linux | nss and nspr | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5 |
CVE-2015-7181 | Oracle Linux | nss, nss-util, and nspr | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 6,7 |
CVE-2015-7182 | Oracle Linux | nss, nss-util, and nspr | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 6,7 |
CVE-2015-7183 | Oracle Linux | nss, nss-util, and nspr | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 6,7 |
CVE-2015-5156 | Oracle Linux | Unbreakable Enterprise kernel | No | 6.8 | Adjacent network | High | None | Complete | Complete | Complete | 5,6,7 |
CVE-2015-5279 | Oracle Linux | kvm | No | 6.5 | Adjacent network | High | Single | Complete | Complete | Complete | 5 |
CVE-2015-5279 | Oracle Linux | qemu-kvm | No | 6.5 | Adjacent network | High | Single | Complete | Complete | Complete | 6 |
CVE-2015-5279 | Oracle Linux | xen | No | 6.5 | Adjacent network | High | Single | Complete | Complete | Complete | 5 |
CVE-2015-7704 | Oracle Linux | ntp | Yes | 6.4 | Network | Low | None | None | Partial | Partial | 6,7 |
CVE-2015-1779 | Oracle Linux | qemu-kvm | No | 5.7 | Adjacent network | Medium | None | None | None | Complete | 7 |
CVE-2015-7189 | Oracle Linux | firefox | Yes | 5.1 | Network | High | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-7193 | Oracle Linux | firefox | Yes | 5.1 | Network | High | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-7194 | Oracle Linux | firefox | Yes | 5.1 | Network | High | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-7196 | Oracle Linux | firefox | Yes | 5.1 | Network | High | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-3240 | Oracle Linux | libreswan | Yes | 5.0 | Network | Low | None | None | None | Partial | 7 |
CVE-2015-4695 | Oracle Linux | libwmf | Yes | 5.0 | Network | Low | None | None | None | Partial | 6,7 |
CVE-2014-7822 | Oracle Linux | Unbreakable Enterprise kernel | No | 4.9 | Local | Low | None | None | None | Complete | 6,7 |
CVE-2015-7188 | Oracle Linux | firefox | Yes | 4.3 | Network | Medium | None | None | Partial | None | 5,6,7 |
CVE-2015-7197 | Oracle Linux | firefox | Yes | 4.3 | Network | Medium | None | Partial | None | None | 5,6,7 |
CVE-2015-4734 | Oracle Linux | java-1.6.0-openjdk | Yes | 4.3 | Network | Medium | None | Partial | None | None | 5,6,7 |
CVE-2015-4803 | Oracle Linux | java-1.6.0-openjdk | Yes | 4.3 | Network | Medium | None | None | None | Partial | 5,6,7 |
CVE-2015-4806 | Oracle Linux | java-1.6.0-openjdk | Yes | 4.3 | Network | Medium | None | None | Partial | None | 5,6,7 |
CVE-2015-4842 | Oracle Linux | java-1.6.0-openjdk | Yes | 4.3 | Network | Medium | None | Partial | None | None | 5,6,7 |
CVE-2015-4872 | Oracle Linux | java-1.6.0-openjdk | Yes | 4.3 | Network | Medium | None | None | Partial | None | 5,6,7 |
CVE-2015-4882 | Oracle Linux | java-1.6.0-openjdk | Yes | 4.3 | Network | Medium | None | None | None | Partial | 5,6,7 |
CVE-2015-4893 | Oracle Linux | java-1.6.0-openjdk | Yes | 4.3 | Network | Medium | None | None | None | Partial | 5,6,7 |
CVE-2015-4903 | Oracle Linux | java-1.6.0-openjdk | Yes | 4.3 | Network | Medium | None | Partial | None | None | 5,6,7 |
CVE-2015-4911 | Oracle Linux | java-1.6.0-openjdk | Yes | 4.3 | Network | Medium | None | None | None | Partial | 5,6,7 |
CVE-2015-4734 | Oracle Linux | java-1.7.0-openjdk | Yes | 4.3 | Network | Medium | None | Partial | None | None | 5,6,7 |
CVE-2015-4803 | Oracle Linux | java-1.7.0-openjdk | Yes | 4.3 | Network | Medium | None | None | None | Partial | 5,6,7 |
CVE-2015-4806 | Oracle Linux | java-1.7.0-openjdk | Yes | 4.3 | Network | Medium | None | None | Partial | None | 5,6,7 |
CVE-2015-4840 | Oracle Linux | java-1.7.0-openjdk | Yes | 4.3 | Network | Medium | None | Partial | None | None | 5,6,7 |
CVE-2015-4842 | Oracle Linux | java-1.7.0-openjdk | Yes | 4.3 | Network | Medium | None | Partial | None | None | 5,6,7 |
CVE-2015-4872 | Oracle Linux | java-1.7.0-openjdk | Yes | 4.3 | Network | Medium | None | None | Partial | None | 5,6,7 |
CVE-2015-4882 | Oracle Linux | java-1.7.0-openjdk | Yes | 4.3 | Network | Medium | None | None | None | Partial | 5,6,7 |
CVE-2015-4893 | Oracle Linux | java-1.7.0-openjdk | Yes | 4.3 | Network | Medium | None | None | None | Partial | 5,6,7 |
CVE-2015-4903 | Oracle Linux | java-1.7.0-openjdk | Yes | 4.3 | Network | Medium | None | Partial | None | None | 5,6,7 |
CVE-2015-4911 | Oracle Linux | java-1.7.0-openjdk | Yes | 4.3 | Network | Medium | None | None | None | Partial | 5,6,7 |
CVE-2015-4734 | Oracle Linux | java-1.8.0-openjdk | Yes | 4.3 | Network | Medium | None | Partial | None | None | 6,7 |
CVE-2015-4803 | Oracle Linux | java-1.8.0-openjdk | Yes | 4.3 | Network | Medium | None | None | None | Partial | 6,7 |
CVE-2015-4806 | Oracle Linux | java-1.8.0-openjdk | Yes | 4.3 | Network | Medium | None | None | Partial | None | 6,7 |
CVE-2015-4840 | Oracle Linux | java-1.8.0-openjdk | Yes | 4.3 | Network | Medium | None | Partial | None | None | 6,7 |
CVE-2015-4842 | Oracle Linux | java-1.8.0-openjdk | Yes | 4.3 | Network | Medium | None | Partial | None | None | 6,7 |
CVE-2015-4868 | Oracle Linux | java-1.8.0-openjdk | Yes | 4.3 | Network | Medium | None | None | Partial | None | 6,7 |
CVE-2015-4872 | Oracle Linux | java-1.8.0-openjdk | Yes | 4.3 | Network | Medium | None | None | Partial | None | 6,7 |
CVE-2015-4882 | Oracle Linux | java-1.8.0-openjdk | Yes | 4.3 | Network | Medium | None | None | None | Partial | 6,7 |
CVE-2015-4893 | Oracle Linux | java-1.8.0-openjdk | Yes | 4.3 | Network | Medium | None | None | None | Partial | 6,7 |
CVE-2015-4903 | Oracle Linux | java-1.8.0-openjdk | Yes | 4.3 | Network | Medium | None | Partial | None | None | 6,7 |
CVE-2015-4911 | Oracle Linux | java-1.8.0-openjdk | Yes | 4.3 | Network | Medium | None | None | None | Partial | 6,7 |
CVE-2015-4696 | Oracle Linux | libwmf | Yes | 4.3 | Network | Medium | None | None | None | Partial | 6,7 |
CVE-2015-5300 | Oracle Linux | ntp | Yes | 4.3 | Network | Medium | None | None | Partial | None | 6,7 |
CVE-2015-5289 | Oracle Linux | postgresql | Yes | 4.3 | Network | Medium | None | None | None | Partial | 7 |
CVE-2014-8559 | Oracle Linux | kernel | No | 4.0 | Local | High | None | None | None | Complete | 7 |
CVE-2015-5288 | Oracle Linux | postgresql | No | 4.0 | Network | Low | Single | Partial | None | None | 6,7 |
CVE-2015-5292 | Oracle Linux | sssd | No | 2.1 | Network | High | Single | None | None | Partial | 6 |
CVE# | Product | Component | Remote Exploit without Auth.? | CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) | Supported Versions Affected | ||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Base Score | Access Vector | Access Complexity | Authentication | Confidentiality | Integrity | Availability | |||||
CVE-2015-4700 | Oracle Linux | kernel | No | 7.2 | Local | Low | None | Complete | Complete | Complete | 7 |
CVE-2015-1335 | Oracle Linux | lxc | No | 7.2 | Local | Low | None | Complete | Complete | Complete | 6,7 |
CVE-2015-5364 | Oracle Linux | kernel | Yes | 7.1 | Network | Medium | None | None | None | Complete | 7 |
CVE-2015-5366 | Oracle Linux | kernel | Yes | 7.1 | Network | Medium | None | None | None | Complete | 7 |
CVE-2015-4500 | Oracle Linux | firefox | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4509 | Oracle Linux | firefox | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4510 | Oracle Linux | firefox | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4500 | Oracle Linux | thunderbird | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4509 | Oracle Linux | thunderbird | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4517 | Oracle Linux | thunderbird | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4520 | Oracle Linux | thunderbird | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4521 | Oracle Linux | thunderbird | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-4522 | Oracle Linux | thunderbird | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-7174 | Oracle Linux | thunderbird | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-7175 | Oracle Linux | thunderbird | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-7176 | Oracle Linux | thunderbird | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-7177 | Oracle Linux | thunderbird | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-7180 | Oracle Linux | thunderbird | Yes | 6.8 | Network | Medium | None | Partial | Partial | Partial | 5,6,7 |
CVE-2015-5260 | Oracle Linux | spice | Yes | 5.8 | Network | Medium | None | None | Partial | Partial | 7 |
CVE-2015-5260 | Oracle Linux | spice-server | Yes | 5.8 | Network | Medium | None | None | Partial | Partial | 6 |
CVE-2015-3212 | Oracle Linux | kernel | No | 5.6 | Local | Low | None | None | Partial | Complete | 7 |
CVE-2015-3212 | Oracle Linux | Unbreakable Enterprise kernel | No | 5.6 | Local | Low | None | None | Partial | Complete | 6,7 |
CVE-2015-6908 | Oracle Linux | openldap | Yes | 5.0 | Network | Low | None | None | None | Partial | 5,6,7 |
CVE-2015-1333 | Oracle Linux | kernel | No | 4.9 | Local | Low | None | None | None | Complete | 7 |
CVE-2015-1333 | Oracle Linux | Unbreakable Enterprise kernel | No | 4.9 | Local | Low | None | None | None | Complete | 6,7 |
CVE-2015-0275 | Oracle Linux | kernel | No | 4.7 | Local | Medium | None | None | None | Complete | 7 |
CVE-2015-5261 | Oracle Linux | spice | No | 4.3 | Adjacent network | Medium | None | Partial | None | Partial | 7 |
CVE-2015-5261 | Oracle Linux | spice-server | No | 4.3 | Adjacent network | Medium | None | Partial | None | Partial | 6 |
CVE-2015-4519 | Oracle Linux | thunderbird | Yes | 4.3 | Network | Medium | None | Partial | None | None | 5,6,7 |
CVE-2015-5165 | Oracle Linux | qemu-kvm | No | 3.3 | Adjacent network | Low | None | Partial | None | None | 7 |
CVE-2015-5165 | Oracle Linux | qemu-kvm | No | 3.3 | Adjacent network | Low | None | Partial | None | None | 6 |
CVE-2014-9585 | Oracle Linux | kernel | No | 1.9 | Local | Medium | None | Partial | None | None | 7 |
CVE-2014-8178 | Oracle Linux | docker-engine | No | 1.2 | Local | High | None | None | Partial | None | 6,7 |
CVE-2014-8179 | Oracle Linux | docker-engine | No | 1.2 | Local | High | None | None | Partial | None | 6,7 |