No results found

Your search did not match any results.

We suggest you try the following to help find what you're looking for:

 

  • - Check the spelling of your keyword search.
  • - Use synonyms for the keyword you typed, for example, try “application” instead of “software.”
  • - Try one of the popular searches shown below.
  • - Start a new search.

 

Trending Questions

Oracle Linux Bulletin - October 2017

Description

The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin. Oracle Linux Bulletins are published on the same day as Oracle Critical Patch Updates are released. These bulletins will also be updated for the following two months after their release (i.e., the two months between the normal quarterly Critical Patch Update publication dates) to cover all CVEs that had been resolved in those two months following the bulletin's publication. In addition, Oracle Linux Bulletins may also be updated for vulnerability fixes deemed too critical to wait for the next scheduled bulletin publication date.

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Oracle Linux Bulletin fixes as soon as possible.

Patch Availability

Please see ULN Advisory https://linux.oracle.com/ol-pad-bulletin

Oracle Linux Bulletin Schedule

Oracle Linux Bulletins are released on the Tuesday closest to the 17th day of January, April, July and October. The next four dates are:

  • 16 January 2018
  • 17 April 2018
  • 17 July 2018
  • 16 October 2018

References

Modification History

2017-December-18 Rev 3. New CVEs added.
2017-November-17 Rev 2. New CVEs added.
2017-October-17 Rev 1. Initial Release

Oracle Linux Executive Summary

This Oracle Linux Bulletin contains 118 new security fixes for the Oracle Linux. 80 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.

Oracle Linux Risk Matrix

Revision 3: Published on 2017-12-18

CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base Score Access Vector Access Complexity Authen­tication Confid­entiality Inte­grity Avail­ability
CVE-2017-16527Oracle LinuxUnbreakable Enterprise kernelNo7.2LocalLowNoneCompleteCompleteComplete6,7
CVE-2017-16650Oracle LinuxUnbreakable Enterprise kernelNo7.2LocalLowNoneCompleteCompleteComplete6,7
CVE-2017-7889Oracle LinuxUnbreakable Enterprise kernelNo7.2LocalLowNoneCompleteCompleteComplete6
CVE-2017-10285Oracle Linuxjava-1.7.0-openjdkYes6.8NetworkMediumNonePartialPartialPartial6,7
CVE-2017-10346Oracle Linuxjava-1.7.0-openjdkYes6.8NetworkMediumNonePartialPartialPartial6,7
CVE-2017-1000257Oracle LinuxcurlYes6.4NetworkLowNonePartialNonePartial7
CVE-2017-10388Oracle Linuxjava-1.7.0-openjdkYes5.1NetworkHighNonePartialPartialPartial6,7
CVE-2017-10281Oracle Linuxjava-1.7.0-openjdkYes5.0NetworkLowNoneNoneNonePartial6,7
CVE-2017-10347Oracle Linuxjava-1.7.0-openjdkYes5.0NetworkLowNoneNoneNonePartial6,7
CVE-2017-10348Oracle Linuxjava-1.7.0-openjdkYes5.0NetworkLowNoneNoneNonePartial6,7
CVE-2017-10349Oracle Linuxjava-1.7.0-openjdkYes5.0NetworkLowNoneNoneNonePartial6,7
CVE-2017-10350Oracle Linuxjava-1.7.0-openjdkYes5.0NetworkLowNoneNoneNonePartial6,7
CVE-2017-10355Oracle Linuxjava-1.7.0-openjdkYes5.0NetworkLowNoneNoneNonePartial6,7
CVE-2017-10357Oracle Linuxjava-1.7.0-openjdkYes5.0NetworkLowNoneNoneNonePartial6,7
CVE-2017-2671Oracle LinuxUnbreakable Enterprise kernelNo4.9LocalLowNoneNoneNoneComplete6
CVE-2017-15649Oracle LinuxUnbreakable Enterprise kernelNo4.6LocalLowNonePartialPartialPartial6,7
CVE-2017-10198Oracle Linuxjava-1.7.0-openjdkYes4.3NetworkMediumNonePartialNoneNone6,7
CVE-2017-10295Oracle Linuxjava-1.7.0-openjdkYes4.3NetworkMediumNoneNonePartialNone6,7
CVE-2016-10318Oracle LinuxUnbreakable Enterprise kernelNo4.0NetworkLowSingleNoneNonePartial6,7
CVE-2017-10274Oracle Linuxjava-1.7.0-openjdkYes4.0NetworkHighNonePartialPartialNone6,7
CVE-2017-14167Oracle Linuxqemu-kvmNo3.7LocalHighNonePartialPartialPartial7
CVE-2017-12613Oracle LinuxaprNo3.6LocalLowNonePartialNonePartial6,7
CVE-2017-15289Oracle Linuxqemu-kvmNo2.9Adjacent networkHighSingleNonePartialPartial7
CVE-2017-10193Oracle Linuxjava-1.7.0-openjdkYes2.6NetworkHighNonePartialNoneNone6,7
CVE-2017-10345Oracle Linuxjava-1.7.0-openjdkYes2.6NetworkHighNoneNoneNonePartial6,7
CVE-2017-10356Oracle Linuxjava-1.7.0-openjdkNo2.1LocalLowNonePartialNoneNone6,7
CVE-2017-1000380Oracle LinuxkernelNo2.1LocalLowNonePartialNoneNone7
CVE-2017-1000405Oracle LinuxUnbreakable Enterprise kernelYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-12190Oracle LinuxUnbreakable Enterprise kernelYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7826Oracle LinuxfirefoxYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7828Oracle LinuxfirefoxYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7830Oracle LinuxfirefoxYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7843Oracle LinuxfirefoxYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-15101Oracle LinuxliblouisYes0.0NetworkUndefinedNoneNoneNoneNone7
CVE-2017-12172Oracle LinuxpostgresqlYes0.0NetworkUndefinedNoneNoneNoneNone7
CVE-2017-15097Oracle LinuxpostgresqlYes0.0NetworkUndefinedNoneNoneNoneNone7
CVE-2017-16844Oracle LinuxprocmailYes0.0NetworkUndefinedNoneNoneNoneNone7
CVE-2017-14746Oracle LinuxsambaYes0.0NetworkUndefinedNoneNoneNoneNone7
CVE-2017-15275Oracle LinuxsambaYes0.0NetworkUndefinedNoneNoneNoneNone7
CVE-2017-14746Oracle Linuxsamba4Yes0.0NetworkUndefinedNoneNoneNoneNone6
CVE-2017-15275Oracle Linuxsamba4Yes0.0NetworkUndefinedNoneNoneNoneNone6
CVE-2017-12173Oracle LinuxsssdYes0.0NetworkUndefinedNoneNoneNoneNone7
CVE-2017-7826Oracle LinuxthunderbirdYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7828Oracle LinuxthunderbirdYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7830Oracle LinuxthunderbirdYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-12190Oracle LinuxUnbreakable Enterprise kernelYes0.0NetworkUndefinedNoneNoneNoneNone6

Revision 2: Published on 2017-11-17

CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base Score Access Vector Access Complexity Authen­tication Confid­entiality Inte­grity Avail­ability
CVE-2017-11176Oracle LinuxkernelYes10.0NetworkLowNoneCompleteCompleteComplete7
CVE-2017-11176Oracle LinuxUnbreakable Enterprise kernelYes10.0NetworkLowNoneCompleteCompleteComplete6
CVE-2017-7618Oracle LinuxUnbreakable Enterprise kernelYes7.8NetworkLowNoneNoneNoneComplete6,7
CVE-2017-10661Oracle LinuxUnbreakable Enterprise kernelYes7.6NetworkHighNoneCompleteCompleteComplete6
CVE-2017-1000111Oracle LinuxkernelNo7.2LocalLowNoneCompleteCompleteComplete6,7
CVE-2017-7184Oracle LinuxkernelNo7.2LocalLowNoneCompleteCompleteComplete7
CVE-2017-7541Oracle LinuxkernelNo7.2LocalLowNoneCompleteCompleteComplete7
CVE-2016-10044Oracle LinuxUnbreakable Enterprise kernelNo7.2LocalLowNoneCompleteCompleteComplete6
CVE-2017-1000111Oracle LinuxUnbreakable Enterprise kernelNo7.2LocalLowNoneCompleteCompleteComplete6
CVE-2017-1000363Oracle LinuxUnbreakable Enterprise kernelNo7.2LocalLowNoneCompleteCompleteComplete6
CVE-2017-11473Oracle LinuxUnbreakable Enterprise kernelNo7.2LocalLowNoneCompleteCompleteComplete6
CVE-2017-7308Oracle LinuxUnbreakable Enterprise kernelNo7.2LocalLowNoneCompleteCompleteComplete6
CVE-2017-8831Oracle LinuxUnbreakable Enterprise kernelNo7.2LocalLowNoneCompleteCompleteComplete6
CVE-2017-9074Oracle LinuxUnbreakable Enterprise kernelNo7.2LocalLowNoneCompleteCompleteComplete6
CVE-2017-9075Oracle LinuxUnbreakable Enterprise kernelNo7.2LocalLowNoneCompleteCompleteComplete6
CVE-2017-9077Oracle LinuxUnbreakable Enterprise kernelNo7.2LocalLowNoneCompleteCompleteComplete6
CVE-2017-1000112Oracle LinuxUnbreakable Enterprise kernelNo6.9LocalMediumNoneCompleteCompleteComplete6,7
CVE-2017-1000112Oracle LinuxkernelNo6.9LocalMediumNoneCompleteCompleteComplete6,7
CVE-2017-10285Oracle Linuxjava-1.8.0-openjdkYes6.8NetworkMediumNonePartialPartialPartial6,7
CVE-2017-10346Oracle Linuxjava-1.8.0-openjdkYes6.8NetworkMediumNonePartialPartialPartial6,7
CVE-2016-8399Oracle LinuxkernelNo6.8LocalLowSingleCompleteCompleteComplete7
CVE-2017-13738Oracle LinuxliblouisYes6.8NetworkMediumNonePartialPartialPartial7
CVE-2017-13740Oracle LinuxliblouisYes6.8NetworkMediumNonePartialPartialPartial7
CVE-2016-10168Oracle LinuxphpYes6.8NetworkMediumNonePartialPartialPartial7
CVE-2017-12615Oracle LinuxtomcatYes6.8NetworkMediumNonePartialPartialPartial7
CVE-2017-12617Oracle LinuxtomcatYes6.8NetworkMediumNonePartialPartialPartial7
CVE-2017-12615Oracle Linuxtomcat6Yes6.8NetworkMediumNonePartialPartialPartial6
CVE-2017-12617Oracle Linuxtomcat6Yes6.8NetworkMediumNonePartialPartialPartial6
CVE-2017-13077Oracle Linuxwpa_supplicantNo5.4Adjacent networkMediumNonePartialPartialPartial6,7
CVE-2016-9191Oracle LinuxUnbreakable Enterprise kernelNo5.2Adjacent networkMediumSingleNoneNoneComplete6,7
CVE-2017-10388Oracle Linuxjava-1.8.0-openjdkYes5.1NetworkHighNonePartialPartialPartial6,7
CVE-2017-9798Oracle LinuxhttpdYes5.0NetworkLowNonePartialNoneNone6
CVE-2017-10281Oracle Linuxjava-1.8.0-openjdkYes5.0NetworkLowNoneNoneNonePartial6,7
CVE-2017-10347Oracle Linuxjava-1.8.0-openjdkYes5.0NetworkLowNoneNoneNonePartial6,7
CVE-2017-10348Oracle Linuxjava-1.8.0-openjdkYes5.0NetworkLowNoneNoneNonePartial6,7
CVE-2017-10349Oracle Linuxjava-1.8.0-openjdkYes5.0NetworkLowNoneNoneNonePartial6,7
CVE-2017-10350Oracle Linuxjava-1.8.0-openjdkYes5.0NetworkLowNoneNoneNonePartial6,7
CVE-2017-10355Oracle Linuxjava-1.8.0-openjdkYes5.0NetworkLowNoneNoneNonePartial6,7
CVE-2017-10357Oracle Linuxjava-1.8.0-openjdkYes5.0NetworkLowNoneNoneNonePartial6,7
CVE-2017-5647Oracle LinuxtomcatYes5.0NetworkLowNonePartialNoneNone7
CVE-2017-5647Oracle Linuxtomcat6Yes5.0NetworkLowNonePartialNoneNone6
CVE-2017-5664Oracle Linuxtomcat6Yes5.0NetworkLowNoneNonePartialNone6
CVE-2017-12192Oracle LinuxUnbreakable Enterprise kernelNo4.9LocalLowNoneNoneNoneComplete6,7
CVE-2017-14106Oracle LinuxUnbreakable Enterprise kernelNo4.9LocalLowNoneNoneNoneComplete6,7
CVE-2017-14489Oracle LinuxUnbreakable Enterprise kernelNo4.9LocalLowNoneNoneNoneComplete6,7
CVE-2017-7542Oracle LinuxUnbreakable Enterprise kernelNo4.9LocalLowNoneNoneNoneComplete6,7
CVE-2017-14106Oracle LinuxkernelNo4.9LocalLowNoneNoneNoneComplete6,7
CVE-2017-7542Oracle LinuxkernelNo4.9LocalLowNoneNoneNoneComplete7
CVE-2017-14489Oracle LinuxUnbreakable Enterprise kernelNo4.9LocalLowNoneNoneNoneComplete6
CVE-2017-7542Oracle LinuxUnbreakable Enterprise kernelNo4.9LocalLowNoneNoneNoneComplete6
CVE-2017-6462Oracle LinuxntpNo4.6LocalLowNonePartialPartialPartial6
CVE-2017-12154Oracle LinuxUnbreakable Enterprise kernelNo4.3Adjacent networkHighSingleNoneNoneComplete6,7
CVE-2017-10295Oracle Linuxjava-1.8.0-openjdkYes4.3NetworkMediumNoneNonePartialNone6,7
CVE-2017-13741Oracle LinuxliblouisYes4.3NetworkMediumNoneNoneNonePartial7
CVE-2017-13742Oracle LinuxliblouisYes4.3NetworkMediumNoneNoneNonePartial7
CVE-2017-13743Oracle LinuxliblouisYes4.3NetworkMediumNoneNoneNonePartial7
CVE-2017-13744Oracle LinuxliblouisYes4.3NetworkMediumNoneNoneNonePartial7
CVE-2016-10167Oracle LinuxphpYes4.3NetworkMediumNoneNoneNonePartial7
CVE-2017-7674Oracle LinuxtomcatYes4.3NetworkMediumNoneNonePartialNone7
CVE-2017-10274Oracle Linuxjava-1.8.0-openjdkYes4.0NetworkHighNonePartialPartialNone6,7
CVE-2017-6463Oracle LinuxntpNo4.0NetworkLowSingleNoneNonePartial6
CVE-2017-6464Oracle LinuxntpNo4.0NetworkLowSingleNoneNonePartial6
CVE-2017-10345Oracle Linuxjava-1.8.0-openjdkYes2.6NetworkHighNoneNoneNonePartial6,7
CVE-2017-10356Oracle Linuxjava-1.8.0-openjdkNo2.1LocalLowNonePartialNoneNone6,7
CVE-2017-1000380Oracle LinuxUnbreakable Enterprise kernelNo2.1LocalLowNonePartialNoneNone6
CVE-2017-2618Oracle LinuxUnbreakable Enterprise kernelYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7482Oracle LinuxUnbreakable Enterprise kernelYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-12171Oracle LinuxhttpdYes0.0NetworkUndefinedNoneNoneNoneNone6
CVE-2017-7558Oracle LinuxkernelYes0.0NetworkUndefinedNoneNoneNoneNone7
CVE-2014-8184Oracle LinuxliblouisYes0.0NetworkUndefinedNoneNoneNoneNone7
CVE-2017-13089Oracle LinuxwgetYes0.0NetworkUndefinedNoneNoneNoneNone7
CVE-2017-13090Oracle LinuxwgetYes0.0NetworkUndefinedNoneNoneNoneNone7
CVE-2017-13078Oracle Linuxwpa_supplicantYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-13080Oracle Linuxwpa_supplicantYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-13082Oracle Linuxwpa_supplicantYes0.0NetworkUndefinedNoneNoneNoneNone7
CVE-2017-13086Oracle Linuxwpa_supplicantYes0.0NetworkUndefinedNoneNoneNoneNone7
CVE-2017-13087Oracle Linuxwpa_supplicantYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-13088Oracle Linuxwpa_supplicantYes0.0NetworkUndefinedNoneNoneNoneNone7

Revision 1: Published on 2017-10-17

CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base Score Access Vector Access Complexity Authen­tication Confid­entiality Inte­grity Avail­ability
CVE-2017-14491Oracle LinuxdnsmasqYes10.0NetworkLowNoneCompleteCompleteComplete6,7
CVE-2017-14492Oracle LinuxdnsmasqNo8.3Adjacent networkLowNoneCompleteCompleteComplete7
CVE-2017-14493Oracle LinuxdnsmasqNo8.3Adjacent networkLowNoneCompleteCompleteComplete7
CVE-2017-14494Oracle LinuxdnsmasqYes7.8NetworkLowNoneCompleteNoneNone7
CVE-2017-14495Oracle LinuxdnsmasqYes7.8NetworkLowNoneNoneNoneComplete7
CVE-2017-14496Oracle LinuxdnsmasqYes7.8NetworkLowNoneNoneNoneComplete7
CVE-2017-7555Oracle LinuxaugeasYes7.5NetworkLowNonePartialPartialPartial7
CVE-2017-7546Oracle LinuxpostgresqlYes7.5NetworkLowNonePartialPartialPartial6
CVE-2017-7541Oracle LinuxUnbreakable Enterprise kernelNo7.2LocalLowNoneCompleteCompleteComplete6,7
CVE-2017-7541Oracle LinuxkernelNo7.2LocalLowNoneCompleteCompleteComplete6
CVE-2017-1000365Oracle LinuxUnbreakable Enterprise kernelNo7.2LocalLowNoneCompleteCompleteComplete6
CVE-2017-1000251Oracle LinuxUnbreakable Enterprise kernelNo6.8Adjacent networkHighNoneCompleteCompleteComplete6,7
CVE-2017-1000251Oracle LinuxUnbreakable Enterprise kernelNo6.8Adjacent networkHighNoneCompleteCompleteComplete6
CVE-2017-9798Oracle LinuxhttpdYes5.0NetworkLowNonePartialNoneNone7
CVE-2017-14482Oracle LinuxemacsYes0.0NetworkUndefinedNoneNoneNoneNone7
CVE-2017-7793Oracle LinuxfirefoxYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7810Oracle LinuxfirefoxYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7814Oracle LinuxfirefoxYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7818Oracle LinuxfirefoxYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7819Oracle LinuxfirefoxYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7823Oracle LinuxfirefoxYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7824Oracle LinuxfirefoxYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-1000253Oracle LinuxkernelYes0.0NetworkUndefinedNoneNoneNoneNone6
CVE-2017-7805Oracle LinuxnssYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-12150Oracle LinuxsambaYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-12151Oracle LinuxsambaYes0.0NetworkUndefinedNoneNoneNoneNone7
CVE-2017-12163Oracle LinuxsambaYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-2619Oracle LinuxsambaYes0.0NetworkUndefinedNoneNoneNoneNone6
CVE-2017-12150Oracle Linuxsamba4Yes0.0NetworkUndefinedNoneNoneNoneNone6
CVE-2017-12163Oracle Linuxsamba4Yes0.0NetworkUndefinedNoneNoneNoneNone6
CVE-2017-7793Oracle LinuxthunderbirdYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7810Oracle LinuxthunderbirdYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7814Oracle LinuxthunderbirdYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7818Oracle LinuxthunderbirdYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7819Oracle LinuxthunderbirdYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7823Oracle LinuxthunderbirdYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-7824Oracle LinuxthunderbirdYes0.0NetworkUndefinedNoneNoneNoneNone6,7
CVE-2017-1000253Oracle LinuxUnbreakable Enterprise kernelYes0.0NetworkUndefinedNoneNoneNoneNone6
CVE-2017-12134Oracle LinuxUnbreakable Enterprise kernelYes0.0NetworkUndefinedNoneNoneNoneNone6