No results found

Your search did not match any results.

We suggest you try the following to help find what you’re looking for:

  • Check the spelling of your keyword search.
  • Use synonyms for the keyword you typed, for example, try “application” instead of “software.”
  • Try one of the popular searches shown below.
  • Start a new search.
Trending Questions
 

Oracle VM Server for x86 Bulletin - April 2021

 

Description

The Oracle VM Server for x86 Bulletin lists all CVEs that had been resolved and announced in Oracle VM Server for x86 Security Advisories (OVMSA) in the last one month prior to the release of the bulletin. Oracle VM Server for x86 Bulletins are published on the same day as Oracle Critical Patch Updates are released. These bulletins will also be updated for the following two months after their release (i.e., the two months between the normal quarterly Critical Patch Update publication dates) to cover all CVEs that had been resolved in those two months following the bulletin's publication. In addition, Oracle VM Server for x86 Bulletins may also be updated for vulnerability issues deemed too critical to wait for the next scheduled bulletin publication date.

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Oracle VM Server for x86 Bulletin security patches as soon as possible.

 

Patch Availability

Please see ULN Advisory https://linux.oracle.com/ovm-bulletin-pad

 

Oracle VM Server for x86 Bulletin Schedule

Oracle VM Server for x86 Bulletins are released on the Tuesday closest to the 17th day of January, April, July and October. The next four dates are:

  • 20 July 2021
  • 19 October 2021
  • 18 January 2022
  • 19 April 2022

References

 

Modification History

Date Note
2021-May-20 Rev 1. Initial Release

Oracle VM Server for x86 Executive Summary

This Oracle VM Server for x86 Bulletin contains 16 new security patches for the Oracle VM Server for x86.

Oracle VM Server for x86 Risk Matrix

Revision 1: Published on 2021-05-20

CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 3.1 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base
Score
Attack
Vector
Attack
Complex
Privs
Req'd
User
Interact
Scope Confid-
entiality
Inte-
grity
Avail-
ability
CVE-2020-29481 Oracle VM Server for x86 xen No 8.8 Local Low Low None Changed High High High 3.4
CVE-2020-25599 Oracle VM Server for x86 xen No 7.8 Local High Low None Changed High High High 3.4
CVE-2020-29040 Oracle VM Server for x86 xen No 7.8 Local High Low None Changed High High High 3.4
CVE-2020-27671 Oracle VM Server for x86 xen No 7.4 Local High None None Unchanged High High High 3.4
CVE-2020-25595 Oracle VM Server for x86 xen No 6.5 Local Low Low None Changed None None High 3.4
CVE-2020-25597 Oracle VM Server for x86 xen No 6.5 Local Low Low None Changed None None High 3.4
CVE-2020-25600 Oracle VM Server for x86 xen No 6.5 Local Low Low None Changed None None High 3.4
CVE-2020-29483 Oracle VM Server for x86 xen No 6.5 Local Low Low None Changed None None High 3.4
CVE-2020-29570 Oracle VM Server for x86 xen No 6.2 Local Low None None Unchanged None None High 3.4
CVE-2020-25601 Oracle VM Server for x86 xen No 6.0 Local Low High None Changed None None High 3.4
CVE-2020-29484 Oracle VM Server for x86 xen No 6.0 Local Low High None Changed None None High 3.4
CVE-2020-25603 Oracle VM Server for x86 xen No 5.6 Local High Low None Changed None None High 3.4
CVE-2020-25604 Oracle VM Server for x86 xen No 5.6 Local High Low None Changed None None High 3.4
CVE-2020-28368 Oracle VM Server for x86 xen No 5.6 Local High Low None Changed High None None 3.4
CVE-2020-27672 Oracle VM Server for x86 xen No 5.1 Local High None None Unchanged None None High 3.4
CVE-2020-29480 Oracle VM Server for x86 xen No 2.3 Local Low High None Unchanged Low None None 3.4