No results found

Your search did not match any results.

We suggest you try the following to help find what you’re looking for:

  • Check the spelling of your keyword search.
  • Use synonyms for the keyword you typed, for example, try “application” instead of “software.”
  • Try one of the popular searches shown below.
  • Start a new search.
Trending Questions

Oracle VM Server for x86 Bulletin - October 2020


Description

The Oracle VM Server for x86 Bulletin lists all CVEs that had been resolved and announced in Oracle VM Server for x86 Security Advisories (OVMSA) in the last one month prior to the release of the bulletin. Oracle VM Server for x86 Bulletins are published on the same day as Oracle Critical Patch Updates are released. These bulletins will also be updated for the following two months after their release (i.e., the two months between the normal quarterly Critical Patch Update publication dates) to cover all CVEs that had been resolved in those two months following the bulletin's publication. In addition, Oracle VM Server for x86 Bulletins may also be updated for vulnerability issues deemed too critical to wait for the next scheduled bulletin publication date.

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Oracle VM Server for x86 Bulletin security patches as soon as possible.


Patch Availability

Please see ULN Advisory https://linux.oracle.com/ovm-bulletin-pad


Oracle VM Server for x86 Bulletin Schedule

Oracle VM Server for x86 Bulletins are released on the Tuesday closest to the 17th day of January, April, July and October. The next four dates are:

  • 19 January 2021
  • 20 April 2021
  • 20 July 2021
  • 19 October 2021

References


Modification History

Date Note
2020-October-20 Rev 1. Initial Release

Oracle VM Server for x86 Executive Summary

This Oracle VM Server for x86 Bulletin contains 40 new security patches for the Oracle VM Server for x86.  40 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password. 

 

Oracle VM Server for x86 Risk Matrix

Revision 1: Published on 2020-10-20

CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 3.0 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base
Score
Attack
Vector
Attack
Complex
Privs
Req'd
User
Interact
Scope Confid-
entiality
Inte-
grity
Avail-
ability
CVE-2016-10905 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2016-10906 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2017-16528 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2017-8924 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2017-8925 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2018-16884 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2018-20856 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2018-9415 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-11487 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-14898 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-15218 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-15505 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-15927 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-16746 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-17075 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-18885 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-19052 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-19073 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-19768 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-19965 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-20054 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-20096 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-20812 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-3846 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-3874 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-5108 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-6974 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-7221 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2019-7222 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2020-10720 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2020-10751 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2020-10769 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2020-14314 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2020-14331 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2020-1749 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2020-25212 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2020-25284 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2020-25285 Oracle VM Server for X86 Unbreakable Enterprise kernel Undefined 3.4
CVE-2020-8622 Oracle VM Server for X86 bind Undefined 3.3,3.4
CVE-2020-14364 Oracle VM Server for X86 qemu-kvm Undefined 3.4