Oracle Linux Bulletin - July 2017


Description

The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin. Oracle Linux Bulletins are published on the same day as Oracle Critical Patch Updates are released. These bulletins will also be updated for the following two months after their release (i.e., the two months between the normal quarterly Critical Patch Update publication dates) to cover all CVEs that had been resolved in those two months following the bulletin's publication. In addition, Oracle Linux Bulletins may also be updated for vulnerability fixes deemed too critical to wait for the next scheduled bulletin publication date.

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Oracle Linux Bulletin fixes as soon as possible.


Patch Availability

Please see ULN Advisory http://linux.oracle.com/ol-pad-bulletin


Oracle Linux Bulletin Schedule

Oracle Linux Bulletins are released on the Tuesday closest to the 17th day of January, April, July and October. The next four dates are:

  • 17 October 2017
  • 16 January 2018
  • 17 April 2018
  • 17 July 2018

References


Modification History


2017-September-18 Rev 3. New CVEs added.
2017-August-18 Rev 2. New CVEs added.
2017-July-18 Rev 1. Initial Release

 

Oracle Linux Executive Summary

 

This Oracle Linux Bulletin contains 287 new security fixes for the Oracle Linux.  211 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password. 

 

Oracle Linux Risk Matrix


Revision 3: Published on 2017-09-18



CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base Score Access Vector Access Complexity Authen-
tication
Confiden-
tiality
Integrity Avail-
ability
CVE-2017-7546 Oracle Linux postgresql Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-1000365 Oracle Linux Unbreakable Enterprise kernel No 7.2 Local Low None Complete Complete Complete 6,7
CVE-2017-1000251 Oracle Linux kernel No 6.8 Adjacent network High None Complete Complete Complete 6
CVE-2017-1000251 Oracle Linux kernel No 6.8 Adjacent network High None Complete Complete Complete 7
CVE-2017-9776 Oracle Linux poppler Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2017-1000061 Oracle Linux xmlsec1 Yes 5.8 Network Medium None Partial None Partial 7
CVE-2017-7551 Oracle Linux 389-ds-base Yes 5.0 Network Low None Partial None None 7
CVE-2016-6210 Oracle Linux openssh Yes 5.0 Network Low None Partial None None 6
CVE-2017-9775 Oracle Linux poppler Yes 4.3 Network Medium None None None Partial 7
CVE-2017-7547 Oracle Linux postgresql No 4.0 Network Low Single Partial None None 7
CVE-2016-9685 Oracle Linux Unbreakable Enterprise kernel No 2.1 Local Low None Partial None None 6
CVE-2016-9604 Oracle Linux Unbreakable Enterprise kernel No 1.2 Local High None None Partial None 6
CVE-2017-12134 Oracle Linux Unbreakable Enterprise kernel Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-1000250 Oracle Linux bluez Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7753 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7779 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7784 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7785 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7786 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7787 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7791 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7792 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7800 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7801 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7802 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7803 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7807 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7809 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2016-10200 Oracle Linux Unbreakable Enterprise kernel Yes 0.0 Network Undefined None None None None 6
CVE-2017-9242 Oracle Linux Unbreakable Enterprise kernel Yes 0.0 Network Undefined None None None None 6
 

 

Revision 2: Published on 2017-08-18



CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base Score Access Vector Access Complexity Authen-
tication
Confiden-
tiality
Integrity Avail-
ability
CVE-2017-8890 Oracle Linux kernel Yes 10.0 Network Low None Complete Complete Complete 7
CVE-2017-10985 Oracle Linux freeradius Yes 7.8 Network Low None None None Complete 7
CVE-2017-8797 Oracle Linux kernel Yes 7.8 Network Low None None None Complete 7
CVE-2017-9461 Oracle Linux samba Yes 7.8 Network Low None None None Complete 7
CVE-2017-0553 Oracle Linux NetworkManager and libnl3 Yes 7.6 Network High None Complete Complete Complete 7
CVE-2017-6001 Oracle Linux kernel Yes 7.6 Network High None Complete Complete Complete 7
CVE-2016-10164 Oracle Linux X.org X11 libraries Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-10979 Oracle Linux freeradius Yes 7.5 Network Low None Partial Partial Partial 6
CVE-2017-10984 Oracle Linux freeradius Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-5334 Oracle Linux gnutls Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-5336 Oracle Linux gnutls Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-5337 Oracle Linux gnutls Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-5885 Oracle Linux gtk-vnc Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-3167 Oracle Linux httpd Yes 7.5 Network Low None Partial Partial Partial 6,7
CVE-2017-3169 Oracle Linux httpd Yes 7.5 Network Low None Partial Partial Partial 6,7
CVE-2017-7668 Oracle Linux httpd Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-7679 Oracle Linux httpd Yes 7.5 Network Low None Partial Partial Partial 6,7
CVE-2017-5645 Oracle Linux log4j Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7922 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7923 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7924 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7925 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7926 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7927 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7928 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7929 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7930 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7931 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7932 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7933 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7934 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7935 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7936 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7937 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7938 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7939 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7940 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7973 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7974 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7975 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7983 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7984 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7985 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7986 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7992 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-7993 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-8574 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2016-8575 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-5202 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-5203 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-5204 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-5205 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-5341 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-5342 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-5482 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-5483 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-5484 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-5485 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-5486 Oracle Linux tcpdump Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-1000363 Oracle Linux Unbreakable Enterprise kernel No 7.2 Local Low None Complete Complete Complete 6,7
CVE-2017-9077 Oracle Linux Unbreakable Enterprise kernel No 7.2 Local Low None Complete Complete Complete 6,7
CVE-2017-2647 Oracle Linux kernel No 7.2 Local Low None Complete Complete Complete 7
CVE-2017-7187 Oracle Linux kernel No 7.2 Local Low None Complete Complete Complete 7
CVE-2017-7889 Oracle Linux kernel No 7.2 Local Low None Complete Complete Complete 7
CVE-2017-9074 Oracle Linux kernel No 7.2 Local Low None Complete Complete Complete 7
CVE-2017-9075 Oracle Linux kernel No 7.2 Local Low None Complete Complete Complete 7
CVE-2017-9076 Oracle Linux kernel No 7.2 Local Low None Complete Complete Complete 7
CVE-2017-9077 Oracle Linux kernel No 7.2 Local Low None Complete Complete Complete 7
CVE-2015-2686 Oracle Linux Unbreakable Enterprise kernel No 7.2 Local Low None Complete Complete Complete 6
CVE-2015-1465 Oracle Linux Unbreakable Enterprise kernel Yes 7.1 Network Medium None None None Complete 6
CVE-2016-7543 Oracle Linux bash No 6.9 Local Medium None Complete Complete Complete 7
CVE-2016-10088 Oracle Linux kernel No 6.9 Local Medium None Complete Complete Complete 7
CVE-2016-9806 Oracle Linux kernel No 6.9 Local Medium None Complete Complete Complete 7
CVE-2014-9710 Oracle Linux Unbreakable Enterprise kernel No 6.9 Local Medium None Complete Complete Complete 6
CVE-2014-9938 Oracle Linux git Yes 6.8 Network Medium None Partial Partial Partial 7
CVE-2017-5884 Oracle Linux gtk-vnc Yes 6.8 Network Medium None Partial Partial Partial 7
CVE-2017-10096 Oracle Linux java-1.7.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2017-10101 Oracle Linux java-1.7.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2017-10102 Oracle Linux java-1.7.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2017-10107 Oracle Linux java-1.7.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2017-10110 Oracle Linux java-1.7.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2017-10096 Oracle Linux java-1.8.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2017-10101 Oracle Linux java-1.8.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2017-10102 Oracle Linux java-1.8.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2017-10107 Oracle Linux java-1.8.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2017-10110 Oracle Linux java-1.8.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2017-10111 Oracle Linux java-1.8.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2016-5617 Oracle Linux mariadb No 6.8 Local Low Single Complete Complete Complete 7
CVE-2016-6664 Oracle Linux mariadb No 6.8 Local Low Single Complete Complete Complete 7
CVE-2015-0261 Oracle Linux tcpdump Yes 6.8 Network Medium None Partial Partial Partial 7
CVE-2015-2153 Oracle Linux tcpdump Yes 6.8 Network Medium None Partial Partial Partial 7
CVE-2015-2154 Oracle Linux tcpdump Yes 6.8 Network Medium None Partial Partial Partial 7
CVE-2015-2155 Oracle Linux tcpdump Yes 6.8 Network Medium None Partial Partial Partial 7
CVE-2017-5581 Oracle Linux tigervnc and fltk Yes 6.8 Network Medium None Partial Partial Partial 7
CVE-2017-8386 Oracle Linux git No 6.5 Network Low Single Partial Partial Partial 7
CVE-2017-7506 Oracle Linux spice No 6.5 Network Low Single Partial Partial Partial 7
CVE-2017-7393 Oracle Linux tigervnc and fltk No 6.5 Network Low Single Partial Partial Partial 7
CVE-2017-9788 Oracle Linux httpd Yes 6.4 Network Low None Partial None Partial 6,7
CVE-2017-5648 Oracle Linux tomcat Yes 6.4 Network Low None Partial Partial None 7
CVE-2016-9576 Oracle Linux kernel No 6.2 Local High None Complete Complete Complete 7
CVE-2017-3600 Oracle Linux mariadb No 6.0 Network Medium Single Partial Partial Partial 7
CVE-2014-9365 Oracle Linux python Yes 5.8 Network Medium None Partial Partial None 7
CVE-2014-9761 Oracle Linux glibc Yes 5.1 Network High None Partial Partial Partial 7
CVE-2015-8778 Oracle Linux glibc Yes 5.1 Network High None Partial Partial Partial 7
CVE-2015-8779 Oracle Linux glibc Yes 5.1 Network High None Partial Partial Partial 7
CVE-2017-10116 Oracle Linux java-1.7.0-openjdk Yes 5.1 Network High None Partial Partial Partial 6,7
CVE-2017-10116 Oracle Linux java-1.8.0-openjdk Yes 5.1 Network High None Partial Partial Partial 6,7
CVE-2016-10199 Oracle Linux GStreamer Yes 5.0 Network Low None None None Partial 7
CVE-2017-5838 Oracle Linux GStreamer Yes 5.0 Network Low None None None Partial 7
CVE-2017-5839 Oracle Linux GStreamer Yes 5.0 Network Low None None None Partial 7
CVE-2017-5840 Oracle Linux GStreamer Yes 5.0 Network Low None None None Partial 7
CVE-2017-5841 Oracle Linux GStreamer Yes 5.0 Network Low None None None Partial 7
CVE-2017-5843 Oracle Linux GStreamer Yes 5.0 Network Low None None None Partial 7
CVE-2017-5845 Oracle Linux GStreamer Yes 5.0 Network Low None None None Partial 7
CVE-2017-5848 Oracle Linux GStreamer Yes 5.0 Network Low None None None Partial 7
CVE-2017-10978 Oracle Linux freeradius Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-10980 Oracle Linux freeradius Yes 5.0 Network Low None None None Partial 6
CVE-2017-10981 Oracle Linux freeradius Yes 5.0 Network Low None None None Partial 6
CVE-2017-10982 Oracle Linux freeradius Yes 5.0 Network Low None None None Partial 6
CVE-2017-10983 Oracle Linux freeradius Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-10986 Oracle Linux freeradius Yes 5.0 Network Low None None None Partial 7
CVE-2017-10987 Oracle Linux freeradius Yes 5.0 Network Low None None None Partial 7
CVE-2017-5335 Oracle Linux gnutls Yes 5.0 Network Low None None None Partial 7
CVE-2017-7507 Oracle Linux gnutls Yes 5.0 Network Low None None None Partial 7
CVE-2017-7869 Oracle Linux gnutls Yes 5.0 Network Low None None None Partial 7
CVE-2017-10108 Oracle Linux java-1.7.0-openjdk Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-10109 Oracle Linux java-1.7.0-openjdk Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-10115 Oracle Linux java-1.7.0-openjdk Yes 5.0 Network Low None Partial None None 6,7
CVE-2017-10108 Oracle Linux java-1.8.0-openjdk Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-10109 Oracle Linux java-1.8.0-openjdk Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-10115 Oracle Linux java-1.8.0-openjdk Yes 5.0 Network Low None Partial None None 6,7
CVE-2017-5970 Oracle Linux kernel Yes 5.0 Network Low None None None Partial 7
CVE-2017-3302 Oracle Linux mariadb Yes 5.0 Network Low None None None Partial 7
CVE-2016-6210 Oracle Linux openssh Yes 5.0 Network Low None Partial None None 7
CVE-2014-3695 Oracle Linux pidgin Yes 5.0 Network Low None None None Partial 7
CVE-2014-3696 Oracle Linux pidgin Yes 5.0 Network Low None None None Partial 7
CVE-2014-3698 Oracle Linux pidgin Yes 5.0 Network Low None Partial None None 7
CVE-2017-7484 Oracle Linux postgresql Yes 5.0 Network Low None Partial None None 7
CVE-2017-7486 Oracle Linux postgresql Yes 5.0 Network Low None Partial None None 7
CVE-2017-10664 Oracle Linux qemu-kvm Yes 5.0 Network Low None None None Partial 7
CVE-2016-10207 Oracle Linux tigervnc and fltk Yes 5.0 Network Low None None None Partial 7
CVE-2017-7392 Oracle Linux tigervnc and fltk Yes 5.0 Network Low None None None Partial 7
CVE-2017-7394 Oracle Linux tigervnc and fltk Yes 5.0 Network Low None None None Partial 7
CVE-2017-7396 Oracle Linux tigervnc and fltk Yes 5.0 Network Low None None None Partial 7
CVE-2017-5664 Oracle Linux tomcat Yes 5.0 Network Low None None Partial None 7
CVE-2015-8970 Oracle Linux kernel No 4.9 Local Low None None None Complete 7
CVE-2016-10147 Oracle Linux kernel No 4.9 Local Low None None None Complete 7
CVE-2016-7042 Oracle Linux kernel No 4.9 Local Low None None None Complete 7
CVE-2016-8645 Oracle Linux kernel No 4.9 Local Low None None None Complete 7
CVE-2017-2671 Oracle Linux kernel No 4.9 Local Low None None None Complete 7
CVE-2017-6951 Oracle Linux kernel No 4.9 Local Low None None None Complete 7
CVE-2017-3265 Oracle Linux mariadb No 4.9 Network Medium Single Partial None Partial 7
CVE-2015-8839 Oracle Linux kernel No 4.7 Local Medium None None Complete None 7
CVE-2015-4167 Oracle Linux Unbreakable Enterprise kernel No 4.7 Local Medium None None None Complete 6
CVE-2017-7273 Oracle Linux Unbreakable Enterprise kernel No 4.6 Local Low None Partial Partial Partial 6,7
CVE-2015-7496 Oracle Linux gdm and gnome-session No 4.6 Local Low None Partial Partial Partial 7
CVE-2016-10009 Oracle Linux openssh No 4.6 Network High Single Partial Partial Partial 7
CVE-2017-7273 Oracle Linux Unbreakable Enterprise kernel No 4.6 Local Low None Partial Partial Partial 6
CVE-2016-10198 Oracle Linux GStreamer Yes 4.3 Network Medium None None None Partial 7
CVE-2016-9446 Oracle Linux GStreamer Yes 4.3 Network Medium None Partial None None 7
CVE-2016-9810 Oracle Linux GStreamer Yes 4.3 Network Medium None None None Partial 7
CVE-2016-9811 Oracle Linux GStreamer Yes 4.3 Network Medium None None None Partial 7
CVE-2017-5837 Oracle Linux GStreamer Yes 4.3 Network Medium None None None Partial 7
CVE-2017-5842 Oracle Linux GStreamer Yes 4.3 Network Medium None None None Partial 7
CVE-2017-5844 Oracle Linux GStreamer Yes 4.3 Network Medium None None None Partial 7
CVE-2016-7167 Oracle Linux curl Yes 4.3 Network Medium None None None Partial 7
CVE-2017-7207 Oracle Linux ghostscript Yes 4.3 Network Medium None None None Partial 7
CVE-2016-7444 Oracle Linux gnutls Yes 4.3 Network Medium None None Partial None 7
CVE-2017-2596 Oracle Linux kernel No 4.3 Adjacent network High Single None None Complete 7
CVE-2015-3622 Oracle Linux libtasn1 Yes 4.3 Network Medium None None None Partial 7
CVE-2016-6515 Oracle Linux openssh Yes 4.3 Network Medium None None None Partial 7
CVE-2016-6213 Oracle Linux Unbreakable Enterprise kernel No 4.0 Local High None None None Complete 6,7
CVE-2017-7488 Oracle Linux authconfig No 4.0 Network Low Single Partial None None 7
CVE-2015-8776 Oracle Linux glibc Yes 4.0 Network High None Partial None Partial 7
CVE-2016-6213 Oracle Linux kernel No 4.0 Local High None None None Complete 7
CVE-2017-3238 Oracle Linux mariadb No 4.0 Network Low Single None None Partial 7
CVE-2017-3244 Oracle Linux mariadb No 4.0 Network Low Single None None Partial 7
CVE-2017-3258 Oracle Linux mariadb No 4.0 Network Low Single None None Partial 7
CVE-2017-3308 Oracle Linux mariadb No 4.0 Network Low Single None None Partial 7
CVE-2017-3309 Oracle Linux mariadb No 4.0 Network Low Single None None Partial 7
CVE-2017-3453 Oracle Linux mariadb No 4.0 Network Low Single None None Partial 7
CVE-2017-3456 Oracle Linux mariadb No 4.0 Network Low Single None None Partial 7
CVE-2017-3464 Oracle Linux mariadb No 4.0 Network Low Single None Partial None 7
CVE-2017-9287 Oracle Linux openldap No 4.0 Network Low Single None None Partial 7
CVE-2017-7395 Oracle Linux tigervnc and fltk No 4.0 Network Low Single None None Partial 7
CVE-2016-5018 Oracle Linux tomcat Yes 4.0 Network High None Partial Partial None 7
CVE-2016-6796 Oracle Linux tomcat Yes 4.0 Network High None Partial Partial None 7
CVE-2017-2633 Oracle Linux qemu-kvm No 3.8 Adjacent network Medium Single None Partial Partial 7
CVE-2017-5898 Oracle Linux qemu-kvm No 3.8 Adjacent network Medium Single None Partial Partial 7
CVE-2016-0634 Oracle Linux bash No 3.7 Local High None Partial Partial Partial 7
CVE-2015-8777 Oracle Linux glibc No 3.7 Local High None Partial Partial Partial 7
CVE-2016-10012 Oracle Linux openssh No 3.6 Network High Single Partial Partial None 7
CVE-2017-3243 Oracle Linux mariadb No 3.5 Network Medium Single None None Partial 7
CVE-2017-3291 Oracle Linux mariadb No 3.5 Local High Single Partial Partial Partial 7
CVE-2017-3312 Oracle Linux mariadb No 3.5 Local High Single Partial Partial Partial 7
CVE-2016-7097 Oracle Linux kernel No 3.3 Local Medium None Partial Partial None 7
CVE-2016-9588 Oracle Linux kernel No 3.3 Adjacent network Low None None None Partial 7
CVE-2014-7975 Oracle Linux kernel No 2.9 Adjacent network Medium None None None Partial 7
CVE-2016-4020 Oracle Linux qemu-kvm No 2.9 Adjacent network Medium None Partial None None 7
CVE-2015-2806 Oracle Linux libtasn1 Yes 2.6 Network High None None None Partial 7
CVE-2014-3694 Oracle Linux pidgin Yes 2.6 Network High None None Partial None 7
CVE-2016-0762 Oracle Linux tomcat Yes 2.6 Network High None Partial None None 7
CVE-2016-6794 Oracle Linux tomcat Yes 2.6 Network High None Partial None None 7
CVE-2016-6797 Oracle Linux tomcat Yes 2.6 Network High None Partial None None 7
CVE-2017-1000380 Oracle Linux Unbreakable Enterprise kernel No 2.1 Local Low None Partial None None 6,7
CVE-2016-9685 Oracle Linux kernel No 2.1 Local Low None Partial None None 7
CVE-2017-7616 Oracle Linux kernel No 2.1 Local Low None Partial None None 7
CVE-2016-9401 Oracle Linux bash No 1.9 Local Medium None None None Partial 7
CVE-2017-3313 Oracle Linux mariadb No 1.5 Local Medium Single Partial None None 7
CVE-2017-3317 Oracle Linux mariadb No 1.5 Local Medium Single None None Partial 7
CVE-2016-9604 Oracle Linux Unbreakable Enterprise kernel No 1.2 Local High None None Partial None 6,7
CVE-2016-9604 Oracle Linux kernel No 1.2 Local High None None Partial None 7
CVE-2014-7970 Oracle Linux kernel No 1.0 Local High Single None None Partial 7
CVE-2017-3318 Oracle Linux mariadb No 1.0 Local High Single Partial None None 7
CVE-2016-10011 Oracle Linux openssh No 1.0 Local High Single Partial None None 7
CVE-2016-10200 Oracle Linux Unbreakable Enterprise kernel Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7533 Oracle Linux Unbreakable Enterprise kernel Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-9242 Oracle Linux Unbreakable Enterprise kernel Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-2625 Oracle Linux X.org X11 libraries Yes 0.0 Network Undefined None None None None 7
CVE-2017-2626 Oracle Linux X.org X11 libraries Yes 0.0 Network Undefined None None None None 7
CVE-2017-1000083 Oracle Linux evince Yes 0.0 Network Undefined None None None None 7
CVE-2017-7753 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7779 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7784 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7785 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7786 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7787 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7791 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7792 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7798 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7800 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7801 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7802 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7803 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7807 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7809 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-1000117 Oracle Linux git Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7771 Oracle Linux graphite2 Yes 0.0 Network Undefined None None None None 7
CVE-2017-7772 Oracle Linux graphite2 Yes 0.0 Network Undefined None None None None 7
CVE-2017-7773 Oracle Linux graphite2 Yes 0.0 Network Undefined None None None None 7
CVE-2017-7774 Oracle Linux graphite2 Yes 0.0 Network Undefined None None None None 7
CVE-2017-7775 Oracle Linux graphite2 Yes 0.0 Network Undefined None None None None 7
CVE-2017-7776 Oracle Linux graphite2 Yes 0.0 Network Undefined None None None None 7
CVE-2017-7777 Oracle Linux graphite2 Yes 0.0 Network Undefined None None None None 7
CVE-2017-7778 Oracle Linux graphite2 Yes 0.0 Network Undefined None None None None 7
CVE-2017-10053 Oracle Linux java-1.7.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10067 Oracle Linux java-1.7.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10074 Oracle Linux java-1.7.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10081 Oracle Linux java-1.7.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10087 Oracle Linux java-1.7.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10089 Oracle Linux java-1.7.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10090 Oracle Linux java-1.7.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10135 Oracle Linux java-1.7.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10243 Oracle Linux java-1.7.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10053 Oracle Linux java-1.8.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10067 Oracle Linux java-1.8.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10074 Oracle Linux java-1.8.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10078 Oracle Linux java-1.8.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10081 Oracle Linux java-1.8.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10087 Oracle Linux java-1.8.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10089 Oracle Linux java-1.8.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10090 Oracle Linux java-1.8.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10135 Oracle Linux java-1.8.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10193 Oracle Linux java-1.8.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-10198 Oracle Linux java-1.8.0-openjdk Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7533 Oracle Linux kernel Yes 0.0 Network Undefined None None None None 7
CVE-2016-10200 Oracle Linux kernel Yes 0.0 Network Undefined None None None None 7
CVE-2017-9242 Oracle Linux kernel Yes 0.0 Network Undefined None None None None 7
CVE-2017-2885 Oracle Linux libsoup Yes 0.0 Network Undefined None None None None 7
CVE-2016-5483 Oracle Linux mariadb Yes 0.0 Network Undefined None None None None 7
CVE-2017-3651 Oracle Linux mariadb Yes 0.0 Network Undefined None None None None 7
CVE-2017-1000115 Oracle Linux mercurial Yes 0.0 Network Undefined None None None None 7
CVE-2017-1000116 Oracle Linux mercurial Yes 0.0 Network Undefined None None None None 7
CVE-2017-2640 Oracle Linux pidgin Yes 0.0 Network Undefined None None None None 7
CVE-2017-7537 Oracle Linux pki-core Yes 0.0 Network Undefined None None None None 7
CVE-2017-9800 Oracle Linux subversion Yes 0.0 Network Undefined None None None None 7
 

 

Revision 1: Published on 2017-07-18



CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base Score Access Vector Access Complexity Authen-
tication
Confiden-
tiality
Integrity Avail-
ability
CVE-2017-7895 Oracle Linux kernel Yes 10.0 Network Low None Complete Complete Complete 6,7
CVE-2017-9462 Oracle Linux mercurial No 9.0 Network Low Single Complete Complete Complete 6,7
CVE-2017-9148 Oracle Linux freeradius Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-1000368 Oracle Linux sudo No 7.2 Local Low None Complete Complete Complete 5,6,7
CVE-2017-7645 Oracle Linux Unbreakable Enterprise kernel Yes 7.1 Network Medium None None None Complete 6,7
CVE-2017-7645 Oracle Linux kernel Yes 7.1 Network Medium None None None Complete 7
CVE-2017-7645 Oracle Linux Unbreakable Enterprise kernel Yes 7.1 Network Medium None None None Complete 5,6
CVE-2017-7477 Oracle Linux Unbreakable Enterprise kernel No 6.9 Local Medium None Complete Complete Complete 6,7
CVE-2017-7477 Oracle Linux kernel No 6.9 Local Medium None Complete Complete Complete 7
CVE-2017-1000364 Oracle Linux Unbreakable Enterprise kernel No 6.2 Local High None Complete Complete Complete 6,7
CVE-2017-1000366 Oracle Linux glibc No 6.2 Local High None Complete Complete Complete 5,6,7
CVE-2017-1000364 Oracle Linux kernel No 6.2 Local High None Complete Complete Complete 5,6,7
CVE-2017-1000364 Oracle Linux Unbreakable Enterprise kernel No 6.2 Local High None Complete Complete Complete 6
CVE-2017-7749 Oracle Linux thunderbird Yes 5.1 Network High None Partial Partial Partial 6,7
CVE-2017-6214 Oracle Linux kernel Yes 5.0 Network Low None None None Partial 7
CVE-2017-9524 Oracle Linux qemu-kvm Yes 5.0 Network Low None None None Partial 7
CVE-2017-2583 Oracle Linux kernel No 4.9 Adjacent network Medium Single Partial Partial Partial 7
CVE-2016-8743 Oracle Linux httpd Yes 4.3 Network Medium None None Partial None 6
CVE-2017-3142 Oracle Linux bind Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-3143 Oracle Linux bind Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-5470 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-5472 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7750 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7751 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7752 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7754 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7756 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7757 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7758 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7764 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7771 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7772 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7773 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7774 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7775 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7776 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7777 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7778 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7