Oracle Linux Bulletin - October 2017


Description

The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin. Oracle Linux Bulletins are published on the same day as Oracle Critical Patch Updates are released. These bulletins will also be updated for the following two months after their release (i.e., the two months between the normal quarterly Critical Patch Update publication dates) to cover all CVEs that had been resolved in those two months following the bulletin's publication. In addition, Oracle Linux Bulletins may also be updated for vulnerability fixes deemed too critical to wait for the next scheduled bulletin publication date.

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Oracle Linux Bulletin fixes as soon as possible.


Patch Availability

Please see ULN Advisory http://linux.oracle.com/ol-pad-bulletin


Oracle Linux Bulletin Schedule

Oracle Linux Bulletins are released on the Tuesday closest to the 17th day of January, April, July and October. The next four dates are:

  • 16 January 2018
  • 17 April 2018
  • 17 July 2018
  • 16 October 2018

References


Modification History


2017-December-18 Rev 3. New CVEs added.
2017-November-17 Rev 2. New CVEs added.
2017-October-17 Rev 1. Initial Release

 

Oracle Linux Executive Summary

 

This Oracle Linux Bulletin contains 118 new security fixes for the Oracle Linux.  80 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password. 

 

Oracle Linux Risk Matrix


Revision 3: Published on 2017-12-18



CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base Score Access Vector Access Complexity Authen-
tication
Confiden-
tiality
Integrity Avail-
ability
CVE-2017-16527 Oracle Linux Unbreakable Enterprise kernel No 7.2 Local Low None Complete Complete Complete 6,7
CVE-2017-16650 Oracle Linux Unbreakable Enterprise kernel No 7.2 Local Low None Complete Complete Complete 6,7
CVE-2017-7889 Oracle Linux Unbreakable Enterprise kernel No 7.2 Local Low None Complete Complete Complete 6
CVE-2017-10285 Oracle Linux java-1.7.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2017-10346 Oracle Linux java-1.7.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2017-1000257 Oracle Linux curl Yes 6.4 Network Low None Partial None Partial 7
CVE-2017-10388 Oracle Linux java-1.7.0-openjdk Yes 5.1 Network High None Partial Partial Partial 6,7
CVE-2017-10281 Oracle Linux java-1.7.0-openjdk Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-10347 Oracle Linux java-1.7.0-openjdk Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-10348 Oracle Linux java-1.7.0-openjdk Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-10349 Oracle Linux java-1.7.0-openjdk Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-10350 Oracle Linux java-1.7.0-openjdk Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-10355 Oracle Linux java-1.7.0-openjdk Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-10357 Oracle Linux java-1.7.0-openjdk Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-2671 Oracle Linux Unbreakable Enterprise kernel No 4.9 Local Low None None None Complete 6
CVE-2017-15649 Oracle Linux Unbreakable Enterprise kernel No 4.6 Local Low None Partial Partial Partial 6,7
CVE-2017-10198 Oracle Linux java-1.7.0-openjdk Yes 4.3 Network Medium None Partial None None 6,7
CVE-2017-10295 Oracle Linux java-1.7.0-openjdk Yes 4.3 Network Medium None None Partial None 6,7
CVE-2016-10318 Oracle Linux Unbreakable Enterprise kernel No 4.0 Network Low Single None None Partial 6,7
CVE-2017-10274 Oracle Linux java-1.7.0-openjdk Yes 4.0 Network High None Partial Partial None 6,7
CVE-2017-14167 Oracle Linux qemu-kvm No 3.7 Local High None Partial Partial Partial 7
CVE-2017-12613 Oracle Linux apr No 3.6 Local Low None Partial None Partial 6,7
CVE-2017-15289 Oracle Linux qemu-kvm No 2.9 Adjacent network High Single None Partial Partial 7
CVE-2017-10193 Oracle Linux java-1.7.0-openjdk Yes 2.6 Network High None Partial None None 6,7
CVE-2017-10345 Oracle Linux java-1.7.0-openjdk Yes 2.6 Network High None None None Partial 6,7
CVE-2017-10356 Oracle Linux java-1.7.0-openjdk No 2.1 Local Low None Partial None None 6,7
CVE-2017-1000380 Oracle Linux kernel No 2.1 Local Low None Partial None None 7
CVE-2017-1000405 Oracle Linux Unbreakable Enterprise kernel Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-12190 Oracle Linux Unbreakable Enterprise kernel Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7826 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7828 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7830 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7843 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-15101 Oracle Linux liblouis Yes 0.0 Network Undefined None None None None 7
CVE-2017-12172 Oracle Linux postgresql Yes 0.0 Network Undefined None None None None 7
CVE-2017-15097 Oracle Linux postgresql Yes 0.0 Network Undefined None None None None 7
CVE-2017-16844 Oracle Linux procmail Yes 0.0 Network Undefined None None None None 7
CVE-2017-14746 Oracle Linux samba Yes 0.0 Network Undefined None None None None 7
CVE-2017-15275 Oracle Linux samba Yes 0.0 Network Undefined None None None None 7
CVE-2017-14746 Oracle Linux samba4 Yes 0.0 Network Undefined None None None None 6
CVE-2017-15275 Oracle Linux samba4 Yes 0.0 Network Undefined None None None None 6
CVE-2017-12173 Oracle Linux sssd Yes 0.0 Network Undefined None None None None 7
CVE-2017-7826 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7828 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7830 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-12190 Oracle Linux Unbreakable Enterprise kernel Yes 0.0 Network Undefined None None None None 6
 

 

Revision 2: Published on 2017-11-17



CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base Score Access Vector Access Complexity Authen-
tication
Confiden-
tiality
Integrity Avail-
ability
CVE-2017-11176 Oracle Linux kernel Yes 10.0 Network Low None Complete Complete Complete 7
CVE-2017-11176 Oracle Linux Unbreakable Enterprise kernel Yes 10.0 Network Low None Complete Complete Complete 6
CVE-2017-7618 Oracle Linux Unbreakable Enterprise kernel Yes 7.8 Network Low None None None Complete 6,7
CVE-2017-10661 Oracle Linux Unbreakable Enterprise kernel Yes 7.6 Network High None Complete Complete Complete 6
CVE-2017-1000111 Oracle Linux kernel No 7.2 Local Low None Complete Complete Complete 6,7
CVE-2017-7184 Oracle Linux kernel No 7.2 Local Low None Complete Complete Complete 7
CVE-2017-7541 Oracle Linux kernel No 7.2 Local Low None Complete Complete Complete 7
CVE-2016-10044 Oracle Linux Unbreakable Enterprise kernel No 7.2 Local Low None Complete Complete Complete 6
CVE-2017-1000111 Oracle Linux Unbreakable Enterprise kernel No 7.2 Local Low None Complete Complete Complete 6
CVE-2017-1000363 Oracle Linux Unbreakable Enterprise kernel No 7.2 Local Low None Complete Complete Complete 6
CVE-2017-11473 Oracle Linux Unbreakable Enterprise kernel No 7.2 Local Low None Complete Complete Complete 6
CVE-2017-7308 Oracle Linux Unbreakable Enterprise kernel No 7.2 Local Low None Complete Complete Complete 6
CVE-2017-8831 Oracle Linux Unbreakable Enterprise kernel No 7.2 Local Low None Complete Complete Complete 6
CVE-2017-9074 Oracle Linux Unbreakable Enterprise kernel No 7.2 Local Low None Complete Complete Complete 6
CVE-2017-9075 Oracle Linux Unbreakable Enterprise kernel No 7.2 Local Low None Complete Complete Complete 6
CVE-2017-9077 Oracle Linux Unbreakable Enterprise kernel No 7.2 Local Low None Complete Complete Complete 6
CVE-2017-1000112 Oracle Linux Unbreakable Enterprise kernel No 6.9 Local Medium None Complete Complete Complete 6,7
CVE-2017-1000112 Oracle Linux kernel No 6.9 Local Medium None Complete Complete Complete 6,7
CVE-2017-10285 Oracle Linux java-1.8.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2017-10346 Oracle Linux java-1.8.0-openjdk Yes 6.8 Network Medium None Partial Partial Partial 6,7
CVE-2016-8399 Oracle Linux kernel No 6.8 Local Low Single Complete Complete Complete 7
CVE-2017-13738 Oracle Linux liblouis Yes 6.8 Network Medium None Partial Partial Partial 7
CVE-2017-13740 Oracle Linux liblouis Yes 6.8 Network Medium None Partial Partial Partial 7
CVE-2016-10168 Oracle Linux php Yes 6.8 Network Medium None Partial Partial Partial 7
CVE-2017-12615 Oracle Linux tomcat Yes 6.8 Network Medium None Partial Partial Partial 7
CVE-2017-12617 Oracle Linux tomcat Yes 6.8 Network Medium None Partial Partial Partial 7
CVE-2017-12615 Oracle Linux tomcat6 Yes 6.8 Network Medium None Partial Partial Partial 6
CVE-2017-12617 Oracle Linux tomcat6 Yes 6.8 Network Medium None Partial Partial Partial 6
CVE-2017-13077 Oracle Linux wpa_supplicant No 5.4 Adjacent network Medium None Partial Partial Partial 6,7
CVE-2016-9191 Oracle Linux Unbreakable Enterprise kernel No 5.2 Adjacent network Medium Single None None Complete 6,7
CVE-2017-10388 Oracle Linux java-1.8.0-openjdk Yes 5.1 Network High None Partial Partial Partial 6,7
CVE-2017-9798 Oracle Linux httpd Yes 5.0 Network Low None Partial None None 6
CVE-2017-10281 Oracle Linux java-1.8.0-openjdk Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-10347 Oracle Linux java-1.8.0-openjdk Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-10348 Oracle Linux java-1.8.0-openjdk Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-10349 Oracle Linux java-1.8.0-openjdk Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-10350 Oracle Linux java-1.8.0-openjdk Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-10355 Oracle Linux java-1.8.0-openjdk Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-10357 Oracle Linux java-1.8.0-openjdk Yes 5.0 Network Low None None None Partial 6,7
CVE-2017-5647 Oracle Linux tomcat Yes 5.0 Network Low None Partial None None 7
CVE-2017-5647 Oracle Linux tomcat6 Yes 5.0 Network Low None Partial None None 6
CVE-2017-5664 Oracle Linux tomcat6 Yes 5.0 Network Low None None Partial None 6
CVE-2017-12192 Oracle Linux Unbreakable Enterprise kernel No 4.9 Local Low None None None Complete 6,7
CVE-2017-14106 Oracle Linux Unbreakable Enterprise kernel No 4.9 Local Low None None None Complete 6,7
CVE-2017-14489 Oracle Linux Unbreakable Enterprise kernel No 4.9 Local Low None None None Complete 6,7
CVE-2017-7542 Oracle Linux Unbreakable Enterprise kernel No 4.9 Local Low None None None Complete 6,7
CVE-2017-14106 Oracle Linux kernel No 4.9 Local Low None None None Complete 6,7
CVE-2017-7542 Oracle Linux kernel No 4.9 Local Low None None None Complete 7
CVE-2017-14489 Oracle Linux Unbreakable Enterprise kernel No 4.9 Local Low None None None Complete 6
CVE-2017-7542 Oracle Linux Unbreakable Enterprise kernel No 4.9 Local Low None None None Complete 6
CVE-2017-6462 Oracle Linux ntp No 4.6 Local Low None Partial Partial Partial 6
CVE-2017-12154 Oracle Linux Unbreakable Enterprise kernel No 4.3 Adjacent network High Single None None Complete 6,7
CVE-2017-10295 Oracle Linux java-1.8.0-openjdk Yes 4.3 Network Medium None None Partial None 6,7
CVE-2017-13741 Oracle Linux liblouis Yes 4.3 Network Medium None None None Partial 7
CVE-2017-13742 Oracle Linux liblouis Yes 4.3 Network Medium None None None Partial 7
CVE-2017-13743 Oracle Linux liblouis Yes 4.3 Network Medium None None None Partial 7
CVE-2017-13744 Oracle Linux liblouis Yes 4.3 Network Medium None None None Partial 7
CVE-2016-10167 Oracle Linux php Yes 4.3 Network Medium None None None Partial 7
CVE-2017-7674 Oracle Linux tomcat Yes 4.3 Network Medium None None Partial None 7
CVE-2017-10274 Oracle Linux java-1.8.0-openjdk Yes 4.0 Network High None Partial Partial None 6,7
CVE-2017-6463 Oracle Linux ntp No 4.0 Network Low Single None None Partial 6
CVE-2017-6464 Oracle Linux ntp No 4.0 Network Low Single None None Partial 6
CVE-2017-10345 Oracle Linux java-1.8.0-openjdk Yes 2.6 Network High None None None Partial 6,7
CVE-2017-10356 Oracle Linux java-1.8.0-openjdk No 2.1 Local Low None Partial None None 6,7
CVE-2017-1000380 Oracle Linux Unbreakable Enterprise kernel No 2.1 Local Low None Partial None None 6
CVE-2017-2618 Oracle Linux Unbreakable Enterprise kernel Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7482 Oracle Linux Unbreakable Enterprise kernel Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-12171 Oracle Linux httpd Yes 0.0 Network Undefined None None None None 6
CVE-2017-7558 Oracle Linux kernel Yes 0.0 Network Undefined None None None None 7
CVE-2014-8184 Oracle Linux liblouis Yes 0.0 Network Undefined None None None None 7
CVE-2017-13089 Oracle Linux wget Yes 0.0 Network Undefined None None None None 7
CVE-2017-13090 Oracle Linux wget Yes 0.0 Network Undefined None None None None 7
CVE-2017-13078 Oracle Linux wpa_supplicant Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-13080 Oracle Linux wpa_supplicant Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-13082 Oracle Linux wpa_supplicant Yes 0.0 Network Undefined None None None None 7
CVE-2017-13086 Oracle Linux wpa_supplicant Yes 0.0 Network Undefined None None None None 7
CVE-2017-13087 Oracle Linux wpa_supplicant Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-13088 Oracle Linux wpa_supplicant Yes 0.0 Network Undefined None None None None 7
 

 

Revision 1: Published on 2017-10-17



CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base Score Access Vector Access Complexity Authen-
tication
Confiden-
tiality
Integrity Avail-
ability
CVE-2017-14491 Oracle Linux dnsmasq Yes 10.0 Network Low None Complete Complete Complete 6,7
CVE-2017-14492 Oracle Linux dnsmasq No 8.3 Adjacent network Low None Complete Complete Complete 7
CVE-2017-14493 Oracle Linux dnsmasq No 8.3 Adjacent network Low None Complete Complete Complete 7
CVE-2017-14494 Oracle Linux dnsmasq Yes 7.8 Network Low None Complete None None 7
CVE-2017-14495 Oracle Linux dnsmasq Yes 7.8 Network Low None None None Complete 7
CVE-2017-14496 Oracle Linux dnsmasq Yes 7.8 Network Low None None None Complete 7
CVE-2017-7555 Oracle Linux augeas Yes 7.5 Network Low None Partial Partial Partial 7
CVE-2017-7546 Oracle Linux postgresql Yes 7.5 Network Low None Partial Partial Partial 6
CVE-2017-7541 Oracle Linux Unbreakable Enterprise kernel No 7.2 Local Low None Complete Complete Complete 6,7
CVE-2017-7541 Oracle Linux kernel No 7.2 Local Low None Complete Complete Complete 6
CVE-2017-1000365 Oracle Linux Unbreakable Enterprise kernel No 7.2 Local Low None Complete Complete Complete 6
CVE-2017-1000251 Oracle Linux Unbreakable Enterprise kernel No 6.8 Adjacent network High None Complete Complete Complete 6,7
CVE-2017-1000251 Oracle Linux Unbreakable Enterprise kernel No 6.8 Adjacent network High None Complete Complete Complete 6
CVE-2017-9798 Oracle Linux httpd Yes 5.0 Network Low None Partial None None 7
CVE-2017-14482 Oracle Linux emacs Yes 0.0 Network Undefined None None None None 7
CVE-2017-7793 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7810 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7814 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7818 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7819 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7823 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7824 Oracle Linux firefox Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-1000253 Oracle Linux kernel Yes 0.0 Network Undefined None None None None 6
CVE-2017-7805 Oracle Linux nss Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-12150 Oracle Linux samba Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-12151 Oracle Linux samba Yes 0.0 Network Undefined None None None None 7
CVE-2017-12163 Oracle Linux samba Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-2619 Oracle Linux samba Yes 0.0 Network Undefined None None None None 6
CVE-2017-12150 Oracle Linux samba4 Yes 0.0 Network Undefined None None None None 6
CVE-2017-12163 Oracle Linux samba4 Yes 0.0 Network Undefined None None None None 6
CVE-2017-7793 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7810 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7814 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7818 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7819 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7823 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-7824 Oracle Linux thunderbird Yes 0.0 Network Undefined None None None None 6,7
CVE-2017-1000253 Oracle Linux Unbreakable Enterprise kernel Yes 0.0 Network Undefined None None None None 6
CVE-2017-12134 Oracle Linux Unbreakable Enterprise kernel Yes 0.0 Network Undefined None None None None 6