Lucene search

K
oraclelinuxOracleLinuxELSA-2016-3651
HistoryDec 09, 2016 - 12:00 a.m.

Unbreakable Enterprise kernel security update

2016-12-0900:00:00
linux.oracle.com
50

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.823 High

EPSS

Percentile

98.1%

kernel-uek
[3.8.13-118.15.1]

  • Revert ‘i40e: Set defport behavior for the Main VSI when in promiscuous mode’ (Jack Vogel) [Orabug: 22683573]
  • mlx4: avoid multiple free on id_map_ent (Wengang Wang)
  • xen-netfront: cast grant table reference first to type int (Dongli Zhang)
  • xen-netfront: do not cast grant table reference to signed short (Dongli Zhang)
  • RDS: Drop the connection as part of cancel to avoid hangs (Avinash Repaka) [Orabug: 25045360]
  • sctp: validate chunk len before actually using it (Marcelo Ricardo Leitner) [Orabug: 25142879] {CVE-2016-9555}
  • mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] (Andrey Ryabinin) [Orabug: 25154098] {CVE-2016-8650} {CVE-2016-8650}

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.823 High

EPSS

Percentile

98.1%