Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
oraclelinuxOracleLinuxELSA-2017-3590
HistoryJun 30, 2017 - 12:00 a.m.

Unbreakable Enterprise kernel security update

2017-06-3000:00:00
linux.oracle.com
93

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.905 High

EPSS

Percentile

98.5%

JSON

kernel-uek
[3.8.13-118.19.2]

  • nfsd: check for oversized NFSv2/v3 arguments (J. Bruce Fields) [Orabug: 26366022] {CVE-2017-7645}
    [3.8.13-118.19.1]
  • selinux: quiet the filesystem labeling behavior message (Paul Moore) [Orabug: 25290650]
  • HID: hid-cypress: validate length of report (Greg Kroah-Hartman) [Orabug: 25891907] {CVE-2017-7273}
  • udf: Remove repeated loads blocksize (Jan Kara) [Orabug: 25905721] {CVE-2015-4167}
  • udf: Check length of extended attributes and allocation descriptors (Jan Kara) [Orabug: 25905721] {CVE-2015-4167}
  • udf: Verify i_size when loading inode (Jan Kara) [Orabug: 25905721] {CVE-2015-4167}
  • btrfs: drop unused parameter from btrfs_item_nr (Ross Kirk) [Orabug: 25948098] {CVE-2014-9710}
  • Btrfs: cleanup of function where fixup_low_keys() is called (Tsutomu Itoh) [Orabug: 25948098] {CVE-2014-9710}
  • Btrfs: remove unused argument of fixup_low_keys() (Tsutomu Itoh) [Orabug: 25948098] {CVE-2014-9710}
  • Btrfs: remove unused argument of btrfs_extend_item() (Tsutomu Itoh) [Orabug: 25948098] {CVE-2014-9710}
  • Btrfs: add support for asserts (Josef Bacik) [Orabug: 25948098] {CVE-2014-9710}
  • Btrfs: make xattr replace operations atomic (Filipe Manana) [Orabug: 25948098] {CVE-2014-9710}
  • net: validate the range we feed to iov_iter_init() in sys_sendto/sys_recvfrom (Al Viro) [Orabug: 25948145] {CVE-2015-2686}
  • PCI: Prevent VPD access for QLogic ISP2722 (Ethan Zhao) [Orabug: 25975506]
  • PCI: Prevent VPD access for buggy devices (Babu Moger) [Orabug: 25975506]
  • xsigo: backport-Compute node crash on FC failover (Pradeep Gopanapalli) [Orabug: 26007560]
  • ipv4: try to cache dst_entries which would cause a redirect (Hannes Frederic Sowa) [Orabug: 26032372] {CVE-2015-1465}
  • RDS/IB: active bonding port state fix for intfs added late (Mukesh Kacker) [Orabug: 26139385]
  • net/packet: fix overflow in check for tp_reserve (Andrey Konovalov) [Orabug: 26143552] {CVE-2017-7308}
  • net/packet: fix overflow in check for tp_frame_nr (Andrey Konovalov) [Orabug: 26143552] {CVE-2017-7308}
  • net/packet: fix overflow in check for priv area size (Andrey Konovalov) [Orabug: 26143552] {CVE-2017-7308}
  • dccp/tcp: do not inherit mc_list from parent (Eric Dumazet) [Orabug: 26108571] {CVE-2017-8890}
  • nfsd: stricter decoding of write-like NFSv2/v3 ops (J. Bruce Fields) [Orabug: 25986990] {CVE-2017-7895}
OSVersionArchitecturePackageVersionFilename
oracle linux6srcdtrace-modules-3.8.13-118.19.2.el6uek< 0.4.5-3.el6dtrace-modules-3.8.13-118.19.2.el6uek-0.4.5-3.el6.src.rpm
oracle linux6srckernel-uek< 3.8.13-118.19.2.el6uekkernel-uek-3.8.13-118.19.2.el6uek.src.rpm
oracle linux6x86_64dtrace-modules-3.8.13-118.19.2.el6uek< 0.4.5-3.el6dtrace-modules-3.8.13-118.19.2.el6uek-0.4.5-3.el6.x86_64.rpm
oracle linux6x86_64kernel-uek< 3.8.13-118.19.2.el6uekkernel-uek-3.8.13-118.19.2.el6uek.x86_64.rpm
oracle linux6x86_64kernel-uek-debug< 3.8.13-118.19.2.el6uekkernel-uek-debug-3.8.13-118.19.2.el6uek.x86_64.rpm
oracle linux6x86_64kernel-uek-debug-devel< 3.8.13-118.19.2.el6uekkernel-uek-debug-devel-3.8.13-118.19.2.el6uek.x86_64.rpm
oracle linux6x86_64kernel-uek-devel< 3.8.13-118.19.2.el6uekkernel-uek-devel-3.8.13-118.19.2.el6uek.x86_64.rpm
oracle linux6noarchkernel-uek-doc< 3.8.13-118.19.2.el6uekkernel-uek-doc-3.8.13-118.19.2.el6uek.noarch.rpm
oracle linux6noarchkernel-uek-firmware< 3.8.13-118.19.2.el6uekkernel-uek-firmware-3.8.13-118.19.2.el6uek.noarch.rpm
oracle linux7srcdtrace-modules-3.8.13-118.19.2.el7uek< 0.4.5-3.el7dtrace-modules-3.8.13-118.19.2.el7uek-0.4.5-3.el7.src.rpm
Rows per page:
1-10 of 181

Related

oraclelinux 14
nessus 64
virtuozzo 5
mageia 1
debiancve 9
suse 18
cve 9
prion 9
ubuntucve 9
redhatcve 4
f5 9
openvas 10
redhat 10
android 2
centos 2
metasploit 1
exploitpack 2
hackerone 1
fedora 2
veracode 4
packetstorm 1
zdt 3
ubuntu 4
cloudfoundry 1
seebug 1
myhack58 1
exploitdb 3
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2017-07-27 00:00:00
Unbreakable Enterprise kernel security update
2017-05-25 00:00:00
Unbreakable Enterprise kernel security update
2017-06-30 00:00:00
nessus
nessus
Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3597)
2017-07-31 00:00:00
OracleVM 3.2 : Unbreakable / etc (OVMSA-2017-0121)
2017-07-03 00:00:00
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-037)
2017-05-12 00:00:00
virtuozzo
virtuozzo
Important kernel security update: CVE-2017-7645 and other; Virtuozzo ReadyKernel patch 21.0 for Virtuozzo 7.0.x
2017-05-23 00:00:00
Kernel security update: CVE-2017-7645 and other; new kernel 2.6.32-042stab123.3 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0
2017-05-11 00:00:00
Kernel security update: CVE-2017-7645 and other; new kernel 2.6.32-042stab123.3, Virtuozzo 6.0 Update 12 Hotfix 9 (6.0.12-3676)
2017-05-11 00:00:00
mageia
mageia
Updated kernel packages fixes security vulnerabilities
2017-05-26 09:54:58
debiancve
debiancve
CVE-2014-9710
2015-05-27 10:59:00
CVE-2015-2686
2016-05-02 10:59:00
CVE-2017-7273
2017-03-27 17:59:00
suse
suse
Security update for Linux Kernel Live Patch 14 for SLE 12 SP1 (important)
2017-08-08 15:10:24
Security update for Linux Kernel Live Patch 12 for SLE 12 SP1 (important)
2017-08-05 03:07:04
Security update for Linux Kernel Live Patch 13 for SLE 12 SP1 (important)
2017-08-08 15:11:16
cve
cve
CVE-2014-9710
2015-05-27 10:59:00
CVE-2017-7273
2017-03-27 17:59:00
CVE-2015-2686
2016-05-02 10:59:00
prion
prion
Race condition
2015-05-27 10:59:00
Integer overflow
2017-03-27 17:59:00
Integer overflow
2015-08-05 18:59:00
ubuntucve
ubuntucve
CVE-2014-9710
2014-12-31 00:00:00
CVE-2017-7273
2017-03-27 00:00:00
CVE-2015-4167
2015-06-03 00:00:00
redhatcve
redhatcve
CVE-2017-7273
2017-03-30 10:48:42
CVE-2017-7308
2019-10-25 00:24:39
CVE-2017-8890
2017-05-17 15:09:18
f5
f5
K22012502 : Linux kernel vulnerability CVE-2017-7273
2017-04-24 00:00:00
K17321 : Linux kernel UDF vulnerability CVE-2015-4167
2015-09-25 00:00:00
SOL17321 - Linux kernel UDF vulnerability CVE-2015-4167
2015-09-25 00:00:00
openvas
openvas
Fedora Update for kernel FEDORA-2017-b9b1ac0d15
2017-05-10 00:00:00
RedHat Update for kernel RHSA-2017:1615-01
2017-06-29 00:00:00
Fedora Update for kernel FEDORA-2017-ad045f80ac
2017-05-10 00:00:00
redhat
redhat
(RHSA-2017:2429) Important: kernel security and bug fix update
2017-08-08 09:46:00
(RHSA-2017:2428) Important: kernel security update
2017-08-08 09:44:39
(RHSA-2017:1766) Important: kernel security and bug fix update
2017-07-18 10:59:46
android
android
CVE-2015-2686
2016-08-01 00:00:00
CVE-2017-8890
2017-09-01 00:00:00
centos
centos
kernel, perf, python security update
2017-07-12 17:45:55
kernel, perf, python security update
2017-06-29 21:03:21
metasploit
metasploit
AF_PACKET packet_set_ring Privilege Escalation
2018-04-28 01:40:17
exploitpack
exploitpack
Linux Kernel 4.8.0-34 4.8.0-45 (Ubuntu Linux Mint) - Packet Socket Local Privilege Escalation
2018-12-29 00:00:00
Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Local Privilege Escalation
2017-05-11 00:00:00
hackerone
hackerone
Internet Bug Bounty: Linux kernel: CVE-2017-7308: a signedness issue in AF_PACKET sockets
2019-08-29 13:48:44
fedora
fedora
[SECURITY] Fedora 24 Update: kernel-4.10.14-100.fc24
2017-05-10 03:56:15
[SECURITY] Fedora 25 Update: kernel-4.10.14-200.fc25
2017-05-10 04:03:34
veracode
veracode
Arbitrary Code Execution
2019-01-15 09:17:57
Out-Of-Bounds Write
2019-05-02 06:11:33
Denial Of Service (DoS) Through Double-free
2019-05-02 06:36:14
packetstorm
packetstorm
AF_PACKET packet_set_ring Privilege Escalation
2018-05-17 00:00:00
zdt
zdt
Linux 4.8.0 < 4.8.0-46 - AF_PACKET packet_set_ring Privilege Escalation Exploit
2018-05-18 00:00:00
Linux Kernel 4.8.0 - Packet Socket Local root Privilege Escalation Exploit
2017-05-12 00:00:00
Linux Kernel 4.8.0-34 < 4.8.0-45 (Ubuntu / Linux Mint) - Packet Socket Local Privilege Escalation
2019-07-26 00:00:00
ubuntu
ubuntu
Linux kernel (Trusty HWE) vulnerabilities
2015-07-07 00:00:00
Linux kernel vulnerabilities
2015-07-07 00:00:00
Linux kernel vulnerability
2017-04-05 00:00:00
cloudfoundry
cloudfoundry
USN-3256-2: Linux kernel (HWE) vulnerability | Cloud Foundry
2017-04-12 00:00:00
seebug
seebug
Linux kernel Local Denial of Service Vulnerability (CVE-2017-7308 )
2017-05-11 00:00:00
myhack58
myhack58
CentOS 7 released a kernel security update that fixes five vulnerabilities-vulnerability warning-the black bar safety net
2017-07-02 00:00:00
exploitdb
exploitdb
Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Local Privilege Escalation
2017-05-11 00:00:00
Linux Kernel 4.8.0-34 &lt; 4.8.0-45 (Ubuntu / Linux Mint) - Packet Socket Local Privilege Escalation
2018-12-29 00:00:00
Linux 4.8.0 &lt; 4.8.0-46 - AF_PACKET packet_set_ring Privilege Escalation (Metasploit)
2018-05-18 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.905 High

EPSS

Percentile

98.5%

JSON
Related for ELSA-2017-3590
oraclelinux14nessus64virtuozzo5mageia1debiancve9suse18cve9prion9ubuntucve9redhatcve4f59openvas10redhat10android2centos2metasploit1exploitpack2hackerone1fedora2veracode4packetstorm1zdt3ubuntu4cloudfoundry1seebug1myhack581exploitdb3