Lucene search
OracleLinuxELSA-2017-3636HistoryNov 02, 2017 - 12:00 a.m.
Unbreakable Enterprise kernel security update
2017-11-0200:00:00
linux.oracle.com
46
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
37.9%
kernel-uek
[3.8.13-118.19.12]
- nvme: Drop nvmeq->q_lock before dma_pool_alloc(), so as to prevent hard lockups (Aruna Ramakrishna) [Orabug: 25409587]
[3.8.13-118.19.11] - nvme: Handle PM1725 HIL reset (Martin K. Petersen) [Orabug: 26277600]
- char: lp: fix possible integer overflow in lp_setup() (Willy Tarreau) [Orabug: 26403940] {CVE-2017-1000363}
- ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT (Takashi Iwai) [Orabug: 26403956] {CVE-2017-1000380}
- ALSA: timer: Fix race between read and ioctl (Takashi Iwai) [Orabug: 26403956] {CVE-2017-1000380}
- ALSA: timer: fix NULL pointer dereference in read()/ioctl() race (Vegard Nossum) [Orabug: 26403956] {CVE-2017-1000380}
- ALSA: timer: Fix negative queue usage by racy accesses (Takashi Iwai) [Orabug: 26403956] {CVE-2017-1000380}
- ALSA: timer: Fix race at concurrent reads (Takashi Iwai) [Orabug: 26403956] {CVE-2017-1000380}
- ALSA: timer: Fix race among timer ioctls (Takashi Iwai) [Orabug: 26403956] {CVE-2017-1000380}
- ipv6/dccp: do not inherit ipv6_mc_list from parent (WANG Cong) [Orabug: 26404005] {CVE-2017-9077}
- ocfs2: fix deadlock issue when taking inode lock at vfs entry points (Eric Ren) [Orabug: 26427126]
- ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock (Eric Ren) [Orabug: 26427126]
- ping: implement proper locking (Eric Dumazet) [Orabug: 26540286] {CVE-2017-2671}
- aio: mark AIO pseudo-fs noexec (Jann Horn) [Orabug: 26643598] {CVE-2016-10044}
- vfs: Commit to never having exectuables on proc and sysfs. (Eric W. Biederman) [Orabug: 26643598] {CVE-2016-10044}
- vfs, writeback: replace FS_CGROUP_WRITEBACK with SB_I_CGROUPWB (Tejun Heo) [Orabug: 26643598] {CVE-2016-10044}
- x86/acpi: Prevent out of bound access caused by broken ACPI tables (Seunghun Han) [Orabug: 26643645] {CVE-2017-11473}
- sctp: do not inherit ipv6_{mc|ac|fl}_list from parent (Eric Dumazet) [Orabug: 26650883] {CVE-2017-9075}
- [media] saa7164: fix double fetch PCIe access condition (Steven Toth) [Orabug: 26675142] {CVE-2017-8831}
- [media] saa7164: fix sparse warnings (Hans Verkuil) [Orabug: 26675142] {CVE-2017-8831}
- fs: __generic_file_splice_read retry lookup on AOP_TRUNCATED_PAGE (Abhi Das) [Orabug: 26797306]
- timerfd: Protect the might cancel mechanism proper (Thomas Gleixner) [Orabug: 26899787] {CVE-2017-10661}
- scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn’t parse nlmsg properly (Xin Long) [Orabug: 26988627] {CVE-2017-14489}
Related
nessus
nessus
OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0168)
2017-11-08 00:00:00
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3636)
2017-11-03 00:00:00
Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3637)
2017-11-03 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2017-11-02 00:00:00
Unbreakable Enterprise kernel security update
2017-12-07 00:00:00
Unbreakable Enterprise kernel security update
2017-12-08 00:00:00
amazon
amazon
Important: kernel
2017-08-17 18:09:00
cve
cve
CVE-2016-10044
2017-02-07 07:59:00
CVE-2017-11473
2017-07-20 04:29:00
CVE-2017-1000380
2017-06-17 18:29:00
prion
prion
Information disclosure
2017-02-07 07:59:00
Information disclosure
2017-06-17 18:29:00
Design/Logic Flaw
2017-05-08 06:29:00
myhack58
myhack58
huawei
huawei
Security Advisory - 'Phoenix Talon' Vulnerabilities in Linux Kernel
2017-08-02 00:00:00
openvas
openvas
Huawei Data Communication: 'Phoenix Talon' Vulnerabilities in Linux Kernel (huawei-sa-20170802-01-linux)
2020-06-05 00:00:00
Ubuntu: Security Advisory (USN-3344-1)
2017-06-30 00:00:00
Ubuntu: Security Advisory (USN-3345-1)
2017-06-30 00:00:00
ubuntucve
ubuntucve
debiancve
debiancve
CVE-2016-10044
2017-02-07 07:59:00
CVE-2017-8831
2017-05-08 06:29:00
CVE-2017-1000380
2017-06-17 18:29:00
cloudfoundry
cloudfoundry
USN-3344-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2017-07-05 00:00:00
USN-3334-1: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2017-06-21 00:00:00
ubuntu
ubuntu
Linux kernel (Xenial HWE) vulnerabilities
2017-06-29 00:00:00
Linux kernel vulnerabilities
2017-06-29 00:00:00
Linux kernel vulnerabilities
2017-06-29 00:00:00
seebug
seebug
"Phoenix Talon" in Linux Kernel
(Phoenix Talon)
2017-06-16 00:00:00
Linux lp.c Out-of-Bounds Write via Kernel Command-line
2017-05-26 00:00:00
mageia
mageia
Updated kernel-linus packages fixes critical security vulnerabilities
2017-06-27 00:37:03
Updated kernel-tmb packages fixes critical security vulnerabilities
2017-06-27 00:37:03
Updated kernel packages fixes critical security vulnerabilities
2017-06-27 00:37:03
redhatcve
redhatcve
CVE-2016-10044
2017-02-08 09:49:28
CVE-2017-8831
2017-05-11 09:50:43
CVE-2017-1000363
2017-05-29 12:48:13
f5
f5
K82300604 : Linux Kernel vulnerability CVE-2017-8831
2017-12-13 00:00:00
K71796229 : Linux kernel vulnerability CVE-2017-14489
2017-10-03 00:00:00
K04337834 : Linux kernel vulnerability CVE-2017-10661
2020-12-08 00:00:00
zdt
zdt
Linux Kernel < 4.14.rc3 - Local Denial of Service Exploit
2017-10-02 00:00:00
Linux kernel < 4.10.15 - Race Condition Privilege Escalation Exploit
2017-12-18 00:00:00
Linux Kernel - ping Local Denial of Service Exploit
2017-06-08 00:00:00
virtuozzo
virtuozzo
veracode
veracode
Information Disclosure
2019-01-15 09:20:00
Memory Corruption
2019-05-16 03:18:29
Denial Of Service (DoS)
2019-05-02 06:36:14
centos
centos
kernel, perf, python security update
2017-12-06 13:22:31
exploitpack
exploitpack
Linux Kernel 4.14.rc3 - Local Denial of Service
2017-10-02 00:00:00
Linux kernel 4.10.15 - Race Condition Privilege Escalation
2017-12-15 00:00:00
packetstorm
packetstorm
Linux Kernel 4-14-rc1 Denial Of Service
2017-10-02 00:00:00
Linux Kernel ping Denial Of Service
2017-06-08 00:00:00
redhat
redhat
(RHSA-2017:3315) Moderate: kernel security and bug fix update
2017-11-30 13:40:05
(RHSA-2017:3295) Moderate: kernel-rt security and bug fix update
2017-11-30 13:01:25
fedora
fedora
[SECURITY] Fedora 25 Update: kernel-4.11.3-200.fc25
2017-06-01 05:13:39
[SECURITY] Fedora 24 Update: kernel-4.11.4-100.fc24
2017-06-13 19:58:48
[SECURITY] Fedora 24 Update: kernel-4.10.17-100.fc24
2017-05-27 02:53:51
suse
suse
Security update for the Linux Kernel (important)
2017-09-08 18:09:08
Security update for the Linux Kernel (Live Patch 26 for SLE 12) (important)
2017-12-14 15:22:35
Security update for the Linux Kernel (Live Patch 19 for SLE 12) (important)
2017-12-14 15:25:37
exploitdb
exploitdb
Linux kernel < 4.10.15 - Race Condition Privilege Escalation
2017-12-15 00:00:00
photon
photon
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
37.9%
Related for ELSA-2017-3636