Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
oraclelinuxOracleLinuxELSA-2018-4108
HistoryMay 15, 2018 - 12:00 a.m.

Unbreakable Enterprise kernel security update

2018-05-1500:00:00
linux.oracle.com
64

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

26.8%

JSON

[4.1.12-124.15.1]

  • netfilter: nfnetlink_cthelper: Add missing permission checks (Kevin Cernekee) [Orabug: 27260771] {CVE-2017-17448}
  • netlink: Add netns check on taps (Kevin Cernekee) [Orabug: 27260799] {CVE-2017-17449}
  • KVM: Fix stack-out-of-bounds read in write_mmio (Wanpeng Li) [Orabug: 27290606] {CVE-2017-17741} {CVE-2017-17741}
  • xprtrdma: Detect unreachable NFS/RDMA servers more reliably (Chuck Lever) [Orabug: 27587008]
  • sunrpc: Export xprt_force_disconnect() (Chuck Lever) [Orabug: 27587008]
  • sunrpc: Allow xprt->ops->timer method to sleep (Chuck Lever) [Orabug: 27587008]
  • KVM: nVMX: fix guest CR4 loading when emulating L2 to L1 exit (Haozhong Zhang) [Orabug: 27720128]
  • x86/microcode: probe CPU features on microcode update (Ankur Arora) [Orabug: 27878230]
  • x86/microcode: microcode_write() should not reference boot_cpu_data (Ankur Arora) [Orabug: 27878230]
  • x86/cpufeatures: use cpu_data in init_scattered_cpuid_flags() (Ankur Arora) [Orabug: 27878230]
  • mm/pagewalk.c: report holes in hugetlb ranges (Jann Horn) [Orabug: 27913118] {CVE-2017-16994}
  • KEYS: dont let add_key() update an uninstantiated key (David Howells) [Orabug: 27913330] {CVE-2017-15299}
  • drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl() (Murray McAllister) [Orabug: 27913367] {CVE-2017-7294}
  • vmscan: Support multiple kswapd threads per node (Buddy Lumpkin) [Orabug: 27913411]
  • tcp: dont use F-RTO on non-recurring timeouts (Yuchung Cheng) [Orabug: 27901860]
  • net/rds: ib: Release correct number of frags (Hakon Bugge) [Orabug: 27924161]
  • crypto: rng - Remove old low-level rng interface (Herbert Xu) [Orabug: 27926676] {CVE-2017-15116}
  • crypto: drbg - Convert to new rng interface (Herbert Xu) [Orabug: 27926676] {CVE-2017-15116}
  • crypto: ansi_cprng - Convert to new rng interface (Herbert Xu) [Orabug: 27926676] {CVE-2017-15116}
  • crypto: krng - Convert to new rng interface (Herbert Xu) [Orabug: 27926676] {CVE-2017-15116}
  • RDS: Heap OOB write in rds_message_alloc_sgs() (Mohamed Ghannam) [Orabug: 27934066] {CVE-2018-5332}
  • net: Fix double free and memory corruption in get_net_ns_by_id() (Eric W. Biederman) [Orabug: 27934789] {CVE-2017-15129}
OSVersionArchitecturePackageVersionFilename
oracle linux6srckernel-uek< 4.1.12-124.15.1.el6uekkernel-uek-4.1.12-124.15.1.el6uek.src.rpm
oracle linux6x86_64kernel-uek< 4.1.12-124.15.1.el6uekkernel-uek-4.1.12-124.15.1.el6uek.x86_64.rpm
oracle linux6x86_64kernel-uek-debug< 4.1.12-124.15.1.el6uekkernel-uek-debug-4.1.12-124.15.1.el6uek.x86_64.rpm
oracle linux6x86_64kernel-uek-debug-devel< 4.1.12-124.15.1.el6uekkernel-uek-debug-devel-4.1.12-124.15.1.el6uek.x86_64.rpm
oracle linux6x86_64kernel-uek-devel< 4.1.12-124.15.1.el6uekkernel-uek-devel-4.1.12-124.15.1.el6uek.x86_64.rpm
oracle linux6noarchkernel-uek-doc< 4.1.12-124.15.1.el6uekkernel-uek-doc-4.1.12-124.15.1.el6uek.noarch.rpm
oracle linux6noarchkernel-uek-firmware< 4.1.12-124.15.1.el6uekkernel-uek-firmware-4.1.12-124.15.1.el6uek.noarch.rpm
oracle linux7srckernel-uek< 4.1.12-124.15.1.el7uekkernel-uek-4.1.12-124.15.1.el7uek.src.rpm
oracle linux7x86_64kernel-uek< 4.1.12-124.15.1.el7uekkernel-uek-4.1.12-124.15.1.el7uek.x86_64.rpm
oracle linux7x86_64kernel-uek-debug< 4.1.12-124.15.1.el7uekkernel-uek-debug-4.1.12-124.15.1.el7uek.x86_64.rpm
Rows per page:
1-10 of 141

Related

nessus 45
photon 6
ubuntu 6
virtuozzo 4
cve 9
debiancve 9
prion 9
redhatcve 9
openvas 31
veracode 6
ubuntucve 9
amazon 1
f5 3
mageia 7
fedora 6
seebug 1
zdt 2
redhat 4
suse 24
ibm 4
debian 2
osv 1
oraclelinux 1
nessus
nessus
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4108)
2018-05-16 00:00:00
Photon OS 1.0: Linux PHSA-2018-1.0-0102
2019-02-07 00:00:00
Photon OS 2.0 : linux (PhotonOS-PHSA-2018-2.0-0015) (deprecated)
2018-07-24 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0015
2018-02-01 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0102
2018-01-29 00:00:00
Important Photon OS Security Update - PHSA-2018-0102
2018-01-29 00:00:00
ubuntu
ubuntu
Linux kernel (Azure) vulnerabilities
2018-04-24 00:00:00
Linux kernel vulnerabilities
2018-04-04 00:00:00
Linux kernel (Trusty HWE) vulnerabilities
2018-04-05 00:00:00
virtuozzo
virtuozzo
Kernel security update: Virtuozzo ReadyKernel patch 49.1 for Virtuozzo 7.0.4 and 7.0.4 HF3
2018-05-07 00:00:00
Kernel security update: Virtuozzo ReadyKernel patch 49.0 for Virtuozzo 7.0.7 and 7.0.7 HF2
2018-05-07 00:00:00
Kernel security update: Virtuozzo ReadyKernel patch 49.0 for Virtuozzo 7.0.1, 7.0.3, 7.0.5, 7.0.6, and 7.0.6 HF3
2018-05-07 00:00:00
cve
cve
CVE-2017-15116
2017-11-30 18:29:00
CVE-2017-15129
2018-01-09 19:29:00
CVE-2017-16994
2017-11-27 19:29:00
debiancve
debiancve
CVE-2017-15116
2017-11-30 18:29:00
CVE-2017-15299
2017-10-14 23:29:00
CVE-2017-15129
2018-01-09 19:29:00
prion
prion
Null pointer dereference
2017-11-30 18:29:00
Null pointer dereference
2017-10-14 23:29:00
Memory corruption
2018-01-09 19:29:00
redhatcve
redhatcve
CVE-2017-15116
2017-11-30 13:49:43
CVE-2017-7294
2017-03-29 08:18:25
CVE-2017-15129
2018-01-05 13:17:02
openvas
openvas
Ubuntu: Security Advisory (USN-3632-1)
2018-04-25 00:00:00
Ubuntu: Security Advisory (USN-3620-1)
2018-04-06 00:00:00
Mageia: Security Advisory (MGASA-2018-0077)
2022-01-28 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-16 02:50:23
Denial Of Service (DoS)
2019-05-16 02:50:24
Arbitrary Code Execution
2019-05-16 02:50:39
ubuntucve
ubuntucve
CVE-2017-15116
2017-11-30 00:00:00
CVE-2017-15299
2017-10-14 00:00:00
CVE-2017-15129
2018-01-09 00:00:00
amazon
amazon
Important: kernel
2018-01-18 22:45:00
f5
f5
K01043241 : Linux kernel vulnerability CVE-2017-17448
2018-03-30 00:00:00
K43339432 : Linux kernel vulnerability CVE-2017-17449
2018-01-25 00:00:00
K72384465 : Linux kernel vulnerability CVE-2018-5332
2018-01-31 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2018-01-13 17:28:36
Updated kernel-tmb packages fix security vulnerabilities
2018-01-13 17:28:36
Updated kernel-linus packages fix security vulnerabilities
2018-02-16 00:17:42
fedora
fedora
[SECURITY] Fedora 27 Update: kernel-4.14.6-300.fc27
2017-12-18 18:52:26
[SECURITY] Fedora 26 Update: kernel-4.14.6-200.fc26
2017-12-19 21:39:12
[SECURITY] Fedora 27 Update: kernel-4.14.8-300.fc27
2017-12-24 21:18:53
seebug
seebug
Linux: mincore() discloses uninitialized kernel heap pages(CVE-2017-16994)
2017-12-04 00:00:00
zdt
zdt
Linux Kernel 4.13 (Debian 9) - Local Privilege Escalation Exploit
2018-03-20 00:00:00
Linux Kernel - mincore() Heap Page Disclosure (PoC) Exploit
2018-03-20 00:00:00
redhat
redhat
(RHSA-2018:0654) Important: kernel-alt security, bug fix, and enhancement update
2018-04-10 03:05:19
(RHSA-2018:0470) Moderate: Red Hat Enterprise MRG Realtime 2.5 security and enhancement update
2018-03-12 13:28:14
(RHSA-2018:0502) Important: kernel-alt security and bug fix update
2018-03-13 15:15:20
suse
suse
Security update for Linux Kernel Live Patch 11 for SLE 12 SP1 (important)
2017-05-15 21:23:12
Security update for Linux Kernel Live Patch 12 for SLE 12 SP1 (important)
2017-05-15 21:26:51
Security update for Linux Kernel Live Patch 10 for SLE 12 SP1 (important)
2017-05-15 21:22:21
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in the Linux kernel affect the IBM FlashSystem 840 and 900
2023-02-18 01:45:50
Security Bulletin: Multiple vulnerabilities in the Linux kernel affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products
2023-03-29 01:48:02
Security Bulletin: Multiple Vulnerabilities in the Linux kernel affect the IBM FlashSystem models V840 and V9000
2019-11-11 15:20:37
debian
debian
[SECURITY] [DSA 4082-1] linux security update
2018-01-09 16:10:52
[SECURITY] [DSA 4082-1] linux security update
2018-01-09 16:10:52
osv
osv
linux - security update
2018-01-09 00:00:00
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2018-04-16 00:00:00

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

26.8%

JSON
Related for ELSA-2018-4108
nessus45photon6ubuntu6virtuozzo4cve9debiancve9prion9redhatcve9openvas31veracode6ubuntucve9amazon1f53mageia7fedora6seebug1zdt2redhat4suse24ibm4debian2osv1oraclelinux1