Lucene search

K
oraclelinuxOracleLinuxELSA-2018-4134
HistoryJun 15, 2018 - 12:00 a.m.

Unbreakable Enterprise kernel security update

2018-06-1500:00:00
linux.oracle.com
23

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.007 Low

EPSS

Percentile

78.5%

kernel-uek
[3.8.13-118.21.4]

  • x86/fpu: Make eager FPU default (Mihai Carabas) [Orabug: 28156176] {CVE-2018-3665}
    [3.8.13-118.21.3]
  • KVM: Fix stack-out-of-bounds read in write_mmio (Wanpeng Li) [Orabug: 27951287] {CVE-2017-17741} {CVE-2017-17741}
  • xfs: set format back to extents if xfs_bmap_extents_to_btree (Eric Sandeen) [Orabug: 27989498] {CVE-2018-10323}
  • Bluetooth: Prevent stack info leak from the EFS element. (Ben Seri) [Orabug: 28030520] {CVE-2017-1000410} {CVE-2017-1000410}
  • ALSA: hrtimer: Fix stall by hrtimer_cancel() (Takashi Iwai) [Orabug: 28058229] {CVE-2016-2549}
  • ALSA: timer: Harden slave timer list handling (Takashi Iwai) [Orabug: 28058229] {CVE-2016-2547} {CVE-2016-2548}
  • ALSA: timer: Fix double unlink of active_list (Takashi Iwai) [Orabug: 28058229] {CVE-2016-2545}
  • ALSA: seq: Fix missing NULL check at remove_events ioctl (Takashi Iwai) [Orabug: 28058229] {CVE-2016-2543}
  • ALSA: seq: Fix race at timer setup and close (Takashi Iwai) [Orabug: 28058229] {CVE-2016-2544}
  • ALSA: usb-audio: avoid freeing umidi object twice (Andrey Konovalov) [Orabug: 28058229] {CVE-2016-2384}
    [3.8.13-118.21.2]
  • perf/hwbp: Simplify the perf-hwbp code, fix documentation (Linus Torvalds) [Orabug: 27947608] {CVE-2018-1000199}
  • Revert ‘perf/hwbp: Simplify the perf-hwbp code, fix documentation’ (Brian Maly) [Orabug: 27947608]

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.007 Low

EPSS

Percentile

78.5%