Lucene search

K
oraclelinuxOracleLinuxELSA-2019-4315
HistoryJan 03, 2019 - 12:00 a.m.

Unbreakable Enterprise kernel security update

2019-01-0300:00:00
linux.oracle.com
52

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

78.0%

[4.1.12-124.24.1]

  • pinctrl: amd: Use devm_pinctrl_register() for pinctrl registration (Laxman Dewangan) [Orabug: 27539246] {CVE-2017-18174}
  • mlock: fix mlock count can not decrease in race condition (Yisheng Xie) [Orabug: 27677611] {CVE-2017-18221}
  • perf/core: Fix the perf_cpu_time_max_percent check (Tan Xiaojun) [Orabug: 27823815] {CVE-2017-18255}
  • x86/microcode/intel: Fix a wrong assignment of revision in _save_mc (Zhenzhong Duan) [Orabug: 28190263]
  • mm: cma: fix incorrect type conversion for size during dma allocation (Rohit Vaswani) [Orabug: 28407826] {CVE-2017-9725}
  • x86/speculation: Make enhanced IBRS the default spectre v2 mitigation (Alejandro Jimenez) [Orabug: 28474851]
  • x86/speculation: Enable enhanced IBRS usage (Alejandro Jimenez) [Orabug: 28474851]
  • x86/speculation: functions for supporting enhanced IBRS (Alejandro Jimenez) [Orabug: 28474851]
  • xen/blkback: fix disconnect while I/Os in flight (Juergen Gross) [Orabug: 28744234]
  • mlx4_vnic: use the mlid while calling ib_detach_mcast (aru kolappan) [Orabug: 29029705]
  • ext4: fail ext4_iget for root directory if unallocated (Theodore Ts’o) [Orabug: 29048557] {CVE-2018-1092} {CVE-2018-1092}
  • Bluetooth: hidp: buffer overflow in hidp_process_report (Mark Salyzyn) [Orabug: 29121215] {CVE-2018-9363} {CVE-2018-9363}
  • HID: debug: check length before copy_to_user() (Daniel Rosenberg) [Orabug: 29128165] {CVE-2018-9516}
  • x86/MCE: Serialize sysfs changes (Seunghun Han) [Orabug: 29149888] {CVE-2018-7995}
  • Input: i8042 - fix crash at boot time (Chen Hong) [Orabug: 29152328] {CVE-2017-18079}

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

78.0%