Lucene search

K
oraclelinuxOracleLinuxELSA-2020-5879
HistoryOct 09, 2020 - 12:00 a.m.

Unbreakable Enterprise kernel security update

2020-10-0900:00:00
linux.oracle.com
135

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.1 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:P/I:P/A:C

0.002 Low

EPSS

Percentile

59.1%

kernel-uek
[3.8.13-118.50.1]

  • USB: serial: omninet: fix reference leaks at open (Mark Nicholson) [Orabug: 30484762] {CVE-2017-8925}
  • GFS2: don’t set rgrp gl_object until it’s inserted into rgrp tree (Bob Peterson) [Orabug: 30254252] {CVE-2016-10905}
  • GFS2: Fix rgrp end rounding problem for bsize < page size (Bob Peterson) [Orabug: 30254252] {CVE-2016-10905}
  • GFS2: Use range based functions for rgrp sync/invalidation (Steven Whitehouse) [Orabug: 30254252] {CVE-2016-10905}
  • fs/proc/proc_sysctl.c: Fix a NULL pointer dereference (YueHaibing) [Orabug: 30732940] {CVE-2019-20054}
  • fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links (YueHaibing) [Orabug: 30732940] {CVE-2019-20054}
  • scsi: libsas: stop discovering if oob mode is disconnected (Jason Yan) [Orabug: 30770914] {CVE-2019-19965}
  • ath9k_htc: release allocated buffer if timed out (Navid Emamdoost) [Orabug: 31351573] {CVE-2019-19073}
  • USB: serial: io_ti: fix information leak in completion handler (Johan Hovold) [Orabug: 31352085] {CVE-2017-8924}
  • mm/hugetlb: fix a race between hugetlb sysctl handlers (Muchun Song) [Orabug: 31884241] {CVE-2020-25285}
  • ext4: fix potential negative array index in do_split() (Eric Sandeen) [Orabug: 31895332] {CVE-2020-14314}

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.1 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:P/I:P/A:C

0.002 Low

EPSS

Percentile

59.1%