Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
oraclelinuxOracleLinuxELSA-2022-10073
HistoryDec 13, 2022 - 12:00 a.m.

Unbreakable Enterprise kernel-container security update

2022-12-1300:00:00
linux.oracle.com
18

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

4.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.7%

JSON

[4.14.35-2047.520.3.1.el7]

  • proc: proc_skip_spaces() shouldn’t think it is working on C strings (Linus Torvalds) [Orabug: 34883027] {CVE-2022-4378}
  • proc: avoid integer type confusion in get_proc_long (Linus Torvalds) [Orabug: 34883027] {CVE-2022-4378}
  • hugetlbfs: don’t delete error page from pagecache (James Houghton) [Orabug: 34883072]
  • mm: shmem: don’t truncate page if memory failure happens (Yang Shi) [Orabug: 34883072]
  • mm: hwpoison: refactor refcount check handling (Yang Shi) [Orabug: 34883072]
    [4.14.35-2047.520.3.el7]
  • scsi: qla2xxx: Fix use after free in eh_abort path (Quinn Tran) [Orabug:
    34841119]
    [4.14.35-2047.520.2.el7]
  • rds: Remove the cp_rdsinfo_pending flag (Hakon Bugge) [Orabug: 34658891]
  • RDMA/mlx5: Change debug log level for remote access error syndromes (Arumugam Kolappan) [Orabug: 34798453]
    [4.14.35-2047.520.1.el7]
  • rds: ib: Fix cleanup of rds_ib_cache_gc_worker (Hakon Bugge) [Orabug: 34806078]
  • scsi: stex: Properly zero out the passthrough command structure (Linus Torvalds) [Orabug: 34670756] {CVE-2022-40768}
  • do_wait: make PIDTYPE_PID case O(1) instead of O(n) (Jim Newsome) [Orabug: 34420117]
    [4.14.35-2047.520.0.el7]
  • uapi: Fix [rs]cq_vector data types in rds[6]_info_rdma_connection (Mark Haywood) [Orabug: 34732042]
  • uapi: Fix congested flag type in rds[6]_info_socket (Mark Haywood) [Orabug: 34732042]
  • scsi: target: core: Silence the message about unknown VPD pages (Konstantin Shelekhin) [Orabug: 34728690]
  • mISDN: fix use-after-free bugs in l1oip timer handlers (Duoming Zhou) [Orabug: 34719782] {CVE-2022-3565}
  • uek-rpm: add aarch64 to list of vdso arches (Tom Saeger) [Orabug: 34716203]
  • xfs: trim IO to found COW extent limit (Eric Sandeen) [Orabug: 34705398]
    [4.14.35-2047.519.2.el7]
  • Revert ‘xfs: don’t use delalloc extents for COW on files with extsize hints’ (Saeed Mirzamohammadi) [Orabug: 34715947]
  • uapi: Fix linux/rds.h userspace compilation issues (Ka-Cheong Poon) [Orabug: 32392165] [Orabug: 34710962]
  • uapi: Fix linux/rds.h userspace compilation errors. (Vinson Lee) [Orabug: 34710962]
  • uapi: fix linux/rds.h userspace compilation error (Dmitry V. Levin) [Orabug: 34710962]
  • uapi: fix linux/rds.h userspace compilation errors (Dmitry V. Levin) [Orabug: 34710962]
  • EDAC: Drop duplicated array of strings for memory type names (Jane Chu) [Orabug: 34645040]
  • xfs: don’t ever put nlink > 0 inodes on the unlinked list (Darrick J. Wong) [Orabug: 34431355]

Related

oraclelinux 17
nessus 86
cbl_mariner 3
cve 3
prion 3
ubuntucve 3
debiancve 3
veracode 2
redhatcve 3
f5 1
openvas 10
redhat 25
osv 16
ubuntu 8
cloudlinux 2
ibm 2
amazon 2
rocky 4
almalinux 4
centos 1
debian 1
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2022-12-12 00:00:00
Unbreakable Enterprise kernel security update
2022-12-12 00:00:00
Unbreakable Enterprise kernel-container security update
2022-12-12 00:00:00
nessus
nessus
Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2022-10073)
2022-12-12 00:00:00
Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2022-10072)
2022-12-12 00:00:00
Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2022-10081)
2022-12-12 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-40768 affecting package kernel 5.15.80.1-1
2022-12-19 20:13:00
CVE-2022-40768 affecting package kernel 5.10.153.1-1
2022-12-06 23:44:46
CVE-2022-4378 affecting package kernel 5.10.161.1-1
2023-01-29 21:02:07
cve
cve
CVE-2022-40768
2022-09-18 05:15:00
CVE-2022-3565
2022-10-17 19:15:00
CVE-2022-4378
2023-01-05 16:15:11
prion
prion
Design/Logic Flaw
2022-09-18 05:15:00
Stack overflow
2023-01-05 16:15:00
Design/Logic Flaw
2022-10-17 19:15:00
ubuntucve
ubuntucve
CVE-2022-40768
2022-09-18 00:00:00
CVE-2022-3565
2022-10-17 00:00:00
CVE-2022-4378
2023-01-05 00:00:00
debiancve
debiancve
CVE-2022-40768
2022-09-18 05:15:00
CVE-2022-3565
2022-10-17 19:15:00
CVE-2022-4378
2023-01-05 16:15:11
veracode
veracode
Use After Free
2022-11-19 14:28:25
Use After Free
2022-12-06 12:17:39
redhatcve
redhatcve
CVE-2022-40768
2022-09-20 17:14:46
CVE-2022-3565
2022-12-05 18:13:13
CVE-2022-4378
2022-12-12 13:04:58
f5
f5
K000134768 : Linux kernel vulnerability CVE-2022-4378
2023-05-25 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5799-1)
2023-01-11 00:00:00
Ubuntu: Security Advisory (USN-5809-1)
2023-01-18 00:00:00
Ubuntu: Security Advisory (USN-5831-1)
2023-01-30 00:00:00
redhat
redhat
(RHSA-2023:1706) Important: kernel security update
2023-04-11 14:11:38
(RHSA-2023:1705) Important: kernel security update
2023-04-11 13:45:59
(RHSA-2023:1103) Important: kpatch-patch security update
2023-03-07 09:41:06
osv
osv
linux-oem-5.17, linux-oem-6.0 vulnerability
2023-01-11 01:23:50
linux-oem-5.14 vulnerabilities
2023-01-17 18:10:42
linux-azure, linux-gkeop, linux-intel-iotg, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle-5.15 vulnerabilities
2023-01-19 19:27:06
ubuntu
ubuntu
Linux kernel (OEM) vulnerability
2023-01-11 00:00:00
Linux kernel (OEM) vulnerabilities
2023-01-17 00:00:00
Kernel Live Patch Security Notice
2023-03-07 00:00:00
cloudlinux
cloudlinux
kernel: Fix of 7 CVEs
2023-04-28 18:43:13
kernel: Fix of 7 CVEs
2023-04-28 19:55:00
ibm
ibm
Security Bulletin: Multiple Linux Kernel vulnerabilities may affect IBM Elastic Storage System
2023-08-11 07:13:16
Security Bulletin: Vulnerabilities in Linux Kernel might affect IBM Spectrum Copy Data Management (CVE-2022-1280, CVE-2023-0386, CVE-2022-4269, CVE-2022-2873, CVE-2022-4378)
2023-06-16 19:23:44
amazon
amazon
Important: kernel
2022-10-31 19:40:00
Important: kernel
2022-10-31 19:40:00
rocky
rocky
kernel security, bug fix, and enhancement update
2023-05-05 15:42:05
kernel security, bug fix, and enhancement update
2023-04-06 15:52:32
kernel-rt security and bug fix update
2023-04-26 15:28:18
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2023-04-04 00:00:00
Important: kernel-rt security and bug fix update
2023-04-04 00:00:00
Important: kernel security and bug fix update
2023-02-28 00:00:00
centos
centos
bpftool, kernel, perf, python security update
2023-03-08 16:36:50
debian
debian
[SECURITY] [DLA 3245-1] linux security update
2022-12-23 22:16:58

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

4.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.7%

JSON
Related for ELSA-2022-10073
oraclelinux17nessus86cbl_mariner3cve3prion3ubuntucve3debiancve3veracode2redhatcve3f51openvas10redhat25osv16ubuntu8cloudlinux2ibm2amazon2rocky4almalinux4centos1debian1