OracleLinuxELSA-2024-0647rpm security update
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 Medium
AI Score
Confidence
High
4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
MULTIPLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:M/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
35.7%
[4.14.3-28.0.2]
- Import additional patches to fix regressions with CVE-2021-35937,
CVE-2021-35938 and CVE-2021-35939 patchset [Orabug: 36256318]
[4.14.3-28.0.1] - Fixed infinte loop for db_create with error check [Orabug: 36202920]
[4.14.3-28] - Backport file handling code from rpm-4.19 to fix CVE-2021-35937,
CVE-2021-35938 and CVE-2021-35939
[4.14.3-27] - Make brp-python-bytecompile script compatible with Python 3.10+
Resolves: RHEL-6423
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | rpm | < 4.14.3-28.0.2.el8_9 | rpm-4.14.3-28.0.2.el8_9.src.rpm |
| oracle linux | 8 | src | rpm | < 4.14.3-28.0.2.el8_9 | rpm-4.14.3-28.0.2.el8_9.src.rpm |
| oracle linux | 8 | src | rpm | < 4.14.3-28.0.2.el8_9 | rpm-4.14.3-28.0.2.el8_9.src.rpm |
| oracle linux | 8 | aarch64 | python3-rpm | < 4.14.3-28.0.2.el8_9 | python3-rpm-4.14.3-28.0.2.el8_9.aarch64.rpm |
| oracle linux | 8 | aarch64 | python3-rpm | < 4.14.3-28.0.2.el8_9 | python3-rpm-4.14.3-28.0.2.el8_9.aarch64.rpm |
| oracle linux | 8 | aarch64 | rpm | < 4.14.3-28.0.2.el8_9 | rpm-4.14.3-28.0.2.el8_9.aarch64.rpm |
| oracle linux | 8 | aarch64 | rpm | < 4.14.3-28.0.2.el8_9 | rpm-4.14.3-28.0.2.el8_9.aarch64.rpm |
| oracle linux | 8 | noarch | rpm-apidocs | < 4.14.3-28.0.2.el8_9 | rpm-apidocs-4.14.3-28.0.2.el8_9.noarch.rpm |
| oracle linux | 8 | noarch | rpm-apidocs | < 4.14.3-28.0.2.el8_9 | rpm-apidocs-4.14.3-28.0.2.el8_9.noarch.rpm |
| oracle linux | 8 | aarch64 | rpm-build | < 4.14.3-28.0.2.el8_9 | rpm-build-4.14.3-28.0.2.el8_9.aarch64.rpm |
Related
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 Medium
AI Score
Confidence
High
4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
MULTIPLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:M/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
35.7%