My Oracle Support Banner

How to research Common Vulnerabilities and Exposures (CVE) for Exadata packages (Doc ID 2256887.1)

Last updated on DECEMBER 28, 2021

Applies to:

Linux OS - Version Oracle Linux 7.0 and later
Oracle Cloud Infrastructure - Version N/A and later
Oracle Exadata Storage Server Software - Version 20.0.0.0.0 and later
Linux x86-64

Purpose

Customers running security scanning tools against Exadata machines receive vulnerability reports which may list Common Vulnerabilities and Exposures (CVE). This document addresses how to research identified Oracle Linux CVEs and determine the Exadata release where the issue is resolved/mitigated.  Some of the more common Oracle Linux CVEs are documented in Doc ID 1405320.1. However, it is not feasible to maintain a list of all CVEs.

The purpose of this note is to be used in conjunction with Doc ID 1405320.1 and assist customers in researching individual CVEs.

Note: CVEs, once mitigated, are identified/reviewed for the next monthly release.  It is important for customers to apply releases in a timely manner.

Details

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Purpose
Details
 Search by CVE ID
 Search by Errata ID
 Enter specific errata ID
 Errata Output
 System Check
 Package Comparison
 Exadata Release Search
 RPM Search
 Filter Output
 RPM Details
 Alternative RPM Upgrades
 CVE External References
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.