How to research Common Vulnerabilities and Exposures (CVE) for Exadata packages
(Doc ID 2256887.1)
Last updated on FEBRUARY 12, 2021
Linux OS - Version Oracle Linux 5.8 and later Oracle Cloud Infrastructure - Version N/A and later Oracle Exadata Storage Server Software - Version 184.108.40.206.0 and later Linux x86-64
Customers running security scanning tools against Exadata machines receive vulnerability reports which may list Common Vulnerabilities and Exposures (CVE). This document addresses how to research identified Oracle Linux CVEs and determine the Exadata release where the issue is resolved/mitigated. Some of the more common Oracle Linux CVEs are documented in Responses to common Exadata security scan findings (Doc ID 1405320.1). However, it is not feasible to maintain a list of all CVEs. The purpose of this note is to be used in conjunction with Doc ID 1405320.1 and assist customers in researching individual CVEs. CVEs, once mitigated, are identified/reviewed for the next monthly release. It is important for customers to apply releases in a timely manner.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!