How to research Common Vulnerabilities and Exposures (CVE) for Exadata packages
(Doc ID 2256887.1)
Last updated on APRIL 04, 2024
Applies to:
Linux OS - Version Oracle Linux 7.0 and later Oracle Cloud Infrastructure - Version N/A and later Oracle Exadata Storage Server Software - Version 20.0.0.0.0 and later Linux x86-64
Purpose
Customers executing security scanning tools against Exadata machines receive vulnerability reports which may list Common Vulnerabilities and Exposures (CVE). This document addresses how to research identified Oracle Linux CVEs and determine the Exadata release where the issue is resolved/mitigated. Some of the most common Oracle Linux CVEs are documented in Doc ID 1405320.1. However, it is not feasible to maintain a list of all CVEs.
The purpose of this note is to be used in conjunction with Doc ID 1405320.1 and assist customers in researching individual CVEs.
Note: CVEs, once mitigated, are identified/reviewed for the next monthly release. It is important for customers to apply releases in a timely manner.
Scope
Details
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!