How to research Common Vulnerabilities and Exposures (CVE) for Exadata packages
(Doc ID 2256887.1)
Last updated on DECEMBER 28, 2021
Applies to:
Linux OS - Version Oracle Linux 7.0 and later Oracle Cloud Infrastructure - Version N/A and later Oracle Exadata Storage Server Software - Version 20.0.0.0.0 and later Linux x86-64
Purpose
Customers running security scanning tools against Exadata machines receive vulnerability reports which may list Common Vulnerabilities and Exposures (CVE). This document addresses how to research identified Oracle Linux CVEs and determine the Exadata release where the issue is resolved/mitigated. Some of the more common Oracle Linux CVEs are documented in Doc ID 1405320.1. However, it is not feasible to maintain a list of all CVEs.
The purpose of this note is to be used in conjunction with Doc ID 1405320.1 and assist customers in researching individual CVEs.
Note: CVEs, once mitigated, are identified/reviewed for the next monthly release. It is important for customers to apply releases in a timely manner.
Details
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!