How to research Common Vulnerabilities and Exposures (CVE) for the Oracle Database Appliance
(Doc ID 2636241.1)
Last updated on JULY 20, 2024
Applies to:
Linux OS Oracle Database Appliance Linux x86-64
Purpose
Customers running security scanning tools against Oracle Database Appliance machines receive vulnerability reports which may list Common Vulnerabilities and Exposures (CVE). This document addresses how to research identified Oracle Linux CVEs and determine the Oracle Database Appliance release where the issue is resolved/mitigated. The purpose of this note is to assist customers in researching an individual CVE and installing a temporary fix for it. Any changes will be overridden in the next release when the permanent fix is installed.
It is important for customers to apply releases in a timely manner.
Note: the instructions in the document are only to be performed under the advice of Oracle Support as installing a new version of a package may have unexpected consequences.
Scope
This document only applies to updating applications, not to kernel, Infiniband or Java packages.
Details
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!