Oracle MiniCluster MC-S7: CVE-2017-3629 (Doc ID 2287850.1)

Last updated on JULY 19, 2017

Applies to:

Oracle MiniCluster Specific Software - Version 1.x to 1.x [Release 1.0]
Solaris Operating System - Version 11.3 to 11.3 [Release 11.0]
Oracle Solaris on SPARC (64-bit)
This document addresses how to get the fixes for CVE-2017-3629 and two other vulnerabilities affecting Oracle Solaris specific to Oracle Minicluster MC-S7 systems.

Due to the severity of these vulnerabilities and the public disclosure of technical details, Oracle strongly recommends that customers apply the updates provided as soon as possible.

Symptoms

 These are local privilege escalation vulnerabilities that may only be exploited over a network with a valid username and password. Together, these vulnerabilities may allow privilege escalation to root.

 

Changes

Standard Oracle Solaris versions 10 and 11 are affected. This document provides the details on the fixes for Oracle Solaris version 11.3 on Oracle Minicluster MC-S7 systems *only*.

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms