Oracle Linux Bulletin - July 2023

 

Description

The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin. Oracle Linux Bulletins are published on the same day as Oracle Critical Patch Updates are released. These bulletins will also be updated for the following two months after their release (i.e., the two months between the normal quarterly Critical Patch Update publication dates) to cover all CVEs that had been resolved in those two months following the bulletin's publication. In addition, Oracle Linux Bulletins may also be updated for vulnerability issues deemed too critical to wait for the next scheduled bulletin publication date.

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Oracle Linux Bulletin security patches as soon as possible.

 

Patch Availability

Please see ULN Advisory https://linux.oracle.com/ol-pad-bulletin

 

Oracle Linux Bulletin Schedule

Oracle Linux Bulletins are released released on the third Tuesday of January, April, July, and October. The next four dates are:

  • 17 October 2023
  • 16 January 2024
  • 16 April 2024
  • 16 July 2024

References

 

Modification History

Date Note
2023-September-19 Rev 3. New CVEs added
2023-August-16 Rev 2. New CVEs added
2023-July-18 Rev 1. Initial Release

Oracle Linux Executive Summary

This Oracle Linux Bulletin contains 41 new security patches for the Oracle Linux. 

Oracle Linux Risk Matrix

Revision 3: Published on 2023-09-19

CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 3.1 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base
Score		 Attack
Vector		 Attack
Complex		 Privs
Req'd		 User
Interact		 Scope Confid-
entiality		 Inte-
grity		 Avail-
ability
CVE-2023-35788 Oracle Linux kernel Yes 8.1 Network High None None Unchanged High High High 7
CVE-2023-35390 Oracle Linux .NET 6.0 No 7.8 Local Low None Required Unchanged High High High 9
CVE-2023-35390 Oracle Linux .NET 7.0 No 7.8 Local Low None Required Unchanged High High High 9
CVE-2023-30630 Oracle Linux dmidecode No 7.8 Local Low Low None Unchanged High High High 9
CVE-2020-22219 Oracle Linux flac No 7.8 Local Low Low None Unchanged High High High 8,9
CVE-2023-21102 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 9
CVE-2023-31248 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 9
CVE-2023-3390 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 9
CVE-2023-35001 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 9
CVE-2023-3610 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 9
CVE-2023-3776 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 9
CVE-2023-4004 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 9
CVE-2023-4147 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 9
CVE-2023-38180 Oracle Linux .NET 6.0 Yes 7.5 Network Low None None Unchanged None None High 9
CVE-2023-38180 Oracle Linux .NET 7.0 Yes 7.5 Network Low None None Unchanged None None High 9
CVE-2023-4051 Oracle Linux firefox Yes 7.5 Network Low None None Unchanged None None High 7,8,9
CVE-2023-4573 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4574 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4575 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4577 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4584 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4585 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-27522 Oracle Linux httpd:2.4 Yes 7.5 Network Low None None Unchanged None High None 8
CVE-2023-38200 Oracle Linux keylime Yes 7.5 Network Low None None Unchanged None None High 9
CVE-2023-3354 Oracle Linux qemu-kvm Yes 7.5 Network Low None None Unchanged None None High 9
CVE-2023-4051 Oracle Linux thunderbird Yes 7.5 Network Low None None Unchanged None None High 7,8,9
CVE-2023-4573 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4574 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4575 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4577 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4584 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4585 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-38497 Oracle Linux rust No 7.3 Local Low Low Required Unchanged High High High 9
CVE-2023-38497 Oracle Linux rust-toolset:ol8 No 7.3 Local Low Low Required Unchanged High High High 8
CVE-2023-3567 Oracle Linux Unbreakable Enterprise kernel No 6.7 Local Low High None Unchanged High High High 7
CVE-2023-36799 Oracle Linux .NET 6.0 Yes 6.5 Network Low None Required Unchanged None None High 8,9
CVE-2023-36799 Oracle Linux .NET 7.0 Yes 6.5 Network Low None Required Unchanged None None High 8,9
CVE-2022-40982 Oracle Linux Unbreakable Enterprise kernel No 6.5 Local Low Low None Changed High None None 7,8
CVE-2022-40982 Oracle Linux Unbreakable Enterprise kernel-container No 6.5 Local Low Low None Changed High None None 7,8
CVE-2023-32360 Oracle Linux cups No 6.5 Network Low Low None Unchanged High None None 7,8,9
CVE-2023-4583 Oracle Linux firefox Yes 6.5 Network Low None Required Unchanged None High None 7,8,9
CVE-2023-20593 Oracle Linux kernel No 6.5 Local Low Low None Changed High None None 7
CVE-2023-38201 Oracle Linux keylime No 6.5 Adjacent Low None None Unchanged None High None 9
CVE-2023-4583 Oracle Linux thunderbird Yes 6.5 Network Low None Required Unchanged None High None 7,8,9
CVE-2022-40982 Oracle Linux gcc No 6.5 Local Low Low None Changed High None None 8,9
CVE-2023-4053 Oracle Linux firefox Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-4578 Oracle Linux firefox Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-4580 Oracle Linux firefox Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-4581 Oracle Linux firefox Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-4053 Oracle Linux thunderbird Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-4578 Oracle Linux thunderbird Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-4580 Oracle Linux thunderbird Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-4581 Oracle Linux thunderbird Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-22024 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2023-22024 Oracle Linux Unbreakable Enterprise kernel-container No 5.5 Local Low Low None Unchanged None None High 7,8
CVE-2023-1637 Oracle Linux kernel No 5.5 Local Low Low None Unchanged High None None 9
CVE-2023-38633 Oracle Linux librsvg2 No 5.5 Local Low Low None Unchanged High None None 9
CVE-2023-22024 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 7,8
CVE-2023-4039 Oracle Linux gcc Yes 4.8 Network High None None Unchanged Low Low None 8,9
CVE-2023-2603 Oracle Linux libcap No 4.4 Local Low Low None Unchanged None Low Low 9
CVE-2023-2602 Oracle Linux libcap No 3.3 Local Low Low None Unchanged None None Low 9

Revision 2: Published on 2023-08-16

CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 3.1 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base
Score		 Attack
Vector		 Attack
Complex		 Privs
Req'd		 User
Interact		 Scope Confid-
entiality		 Inte-
grity		 Avail-
ability
CVE-2023-38408 Oracle Linux openssh Yes 9.8 Network Low None None Unchanged High High High 7,8,9
CVE-2023-3128 Oracle Linux grafana Yes 9.4 Network Low None None Unchanged High High Low 9
CVE-2023-37201 Oracle Linux firefox Yes 8.8 Network Low None Required Unchanged High High High 7
CVE-2023-37202 Oracle Linux firefox Yes 8.8 Network Low None Required Unchanged High High High 7
CVE-2023-37211 Oracle Linux firefox Yes 8.8 Network Low None Required Unchanged High High High 7
CVE-2023-37201 Oracle Linux thunderbird Yes 8.8 Network Low None Required Unchanged High High High 7
CVE-2023-37202 Oracle Linux thunderbird Yes 8.8 Network Low None Required Unchanged High High High 7
CVE-2023-37211 Oracle Linux thunderbird Yes 8.8 Network Low None Required Unchanged High High High 7
CVE-2023-32435 Oracle Linux webkit2gtk3 Yes 8.8 Network Low None Required Unchanged High High High 8,9
CVE-2023-32439 Oracle Linux webkit2gtk3 Yes 8.8 Network Low None Required Unchanged High High High 8,9
CVE-2022-4904 Oracle Linux nodejs:18 Yes 8.6 Network Low None None Unchanged Low Low High 8
CVE-2023-33170 Oracle Linux .NET 7.0 Yes 8.1 Network High None None Unchanged High High High 8,9
CVE-2023-35788 Oracle Linux kernel Yes 8.1 Network High None None Unchanged High High High 9
CVE-2023-35390 Oracle Linux .NET 6.0 No 7.8 Local Low None Required Unchanged High High High 8
CVE-2023-35390 Oracle Linux .NET 7.0 No 7.8 Local Low None Required Unchanged High High High 8
CVE-2023-37208 Oracle Linux firefox No 7.8 Local Low None Required Unchanged High High High 7
CVE-2023-1281 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 8
CVE-2023-2235 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 8,9
CVE-2023-32233 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 9
CVE-2023-3090 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 9
CVE-2023-37208 Oracle Linux thunderbird No 7.8 Local Low None Required Unchanged High High High 7
CVE-2023-38180 Oracle Linux .NET 6.0 Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2023-38180 Oracle Linux .NET 7.0 Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2023-2828 Oracle Linux bind Yes 7.5 Network Low None None Unchanged None None High 7,8,9
CVE-2023-2828 Oracle Linux bind9.16 Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2023-37464 Oracle Linux cjose Yes 7.5 Network Low None None Unchanged None High None 9
CVE-2023-4045 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4046 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4047 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4048 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4049 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4050 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4056 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4057 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-38403 Oracle Linux iperf3 Yes 7.5 Network Low None None Unchanged None None High 7,8,9
CVE-2023-25193 Oracle Linux java-11-openjdk Yes 7.5 Network Low None None Unchanged None None High 7,8,9
CVE-2023-25193 Oracle Linux java-17-openjdk Yes 7.5 Network Low None None Unchanged None None High 8,9
CVE-2023-37464 Oracle Linux mod_auth_openidc:2.3 Yes 7.5 Network Low None None Unchanged None High None 8
CVE-2023-30581 Oracle Linux nodejs Yes 7.5 Network Low None None Unchanged None High None 9
CVE-2023-30589 Oracle Linux nodejs Yes 7.5 Network Low None None Unchanged None High None 9
CVE-2023-32067 Oracle Linux nodejs:16 Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2023-30581 Oracle Linux nodejs:16 Yes 7.5 Network Low None None Unchanged None High None 8
CVE-2023-30589 Oracle Linux nodejs:16 Yes 7.5 Network Low None None Unchanged None High None 8
CVE-2023-32067 Oracle Linux nodejs:18 Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2023-30581 Oracle Linux nodejs:18 Yes 7.5 Network Low None None Unchanged None High None 8
CVE-2023-30589 Oracle Linux nodejs:18 Yes 7.5 Network Low None None Unchanged None High None 8,9
CVE-2023-24329 Oracle Linux python39:3.9 and python39-devel:3.9 Yes 7.5 Network Low None None Unchanged None High None 8
CVE-2023-3417 Oracle Linux thunderbird Yes 7.5 Network Low None None Unchanged None High None 7,8,9
CVE-2023-4045 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4046 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4047 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4048 Oracle Linux thunderbird Yes 7.5 Network Low None None Unchanged None None High 7,8,9
CVE-2023-4049 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4050 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4056 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-4057 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-30581 Oracle Linux 18 Yes 7.5 Network Low None None Unchanged None High None 9
CVE-2023-30861 Oracle Linux python-flask Yes 7.5 Network Low None None Unchanged High None None 8
CVE-2023-25577 Oracle Linux python-werkzeug Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2023-1829 Oracle Linux kernel No 7.4 Local High None None Unchanged High High High 8
CVE-2023-2454 Oracle Linux postgresql:10 No 7.2 Network Low High None Unchanged High High High 8
CVE-2023-2454 Oracle Linux postgresql:12 No 7.2 Network Low High None Unchanged High High High 8
CVE-2023-2454 Oracle Linux postgresql:13 No 7.2 Network Low High None Unchanged High High High 8
CVE-2023-2454 Oracle Linux 15 No 7.2 Network Low High None Unchanged High High High 9
CVE-2022-3564 Oracle Linux kernel No 7.1 Adjacent High Low None Unchanged High High High 7
CVE-2023-2124 Oracle Linux kernel No 7.0 Local High Low None Unchanged High High High 8,9
CVE-2023-28466 Oracle Linux kernel No 7.0 Local High Low None Unchanged High High High 9
CVE-2023-28466 Oracle Linux kernel No 7.0 Local High Low None Unchanged High High High 8
CVE-2023-27561 Oracle Linux aardvark-dns No 7.0 Local High Low None Unchanged High High High 8
CVE-2023-27561 Oracle Linux buildah No 7.0 Local High Low None Unchanged High High High 8
CVE-2022-42896 Oracle Linux kernel No 6.8 Adjacent High None None Unchanged High High None 8
CVE-2023-2002 Oracle Linux kernel No 6.8 Adjacent Low Low None Unchanged Low Low High 9
CVE-2023-2194 Oracle Linux kernel No 6.7 Local Low High None Unchanged High High High 8,9
CVE-2023-34969 Oracle Linux dbus No 6.5 Network Low Low None Unchanged None None High 8,9
CVE-2023-37207 Oracle Linux firefox Yes 6.5 Network Low None Required Unchanged None High None 7
CVE-2023-4055 Oracle Linux firefox Yes 6.5 Network Low None Required Unchanged None High None 7,8,9
CVE-2023-22652 Oracle Linux libeconf Yes 6.5 Network Low None Required Unchanged None None High 9
CVE-2023-28484 Oracle Linux libxml2 Yes 6.5 Network Low None Required Unchanged None None High 8,9
CVE-2023-29469 Oracle Linux libxml2 Yes 6.5 Network Low None Required Unchanged None None High 8,9
CVE-2023-20593 Oracle Linux linux-firmware No 6.5 Local Low Low None Changed High None None 7,9
CVE-2022-40982 Oracle Linux microcode_ctl No 6.5 Local Low Low None Changed High None None 7,9
CVE-2023-37207 Oracle Linux thunderbird Yes 6.5 Network Low None Required Unchanged None High None 7
CVE-2023-4055 Oracle Linux thunderbird Yes 6.5 Network Low None Required Unchanged None High None 7,8,9
CVE-2023-20593 Oracle Linux linux-firmware No 6.5 Local Low Low None Changed High None None 8
CVE-2022-40982 Oracle Linux microcode_ctl No 6.5 Local Low Low None Changed High None None 8
CVE-2023-26604 Oracle Linux systemd No 6.2 Local Low None None Unchanged High None None 8
CVE-2023-32681 Oracle Linux python-requests Yes 6.1 Network High None Required Changed High None None 8,9
CVE-2023-28642 Oracle Linux aardvark-dns No 6.1 Local Low None Required Changed Low Low Low 8
CVE-2023-28642 Oracle Linux buildah No 6.1 Local Low None Required Changed Low Low Low 8
CVE-2023-27536 Oracle Linux curl Yes 5.9 Network High None None Unchanged High None None 8
CVE-2023-28321 Oracle Linux curl Yes 5.9 Network High None None Unchanged None High None 8,9
CVE-2023-31147 Oracle Linux nodejs:16 Yes 5.9 Network High None None Unchanged None High None 8
CVE-2023-31147 Oracle Linux nodejs:18 Yes 5.9 Network High None None Unchanged None High None 8
CVE-2023-3347 Oracle Linux samba Yes 5.9 Network High None None Unchanged None High None 8,9
CVE-2023-1998 Oracle Linux kernel No 5.6 Local High Low None Changed High None None 9
CVE-2023-20569 Oracle Linux linux-firmware No 5.6 Local High Low None Changed High None None 7,9
CVE-2023-20569 Oracle Linux linux-firmware No 5.6 Local High Low None Changed High None None 8
CVE-2022-45869 Oracle Linux kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2023-0458 Oracle Linux kernel No 5.3 Network High Low None Unchanged High None None 9
CVE-2023-30588 Oracle Linux nodejs Yes 5.3 Network Low None None Unchanged None None Low 9
CVE-2023-30590 Oracle Linux nodejs Yes 5.3 Network Low None None Unchanged None Low None 9
CVE-2023-30588 Oracle Linux nodejs:16 Yes 5.3 Network Low None None Unchanged None None Low 8
CVE-2023-30590 Oracle Linux nodejs:16 Yes 5.3 Network Low None None Unchanged None Low None 8
CVE-2023-30588 Oracle Linux nodejs:18 Yes 5.3 Network Low None None Unchanged None None Low 8
CVE-2023-30590 Oracle Linux nodejs:18 Yes 5.3 Network Low None None Unchanged None Low None 8
CVE-2023-30588 Oracle Linux 18 Yes 5.3 Network Low None None Unchanged None None Low 9
CVE-2023-30590 Oracle Linux 18 Yes 5.3 Network Low None None Unchanged None Low None 9
CVE-2023-22041 Oracle Linux java-11-openjdk No 5.1 Local High None None Unchanged High None None 7,8,9
CVE-2023-22041 Oracle Linux java-17-openjdk No 5.1 Local High None None Unchanged High None None 8,9
CVE-2023-2603 Oracle Linux libcap No 4.4 Local Low Low None Unchanged None Low Low 8
CVE-2023-2455 Oracle Linux postgresql:10 No 4.2 Network High Low None Unchanged Low Low None 8
CVE-2023-2455 Oracle Linux postgresql:12 No 4.2 Network High Low None Unchanged Low Low None 8
CVE-2023-2455 Oracle Linux postgresql:13 No 4.2 Network High Low None Unchanged Low Low None 8
CVE-2023-2455 Oracle Linux 15 No 4.2 Network High Low None Unchanged Low Low None 9
CVE-2023-31130 Oracle Linux nodejs:16 No 4.1 Local High High None Unchanged None None High 8
CVE-2023-31130 Oracle Linux nodejs:18 No 4.1 Local High High None Unchanged None None High 8
CVE-2023-28322 Oracle Linux curl Yes 3.7 Network High None None Unchanged Low None None 9
CVE-2023-22045 Oracle Linux java-1.8.0-openjdk Yes 3.7 Network High None None Unchanged Low None None 7,8,9
CVE-2023-22049 Oracle Linux java-1.8.0-openjdk Yes 3.7 Network High None None Unchanged None Low None 7,8,9
CVE-2023-22036 Oracle Linux java-11-openjdk Yes 3.7 Network High None None Unchanged None None Low 7,8,9
CVE-2023-22045 Oracle Linux java-11-openjdk Yes 3.7 Network High None None Unchanged Low None None 7,8,9
CVE-2023-22049 Oracle Linux java-11-openjdk Yes 3.7 Network High None None Unchanged None Low None 7,8,9
CVE-2023-22036 Oracle Linux java-17-openjdk Yes 3.7 Network High None None Unchanged None None Low 8,9
CVE-2023-22044 Oracle Linux java-17-openjdk Yes 3.7 Network High None None Unchanged Low None None 8,9
CVE-2023-22045 Oracle Linux java-17-openjdk Yes 3.7 Network High None None Unchanged Low None None 8,9
CVE-2023-22049 Oracle Linux java-17-openjdk Yes 3.7 Network High None None Unchanged None Low None 8,9
CVE-2023-31124 Oracle Linux nodejs:16 Yes 3.7 Network High None None Unchanged None Low None 8
CVE-2023-31124 Oracle Linux nodejs:18 Yes 3.7 Network High None None Unchanged None Low None 8
CVE-2022-41862 Oracle Linux postgresql:12 Yes 3.7 Network High None None Unchanged Low None None 8
CVE-2023-2602 Oracle Linux libcap No 3.3 Local Low Low None Unchanged None None Low 8
CVE-2023-22006 Oracle Linux java-11-openjdk Yes 3.1 Network High None Required Unchanged None Low None 7,8,9
CVE-2023-22006 Oracle Linux java-17-openjdk Yes 3.1 Network High None Required Unchanged None Low None 8,9
CVE-2023-23934 Oracle Linux python-werkzeug No 2.6 Adjacent High None Required Unchanged None Low None 8
CVE-2023-25809 Oracle Linux aardvark-dns No 2.5 Local High High None Changed None None Low 8
CVE-2023-25809 Oracle Linux buildah No 2.5 Local High High None Changed None None Low 8

Revision 1: Published on 2023-07-18

CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 3.1 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base
Score		 Attack
Vector		 Attack
Complex		 Privs
Req'd		 User
Interact		 Scope Confid-
entiality		 Inte-
grity		 Avail-
ability
CVE-2023-29402 Oracle Linux go-toolset and golang Yes 9.8 Network Low None None Unchanged High High High 9
CVE-2023-29404 Oracle Linux go-toolset and golang Yes 9.8 Network Low None None Unchanged High High High 9
CVE-2023-29405 Oracle Linux go-toolset and golang Yes 9.8 Network Low None None Unchanged High High High 9
CVE-2023-29402 Oracle Linux go-toolset:ol8 Yes 9.8 Network Low None None Unchanged High High High 8
CVE-2023-29404 Oracle Linux go-toolset:ol8 Yes 9.8 Network Low None None Unchanged High High High 8
CVE-2023-29405 Oracle Linux go-toolset:ol8 Yes 9.8 Network Low None None Unchanged High High High 8
CVE-2023-37201 Oracle Linux firefox Yes 8.8 Network Low None Required Unchanged High High High 8,9
CVE-2023-37202 Oracle Linux firefox Yes 8.8 Network Low None Required Unchanged High High High 8,9
CVE-2023-37211 Oracle Linux firefox Yes 8.8 Network Low None Required Unchanged High High High 8,9
CVE-2021-33621 Oracle Linux ruby:2.7 No 8.8 Network Low Low None Unchanged High High High 8
CVE-2023-37201 Oracle Linux thunderbird Yes 8.8 Network Low None Required Unchanged High High High 8,9
CVE-2023-37202 Oracle Linux thunderbird Yes 8.8 Network Low None Required Unchanged High High High 8,9
CVE-2023-37211 Oracle Linux thunderbird Yes 8.8 Network Low None Required Unchanged High High High 8,9
CVE-2023-33170 Oracle Linux .NET 6.0 Yes 8.1 Network High None None Unchanged High High High 8,9
CVE-2022-34918 Oracle Linux Unbreakable Enterprise kernel-container No 7.8 Local Low Low None Unchanged High High High 7,8
CVE-2023-37208 Oracle Linux firefox No 7.8 Local Low None Required Unchanged High High High 8,9
CVE-2023-29403 Oracle Linux go-toolset and golang No 7.8 Local Low None Required Unchanged High High High 9
CVE-2023-29403 Oracle Linux go-toolset:ol8 No 7.8 Local Low None Required Unchanged High High High 8
CVE-2023-32700 Oracle Linux texlive No 7.8 Local Low None Required Unchanged High High High 8,9
CVE-2023-37208 Oracle Linux thunderbird No 7.8 Local Low None Required Unchanged High High High 8,9
CVE-2022-34918 Oracle Linux Unbreakable Enterprise kernel No 7.8 Local Low Low None Unchanged High High High 7,8
CVE-2023-32067 Oracle Linux c-ares Yes 7.5 Network Low None None Unchanged None None High 7
CVE-2023-24329 Oracle Linux python27:2.7 Yes 7.5 Network Low None None Unchanged None High None 8
CVE-2023-24329 Oracle Linux python38:3.8 and python38-devel:3.8 Yes 7.5 Network Low None None Unchanged None High None 8
CVE-2023-2454 Oracle Linux postgresql No 7.2 Network Low High None Unchanged High High High 9
CVE-2022-39189 Oracle Linux Unbreakable Enterprise kernel-container No 7.0 Local High Low None Unchanged High High High 7,8
CVE-2022-39189 Oracle Linux Unbreakable Enterprise kernel No 7.0 Local High Low None Unchanged High High High 7,8
CVE-2023-37207 Oracle Linux firefox Yes 6.5 Network Low None Required Unchanged None High None 8,9
CVE-2023-37207 Oracle Linux thunderbird Yes 6.5 Network Low None Required Unchanged None High None 8,9
CVE-2023-2700 Oracle Linux libvirt No 6.3 Local High Low None Unchanged High None High 9
CVE-2023-2700 Oracle Linux virt:ol and virt-devel:rhel No 6.3 Local High Low None Unchanged High None High 8
CVE-2023-0464 Oracle Linux openssl Yes 5.9 Network High None None Unchanged None None High 9
CVE-2023-2650 Oracle Linux openssl Yes 5.9 Network High None None Unchanged None None High 9
CVE-2022-46663 Oracle Linux less No 5.5 Local Low None Required Unchanged None None High 9
CVE-2022-48281 Oracle Linux libtiff No 5.5 Local Low None Required Unchanged None None High 8,9
CVE-2023-0795 Oracle Linux libtiff No 5.5 Local Low None Required Unchanged None None High 9
CVE-2023-0796 Oracle Linux libtiff No 5.5 Local Low None Required Unchanged None None High 9
CVE-2023-0797 Oracle Linux libtiff No 5.5 Local Low None Required Unchanged None None High 9
CVE-2023-0798 Oracle Linux libtiff No 5.5 Local Low None Required Unchanged None None High 9
CVE-2023-0799 Oracle Linux libtiff No 5.5 Local Low None Required Unchanged None None High 9
CVE-2023-0800 Oracle Linux libtiff No 5.5 Local Low None Required Unchanged None None High 9
CVE-2023-0801 Oracle Linux libtiff No 5.5 Local Low None Required Unchanged None None High 9
CVE-2023-0802 Oracle Linux libtiff No 5.5 Local Low None Required Unchanged None None High 9
CVE-2023-0803 Oracle Linux libtiff No 5.5 Local Low None Required Unchanged None None High 9
CVE-2023-0804 Oracle Linux libtiff No 5.5 Local Low None Required Unchanged None None High 9
CVE-2020-24736 Oracle Linux sqlite No 5.5 Local Low Low None Unchanged None None High 8
CVE-2023-28755 Oracle Linux ruby:2.7 Yes 5.3 Network Low None None Unchanged None None Low 8
CVE-2023-28756 Oracle Linux ruby:2.7 Yes 5.3 Network Low None None Unchanged None None Low 8
CVE-2023-1255 Oracle Linux openssl No 5.1 Local High None None Unchanged None None High 9
CVE-2023-2283 Oracle Linux libssh Yes 4.8 Network High None None Unchanged Low Low None 8
CVE-2023-1667 Oracle Linux libssh No 4.3 Network Low Low None Unchanged None None Low 8
CVE-2023-2455 Oracle Linux postgresql No 4.2 Network High Low None Unchanged Low Low None 9
CVE-2023-20867 Oracle Linux open-vm-tools No 3.9 Local High High None Changed Low Low None 7
CVE-2023-20867 Oracle Linux open-vm-tools No 3.9 Local High High None Changed Low Low None 8,9
CVE-2023-0465 Oracle Linux openssl Yes 3.7 Network High None None Unchanged None Low None 9
CVE-2023-0466 Oracle Linux openssl Yes 3.7 Network High None None Unchanged None Low None 9