Oracle Linux Bulletin - April 2021

 

Description

The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin. Oracle Linux Bulletins are published on the same day as Oracle Critical Patch Updates are released. These bulletins will also be updated for the following two months after their release (i.e., the two months between the normal quarterly Critical Patch Update publication dates) to cover all CVEs that had been resolved in those two months following the bulletin's publication. In addition, Oracle Linux Bulletins may also be updated for vulnerability issues deemed too critical to wait for the next scheduled bulletin publication date.

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Oracle Linux Bulletin security patches as soon as possible.

 

Patch Availability

Please see ULN Advisory https://linux.oracle.com/ol-pad-bulletin

 

Oracle Linux Bulletin Schedule

Oracle Linux Bulletins are released on the Tuesday closest to the 17th day of January, April, July and October. The next four dates are:

  • 20 July 2021
  • 19 October 2021
  • 18 January 2022
  • 19 April 2022

References

 

Modification History

Date Note
2021-June-17 Rev 3. New CVEs added
2021-May-20 Rev 2. New CVEs added
2021-April-20 Rev 1. Initial Release

Oracle Linux Executive Summary

This Oracle Linux Bulletin contains 218 new security patches for the Oracle Linux. 

Oracle Linux Risk Matrix

Revision 3: Published on 2021-06-17

CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 3.1 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base
Score		 Attack
Vector		 Attack
Complex		 Privs
Req'd		 User
Interact		 Scope Confid-
entiality		 Inte-
grity		 Avail-
ability
CVE-2021-27219 Oracle Linux glib2 Yes 9.8 Network Low None None Unchanged High High High 8
CVE-2021-27219 Oracle Linux glib2 Yes 9.8 Network Low None None Unchanged High High High 7
CVE-2019-9169 Oracle Linux glibc Yes 9.8 Network Low None None Unchanged High High High 8
CVE-2020-27846 Oracle Linux grafana Yes 9.8 Network Low None None Unchanged High High High 8
CVE-2020-11984 Oracle Linux httpd:2.4 Yes 9.8 Network Low None None Unchanged High High High 8
CVE-2018-25011 Oracle Linux libwebp Yes 9.8 Network Low None None Unchanged High High High 7,8
CVE-2020-36328 Oracle Linux libwebp Yes 9.8 Network Low None None Unchanged High High High 7,8
CVE-2020-36329 Oracle Linux libwebp Yes 9.8 Network Low None None Unchanged High High High 7,8
CVE-2018-25011 Oracle Linux qt5-qtimageformats Yes 9.8 Network Low None None Unchanged High High High 7
CVE-2018-25014 Oracle Linux qt5-qtimageformats Yes 9.8 Network Low None None Unchanged High High High 7
CVE-2020-36328 Oracle Linux qt5-qtimageformats Yes 9.8 Network Low None None Unchanged High High High 7
CVE-2020-36329 Oracle Linux qt5-qtimageformats Yes 9.8 Network Low None None Unchanged High High High 7
CVE-2020-36318 Oracle Linux rust-toolset:ol8 Yes 9.8 Network Low None None Unchanged High High High 8
CVE-2020-1472 Oracle Linux samba Yes 9.8 Network Low None None Unchanged High High High 8
CVE-2019-25032 Oracle Linux unbound Yes 9.8 Network Low None None Unchanged High High High 8
CVE-2019-25034 Oracle Linux unbound Yes 9.8 Network Low None None Unchanged High High High 8
CVE-2019-25035 Oracle Linux unbound Yes 9.8 Network Low None None Unchanged High High High 8
CVE-2019-25036 Oracle Linux unbound Yes 9.8 Network Low None None Unchanged High High High 8
CVE-2019-25038 Oracle Linux unbound Yes 9.8 Network Low None None Unchanged High High High 8
CVE-2019-25039 Oracle Linux unbound Yes 9.8 Network Low None None Unchanged High High High 8
CVE-2019-25042 Oracle Linux unbound Yes 9.8 Network Low None None Unchanged High High High 8
CVE-2020-13543 Oracle Linux GNOME Yes 8.8 Network Low None Required Unchanged High High High 8
CVE-2020-13584 Oracle Linux GNOME Yes 8.8 Network Low None Required Unchanged High High High 8
CVE-2020-9948 Oracle Linux GNOME Yes 8.8 Network Low None Required Unchanged High High High 8
CVE-2020-9951 Oracle Linux GNOME Yes 8.8 Network Low None Required Unchanged High High High 8
CVE-2020-9983 Oracle Linux GNOME Yes 8.8 Network Low None Required Unchanged High High High 8
CVE-2020-27153 Oracle Linux bluez Yes 8.8 Network Low None Required Changed Low Low High 8
CVE-2021-25217 Oracle Linux dhcp No 8.8 Local Low None None Unchanged High High High 7,8
CVE-2020-24489 Oracle Linux microcode_ctl No 8.8 Local Low Low None Changed High High High 7
CVE-2021-29477 Oracle Linux redis:6 No 8.8 Network Low Low None Unchanged High High High 8
CVE-2020-10878 Oracle Linux perl Yes 8.6 Network Low None None Unchanged Low Low High 8
CVE-2020-25097 Oracle Linux squid:4 Yes 8.6 Network Low None None Changed High None None 8
CVE-2021-33516 Oracle Linux gupnp Yes 8.3 Network Low None Required Unchanged High High Low 7,8
CVE-2020-10543 Oracle Linux perl Yes 8.2 Network Low None None Unchanged None Low High 8
CVE-2020-36242 Oracle Linux python-cryptography Yes 8.2 Network Low None None Unchanged Low None High 8
CVE-2020-28374 Oracle Linux Unbreakable Enterprise kernel-container No 8.1 Network Low Low None Unchanged High High None 7,8
CVE-2021-23017 Oracle Linux nginx:1.16 Yes 8.1 Network High None None Unchanged High High High 8
CVE-2021-23017 Oracle Linux nginx:1.18 Yes 8.1 Network High None None Unchanged High High High 8
CVE-2020-26117 Oracle Linux tigervnc Yes 8.1 Network Low None Required Unchanged High High None 8
CVE-2020-28374 Oracle Linux Unbreakable Enterprise kernel No 8.1 Network Low Low None Unchanged High High None 7,8
CVE-2021-29266 Oracle Linux Unbreakable Enterprise kernel-container No 7.8 Local Low Low None Unchanged High High High 7,8
CVE-2019-18276 Oracle Linux bash No 7.8 Local Low Low None Unchanged High High High 8
CVE-2020-16303 Oracle Linux ghostscript No 7.8 Local Low None Required Unchanged High High High 8
CVE-2020-12362 Oracle Linux kernel No 7.8 Local High Low None Changed High High High 7
CVE-2021-3501 Oracle Linux kernel No 7.8 Local High Low None Changed High High High 8
CVE-2019-19523 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 8
CVE-2020-12362 Oracle Linux kernel No 7.8 Local High Low None Changed High High High 8
CVE-2020-27786 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 8
CVE-2021-3560 Oracle Linux polkit No 7.8 Local Low Low None Unchanged High High High 8
CVE-2021-23240 Oracle Linux sudo No 7.8 Local Low Low None Unchanged High High High 8
CVE-2020-24330 Oracle Linux trousers No 7.8 Local Low None Required Unchanged High High High 8
CVE-2020-24331 Oracle Linux trousers No 7.8 Local Low Low None Unchanged High High High 8
CVE-2020-14345 Oracle Linux userspace graphics, xorg-x11, and mesa No 7.8 Local Low Low None Unchanged High High High 8
CVE-2020-14346 Oracle Linux userspace graphics, xorg-x11, and mesa No 7.8 Local Low Low None Unchanged High High High 8
CVE-2020-14360 Oracle Linux userspace graphics, xorg-x11, and mesa No 7.8 Local Low Low None Unchanged High High High 8
CVE-2020-14361 Oracle Linux userspace graphics, xorg-x11, and mesa No 7.8 Local Low Low None Unchanged High High High 8
CVE-2020-14362 Oracle Linux userspace graphics, xorg-x11, and mesa No 7.8 Local Low Low None Unchanged High High High 8
CVE-2020-14363 Oracle Linux userspace graphics, xorg-x11, and mesa No 7.8 Local Low Low None Unchanged High High High 8
CVE-2020-25712 Oracle Linux userspace graphics, xorg-x11, and mesa No 7.8 Local Low Low None Unchanged High High High 8
CVE-2020-36322 Oracle Linux kernel No 7.7 Local Low None None Unchanged None High High 8
CVE-2019-13012 Oracle Linux GNOME Yes 7.5 Network Low None None Unchanged None High None 8
CVE-2021-25215 Oracle Linux bind Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2021-30465 Oracle Linux container-tools:2.0 No 7.5 Network High Low None Unchanged High High High 8
CVE-2021-30465 Oracle Linux container-tools:3.0 No 7.5 Network High Low None Unchanged High High High 8
CVE-2021-30465 Oracle Linux container-tools:ol8 No 7.5 Network High Low None Unchanged High High High 8
CVE-2020-25275 Oracle Linux dovecot Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2021-29967 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8
CVE-2021-3115 Oracle Linux go-toolset:ol8 Yes 7.5 Network High None Required Unchanged High High High 8
CVE-2020-12695 Oracle Linux gssdp and gupnp Yes 7.5 Network High None None Changed Low None High 8
CVE-2018-17199 Oracle Linux httpd:2.4 Yes 7.5 Network Low None None Unchanged None High None 8
CVE-2020-11993 Oracle Linux httpd:2.4 Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2021-3480 Oracle Linux idm:DL1 Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2020-28196 Oracle Linux krb5 Yes 7.5 Network Low None None Unchanged None None High 7,8
CVE-2018-21247 Oracle Linux libvncserver Yes 7.5 Network Low None None Unchanged High None None 8
CVE-2019-20839 Oracle Linux libvncserver Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2020-14397 Oracle Linux libvncserver Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2020-25708 Oracle Linux libvncserver Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2020-29361 Oracle Linux p11-kit Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2020-29363 Oracle Linux p11-kit Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2020-27778 Oracle Linux poppler and evince Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2021-32027 Oracle Linux postgresql No 7.5 Network High Low None Unchanged High High High 7
CVE-2021-32027 Oracle Linux postgresql:10 No 7.5 Network High Low None Unchanged High High High 8
CVE-2021-32027 Oracle Linux postgresql:12 No 7.5 Network High Low None Unchanged High High High 8
CVE-2021-32027 Oracle Linux postgresql:13 No 7.5 Network High Low None Unchanged High High High 8
CVE-2021-32027 Oracle Linux postgresql:9.6 No 7.5 Network High Low None Unchanged High High High 8
CVE-2020-25659 Oracle Linux python-cryptography Yes 7.5 Network Low None None Unchanged High None None 8
CVE-2020-27619 Oracle Linux python3 Yes 7.5 Network High None Required Unchanged High High High 8
CVE-2021-29967 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8
CVE-2019-25037 Oracle Linux unbound Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2019-25040 Oracle Linux unbound Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2019-25041 Oracle Linux unbound Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2021-0326 Oracle Linux wpa_supplicant No 7.5 Local High None None Unchanged High High High 8
CVE-2020-8286 Oracle Linux curl Yes 7.4 Network High None None Unchanged High High None 8
CVE-2021-3347 Oracle Linux kernel No 7.4 Local High None None Unchanged High High High 7
CVE-2019-14866 Oracle Linux cpio No 7.3 Local Low Low Required Unchanged High High High 8
CVE-2021-31204 Oracle Linux dotnet3.1 No 7.3 Local Low Low Required Unchanged High High High 8
CVE-2021-31204 Oracle Linux dotnet5.0 No 7.3 Local Low Low Required Unchanged High High High 8
CVE-2020-8648 Oracle Linux kernel No 7.1 Local Low Low None Unchanged High None High 7
CVE-2017-18926 Oracle Linux raptor2 Yes 7.1 Network Low None Required Unchanged None Low High 8
CVE-2021-23133 Oracle Linux Unbreakable Enterprise kernel-container No 7.0 Local High Low None Unchanged High High High 7,8
CVE-2021-29154 Oracle Linux Unbreakable Enterprise kernel-container No 7.0 Local High Low None Unchanged High High High 7,8
CVE-2019-3842 Oracle Linux systemd No 7.0 Local High Low None Unchanged High High High 8
CVE-2021-23133 Oracle Linux Unbreakable Enterprise kernel No 7.0 Local High Low None Unchanged High High High 7,8
CVE-2021-29154 Oracle Linux Unbreakable Enterprise kernel No 7.0 Local High Low None Unchanged High High High 7,8
CVE-2020-24386 Oracle Linux dovecot No 6.8 Network High Low None Unchanged High High None 8
CVE-2021-20254 Oracle Linux samba No 6.8 Network High Low None Unchanged High High None 7
CVE-2021-31916 Oracle Linux Unbreakable Enterprise kernel-container No 6.7 Local Low High None Unchanged High High High 7,8
CVE-2021-3411 Oracle Linux Unbreakable Enterprise kernel-container No 6.7 Local Low High None Unchanged High High High 7,8
CVE-2021-3543 Oracle Linux kernel No 6.7 Local Low High None Unchanged High High High 8
CVE-2020-0431 Oracle Linux kernel No 6.7 Local Low High None Unchanged High High High 8
CVE-2020-12464 Oracle Linux kernel No 6.7 Local Low High None Unchanged High High High 8
CVE-2021-0342 Oracle Linux kernel No 6.7 Local Low High None Unchanged High High High 8
CVE-2020-13776 Oracle Linux systemd No 6.7 Local High Low Required Unchanged High High High 8
CVE-2020-14344 Oracle Linux userspace graphics, xorg-x11, and mesa No 6.7 Local Low High None Unchanged High High High 8
CVE-2021-31916 Oracle Linux Unbreakable Enterprise kernel No 6.7 Local Low High None Unchanged High High High 7,8
CVE-2020-25643 Oracle Linux kernel No 6.6 Network High High None Unchanged High High High 8
CVE-2021-28038 Oracle Linux Unbreakable Enterprise kernel-container No 6.5 Local Low Low None Changed None None High 7,8
CVE-2021-28688 Oracle Linux Unbreakable Enterprise kernel-container No 6.5 Local Low Low None Changed None None High 7,8
CVE-2020-8927 Oracle Linux brotli Yes 6.5 Network Low None None Unchanged None Low Low 8
CVE-2020-8285 Oracle Linux curl Yes 6.5 Network Low None Required Unchanged None None High 8
CVE-2019-17402 Oracle Linux exiv2 Yes 6.5 Network Low None Required Unchanged None None High 8
CVE-2020-11096 Oracle Linux freerdp Yes 6.5 Network Low None None Unchanged Low None Low 8
CVE-2020-11098 Oracle Linux freerdp Yes 6.5 Network Low None None Unchanged Low None Low 8
CVE-2020-11099 Oracle Linux freerdp Yes 6.5 Network Low None None Unchanged Low None Low 8
CVE-2020-4030 Oracle Linux freerdp Yes 6.5 Network Low None None Unchanged Low None Low 8
CVE-2020-4033 Oracle Linux freerdp Yes 6.5 Network Low None None Unchanged Low None Low 8
CVE-2021-3114 Oracle Linux go-toolset:ol8 Yes 6.5 Network Low None None Unchanged Low Low None 8
CVE-2020-14405 Oracle Linux libvncserver No 6.5 Network Low Low None Unchanged None None High 8
CVE-2020-24977 Oracle Linux libxml2 Yes 6.5 Network Low None None Unchanged Low None Low 8
CVE-2021-32028 Oracle Linux postgresql:10 No 6.5 Network Low Low None Unchanged High None None 8
CVE-2021-32028 Oracle Linux postgresql:12 No 6.5 Network Low Low None Unchanged High None None 8
CVE-2021-32029 Oracle Linux postgresql:12 No 6.5 Network Low Low None Unchanged High None None 8
CVE-2021-32028 Oracle Linux postgresql:13 No 6.5 Network Low Low None Unchanged High None None 8
CVE-2021-32029 Oracle Linux postgresql:13 No 6.5 Network Low Low None Unchanged High None None 8
CVE-2021-32028 Oracle Linux postgresql:9.6 No 6.5 Network Low Low None Unchanged High None None 8
CVE-2020-26137 Oracle Linux python-urllib3 Yes 6.5 Network Low None None Unchanged Low Low None 8
CVE-2020-26116 Oracle Linux python3 Yes 6.5 Network Low None None Unchanged Low Low None 8
CVE-2020-25713 Oracle Linux raptor2 No 6.5 Network Low Low None Unchanged None None High 8
CVE-2020-27835 Oracle Linux kernel No 6.4 Local High High None Unchanged High High High 8
CVE-2020-26570 Oracle Linux opensc No 6.4 Local High None None Unchanged High High High 8
CVE-2020-26572 Oracle Linux opensc No 6.4 Local High None None Unchanged High High High 8
CVE-2020-25651 Oracle Linux spice-vdagent No 6.4 Local High Low None Changed High None Low 8
CVE-2020-25653 Oracle Linux spice-vdagent No 6.4 Local High Low None Changed High None Low 8
CVE-2020-36310 Oracle Linux Unbreakable Enterprise kernel-container No 6.2 Local Low None None Unchanged None None High 7,8
CVE-2021-28950 Oracle Linux Unbreakable Enterprise kernel-container No 6.2 Local Low None None Unchanged None None High 7,8
CVE-2021-28964 Oracle Linux Unbreakable Enterprise kernel-container No 6.2 Local Low None None Unchanged None None High 7,8
CVE-2020-25284 Oracle Linux kernel No 6.2 Local Low None None Unchanged None High None 8
CVE-2020-25704 Oracle Linux kernel No 6.2 Local Low None None Unchanged None None High 8
CVE-2020-36310 Oracle Linux Unbreakable Enterprise kernel No 6.2 Local Low None None Unchanged None None High 7,8
CVE-2020-24303 Oracle Linux grafana Yes 6.1 Network Low None Required Changed Low Low None 8
CVE-2019-19528 Oracle Linux kernel No 6.1 Local Low None None Unchanged High None High 8
CVE-2020-27783 Oracle Linux python-lxml Yes 6.1 Network Low None Required Changed Low Low None 8
CVE-2021-31957 Oracle Linux .NET 5.0 Yes 5.9 Network High None None Unchanged None None High 8
CVE-2021-31957 Oracle Linux .NET Core 3.1 Yes 5.9 Network High None None Unchanged None None High 8
CVE-2020-16117 Oracle Linux evolution Yes 5.9 Network High None None Unchanged None None High 8
CVE-2016-10228 Oracle Linux glibc Yes 5.9 Network High None None Unchanged None None High 8
CVE-2021-3326 Oracle Linux glibc Yes 5.9 Network High None None Unchanged None None High 8
CVE-2020-25212 Oracle Linux kernel Yes 5.9 Network High None None Unchanged None High None 8
CVE-2021-23336 Oracle Linux python3 Yes 5.9 Network High None Required Unchanged None Low High 8
CVE-2021-3177 Oracle Linux python3 Yes 5.9 Network High None None Unchanged None None High 8
CVE-2021-3409 Oracle Linux qemu No 5.7 Local Low High None Changed Low Low Low 7
CVE-2020-12867 Oracle Linux sane-backends No 5.7 Local Low Low None Unchanged None None High 8
CVE-2020-24511 Oracle Linux microcode_ctl No 5.6 Local High Low None Changed High None None 7
CVE-2020-24513 Oracle Linux microcode_ctl No 5.6 Local High Low None Changed High None None 7
CVE-2021-20297 Oracle Linux NetworkManager and libnma No 5.5 Local Low Low None Unchanged None None High 8
CVE-2021-29650 Oracle Linux Unbreakable Enterprise kernel-container No 5.5 Local Low Low None Unchanged None None High 7,8
CVE-2020-14373 Oracle Linux ghostscript No 5.5 Local Low Low None Unchanged None None High 8
CVE-2020-16287 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16288 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16289 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16290 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16291 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16292 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16293 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16294 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16295 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16296 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16297 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16298 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16299 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16300 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16301 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16302 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16304 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16305 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16306 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16307 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16308 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16309 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-16310 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-17538 Oracle Linux ghostscript No 5.5 Local Low None Required Unchanged None None High 8
CVE-2020-27618 Oracle Linux glibc No 5.5 Local Low Low None Unchanged None None High 8
CVE-2020-12363 Oracle Linux kernel No 5.5 Local Low Low None Unchanged None None High 7
CVE-2020-12364 Oracle Linux kernel No 5.5 Local Low Low None Unchanged None None High 7
CVE-2019-18811 Oracle Linux kernel No 5.5 Local Low Low None Unchanged None None High 8
CVE-2020-14314 Oracle Linux kernel No 5.5 Local Low Low None Unchanged None None High 8
CVE-2020-15437 Oracle Linux kernel No 5.5 Local Low Low None Unchanged None None High 8
CVE-2020-24394 Oracle Linux kernel No 5.5 Local Low Low None Unchanged None High None 8
CVE-2020-12108 Oracle Linux mailman:2.1 No 5.5 Local Low None Required Unchanged None High None 8
CVE-2021-3551 Oracle Linux pki-core:10.6 No 5.5 Local Low Low None Unchanged High None None 8
CVE-2020-13434 Oracle Linux sqlite No 5.5 Local Low Low None Unchanged None None High 8
CVE-2020-15358 Oracle Linux sqlite No 5.5 Local Low Low None Unchanged None None High 8
CVE-2020-24332 Oracle Linux trousers No 5.5 Local Low Low None Unchanged None None High 8
CVE-2020-14347 Oracle Linux userspace graphics, xorg-x11, and mesa No 5.5 Local Low Low None Unchanged High None None 8
CVE-2020-11095 Oracle Linux freerdp No 5.4 Network Low Low None Unchanged Low None Low 8
CVE-2020-11097 Oracle Linux freerdp No 5.4 Network Low Low None Unchanged Low None Low 8
CVE-2021-3504 Oracle Linux hivex Yes 5.4 Network Low None Required Unchanged Low None Low 7
CVE-2020-35518 Oracle Linux 389-ds-base Yes 5.3 Network Low None None Unchanged Low None None 7
CVE-2020-26571 Oracle Linux opensc No 5.3 Local High None None Unchanged Low Low High 8
CVE-2020-29362 Oracle Linux p11-kit Yes 5.3 Network Low None None Unchanged Low None None 8
CVE-2020-17507 Oracle Linux qt5-qtbase Yes 5.3 Network Low None None Unchanged None None Low 8
CVE-2020-36317 Oracle Linux rust-toolset:ol8 Yes 5.3 Network Low None None Unchanged None Low None 8
CVE-2021-20201 Oracle Linux spice Yes 5.3 Network Low None None Unchanged None None Low 8
CVE-2021-28971 Oracle Linux Unbreakable Enterprise kernel-container No 5.1 Local High None None Unchanged None None High 7,8
CVE-2020-4788 Oracle Linux Unbreakable Enterprise kernel No 5.1 Local High None None Unchanged High None None 7
CVE-2020-27821 Oracle Linux qemu No 5.0 Local High High None Changed Low Low Low 7
CVE-2020-14323 Oracle Linux samba No 5.0 Local Low Low Required Unchanged None None High 8
CVE-2019-25013 Oracle Linux glibc No 4.8 Network High Low Required Unchanged None None High 8
CVE-2020-27170 Oracle Linux kernel No 4.7 Local High Low None Unchanged High None None 7
CVE-2020-14356 Oracle Linux kernel No 4.7 Local High Low None Unchanged None None High 8
CVE-2020-15011 Oracle Linux mailman:2.1 No 4.7 Local High None Required Unchanged None High None 8
CVE-2020-28974 Oracle Linux kernel No 4.6 Local Low High None Unchanged Low None High 8
CVE-2020-35508 Oracle Linux kernel No 4.5 Local High Low None Unchanged Low Low Low 8
CVE-2020-12114 Oracle Linux kernel No 4.4 Local Low High None Unchanged None None High 8
CVE-2020-25285 Oracle Linux kernel No 4.4 Local Low High None Unchanged None None High 8
CVE-2020-28935 Oracle Linux unbound No 4.4 Local Low High None Unchanged None High None 8
CVE-2020-11608 Oracle Linux kernel No 4.3 Local Low Low None Unchanged None None High 8
CVE-2020-14318 Oracle Linux samba No 4.3 Network Low Low None Unchanged Low None None 8
CVE-2021-29956 Oracle Linux thunderbird No 4.2 Local Low High Required Unchanged High None None 7,8
CVE-2020-29443 Oracle Linux qemu-kvm No 3.9 Local High High None Changed Low None Low 7
CVE-2020-8231 Oracle Linux curl Yes 3.7 Network High None None Unchanged Low None None 8
CVE-2020-15103 Oracle Linux freerdp No 3.5 Network Low Low Required Unchanged None None Low 8
CVE-2021-29957 Oracle Linux thunderbird No 3.5 Network Low Low Required Unchanged None Low None 7,8
CVE-2019-2708 Oracle Linux libdb No 3.3 Local Low Low None Unchanged None None Low 8
CVE-2020-25650 Oracle Linux spice-vdagent No 3.3 Local Low Low None Unchanged None None Low 8
CVE-2020-25652 Oracle Linux spice-vdagent No 3.3 Local Low Low None Unchanged None None Low 8
CVE-2020-8284 Oracle Linux curl No 3.1 Network High Low None Unchanged Low None None 8
CVE-2021-3393 Oracle Linux postgresql:12 No 3.1 Network High Low None Unchanged Low None None 8
CVE-2020-24512 Oracle Linux microcode_ctl No 2.8 Local High Low None Changed Low None None 7
CVE-2021-20221 Oracle Linux qemu No 2.5 Local High High None Changed None None Low 7
CVE-2021-23239 Oracle Linux sudo No 2.5 Local High Low None Unchanged Low None None 8
CVE-2020-15469 Oracle Linux qemu No 2.3 Local Low High None Unchanged None None Low 7

Revision 2: Published on 2021-05-20

CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 3.1 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base
Score		 Attack
Vector		 Attack
Complex		 Privs
Req'd		 User
Interact		 Scope Confid-
entiality		 Inte-
grity		 Avail-
ability
CVE-2020-25695 Oracle Linux postgresql No 8.8 Network Low Low None Unchanged High High High 7
CVE-2020-25694 Oracle Linux postgresql Yes 8.1 Network High None None Unchanged High High High 7
CVE-2021-29266 Oracle Linux Unbreakable Enterprise kernel-container No 7.8 Local Low Low None Unchanged High High High 7
CVE-2021-3472 Oracle Linux xorg-x11-server No 7.8 Local Low Low None Unchanged High High High 7
CVE-2021-29266 Oracle Linux Unbreakable Enterprise kernel No 7.8 Local Low Low None Unchanged High High High 7,8
CVE-2021-25215 Oracle Linux bind Yes 7.5 Network Low None None Unchanged None None High 7
CVE-2021-23994 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8
CVE-2021-23995 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8
CVE-2020-25648 Oracle Linux nss Yes 7.5 Network Low None None Unchanged None None High 7
CVE-2020-25692 Oracle Linux openldap Yes 7.5 Network Low None None Unchanged None None High 7
CVE-2019-10208 Oracle Linux postgresql No 7.5 Network High Low None Unchanged High High High 7
CVE-2021-3480 Oracle Linux slapi-nis Yes 7.5 Network Low None None Unchanged None None High 7
CVE-2021-23994 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8
CVE-2021-23995 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8
CVE-2021-23961 Oracle Linux firefox Yes 7.4 Network Low None Required Changed High None None 7,8
CVE-2021-23961 Oracle Linux thunderbird Yes 7.4 Network Low None Required Changed High None None 7,8
CVE-2021-27928 Oracle Linux mariadb:10.3 and mariadb-devel:10.3 No 7.2 Network Low High None Unchanged High High High 8
CVE-2021-29154 Oracle Linux Unbreakable Enterprise kernel No 7.0 Local High Low None Unchanged High High High 7
CVE-2021-3411 Oracle Linux Unbreakable Enterprise kernel-container No 6.7 Local Low High None Unchanged High High High 7
CVE-2021-3411 Oracle Linux Unbreakable Enterprise kernel No 6.7 Local Low High None Unchanged High High High 7,8
CVE-2021-28038 Oracle Linux Unbreakable Enterprise kernel-container No 6.5 Local Low Low None Changed None None High 7
CVE-2021-28688 Oracle Linux Unbreakable Enterprise kernel-container No 6.5 Local Low Low None Changed None None High 7
CVE-2021-28038 Oracle Linux Unbreakable Enterprise kernel No 6.5 Local Low Low None Changed None None High 7,8
CVE-2021-28688 Oracle Linux Unbreakable Enterprise kernel No 6.5 Local Low Low None Changed None None High 7,8
CVE-2021-29946 Oracle Linux firefox Yes 6.3 Network Low None Required Unchanged Low Low Low 7,8
CVE-2021-29946 Oracle Linux thunderbird Yes 6.3 Network Low None Required Unchanged Low Low Low 7,8
CVE-2021-28950 Oracle Linux Unbreakable Enterprise kernel-container No 6.2 Local Low None None Unchanged None None High 7
CVE-2021-28964 Oracle Linux Unbreakable Enterprise kernel-container No 6.2 Local Low None None Unchanged None None High 7
CVE-2021-29650 Oracle Linux Unbreakable Enterprise kernel-container No 6.2 Local Low None None Unchanged None None High 7
CVE-2021-28950 Oracle Linux Unbreakable Enterprise kernel No 6.2 Local Low None None Unchanged None None High 7,8
CVE-2021-28964 Oracle Linux Unbreakable Enterprise kernel No 6.2 Local Low None None Unchanged None None High 7,8
CVE-2021-29650 Oracle Linux Unbreakable Enterprise kernel No 6.2 Local Low None None Unchanged None None High 7,8
CVE-2021-23998 Oracle Linux firefox Yes 6.1 Network Low None Required Changed Low Low None 7,8
CVE-2021-23999 Oracle Linux firefox Yes 6.1 Network Low None Required Changed Low Low None 7,8
CVE-2021-24002 Oracle Linux firefox Yes 6.1 Network Low None Required Changed Low Low None 7,8
CVE-2021-29945 Oracle Linux firefox Yes 6.1 Network Low None Required Changed Low Low None 7,8
CVE-2021-23998 Oracle Linux thunderbird Yes 6.1 Network Low None Required Changed Low Low None 7,8
CVE-2021-23999 Oracle Linux thunderbird Yes 6.1 Network Low None Required Changed Low Low None 7,8
CVE-2021-24002 Oracle Linux thunderbird Yes 6.1 Network Low None Required Changed Low Low None 7,8
CVE-2021-29945 Oracle Linux thunderbird Yes 6.1 Network Low None Required Changed Low Low None 7,8
CVE-2020-27171 Oracle Linux Unbreakable Enterprise kernel No 6.0 Local Low High None Unchanged High None High 7
CVE-2021-2163 Oracle Linux java-1.8.0-openjdk Yes 5.3 Network High None Required Unchanged None High None 7,8
CVE-2021-2163 Oracle Linux java-11-openjdk Yes 5.3 Network High None Required Unchanged None High None 7
CVE-2021-2163 Oracle Linux java-11-openjdk Yes 5.3 Network High None Required Unchanged None High None 8
CVE-2021-28971 Oracle Linux Unbreakable Enterprise kernel-container No 5.1 Local High None None Unchanged None None High 7
CVE-2021-28971 Oracle Linux Unbreakable Enterprise kernel No 5.1 Local High None None Unchanged None None High 7,8
CVE-2020-27170 Oracle Linux Unbreakable Enterprise kernel No 4.7 Local High Low None Unchanged High None None 7
CVE-2021-3428 Oracle Linux Unbreakable Enterprise kernel No 4.4 Local Low High None Unchanged None None High 7
CVE-2021-29948 Oracle Linux thunderbird No 4.2 Local High Low Required Unchanged Low Low Low 7,8

Revision 1: Published on 2021-04-20

CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 3.1 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base
Score		 Attack
Vector		 Attack
Complex		 Privs
Req'd		 User
Interact		 Scope Confid-
entiality		 Inte-
grity		 Avail-
ability
CVE-2021-23987 Oracle Linux firefox Yes 8.8 Network Low None Required Unchanged High High High 7,8
CVE-2021-23987 Oracle Linux thunderbird Yes 8.8 Network Low None Required Unchanged High High High 7,8
CVE-2020-25097 Oracle Linux squid Yes 8.6 Network Low None None Changed High None None 7
CVE-2021-23981 Oracle Linux firefox Yes 8.1 Network Low None Required Unchanged High None High 7,8
CVE-2021-21381 Oracle Linux flatpak No 8.1 Network Low Low None Unchanged High High None 7,8
CVE-2021-20305 Oracle Linux gnutls and nettle Yes 8.1 Network High None None Unchanged High High High 8
CVE-2021-20305 Oracle Linux nettle Yes 8.1 Network High None None Unchanged High High High 7
CVE-2021-23981 Oracle Linux thunderbird Yes 8.1 Network Low None Required Unchanged High None High 7,8
CVE-2021-20179 Oracle Linux pki-core:10.6 No 8.1 Network Low Low None Unchanged High High None 8
CVE-2020-0466 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 8
CVE-2021-26708 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 8
CVE-2021-26930 Oracle Linux Unbreakable Enterprise kernel No 7.8 Local Low Low None Unchanged High High High 7
CVE-2021-3347 Oracle Linux kernel No 7.4 Local High None None Unchanged High High High 8
CVE-2021-3450 Oracle Linux openssl Yes 7.4 Network High None None Unchanged High High None 8
CVE-2021-20277 Oracle Linux libldb No 7.1 Network Low Low None Unchanged Low None High 7,8
CVE-2021-27365 Oracle Linux Unbreakable Enterprise kernel No 7.0 Local High Low None Unchanged High High High 7,8
CVE-2021-3444 Oracle Linux Unbreakable Enterprise kernel No 7.0 Local High Low None Unchanged High High High 7,8
CVE-2021-27365 Oracle Linux Unbreakable Enterprise kernel-container No 7.0 Local High Low None Unchanged High High High 7,8
CVE-2021-3444 Oracle Linux Unbreakable Enterprise kernel-container No 7.0 Local High Low None Unchanged High High High 7,8
CVE-2021-27365 Oracle Linux kernel No 7.0 Local High Low None Unchanged High High High 7
CVE-2021-27365 Oracle Linux kernel No 7.0 Local High Low None Unchanged High High High 8
CVE-2021-3156 Oracle Linux sudo No 7.0 Local High None Required Unchanged High High High 6
CVE-2021-27365 Oracle Linux Unbreakable Enterprise kernel No 7.0 Local High Low None Unchanged High High High 7
CVE-2021-23982 Oracle Linux firefox Yes 6.5 Network Low None Required Unchanged None High None 7,8
CVE-2021-23984 Oracle Linux firefox Yes 6.5 Network Low None Required Unchanged None High None 7,8
CVE-2020-28374 Oracle Linux kernel No 6.5 Network Low Low None Unchanged None High None 8
CVE-2021-23982 Oracle Linux thunderbird Yes 6.5 Network Low None Required Unchanged None High None 7,8
CVE-2021-23984 Oracle Linux thunderbird Yes 6.5 Network Low None Required Unchanged None High None 7,8
CVE-2021-20295 Oracle Linux virt:ol and virt-devel:rhel No 6.5 Local Low Low None Changed High None None 8
CVE-2021-28038 Oracle Linux Unbreakable Enterprise kernel No 6.5 Local Low Low None Changed None None High 7
CVE-2021-27364 Oracle Linux Unbreakable Enterprise kernel No 6.3 Local High Low None Unchanged High None High 7,8
CVE-2021-27364 Oracle Linux Unbreakable Enterprise kernel-container No 6.3 Local High Low None Unchanged High None High 7,8
CVE-2021-27364 Oracle Linux kernel No 6.3 Local High Low None Unchanged High None High 7
CVE-2021-27364 Oracle Linux kernel No 6.3 Local High Low None Unchanged High None High 8
CVE-2021-27364 Oracle Linux Unbreakable Enterprise kernel No 6.3 Local High Low None Unchanged High None High 7
CVE-2020-11023 Oracle Linux ipa Yes 6.1 Network Low None Required Changed Low Low None 7
CVE-2020-27171 Oracle Linux Unbreakable Enterprise kernel No 6.0 Local Low High None Unchanged High None High 7,8
CVE-2020-27171 Oracle Linux Unbreakable Enterprise kernel-container No 6.0 Local Low High None Unchanged High None High 7,8
CVE-2020-1971 Oracle Linux openssl Yes 5.9 Network High None None Unchanged None None High 6
CVE-2021-3449 Oracle Linux openssl Yes 5.9 Network High None None Unchanged None None High 8
CVE-2021-3177 Oracle Linux python2 Yes 5.9 Network High None None Unchanged None None High 8
CVE-2021-3177 Oracle Linux python36 Yes 5.9 Network High None None Unchanged None None High 8
CVE-2021-3177 Oracle Linux python38 Yes 5.9 Network High None None Unchanged None None High 8
CVE-2021-26931 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 7
CVE-2021-26932 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 7
CVE-2020-35518 Oracle Linux 389-ds:1.4 Yes 5.3 Network Low None None Unchanged Low None None 8
CVE-2020-27152 Oracle Linux kernel No 5.3 Local High High None Changed None None High 8
CVE-2020-27170 Oracle Linux Unbreakable Enterprise kernel No 4.7 Local High Low None Unchanged High None None 7,8
CVE-2020-27170 Oracle Linux Unbreakable Enterprise kernel-container No 4.7 Local High Low None Unchanged High None None 7,8
CVE-2020-25639 Oracle Linux Unbreakable Enterprise kernel No 4.4 Local Low High None Unchanged None None High 7,8
CVE-2020-25639 Oracle Linux Unbreakable Enterprise kernel-container No 4.4 Local Low High None Unchanged None None High 7,8
CVE-2021-23991 Oracle Linux thunderbird Yes 4.3 Network Low None Required Unchanged None None Low 7,8
CVE-2021-23992 Oracle Linux thunderbird Yes 4.3 Network Low None Required Unchanged None None Low 7,8
CVE-2021-23993 Oracle Linux thunderbird Yes 4.3 Network Low None Required Unchanged None None Low 7,8
CVE-2021-27363 Oracle Linux Unbreakable Enterprise kernel No 3.6 Local High Low None Unchanged Low None Low 7,8
CVE-2021-27363 Oracle Linux Unbreakable Enterprise kernel-container No 3.6 Local High Low None Unchanged Low None Low 7,8
CVE-2021-27363 Oracle Linux kernel No 3.6 Local High Low None Unchanged Low None Low 7
CVE-2021-27363 Oracle Linux kernel No 3.6 Local High Low None Unchanged Low None Low 8
CVE-2021-27363 Oracle Linux Unbreakable Enterprise kernel No 3.6 Local High Low None Unchanged Low None Low 7
CVE-2020-28588 Oracle Linux Unbreakable Enterprise kernel No 2.9 Local High None None Unchanged Low None None 7,8
CVE-2020-28588 Oracle Linux Unbreakable Enterprise kernel-container No 2.9 Local High None None Unchanged Low None None 7,8