Oracle Linux Bulletin - January 2023

 

Description

The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin. Oracle Linux Bulletins are published on the same day as Oracle Critical Patch Updates are released. These bulletins will also be updated for the following two months after their release (i.e., the two months between the normal quarterly Critical Patch Update publication dates) to cover all CVEs that had been resolved in those two months following the bulletin's publication. In addition, Oracle Linux Bulletins may also be updated for vulnerability issues deemed too critical to wait for the next scheduled bulletin publication date.

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Oracle Linux Bulletin security patches as soon as possible.

 

Patch Availability

Please see ULN Advisory https://linux.oracle.com/ol-pad-bulletin

 

Oracle Linux Bulletin Schedule

Oracle Linux Bulletins are released released on the third Tuesday of January, April, July, and October. The next four dates are:

  • 18 April 2023
  • 18 July 2023
  • 17 October 2023
  • 16 January 2024

References

 

Modification History

Date Note
2023-March-21 Rev 3. New CVEs added
2023-February-14 Rev 2. New CVEs added
2023-January-17 Rev 1. Initial Release

Oracle Linux Executive Summary

This Oracle Linux Bulletin contains 77 new security patches for the Oracle Linux. 

Oracle Linux Risk Matrix

Revision 3: Published on 2023-03-21

CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 3.1 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base
Score		 Attack
Vector		 Attack
Complex		 Privs
Req'd		 User
Interact		 Scope Confid-
entiality		 Inte-
grity		 Avail-
ability
CVE-2022-41903 Oracle Linux git Yes 9.8 Network Low None None Unchanged High High High 7
CVE-2022-23521 Oracle Linux git Yes 8.8 Network Low None Required Unchanged High High High 7
CVE-2023-23529 Oracle Linux webkit2gtk3 Yes 8.8 Network Low None Required Unchanged High High High 8,9
CVE-2022-37454 Oracle Linux php Yes 8.1 Network High None None Unchanged High High High 9
CVE-2022-37454 Oracle Linux php:8.0 Yes 8.1 Network High None None Unchanged High High High 8
CVE-2022-38023 Oracle Linux samba Yes 8.1 Network High None None Unchanged High High High 7,8
CVE-2023-0266 Oracle Linux Unbreakable Enterprise kernel No 7.8 Local Low Low None Unchanged High High High 9
CVE-2022-4378 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 7,9
CVE-2023-0179 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 9
CVE-2022-3560 Oracle Linux pesign No 7.8 Local Low Low None Unchanged High High High 7,9
CVE-2022-47024 Oracle Linux vim No 7.8 Local Low Low None Unchanged High High High 9
CVE-2023-0767 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-25728 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-25730 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-25735 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-25737 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-25739 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-25743 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-25744 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-25746 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-25751 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-28176 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2006-20001 Oracle Linux httpd Yes 7.5 Network Low None None Unchanged None None High 9
CVE-2006-20001 Oracle Linux httpd:2.4 Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2022-43945 Oracle Linux kernel Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2023-0767 Oracle Linux nss Yes 7.5 Network High None Required Unchanged High High High 7,8
CVE-2020-10735 Oracle Linux python3 Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2022-45061 Oracle Linux python3 Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2022-45061 Oracle Linux python3.9 Yes 7.5 Network Low None None Unchanged None None High 9
CVE-2023-0767 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-25728 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-25730 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-25735 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-25737 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-25739 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-25743 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-25744 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-25746 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-0361 Oracle Linux gnutls Yes 7.4 Network High None None Unchanged High High None 9
CVE-2022-4379 Oracle Linux kernel Yes 7.4 Network High None None Unchanged High None High 9
CVE-2023-0286 Oracle Linux openssl Yes 7.4 Network High None None Unchanged High None High 9
CVE-2023-0286 Oracle Linux openssl Yes 7.4 Network High None None Unchanged High None High 7
CVE-2021-28861 Oracle Linux python3 Yes 7.4 Network Low None Required Changed High None None 8
CVE-2022-3564 Oracle Linux kernel No 7.1 Adjacent High Low None Unchanged High High High 9
CVE-2023-23559 Oracle Linux Unbreakable Enterprise kernel No 7.0 Local High Low None Unchanged High High High 9
CVE-2022-4139 Oracle Linux Unbreakable Enterprise kernel-container No 7.0 Local High Low None Unchanged High High High 7,8
CVE-2022-41222 Oracle Linux kernel No 7.0 Local High Low None Unchanged High High High 8
CVE-2021-44964 Oracle Linux lua No 7.0 Local High Low None Unchanged High High High 9
CVE-2022-37434 Oracle Linux zlib Yes 7.0 Network High None None Unchanged Low Low High 7
CVE-2022-4139 Oracle Linux Unbreakable Enterprise kernel No 7.0 Local High Low None Unchanged High High High 7,8
CVE-2022-45884 Oracle Linux Unbreakable Enterprise kernel No 7.0 Local High Low None Unchanged High High High 7
CVE-2022-45885 Oracle Linux Unbreakable Enterprise kernel No 7.0 Local High Low None Unchanged High High High 7
CVE-2022-45886 Oracle Linux Unbreakable Enterprise kernel No 7.0 Local High Low None Unchanged High High High 7
CVE-2022-45919 Oracle Linux Unbreakable Enterprise kernel No 7.0 Local High Low None Unchanged High High High 7
CVE-2022-42896 Oracle Linux Unbreakable Enterprise kernel-container No 6.8 Adjacent High None None Unchanged High High None 7,8
CVE-2022-42896 Oracle Linux Unbreakable Enterprise kernel No 6.8 Adjacent High None None Unchanged High High None 7,8
CVE-2023-0394 Oracle Linux Unbreakable Enterprise kernel No 6.5 Adjacent Low None None Unchanged None None High 9
CVE-2023-23916 Oracle Linux curl Yes 6.5 Network Low None Required Unchanged None None High 8
CVE-2022-36760 Oracle Linux httpd Yes 6.5 Network High None None Changed Low Low Low 9
CVE-2022-36760 Oracle Linux httpd:2.4 Yes 6.5 Network High None None Changed Low Low Low 8
CVE-2022-31629 Oracle Linux php Yes 6.5 Network Low None Required Unchanged None High None 9
CVE-2022-31630 Oracle Linux php Yes 6.5 Network Low None None Unchanged Low None Low 9
CVE-2022-31629 Oracle Linux php:8.0 Yes 6.5 Network Low None Required Unchanged None High None 8
CVE-2022-31630 Oracle Linux php:8.0 Yes 6.5 Network Low None None Unchanged Low None Low 8
CVE-2022-45934 Oracle Linux Unbreakable Enterprise kernel No 6.5 Adjacent Low None None Unchanged None None High 7
CVE-2023-0394 Oracle Linux Unbreakable Enterprise kernel No 6.5 Adjacent Low None None Unchanged None None High 7
CVE-2022-48303 Oracle Linux tar Yes 6.3 Network Low None Required Unchanged Low Low Low 8,9
CVE-2022-2873 Oracle Linux kernel No 6.2 Local Low None None Unchanged None None High 8,9
CVE-2022-2873 Oracle Linux Unbreakable Enterprise kernel No 6.2 Local Low None None Unchanged None None High 7
CVE-2023-25729 Oracle Linux firefox Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-25732 Oracle Linux firefox Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-25752 Oracle Linux firefox Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-28162 Oracle Linux firefox Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-28164 Oracle Linux firefox Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-25729 Oracle Linux thunderbird Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-25732 Oracle Linux thunderbird Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2022-4304 Oracle Linux openssl Yes 5.9 Network High None None Unchanged None High None 9
CVE-2022-4450 Oracle Linux openssl Yes 5.9 Network High None None Unchanged None None High 9
CVE-2023-0215 Oracle Linux openssl Yes 5.9 Network High None None Unchanged None None High 9
CVE-2023-0216 Oracle Linux openssl Yes 5.9 Network High None None Unchanged None None High 9
CVE-2023-0217 Oracle Linux openssl Yes 5.9 Network High None None Unchanged None None High 9
CVE-2023-0401 Oracle Linux openssl Yes 5.9 Network High None None Unchanged None None High 9
CVE-2022-31631 Oracle Linux php Yes 5.9 Network High None None Unchanged None None High 9
CVE-2022-31631 Oracle Linux php:8.0 Yes 5.9 Network High None None Unchanged None None High 8
CVE-2022-40897 Oracle Linux python-setuptools Yes 5.9 Network High None None Unchanged None None High 8,9
CVE-2022-41218 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2022-4129 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2022-47929 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2023-23454 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2023-23455 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2021-46822 Oracle Linux libjpeg-turbo No 5.5 Local Low None Required Unchanged None None High 9
CVE-2021-43519 Oracle Linux lua No 5.5 Local Low None Required Unchanged None None High 9
CVE-2022-4415 Oracle Linux systemd No 5.5 Local Low Low None Unchanged High None None 8
CVE-2022-4415 Oracle Linux systemd No 5.5 Local Low Low None Unchanged High None None 9
CVE-2022-45873 Oracle Linux systemd No 5.5 Local Low Low None Unchanged None None High 9
CVE-2022-3545 Oracle Linux Unbreakable Enterprise kernel No 5.5 Adjacent Low Low None Unchanged Low Low Low 7
CVE-2022-41218 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 7
CVE-2022-47929 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 7
CVE-2023-23455 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 7
CVE-2022-37436 Oracle Linux httpd Yes 5.3 Network Low None None Unchanged None Low None 9
CVE-2022-37436 Oracle Linux httpd:2.4 Yes 5.3 Network Low None None Unchanged None Low None 8
CVE-2022-42703 Oracle Linux kernel No 5.1 Local High None None Unchanged None None High 7
CVE-2022-4203 Oracle Linux openssl No 4.9 Network Low High None Unchanged None None High 9
CVE-2022-31628 Oracle Linux php No 4.4 Local Low High None Unchanged None None High 9
CVE-2022-31628 Oracle Linux php:8.0 No 4.4 Local Low High None Unchanged None None High 8
CVE-2023-25742 Oracle Linux firefox Yes 4.3 Network Low None Required Unchanged None None Low 7,8,9
CVE-2023-0616 Oracle Linux thunderbird Yes 4.3 Network Low None Required Unchanged None None Low 7,8,9
CVE-2023-25742 Oracle Linux thunderbird Yes 4.3 Network Low None Required Unchanged None None Low 7,8,9

Revision 2: Published on 2023-02-14

CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 3.1 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base
Score		 Attack
Vector		 Attack
Complex		 Privs
Req'd		 User
Interact		 Scope Confid-
entiality		 Inte-
grity		 Avail-
ability
CVE-2022-41903 Oracle Linux git Yes 9.8 Network Low None None Unchanged High High High 8,9
CVE-2022-46871 Oracle Linux firefox Yes 8.8 Network Low None Required Unchanged High High High 7,8,9
CVE-2022-23521 Oracle Linux git Yes 8.8 Network Low None Required Unchanged High High High 8,9
CVE-2022-26307 Oracle Linux libreoffice No 8.8 Network Low Low None Unchanged High High High 8,9
CVE-2022-4254 Oracle Linux sssd No 8.8 Network Low Low None Unchanged High High High 7
CVE-2022-46871 Oracle Linux thunderbird Yes 8.8 Network Low None Required Unchanged High High High 7,8,9
CVE-2022-2601 Oracle Linux grub2 No 8.2 Local Low High None Changed High High High 8
CVE-2022-40303 Oracle Linux libxml2 Yes 8.2 Network Low None None Unchanged None Low High 9
CVE-2022-40304 Oracle Linux libxml2 Yes 8.2 Network Low None None Unchanged None Low High 9
CVE-2022-1050 Oracle Linux qemu No 8.2 Local Low High None Changed High High High 7
CVE-2022-4883 Oracle Linux libXpm Yes 8.1 Network High None None Unchanged High High High 7,8,9
CVE-2022-47629 Oracle Linux libksba Yes 8.1 Network High None None Unchanged High High High 7,8,9
CVE-2021-44906 Oracle Linux nodejs and nodejs-nodemon Yes 8.1 Network High None None Unchanged High High High 9
CVE-2023-22809 Oracle Linux sudo No 8.1 Network Low Low None Unchanged High High None 7,8,9
CVE-2022-31197 Oracle Linux postgresql-jdbc No 8.0 Network Low Low Required Unchanged High High High 9
CVE-2023-0179 Oracle Linux Unbreakable Enterprise kernel No 7.8 Local Low Low None Unchanged High High High 9
CVE-2022-2964 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 7,9
CVE-2022-3077 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 9
CVE-2023-0494 Oracle Linux tigervnc and xorg-x11-server No 7.8 Local Low Low None Unchanged High High High 7
CVE-2023-0494 Oracle Linux tigervnc No 7.8 Local Low Low None Unchanged High High High 8,9
CVE-2019-25058 Oracle Linux usbguard No 7.8 Local Low Low None Unchanged High High High 9
CVE-2022-43680 Oracle Linux expat Yes 7.5 Network Low None None Unchanged None None High 9
CVE-2023-23598 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-23605 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2022-2879 Oracle Linux go-toolset and golang Yes 7.5 Network Low None None Unchanged None None High 9
CVE-2022-2880 Oracle Linux go-toolset and golang Yes 7.5 Network Low None None Unchanged None High None 9
CVE-2022-41715 Oracle Linux go-toolset and golang Yes 7.5 Network Low None None Unchanged None None High 9
CVE-2022-2879 Oracle Linux go-toolset:ol8 Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2022-2880 Oracle Linux go-toolset:ol8 Yes 7.5 Network Low None None Unchanged None High None 8
CVE-2022-41715 Oracle Linux go-toolset:ol8 Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2022-43945 Oracle Linux kernel Yes 7.5 Network Low None None Unchanged None None High 9
CVE-2022-44617 Oracle Linux libXpm Yes 7.5 Network Low None None Unchanged None None High 8,9
CVE-2022-46285 Oracle Linux libXpm Yes 7.5 Network Low None None Unchanged None None High 8,9
CVE-2022-26306 Oracle Linux libreoffice Yes 7.5 Network Low None None Unchanged High None None 8,9
CVE-2022-3517 Oracle Linux nodejs and nodejs-nodemon Yes 7.5 Network Low None None Unchanged None None High 9
CVE-2022-43548 Oracle Linux nodejs and nodejs-nodemon Yes 7.5 Network Low None None Unchanged None High None 9
CVE-2023-0430 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-23598 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2023-23605 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 7,8,9
CVE-2022-3524 Oracle Linux Unbreakable Enterprise kernel Yes 7.5 Network Low None None Unchanged None None High 7
CVE-2022-26305 Oracle Linux libreoffice No 7.1 Network High Low Required Unchanged High High High 8,9
CVE-2022-4139 Oracle Linux Unbreakable Enterprise kernel No 7.0 Local High Low None Unchanged High High High 9
CVE-2022-2959 Oracle Linux kernel No 7.0 Local High Low None Unchanged High High High 9
CVE-2022-4139 Oracle Linux kernel No 7.0 Local High Low None Unchanged High High High 9
CVE-2021-25220 Oracle Linux bind No 6.8 Network Low High None Changed None High None 7
CVE-2022-35737 Oracle Linux sqlite No 6.8 Network High Low None Unchanged High High None 9
CVE-2022-3640 Oracle Linux Unbreakable Enterprise kernel No 6.8 Adjacent Low Low None Unchanged Low Low High 7
CVE-2022-42896 Oracle Linux Unbreakable Enterprise kernel No 6.8 Adjacent High None None Unchanged High High None 7
CVE-2022-42010 Oracle Linux dbus No 6.5 Network Low Low None Unchanged None None High 9
CVE-2022-42011 Oracle Linux dbus No 6.5 Network Low Low None Unchanged None None High 9
CVE-2022-42012 Oracle Linux dbus No 6.5 Network Low Low None Unchanged None None High 9
CVE-2023-23603 Oracle Linux firefox Yes 6.5 Network Low None Required Unchanged None High None 7,8,9
CVE-2022-2519 Oracle Linux libtiff Yes 6.5 Network Low None Required Unchanged None None High 9
CVE-2022-2520 Oracle Linux libtiff Yes 6.5 Network Low None Required Unchanged None None High 9
CVE-2022-2521 Oracle Linux libtiff Yes 6.5 Network Low None Required Unchanged None None High 9
CVE-2022-35256 Oracle Linux nodejs and nodejs-nodemon Yes 6.5 Network Low None None Unchanged Low Low None 9
CVE-2022-3165 Oracle Linux qemu No 6.5 Network Low Low None Unchanged None None High 7
CVE-2023-23603 Oracle Linux thunderbird Yes 6.5 Network Low None Required Unchanged None High None 7,8,9
CVE-2022-3775 Oracle Linux grub2 No 6.3 Local High Low None Unchanged None High High 8
CVE-2022-28739 Oracle Linux ruby:2.5 No 6.2 Local Low None None Unchanged None High None 8
CVE-2023-23599 Oracle Linux firefox Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-23601 Oracle Linux firefox Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-23602 Oracle Linux firefox Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-23599 Oracle Linux thunderbird Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-23601 Oracle Linux thunderbird Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2023-23602 Oracle Linux thunderbird Yes 6.1 Network Low None Required Changed Low Low None 7,8,9
CVE-2022-4172 Oracle Linux qemu No 6.0 Local Low High None Changed None None High 7
CVE-2021-46848 Oracle Linux libtasn1 Yes 5.9 Network High None None Unchanged None None High 9
CVE-2022-3545 Oracle Linux Unbreakable Enterprise kernel No 5.5 Adjacent Low Low None Unchanged Low Low Low 9
CVE-2022-45869 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2022-3715 Oracle Linux bash No 5.5 Local High Low Required Unchanged Low Low High 9
CVE-2022-30594 Oracle Linux kernel No 5.5 Local Low Low None Unchanged High None None 9
CVE-2022-2953 Oracle Linux libtiff No 5.5 Local Low None Required Unchanged None None High 9
CVE-2022-3821 Oracle Linux systemd No 5.5 Local Low Low None Unchanged None None High 9
CVE-2022-2795 Oracle Linux bind Yes 5.3 Network Low None None Unchanged None None Low 7
CVE-2023-21830 Oracle Linux java-1.8.0-openjdk Yes 5.3 Network Low None None Unchanged None Low None 7,8,9
CVE-2023-21835 Oracle Linux java-11-openjdk Yes 5.3 Network Low None None Unchanged None None Low 7,8,9
CVE-2023-21835 Oracle Linux java-17-openjdk Yes 5.3 Network Low None None Unchanged None None Low 8,9
CVE-2022-3140 Oracle Linux libreoffice No 5.3 Local Low None Required Unchanged Low Low Low 8,9
CVE-2022-42895 Oracle Linux Unbreakable Enterprise kernel No 5.3 Adjacent High None None Unchanged High None None 7
CVE-2022-2056 Oracle Linux libtiff No 5.1 Local High None None Unchanged None None High 9
CVE-2022-2057 Oracle Linux libtiff No 5.1 Local High None None Unchanged None None High 9
CVE-2022-2058 Oracle Linux libtiff No 5.1 Local High None None Unchanged None None High 9
CVE-2022-32221 Oracle Linux curl Yes 4.8 Network High None None Unchanged Low Low None 9
CVE-2021-26401 Oracle Linux kernel No 4.7 Local High Low None Unchanged High None None 7
CVE-2022-3303 Oracle Linux Unbreakable Enterprise kernel No 4.7 Local High Low None Unchanged None None High 7
CVE-2022-46877 Oracle Linux firefox Yes 4.3 Network Low None Required Unchanged None Low None 7,8,9
CVE-2022-46877 Oracle Linux thunderbird Yes 4.3 Network Low None Required Unchanged None Low None 7,8,9
CVE-2023-21843 Oracle Linux java-1.8.0-openjdk Yes 3.7 Network High None None Unchanged None Low None 7,8,9
CVE-2023-21843 Oracle Linux java-11-openjdk Yes 3.7 Network High None None Unchanged None Low None 7,8,9
CVE-2023-21843 Oracle Linux java-17-openjdk Yes 3.7 Network High None None Unchanged None Low None 8,9
CVE-2021-3638 Oracle Linux qemu No 3.2 Local Low High None Changed None None Low 7

Revision 1: Published on 2023-01-17

CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 3.1 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base
Score		 Attack
Vector		 Attack
Complex		 Privs
Req'd		 User
Interact		 Scope Confid-
entiality		 Inte-
grity		 Avail-
ability
CVE-2022-46340 Oracle Linux tigervnc No 8.8 Network Low Low None Unchanged High High High 7
CVE-2022-46341 Oracle Linux tigervnc No 8.8 Network Low Low None Unchanged High High High 7
CVE-2022-46342 Oracle Linux tigervnc No 8.8 Network Low Low None Unchanged High High High 7
CVE-2022-46343 Oracle Linux tigervnc No 8.8 Network Low Low None Unchanged High High High 7
CVE-2022-46344 Oracle Linux tigervnc No 8.8 Network Low Low None Unchanged High High High 7
CVE-2022-42856 Oracle Linux webkit2gtk3 Yes 8.8 Network Low None Required Unchanged High High High 8,9
CVE-2022-46340 Oracle Linux xorg-x11-server No 8.8 Network Low Low None Unchanged High High High 7
CVE-2022-46341 Oracle Linux xorg-x11-server No 8.8 Network Low Low None Unchanged High High High 7
CVE-2022-46342 Oracle Linux xorg-x11-server No 8.8 Network Low Low None Unchanged High High High 7
CVE-2022-46343 Oracle Linux xorg-x11-server No 8.8 Network Low Low None Unchanged High High High 7
CVE-2022-46344 Oracle Linux xorg-x11-server No 8.8 Network Low Low None Unchanged High High High 7
CVE-2022-2132 Oracle Linux dpdk Yes 8.6 Network Low None None Changed None None High 8
CVE-2022-40303 Oracle Linux libxml2 Yes 8.2 Network Low None None Unchanged None Low High 8
CVE-2022-40304 Oracle Linux libxml2 Yes 8.2 Network Low None None Unchanged None Low High 8
CVE-2022-42920 Oracle Linux bcel Yes 8.1 Network High None None Unchanged High High High 9
CVE-2021-44906 Oracle Linux nodejs:14 Yes 8.1 Network High None None Unchanged High High High 8
CVE-2022-4378 Oracle Linux Unbreakable Enterprise kernel No 7.8 Local Low Low None Unchanged High High High 9
CVE-2022-4378 Oracle Linux Unbreakable Enterprise kernel-container No 7.8 Local Low Low None Unchanged High High High 7,8
CVE-2022-2964 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 8
CVE-2022-4139 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 8
CVE-2022-4283 Oracle Linux tigervnc No 7.8 Local Low Low None Unchanged High High High 7
CVE-2019-25058 Oracle Linux usbguard No 7.8 Local Low Low None Unchanged High High High 8
CVE-2022-4283 Oracle Linux xorg-x11-server No 7.8 Local Low Low None Unchanged High High High 7
CVE-2022-4378 Oracle Linux Unbreakable Enterprise kernel No 7.8 Local Low Low None Unchanged High High High 7,8
CVE-2023-21538 Oracle Linux .NET 6.0 Yes 7.5 Network Low None None Unchanged None None High 8,9
CVE-2022-43680 Oracle Linux expat Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2022-24999 Oracle Linux nodejs:14 Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2022-3517 Oracle Linux nodejs:14 Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2022-43548 Oracle Linux nodejs:14 Yes 7.5 Network Low None None Unchanged None High None 8
CVE-2022-2625 Oracle Linux postgresql:10 No 7.1 Network High Low Required Unchanged High High High 8
CVE-2022-42896 Oracle Linux Unbreakable Enterprise kernel No 6.8 Adjacent High None None Unchanged High High None 9
CVE-2022-35737 Oracle Linux sqlite No 6.8 Network High Low None Unchanged High High None 8
CVE-2022-42010 Oracle Linux dbus No 6.5 Network Low Low None Unchanged None None High 8
CVE-2022-42011 Oracle Linux dbus No 6.5 Network Low Low None Unchanged None None High 8
CVE-2022-42012 Oracle Linux dbus No 6.5 Network Low Low None Unchanged None None High 8
CVE-2022-2519 Oracle Linux libtiff Yes 6.5 Network Low None Required Unchanged None None High 8
CVE-2022-2520 Oracle Linux libtiff Yes 6.5 Network Low None Required Unchanged None None High 8
CVE-2022-2521 Oracle Linux libtiff Yes 6.5 Network Low None Required Unchanged None None High 8
CVE-2022-4144 Oracle Linux virt:ol and virt-devel:rhel No 6.5 Local Low Low None Changed None None High 8
CVE-2022-2601 Oracle Linux grub2 No 6.4 Local High High None Unchanged High High High 9
CVE-2022-3775 Oracle Linux grub2 No 6.3 Local High Low None Unchanged None High High 9
CVE-2022-0235 Oracle Linux nodejs:14 Yes 6.1 Network High None Required Changed High None None 8
CVE-2021-46848 Oracle Linux libtasn1 Yes 5.9 Network High None None Unchanged None None High 8
CVE-2022-2867 Oracle Linux libtiff No 5.5 Local Low None Required Unchanged None None High 8
CVE-2022-2868 Oracle Linux libtiff No 5.5 Local Low None Required Unchanged None None High 8
CVE-2022-2869 Oracle Linux libtiff No 5.5 Local Low None Required Unchanged None None High 8
CVE-2022-2953 Oracle Linux libtiff No 5.5 Local Low None Required Unchanged None None High 8
CVE-2022-3821 Oracle Linux systemd No 5.5 Local Low Low None Unchanged None None High 8
CVE-2022-42895 Oracle Linux Unbreakable Enterprise kernel No 5.3 Adjacent High None None Unchanged High None None 9
CVE-2022-42895 Oracle Linux Unbreakable Enterprise kernel-container No 5.3 Adjacent High None None Unchanged High None None 7,8
CVE-2022-42895 Oracle Linux Unbreakable Enterprise kernel No 5.3 Adjacent High None None Unchanged High None None 7,8
CVE-2022-2056 Oracle Linux libtiff No 5.1 Local High None None Unchanged None None High 8
CVE-2022-2057 Oracle Linux libtiff No 5.1 Local High None None Unchanged None None High 8
CVE-2022-2058 Oracle Linux libtiff No 5.1 Local High None None Unchanged None None High 8