Oracle Linux Bulletin

Cloud Account Sign in to Cloud Sign Up for Free Cloud Tier

Oracle Account

Oracle Linux Bulletin - April 2022

Description

The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin. Oracle Linux Bulletins are published on the same day as Oracle Critical Patch Updates are released. These bulletins will also be updated for the following two months after their release (i.e., the two months between the normal quarterly Critical Patch Update publication dates) to cover all CVEs that had been resolved in those two months following the bulletin's publication. In addition, Oracle Linux Bulletins may also be updated for vulnerability issues deemed too critical to wait for the next scheduled bulletin publication date.

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Oracle Linux Bulletin security patches as soon as possible.

Patch Availability

Please see ULN Advisory https://linux.oracle.com/ol-pad-bulletin

Oracle Linux Bulletin Schedule

Oracle Linux Bulletins are released released on the third Tuesday of January, April, July, and October. The next four dates are:

19 July 2022
18 October 2022
17 January 2023
18 April 2023

References

Modification History

Date	Note
2022-June-22	Rev 4. Updated CVSS score of CVE-2022-21499
2022-June-22	Rev 3. New CVEs added
2022-May-18	Rev 2. New CVEs added
2022-April-19	Rev 1. Initial Release

Oracle Linux Executive Summary

This Oracle Linux Bulletin contains 221 new security patches for the Oracle Linux.

Oracle Linux Risk Matrix

Revision 3: Published on 2022-06-22

CVE#	Product	Component	Remote Exploit without Auth.?	CVSS VERSION 3.1 RISK (see Risk Matrix Definitions)									Supported Versions Affected
CVE#	Product	Component	Remote Exploit without Auth.?	Base Score	Attack Vector	Attack Complex	Privs Req'd	User Interact	Scope	Confid- entiality	Inte- grity	Avail- ability	Supported Versions Affected
CVE-2021-38297	Oracle Linux	go-toolset:ol8	Yes	9.8	Network	Low	None	None	Unchanged	High	High	High	8
CVE-2022-29599	Oracle Linux	maven:3.5	Yes	9.8	Network	Low	None	None	Unchanged	High	High	High	8
CVE-2022-29599	Oracle Linux	maven:3.6	Yes	9.8	Network	Low	None	None	Unchanged	High	High	High	8
CVE-2021-43616	Oracle Linux	nodejs:16	Yes	9.8	Network	Low	None	None	Unchanged	High	High	High	8
CVE-2022-1529	Oracle Linux	firefox	Yes	8.8	Network	Low	None	Required	Unchanged	High	High	High	7,8
CVE-2022-1802	Oracle Linux	firefox	Yes	8.8	Network	Low	None	Required	Unchanged	High	High	High	7,8
CVE-2022-1552	Oracle Linux	postgresql:10	No	8.8	Network	Low	Low	None	Unchanged	High	High	High	8
CVE-2022-1552	Oracle Linux	postgresql:12	No	8.8	Network	Low	Low	None	Unchanged	High	High	High	8
CVE-2022-1552	Oracle Linux	postgresql:13	No	8.8	Network	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-43818	Oracle Linux	python-lxml	Yes	8.8	Network	Low	None	Required	Changed	Low	High	Low	8
CVE-2021-43818	Oracle Linux	python27:2.7	Yes	8.8	Network	Low	None	Required	Changed	Low	High	Low	8
CVE-2021-43818	Oracle Linux	python38:3.8 and python38-devel:3.8	Yes	8.8	Network	Low	None	Required	Changed	Low	High	Low	8
CVE-2021-43818	Oracle Linux	python39:3.9 and python39-devel:3.9	Yes	8.8	Network	Low	None	Required	Changed	Low	High	Low	8
CVE-2022-1529	Oracle Linux	thunderbird	Yes	8.8	Network	Low	None	Required	Unchanged	High	High	High	7,8
CVE-2022-1802	Oracle Linux	thunderbird	Yes	8.8	Network	Low	None	Required	Unchanged	High	High	High	7,8
CVE-2021-30809	Oracle Linux	webkit2gtk3	Yes	8.8	Network	Low	None	Required	Unchanged	High	High	High	8
CVE-2021-30818	Oracle Linux	webkit2gtk3	Yes	8.8	Network	Low	None	Required	Unchanged	High	High	High	8
CVE-2021-30851	Oracle Linux	webkit2gtk3	Yes	8.8	Network	Low	None	Required	Unchanged	High	High	High	8
CVE-2021-30889	Oracle Linux	webkit2gtk3	Yes	8.8	Network	Low	None	Required	Unchanged	High	High	High	8
CVE-2021-30934	Oracle Linux	webkit2gtk3	Yes	8.8	Network	Low	None	Required	Unchanged	High	High	High	8
CVE-2021-30936	Oracle Linux	webkit2gtk3	Yes	8.8	Network	Low	None	Required	Unchanged	High	High	High	8
CVE-2021-30951	Oracle Linux	webkit2gtk3	Yes	8.8	Network	Low	None	Required	Unchanged	High	High	High	8
CVE-2021-30953	Oracle Linux	webkit2gtk3	Yes	8.8	Network	Low	None	Required	Unchanged	High	High	High	8
CVE-2022-22590	Oracle Linux	webkit2gtk3	Yes	8.8	Network	Low	None	Required	Unchanged	High	High	High	8
CVE-2022-22620	Oracle Linux	webkit2gtk3	Yes	8.8	Network	Low	None	Required	Unchanged	High	High	High	8
CVE-2021-4213	Oracle Linux	pki-core:10.6	Yes	8.6	Network	Low	None	None	Changed	None	None	High	8
CVE-2022-1117	Oracle Linux	fapolicyd	No	8.4	Local	Low	None	None	Unchanged	High	High	High	8
CVE-2021-43860	Oracle Linux	flatpak	No	8.2	Local	Low	None	Required	Changed	High	High	None	8
CVE-2018-25032	Oracle Linux	rsync	Yes	8.2	Network	Low	None	None	Unchanged	None	Low	High	8
CVE-2022-26691	Oracle Linux	cups	No	8.1	Local	High	None	None	Changed	High	High	Low	8
CVE-2022-28733	Oracle Linux	grub2	Yes	8.1	Network	High	None	None	Unchanged	High	High	High	7
CVE-2021-23214	Oracle Linux	postgresql:10	Yes	8.1	Network	High	None	None	Unchanged	High	High	High	8
CVE-2022-24903	Oracle Linux	rsyslog	Yes	8.1	Network	High	None	None	Unchanged	High	High	High	7,8
CVE-2022-22592	Oracle Linux	webkit2gtk3	Yes	8.1	Network	Low	None	Required	Unchanged	High	High	None	8
CVE-2022-28733	Oracle Linux	grub2	Yes	8.1	Network	High	None	None	Unchanged	High	High	High	8
CVE-2022-1227	Oracle Linux	container-tools:3.0	No	8.0	Network	Low	Low	Required	Unchanged	High	High	High	8
CVE-2022-1227	Oracle Linux	container-tools:ol8	No	8.0	Network	Low	Low	Required	Unchanged	High	High	High	8
CVE-2020-35492	Oracle Linux	cairo and pixman	No	7.8	Local	Low	None	Required	Unchanged	High	High	High	8
CVE-2020-13974	Oracle Linux	kernel	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-3612	Oracle Linux	kernel	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-41864	Oracle Linux	kernel	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-33285	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-33286	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-33287	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-33289	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-35266	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-35267	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-35268	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-35269	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-39251	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-39252	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-39253	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-39254	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-39255	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-39256	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-39258	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-39259	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-39260	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-39261	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-39262	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-39263	Oracle Linux	virt:ol and virt-devel:ol	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-30846	Oracle Linux	webkit2gtk3	No	7.8	Local	Low	None	Required	Unchanged	High	High	High	8
CVE-2021-30848	Oracle Linux	webkit2gtk3	No	7.8	Local	Low	None	Required	Unchanged	High	High	High	8
CVE-2021-30849	Oracle Linux	webkit2gtk3	No	7.8	Local	Low	None	Required	Unchanged	High	High	High	8
CVE-2021-30952	Oracle Linux	webkit2gtk3	No	7.8	Local	Low	None	Required	Unchanged	High	High	High	8
CVE-2021-30954	Oracle Linux	webkit2gtk3	No	7.8	Local	Low	None	Required	Unchanged	High	High	High	8
CVE-2021-4008	Oracle Linux	xorg-x11-server and xorg-x11-server-Xwayland	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-4009	Oracle Linux	xorg-x11-server and xorg-x11-server-Xwayland	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-4010	Oracle Linux	xorg-x11-server and xorg-x11-server-Xwayland	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-4011	Oracle Linux	xorg-x11-server and xorg-x11-server-Xwayland	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	8
CVE-2021-45444	Oracle Linux	zsh	No	7.8	Local	Low	None	Required	Unchanged	High	High	High	8
CVE-2022-22589	Oracle Linux	webkit2gtk3	Yes	7.6	Network	Low	None	Required	Unchanged	Low	Low	High	8
CVE-2022-23267	Oracle Linux	.NET 5.0	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2022-29117	Oracle Linux	.NET 5.0	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2022-29145	Oracle Linux	.NET 5.0	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2022-23267	Oracle Linux	.NET 6.0	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2022-29117	Oracle Linux	.NET 6.0	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2022-29145	Oracle Linux	.NET 6.0	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2022-23267	Oracle Linux	.NET Core 3.1	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2022-29117	Oracle Linux	.NET Core 3.1	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2022-29145	Oracle Linux	.NET Core 3.1	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2021-3698	Oracle Linux	cockpit	Yes	7.5	Network	Low	None	None	Unchanged	High	None	None	8
CVE-2022-21698	Oracle Linux	container-tools:ol8	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2021-36386	Oracle Linux	fetchmail	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2022-31736	Oracle Linux	firefox	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2022-31737	Oracle Linux	firefox	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2022-31738	Oracle Linux	firefox	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2022-31740	Oracle Linux	firefox	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2022-31741	Oracle Linux	firefox	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2022-31747	Oracle Linux	firefox	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2021-39358	Oracle Linux	gfbgraph	Yes	7.5	Network	Low	None	None	Unchanged	High	None	None	8
CVE-2021-39293	Oracle Linux	go-toolset:ol8	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2021-41771	Oracle Linux	go-toolset:ol8	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2021-41772	Oracle Linux	go-toolset:ol8	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2022-23772	Oracle Linux	go-toolset:ol8	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2022-23773	Oracle Linux	go-toolset:ol8	Yes	7.5	Network	Low	None	None	Unchanged	None	High	None	8
CVE-2021-3695	Oracle Linux	grub2	No	7.5	Local	High	High	None	Changed	High	High	High	7
CVE-2021-3697	Oracle Linux	grub2	No	7.5	Local	High	High	None	Changed	High	High	High	7
CVE-2021-33193	Oracle Linux	httpd:2.4	Yes	7.5	Network	Low	None	None	Unchanged	None	High	None	8
CVE-2021-36160	Oracle Linux	httpd:2.4	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2021-44225	Oracle Linux	keepalived	No	7.5	Network	High	Low	None	Unchanged	High	High	High	8
CVE-2021-45485	Oracle Linux	kernel	Yes	7.5	Network	Low	None	None	Unchanged	High	None	None	8
CVE-2020-19131	Oracle Linux	libtiff	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2021-3748	Oracle Linux	qemu	No	7.5	Local	High	High	None	Changed	High	High	High	7
CVE-2022-26353	Oracle Linux	qemu	No	7.5	Local	High	High	None	Changed	High	High	High	7
CVE-2021-38593	Oracle Linux	qt5-qtbase	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2021-45930	Oracle Linux	qt5-qtsvg	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2022-24070	Oracle Linux	subversion:1.10	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2022-24070	Oracle Linux	subversion:1.14	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2022-1834	Oracle Linux	thunderbird	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2022-31736	Oracle Linux	thunderbird	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2022-31737	Oracle Linux	thunderbird	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2022-31738	Oracle Linux	thunderbird	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2022-31740	Oracle Linux	thunderbird	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2022-31741	Oracle Linux	thunderbird	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2022-31747	Oracle Linux	thunderbird	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2021-3748	Oracle Linux	virt:ol and virt-devel:ol	No	7.5	Local	High	High	None	Changed	High	High	High	8
CVE-2021-30984	Oracle Linux	webkit2gtk3	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	8
CVE-2022-22594	Oracle Linux	webkit2gtk3	Yes	7.5	Network	Low	None	None	Unchanged	High	None	None	8
CVE-2022-22637	Oracle Linux	webkit2gtk3	Yes	7.5	Network	Low	None	None	Unchanged	High	None	None	8
CVE-2021-3695	Oracle Linux	grub2	No	7.5	Local	High	High	None	Changed	High	High	High	8
CVE-2021-3697	Oracle Linux	grub2	No	7.5	Local	High	High	None	Changed	High	High	High	8
CVE-2021-20322	Oracle Linux	kernel	Yes	7.4	Network	High	None	None	Unchanged	High	High	None	8
CVE-2021-4083	Oracle Linux	kernel	No	7.4	Local	High	None	None	Unchanged	High	High	High	8
CVE-2021-44733	Oracle Linux	kernel	No	7.4	Local	High	None	None	Unchanged	High	High	High	8
CVE-2021-30888	Oracle Linux	webkit2gtk3	Yes	7.4	Network	Low	None	Required	Changed	High	None	None	8
CVE-2020-35452	Oracle Linux	httpd:2.4	Yes	7.3	Network	Low	None	None	Unchanged	Low	Low	Low	8
CVE-2021-44224	Oracle Linux	httpd:2.4	No	7.1	Local	High	Low	None	Changed	Low	Low	High	8
CVE-2021-25633	Oracle Linux	libreoffice	No	7.1	Local	Low	None	Required	Unchanged	High	High	None	8
CVE-2021-25634	Oracle Linux	libreoffice	No	7.1	Local	Low	None	Required	Unchanged	High	High	None	8
CVE-2022-1271	Oracle Linux	xz	No	7.1	Network	High	Low	Required	Unchanged	High	High	High	7,8
CVE-2022-1048	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-1786	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-23036	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-23037	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-23038	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-23039	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-23040	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-23041	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-23042	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-1048	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-1729	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-1786	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-23036	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-23037	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-23038	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-23039	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-23040	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-23041	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-23042	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2021-38185	Oracle Linux	cpio	No	7.0	Local	High	None	Required	Unchanged	High	High	High	8
CVE-2022-23218	Oracle Linux	glibc	Yes	7.0	Network	High	None	None	Unchanged	Low	Low	High	7
CVE-2022-23219	Oracle Linux	glibc	Yes	7.0	Network	High	None	None	Unchanged	Low	Low	High	7
CVE-2022-28734	Oracle Linux	grub2	Yes	7.0	Network	High	None	None	Unchanged	Low	Low	High	7
CVE-2022-0492	Oracle Linux	kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7
CVE-2021-29154	Oracle Linux	kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	8
CVE-2021-3752	Oracle Linux	kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	8
CVE-2022-1011	Oracle Linux	kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	8
CVE-2021-41617	Oracle Linux	openssh	No	7.0	Local	High	Low	None	Unchanged	High	High	High	8
CVE-2022-1048	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7
CVE-2022-1729	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-23036	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7
CVE-2022-23038	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7
CVE-2022-23039	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7
CVE-2022-23040	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7
CVE-2022-23041	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7
CVE-2022-28734	Oracle Linux	grub2	Yes	7.0	Network	High	None	None	Unchanged	Low	Low	High	8
CVE-2022-28735	Oracle Linux	grub2	No	6.7	Local	Low	High	None	Unchanged	High	High	High	7
CVE-2021-0941	Oracle Linux	kernel	No	6.7	Local	Low	High	None	Unchanged	High	High	High	8
CVE-2021-42739	Oracle Linux	kernel	No	6.7	Local	Low	High	None	Unchanged	High	High	High	8
CVE-2022-28735	Oracle Linux	grub2	No	6.7	Local	Low	High	None	Unchanged	High	High	High	8
CVE-2022-21499	Oracle Linux	Unbreakable Enterprise kernel	No	6.7	Local	Low	High	None	Unchanged	High	High	High	7,8
CVE-2022-21499	Oracle Linux	Unbreakable Enterprise kernel-container	No	6.7	Local	Low	High	None	Unchanged	High	High	High	7,8
CVE-2020-18898	Oracle Linux	compat-exiv2-026	Yes	6.5	Network	Low	None	Required	Unchanged	None	None	High	8
CVE-2020-18898	Oracle Linux	exiv2	Yes	6.5	Network	Low	None	Required	Unchanged	None	None	High	8
CVE-2021-3733	Oracle Linux	python27:2.7	Yes	6.5	Network	Low	None	Required	Unchanged	None	None	High	8
CVE-2021-3737	Oracle Linux	python27:2.7	Yes	6.5	Network	Low	None	Required	Unchanged	None	None	High	8
CVE-2022-0391	Oracle Linux	python27:2.7	Yes	6.5	Network	Low	None	None	Unchanged	Low	Low	None	8
CVE-2021-3737	Oracle Linux	python3	Yes	6.5	Network	Low	None	Required	Unchanged	None	None	High	8
CVE-2021-3733	Oracle Linux	python38:3.8 and python38-devel:3.8	Yes	6.5	Network	Low	None	Required	Unchanged	None	None	High	8
CVE-2021-3737	Oracle Linux	python38:3.8 and python38-devel:3.8	Yes	6.5	Network	Low	None	Required	Unchanged	None	None	High	8
CVE-2022-0391	Oracle Linux	python38:3.8 and python38-devel:3.8	Yes	6.5	Network	Low	None	None	Unchanged	Low	Low	None	8
CVE-2021-44141	Oracle Linux	samba	No	6.5	Network	Low	Low	None	Unchanged	High	None	None	8
CVE-2022-28737	Oracle Linux	shim-signed	No	6.5	Local	Low	High	Required	Unchanged	High	High	High	7
CVE-2021-30823	Oracle Linux	webkit2gtk3	No	6.5	Network	Low	Low	None	Unchanged	None	High	None	8
CVE-2021-30887	Oracle Linux	webkit2gtk3	Yes	6.5	Network	Low	None	Required	Unchanged	None	High	None	8
CVE-2021-30897	Oracle Linux	webkit2gtk3	Yes	6.5	Network	Low	None	Required	Unchanged	High	None	None	8
CVE-2021-45481	Oracle Linux	webkit2gtk3	Yes	6.5	Network	Low	None	Required	Unchanged	None	None	High	8
CVE-2021-45482	Oracle Linux	webkit2gtk3	Yes	6.5	Network	Low	None	Required	Unchanged	None	None	High	8
CVE-2021-45483	Oracle Linux	webkit2gtk3	Yes	6.5	Network	Low	None	Required	Unchanged	None	None	High	8
CVE-2022-21499	Oracle Linux	Unbreakable Enterprise kernel	No	6.7	Local	Low	High	None	Unchanged	High	High	High	7
CVE-2022-28737	Oracle Linux	shim	No	6.5	Local	Low	High	Required	Unchanged	High	High	High	8
CVE-2022-28736	Oracle Linux	grub2	No	6.4	Local	High	High	None	Unchanged	High	High	High	7
CVE-2021-37159	Oracle Linux	kernel	No	6.4	Local	High	None	None	Unchanged	High	High	High	8
CVE-2021-21703	Oracle Linux	php:7.4	No	6.4	Local	High	High	None	Unchanged	High	High	High	8
CVE-2022-28736	Oracle Linux	grub2	No	6.4	Local	High	High	None	Unchanged	High	High	High	8
CVE-2021-4197	Oracle Linux	Unbreakable Enterprise kernel	No	6.3	Local	High	Low	None	Unchanged	High	High	None	7,8
CVE-2021-4197	Oracle Linux	Unbreakable Enterprise kernel-container	No	6.3	Local	High	Low	None	Unchanged	High	High	None	7,8
CVE-2021-4197	Oracle Linux	kernel	No	6.3	Local	High	Low	None	Unchanged	High	High	None	8
CVE-2021-25635	Oracle Linux	libreoffice	No	6.3	Local	High	None	Required	Unchanged	High	High	None	8
CVE-2021-3743	Oracle Linux	kernel	No	6.2	Local	Low	None	None	Unchanged	None	None	High	8
CVE-2022-1353	Oracle Linux	Unbreakable Enterprise kernel	No	6.1	Local	Low	Low	None	Unchanged	Low	None	High	7,8
CVE-2022-1353	Oracle Linux	Unbreakable Enterprise kernel-container	No	6.1	Local	Low	Low	None	Unchanged	Low	None	High	7,8
CVE-2022-21123	Oracle Linux	Unbreakable Enterprise kernel-container	No	6.1	Local	Low	Low	None	Unchanged	High	Low	None	7,8
CVE-2022-31742	Oracle Linux	firefox	Yes	6.1	Network	Low	None	Required	Changed	Low	Low	None	7,8
CVE-2021-4156	Oracle Linux	libsndfile	No	6.1	Local	Low	None	Required	Unchanged	Low	None	High	8
CVE-2022-21123	Oracle Linux	microcode_ctl	No	6.1	Local	Low	Low	None	Unchanged	High	Low	None	7
CVE-2021-3639	Oracle Linux	mod_auth_mellon	Yes	6.1	Network	Low	None	Required	Changed	Low	Low	None	8
CVE-2021-32786	Oracle Linux	mod_auth_openidc:2.3	Yes	6.1	Network	Low	None	Required	Changed	Low	Low	None	8
CVE-2021-32792	Oracle Linux	mod_auth_openidc:2.3	Yes	6.1	Network	Low	None	Required	Changed	Low	Low	None	8
CVE-2021-39191	Oracle Linux	mod_auth_openidc:2.3	Yes	6.1	Network	Low	None	Required	Changed	Low	Low	None	8
CVE-2022-31742	Oracle Linux	thunderbird	Yes	6.1	Network	Low	None	Required	Changed	Low	Low	None	7,8
CVE-2021-30890	Oracle Linux	webkit2gtk3	Yes	6.1	Network	Low	None	Required	Changed	Low	Low	None	8
CVE-2022-21123	Oracle Linux	Unbreakable Enterprise kernel	No	6.1	Local	Low	Low	None	Unchanged	High	Low	None	7,8
CVE-2022-21123	Oracle Linux	microcode_ctl	No	6.1	Local	Low	Low	None	Unchanged	High	Low	None	8
CVE-2021-4158	Oracle Linux	virt:ol and virt-devel:ol	No	6.0	Local	Low	High	None	Changed	None	None	High	8
CVE-2021-39272	Oracle Linux	fetchmail	Yes	5.9	Network	High	None	None	Unchanged	High	None	None	8
CVE-2022-23806	Oracle Linux	go-toolset:ol8	Yes	5.9	Network	High	None	Required	Unchanged	None	Low	High	8
CVE-2021-3772	Oracle Linux	kernel	Yes	5.9	Network	High	None	None	Unchanged	None	None	High	8
CVE-2021-3773	Oracle Linux	kernel	Yes	5.9	Network	High	None	None	Unchanged	High	None	None	8
CVE-2021-4157	Oracle Linux	kernel	No	5.9	Local	High	Low	None	Unchanged	Low	Low	High	8
CVE-2021-32791	Oracle Linux	mod_auth_openidc:2.3	Yes	5.9	Network	High	None	None	Unchanged	High	None	None	8
CVE-2021-20316	Oracle Linux	samba	No	5.9	Network	High	Low	None	Unchanged	Low	High	None	8
CVE-2021-4203	Oracle Linux	kernel	No	5.8	Local	High	Low	None	Unchanged	High	Low	Low	8
CVE-2022-21127	Oracle Linux	Unbreakable Enterprise kernel-container	No	5.6	Local	High	Low	None	Changed	High	None	None	7,8
CVE-2021-3672	Oracle Linux	c-ares	Yes	5.6	Network	High	None	None	Unchanged	Low	Low	Low	8
CVE-2022-21127	Oracle Linux	microcode_ctl	No	5.6	Local	High	Low	None	Changed	High	None	None	7
CVE-2021-4145	Oracle Linux	virt:ol and virt-devel:ol	No	5.6	Local	High	Low	None	Changed	None	None	High	8
CVE-2022-21127	Oracle Linux	Unbreakable Enterprise kernel	No	5.6	Local	High	Low	None	Changed	High	None	None	7,8
CVE-2022-21127	Oracle Linux	microcode_ctl	No	5.6	Local	High	Low	None	Changed	High	None	None	8
CVE-2022-1852	Oracle Linux	Unbreakable Enterprise kernel-container	No	5.5	Local	Low	Low	None	Unchanged	None	None	High	7,8
CVE-2022-21125	Oracle Linux	Unbreakable Enterprise kernel-container	No	5.5	Local	Low	Low	None	Unchanged	High	None	None	7,8
CVE-2022-21166	Oracle Linux	Unbreakable Enterprise kernel-container	No	5.5	Local	Low	Low	None	Unchanged	High	None	None	7,8
CVE-2019-25051	Oracle Linux	aspell	No	5.5	Local	Low	Low	None	Unchanged	None	None	High	8
CVE-2020-0404	Oracle Linux	kernel	No	5.5	Local	Low	Low	None	Unchanged	None	None	High	8
CVE-2021-3669	Oracle Linux	kernel	No	5.5	Local	Low	Low	None	Unchanged	None	None	High	8
CVE-2021-3744	Oracle Linux	kernel	No	5.5	Local	Low	Low	None	Unchanged	None	None	High	8
CVE-2021-3759	Oracle Linux	kernel	No	5.5	Local	Low	Low	None	Unchanged	None	None	High	8
CVE-2021-3764	Oracle Linux	kernel	No	5.5	Local	Low	Low	None	Unchanged	None	None	High	8
CVE-2021-43056	Oracle Linux	kernel	No	5.5	Local	Low	Low	None	Unchanged	None	None	High	8
CVE-2021-43389	Oracle Linux	kernel	No	5.5	Local	Low	Low	None	Unchanged	None	None	High	8
CVE-2022-0322	Oracle Linux	kernel	No	5.5	Local	Low	Low	None	Unchanged	None	None	High	8
CVE-2022-21125	Oracle Linux	microcode_ctl	No	5.5	Local	Low	Low	None	Unchanged	High	None	None	7
CVE-2022-21166	Oracle Linux	microcode_ctl	No	5.5	Local	Low	Low	None	Unchanged	High	None	None	7
CVE-2021-39257	Oracle Linux	virt:ol and virt-devel:ol	No	5.5	Local	Low	Low	None	Unchanged	None	None	High	8
CVE-2021-30836	Oracle Linux	webkit2gtk3	No	5.5	Local	Low	None	Required	Unchanged	High	None	None	8
CVE-2022-0487	Oracle Linux	Unbreakable Enterprise kernel	No	5.5	Local	Low	Low	None	Unchanged	High	None	None	7
CVE-2022-1852	Oracle Linux	Unbreakable Enterprise kernel	No	5.5	Local	Low	Low	None	Unchanged	None	None	High	7,8
CVE-2022-21125	Oracle Linux	Unbreakable Enterprise kernel	No	5.5	Local	Low	Low	None	Unchanged	High	None	None	7,8
CVE-2022-21166	Oracle Linux	Unbreakable Enterprise kernel	No	5.5	Local	Low	Low	None	Unchanged	High	None	None	7,8
CVE-2022-21125	Oracle Linux	microcode_ctl	No	5.5	Local	Low	Low	None	Unchanged	High	None	None	8
CVE-2022-21166	Oracle Linux	microcode_ctl	No	5.5	Local	Low	Low	None	Unchanged	High	None	None	8
CVE-2021-25219	Oracle Linux	bind	Yes	5.3	Network	Low	None	None	Unchanged	None	None	Low	8
CVE-2020-13956	Oracle Linux	maven:3.5	Yes	5.3	Network	Low	None	None	Unchanged	None	Low	None	8
CVE-2020-13956	Oracle Linux	maven:3.6	Yes	5.3	Network	Low	None	None	Unchanged	None	Low	None	8
CVE-2021-21705	Oracle Linux	php:7.4	Yes	5.3	Network	Low	None	None	Unchanged	None	Low	None	8
CVE-2021-4189	Oracle Linux	python27:2.7	Yes	5.3	Network	Low	None	None	Unchanged	Low	None	None	8
CVE-2021-4189	Oracle Linux	python3	Yes	5.3	Network	Low	None	None	Unchanged	Low	None	None	8
CVE-2022-21658	Oracle Linux	rust-toolset:ol8	No	5.3	Network	High	Low	None	Unchanged	None	High	None	8
CVE-2021-28116	Oracle Linux	squid:4	Yes	5.3	Network	Low	None	None	Unchanged	Low	None	None	8
CVE-2021-3975	Oracle Linux	virt:ol and virt-devel:ol	No	5.3	Network	High	Low	None	Unchanged	None	None	High	8
CVE-2020-4788	Oracle Linux	kernel	No	5.1	Local	High	None	None	Unchanged	High	None	None	8
CVE-2021-4002	Oracle Linux	kernel	No	5.1	Local	Low	None	None	Unchanged	Low	Low	None	8
CVE-2022-0286	Oracle Linux	kernel	No	5.1	Local	High	None	None	Unchanged	None	None	High	8
CVE-2022-30184	Oracle Linux	.NET 6.0	No	5.0	Local	Low	Low	Required	Unchanged	High	None	None	8
CVE-2022-30184	Oracle Linux	.NET Core 3.1	No	5.0	Local	Low	Low	Required	Unchanged	High	None	None	8
CVE-2021-3696	Oracle Linux	grub2	No	5.0	Local	High	High	None	Changed	Low	Low	Low	7
CVE-2022-0897	Oracle Linux	libvirt libvirt-python	No	5.0	Local	Low	Low	Required	Unchanged	None	None	High	7
CVE-2021-3696	Oracle Linux	grub2	No	5.0	Local	High	High	None	Changed	Low	Low	Low	8
CVE-2022-27650	Oracle Linux	container-tools:3.0	Yes	4.8	Network	High	None	None	Unchanged	Low	Low	None	8
CVE-2022-27649	Oracle Linux	container-tools:ol8	Yes	4.8	Network	High	None	None	Unchanged	Low	Low	None	8
CVE-2022-27650	Oracle Linux	container-tools:ol8	Yes	4.8	Network	High	None	None	Unchanged	Low	Low	None	8
CVE-2022-27651	Oracle Linux	container-tools:ol8	Yes	4.8	Network	High	None	None	Unchanged	Low	Low	None	8
CVE-2022-0485	Oracle Linux	virt:ol and virt-devel:ol	Yes	4.8	Network	High	None	None	Unchanged	Low	Low	None	8
CVE-2021-26401	Oracle Linux	kernel	No	4.7	Local	High	Low	None	Unchanged	High	None	None	8
CVE-2022-0001	Oracle Linux	kernel	No	4.7	Local	High	Low	None	Unchanged	High	None	None	8
CVE-2022-0002	Oracle Linux	kernel	No	4.7	Local	High	Low	None	Unchanged	High	None	None	8
CVE-2021-30884	Oracle Linux	webkit2gtk3	Yes	4.7	Network	Low	None	Required	Changed	Low	None	None	8
CVE-2021-43976	Oracle Linux	kernel	No	4.6	Local	Low	None	None	Unchanged	None	None	High	8
CVE-2021-3802	Oracle Linux	udisks2	No	4.5	Network	Low	High	Required	Unchanged	None	None	High	8
CVE-2021-4037	Oracle Linux	kernel	No	4.4	Local	Low	Low	None	Unchanged	Low	Low	None	8
CVE-2021-41229	Oracle Linux	bluez	No	4.3	Local	Low	None	None	Unchanged	None	None	Low	8
CVE-2021-3660	Oracle Linux	cockpit	Yes	4.3	Network	Low	None	Required	Unchanged	None	Low	None	8
CVE-2020-17489	Oracle Linux	gnome-shell	No	4.3	Local	Low	None	Required	Unchanged	High	None	None	8
CVE-2021-43813	Oracle Linux	grafana	No	4.3	Network	Low	Low	None	Unchanged	Low	None	None	8
CVE-2021-3622	Oracle Linux	virt:ol and virt-devel:ol	Yes	4.3	Network	Low	None	Required	Unchanged	None	None	Low	8
CVE-2021-33515	Oracle Linux	dovecot	No	4.2	Network	High	Low	None	Unchanged	Low	Low	None	8
CVE-2020-27820	Oracle Linux	kernel	No	4.1	Local	High	High	None	Unchanged	None	None	High	8
CVE-2021-21781	Oracle Linux	kernel	No	4.0	Local	Low	None	None	Unchanged	Low	None	None	8
CVE-2021-23222	Oracle Linux	libpq	Yes	3.7	Network	High	None	None	Unchanged	Low	None	None	8
CVE-2021-45486	Oracle Linux	kernel	No	3.5	Local	Low	Low	None	Unchanged	Low	None	None	8
CVE-2021-3634	Oracle Linux	libssh	No	3.5	Network	Low	Low	Required	Unchanged	None	None	Low	8
CVE-2021-3716	Oracle Linux	virt:ol and virt-devel:ol	No	3.5	Network	Low	Low	Required	Unchanged	None	None	Low	8
CVE-2021-3981	Oracle Linux	grub2	No	3.3	Local	Low	Low	None	Unchanged	Low	None	None	8
CVE-2021-20196	Oracle Linux	virt:ol and virt-devel:ol	No	3.2	Local	Low	High	None	Changed	None	None	Low	8
CVE-2022-26354	Oracle Linux	qemu	No	2.5	Local	High	High	None	Changed	None	None	Low	7

Revision 2: Published on 2022-05-18

CVE#	Product	Component	Remote Exploit without Auth.?	CVSS VERSION 3.1 RISK (see Risk Matrix Definitions)									Supported Versions Affected
CVE#	Product	Component	Remote Exploit without Auth.?	Base Score	Attack Vector	Attack Complex	Privs Req'd	User Interact	Scope	Confid- entiality	Inte- grity	Avail- ability	Supported Versions Affected
CVE-2022-25235	Oracle Linux	xmlrpc-c	No	9.8	Local	High	None	Required	Changed	None	None	None	8
CVE-2018-25032	Oracle Linux	zlib	No	8.2	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-27666	Oracle Linux	Unbreakable Enterprise kernel	No	7.8	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-27666	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.8	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-25636	Oracle Linux	kernel	No	7.8	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-1154	Oracle Linux	vim	No	7.8	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-0847	Oracle Linux	Unbreakable Enterprise kernel	No	7.8	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-27666	Oracle Linux	Unbreakable Enterprise kernel	No	7.8	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-29909	Oracle Linux	firefox	No	7.5	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-29911	Oracle Linux	firefox	No	7.5	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-29914	Oracle Linux	firefox	No	7.5	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-29916	Oracle Linux	firefox	No	7.5	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-29917	Oracle Linux	firefox	No	7.5	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-21476	Oracle Linux	java-1.8.0-openjdk	No	7.5	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-21476	Oracle Linux	java-1.8.0-openjdk	No	7.5	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-21476	Oracle Linux	java-11-openjdk	No	7.5	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-21476	Oracle Linux	java-11-openjdk	No	7.5	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-21449	Oracle Linux	java-17-openjdk	No	7.5	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-21476	Oracle Linux	java-17-openjdk	No	7.5	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-29909	Oracle Linux	thunderbird	No	7.5	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-29911	Oracle Linux	thunderbird	No	7.5	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-29914	Oracle Linux	thunderbird	No	7.5	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-29916	Oracle Linux	thunderbird	No	7.5	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-29917	Oracle Linux	thunderbird	No	7.5	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-1271	Oracle Linux	gzip	No	7.1	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-0435	Oracle Linux	Unbreakable Enterprise kernel	No	7.1	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-1158	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2020-245024	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.0	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-1158	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.0	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-23218	Oracle Linux	glibc	No	7.0	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-23219	Oracle Linux	glibc	No	7.0	Local	High	None	Required	Changed	None	None	None	7
CVE-2021-4028	Oracle Linux	kernel	No	7.0	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-0330	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-0492	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-22942	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-1055	Oracle Linux	Unbreakable Enterprise kernel	No	6.3	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-1055	Oracle Linux	Unbreakable Enterprise kernel-container	No	6.3	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2021-4115	Oracle Linux	polkit	No	6.2	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-29912	Oracle Linux	firefox	No	6.1	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-29912	Oracle Linux	thunderbird	No	6.1	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-29913	Oracle Linux	thunderbird	No	6.1	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2021-2389	Oracle Linux	mariadb:10.3	No	5.9	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-2389	Oracle Linux	mariadb:10.5	No	5.9	Local	High	None	Required	Changed	None	None	None	8
CVE-2020-36516	Oracle Linux	Unbreakable Enterprise kernel	No	5.9	Local	High	None	Required	Changed	None	None	None	7
CVE-2021-4145	Oracle Linux	qemu	No	5.6	Local	High	None	Required	Changed	None	None	None	7
CVE-2020-24502	Oracle Linux	Unbreakable Enterprise kernel	No	5.5	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2020-24503	Oracle Linux	Unbreakable Enterprise kernel	No	5.5	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2021-45095	Oracle Linux	Unbreakable Enterprise kernel	No	5.5	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-1016	Oracle Linux	Unbreakable Enterprise kernel	No	5.5	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2020-24502	Oracle Linux	Unbreakable Enterprise kernel-container	No	5.5	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2020-24503	Oracle Linux	Unbreakable Enterprise kernel-container	No	5.5	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2021-45095	Oracle Linux	Unbreakable Enterprise kernel-container	No	5.5	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-1016	Oracle Linux	Unbreakable Enterprise kernel-container	No	5.5	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2021-35604	Oracle Linux	mariadb:10.3	No	5.5	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-46657	Oracle Linux	mariadb:10.3	No	5.5	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-46658	Oracle Linux	mariadb:10.3	No	5.5	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-46662	Oracle Linux	mariadb:10.3	No	5.5	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-46666	Oracle Linux	mariadb:10.3	No	5.5	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-46667	Oracle Linux	mariadb:10.3	No	5.5	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-35604	Oracle Linux	mariadb:10.5	No	5.5	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-46657	Oracle Linux	mariadb:10.5	No	5.5	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-46658	Oracle Linux	mariadb:10.5	No	5.5	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-46662	Oracle Linux	mariadb:10.5	No	5.5	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-46666	Oracle Linux	mariadb:10.5	No	5.5	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-46667	Oracle Linux	mariadb:10.5	No	5.5	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-1016	Oracle Linux	Unbreakable Enterprise kernel	No	5.5	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-21426	Oracle Linux	java-1.8.0-openjdk	No	5.3	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-21434	Oracle Linux	java-1.8.0-openjdk	No	5.3	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-21496	Oracle Linux	java-1.8.0-openjdk	No	5.3	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-21426	Oracle Linux	java-1.8.0-openjdk	No	5.3	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-21434	Oracle Linux	java-1.8.0-openjdk	No	5.3	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-21496	Oracle Linux	java-1.8.0-openjdk	No	5.3	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-21426	Oracle Linux	java-11-openjdk	No	5.3	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-21434	Oracle Linux	java-11-openjdk	No	5.3	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-21496	Oracle Linux	java-11-openjdk	No	5.3	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-21426	Oracle Linux	java-11-openjdk	No	5.3	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-21434	Oracle Linux	java-11-openjdk	No	5.3	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-21496	Oracle Linux	java-11-openjdk	No	5.3	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-21426	Oracle Linux	java-17-openjdk	No	5.3	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-21434	Oracle Linux	java-17-openjdk	No	5.3	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-21496	Oracle Linux	java-17-openjdk	No	5.3	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-4002	Oracle Linux	Unbreakable Enterprise kernel	No	5.1	Local	High	None	Required	Changed	None	None	None	7
CVE-2021-2154	Oracle Linux	mariadb:10.3	No	4.9	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-2166	Oracle Linux	mariadb:10.3	No	4.9	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-2154	Oracle Linux	mariadb:10.5	No	4.9	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-2166	Oracle Linux	mariadb:10.5	No	4.9	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-27649	Oracle Linux	container-tools:2.0	No	4.8	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-27651	Oracle Linux	container-tools:2.0	No	4.8	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-27649	Oracle Linux	container-tools:3.0	No	4.8	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-27651	Oracle Linux	container-tools:3.0	No	4.8	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-26401	Oracle Linux	Unbreakable Enterprise kernel	No	4.7	Local	High	None	Required	Changed	None	None	None	7
CVE-2021-4149	Oracle Linux	Unbreakable Enterprise kernel	No	4.7	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-0617	Oracle Linux	Unbreakable Enterprise kernel	No	4.7	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-26966	Oracle Linux	Unbreakable Enterprise kernel	No	4.6	Local	High	None	Required	Changed	None	None	None	7
CVE-2021-2372	Oracle Linux	mariadb:10.3	No	4.4	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-2372	Oracle Linux	mariadb:10.5	No	4.4	Local	High	None	Required	Changed	None	None	None	8
CVE-2021-20317	Oracle Linux	Unbreakable Enterprise kernel	No	4.4	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-1520	Oracle Linux	thunderbird	No	4.3	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-21443	Oracle Linux	java-1.8.0-openjdk	No	3.7	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-21443	Oracle Linux	java-1.8.0-openjdk	No	3.7	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-21443	Oracle Linux	java-11-openjdk	No	3.7	Local	High	None	Required	Changed	None	None	None	8
CVE-2022-21443	Oracle Linux	java-11-openjdk	No	3.7	Local	High	None	Required	Changed	None	None	None	7
CVE-2022-21443	Oracle Linux	java-17-openjdk	No	3.7	Local	High	None	Required	Changed	None	None	None	8
CVE-2020-245024	Oracle Linux	Unbreakable Enterprise kernel	No	3.3	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-24448	Oracle Linux	Unbreakable Enterprise kernel	No	3.3	Local	High	None	Required	Changed	None	None	None	7

Revision 1: Published on 2022-04-19

CVE#	Product	Component	Remote Exploit without Auth.?	CVSS VERSION 3.1 RISK (see Risk Matrix Definitions)									Supported Versions Affected
CVE#	Product	Component	Remote Exploit without Auth.?	Base Score	Attack Vector	Attack Complex	Privs Req'd	User Interact	Scope	Confid- entiality	Inte- grity	Avail- ability	Supported Versions Affected
CVE-2022-22822	Oracle Linux	expat	Yes	9.8	Network	Low	None	None	Unchanged	High	High	High	7,8
CVE-2022-22823	Oracle Linux	expat	Yes	9.8	Network	Low	None	None	Unchanged	High	High	High	7,8
CVE-2022-22824	Oracle Linux	expat	Yes	9.8	Network	Low	None	None	Unchanged	High	High	High	7,8
CVE-2022-23852	Oracle Linux	expat	Yes	9.8	Network	Low	None	None	Unchanged	High	High	High	7,8
CVE-2022-23990	Oracle Linux	expat	Yes	9.8	Network	Low	None	None	Unchanged	High	High	High	7
CVE-2022-25235	Oracle Linux	expat	Yes	9.8	Network	Low	None	None	Unchanged	High	High	High	7,8
CVE-2022-25236	Oracle Linux	expat	Yes	9.8	Network	Low	None	None	Unchanged	High	High	High	7,8
CVE-2022-25315	Oracle Linux	expat	Yes	9.8	Network	Low	None	None	Unchanged	High	High	High	7,8
CVE-2022-23990	Oracle Linux	expat	Yes	9.8	Network	Low	None	None	Unchanged	High	High	High	8
CVE-2021-3653	Oracle Linux	Unbreakable Enterprise kernel	No	8.8	Local	Low	Low	None	Changed	High	High	High	7,8
CVE-2021-3656	Oracle Linux	Unbreakable Enterprise kernel	No	8.8	Local	Low	Low	None	Changed	High	High	High	7,8
CVE-2021-3653	Oracle Linux	Unbreakable Enterprise kernel-container	No	8.8	Local	Low	Low	None	Changed	High	High	High	7,8
CVE-2021-3656	Oracle Linux	Unbreakable Enterprise kernel-container	No	8.8	Local	Low	Low	None	Changed	High	High	High	7,8
CVE-2022-22825	Oracle Linux	expat	Yes	8.8	Network	Low	None	Required	Unchanged	High	High	High	7,8
CVE-2022-22826	Oracle Linux	expat	Yes	8.8	Network	Low	None	Required	Unchanged	High	High	High	7,8
CVE-2022-22827	Oracle Linux	expat	Yes	8.8	Network	Low	None	Required	Unchanged	High	High	High	7,8
CVE-2021-39275	Oracle Linux	httpd:2.4	Yes	8.1	Network	High	None	None	Unchanged	High	High	High	8
CVE-2022-23308	Oracle Linux	libxml2	Yes	8.1	Network	High	None	None	Unchanged	High	High	High	8
CVE-2021-39685	Oracle Linux	Unbreakable Enterprise kernel	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	7,8
CVE-2022-0847	Oracle Linux	Unbreakable Enterprise kernel	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	7,8
CVE-2022-25636	Oracle Linux	Unbreakable Enterprise kernel	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	7,8
CVE-2021-39685	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	7,8
CVE-2022-0847	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	7,8
CVE-2022-25636	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.8	Local	Low	Low	None	Unchanged	High	High	High	7,8
CVE-2021-46143	Oracle Linux	expat	No	7.8	Local	Low	None	Required	Unchanged	High	High	High	7,8
CVE-2022-0261	Oracle Linux	vim	No	7.8	Local	Low	None	Required	Unchanged	High	High	High	8
CVE-2022-0361	Oracle Linux	vim	No	7.8	Local	Low	None	Required	Unchanged	High	High	High	8
CVE-2022-0392	Oracle Linux	vim	No	7.8	Local	Low	None	Required	Unchanged	High	High	High	8
CVE-2021-45960	Oracle Linux	expat	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	7,8
CVE-2022-1097	Oracle Linux	firefox	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2022-28281	Oracle Linux	firefox	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2022-28289	Oracle Linux	firefox	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2021-34798	Oracle Linux	httpd:2.4	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2022-0778	Oracle Linux	openssl	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	7,8
CVE-2022-1097	Oracle Linux	thunderbird	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2022-28281	Oracle Linux	thunderbird	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2022-28289	Oracle Linux	thunderbird	Yes	7.5	Network	High	None	Required	Unchanged	High	High	High	7,8
CVE-2021-33193	Oracle Linux	httpd:2.4	Yes	7.5	Network	Low	None	None	Unchanged	None	High	None	8
CVE-2022-0778	Oracle Linux	openssl	Yes	7.5	Network	Low	None	None	Unchanged	None	None	High	8
CVE-2021-3999	Oracle Linux	glibc	No	7.4	Local	High	None	None	Unchanged	High	High	High	8
CVE-2021-4083	Oracle Linux	kernel	No	7.4	Local	High	None	None	Unchanged	High	High	High	7
CVE-2022-0413	Oracle Linux	vim	No	7.3	Local	Low	Low	Required	Unchanged	High	High	High	8
CVE-2022-0435	Oracle Linux	Unbreakable Enterprise kernel	No	7.1	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-0435	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.1	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-22720	Oracle Linux	httpd	Yes	7.1	Network	Low	None	Required	Changed	Low	Low	Low	7
CVE-2022-22720	Oracle Linux	httpd:2.4	Yes	7.1	Network	Low	None	Required	Changed	Low	Low	Low	8
CVE-2022-0330	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-0492	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-1158	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-0330	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-0492	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-22942	Oracle Linux	Unbreakable Enterprise kernel-container	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2022-23218	Oracle Linux	glibc	Yes	7.0	Network	High	None	None	Unchanged	Low	Low	High	8
CVE-2022-23219	Oracle Linux	glibc	Yes	7.0	Network	High	None	None	Unchanged	Low	Low	High	8
CVE-2021-4028	Oracle Linux	kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7
CVE-2022-0358	Oracle Linux	virt:ol and virt-devel:rhel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	8
CVE-2022-22942	Oracle Linux	Unbreakable Enterprise kernel	No	7.0	Local	High	Low	None	Unchanged	High	High	High	7,8
CVE-2021-23177	Oracle Linux	libarchive	No	6.6	Local	Low	None	Required	Unchanged	High	Low	Low	8
CVE-2022-0318	Oracle Linux	vim	No	6.6	Local	Low	Low	None	Unchanged	Low	Low	High	8
CVE-2021-22600	Oracle Linux	Unbreakable Enterprise kernel-container	No	6.3	Local	High	Low	None	Unchanged	None	High	High	7,8
CVE-2021-22600	Oracle Linux	Unbreakable Enterprise kernel	No	6.3	Local	High	Low	None	Unchanged	None	High	High	7,8
CVE-2022-28282	Oracle Linux	firefox	Yes	6.1	Network	Low	None	Required	Changed	Low	Low	None	7,8
CVE-2022-28285	Oracle Linux	firefox	Yes	6.1	Network	Low	None	Required	Changed	Low	Low	None	7,8
CVE-2022-1196	Oracle Linux	thunderbird	Yes	6.1	Network	Low	None	Required	Changed	Low	Low	None	7,8
CVE-2022-1197	Oracle Linux	thunderbird	Yes	6.1	Network	Low	None	Required	Changed	Low	Low	None	7,8
CVE-2022-28282	Oracle Linux	thunderbird	Yes	6.1	Network	Low	None	Required	Changed	Low	Low	None	7,8
CVE-2022-28285	Oracle Linux	thunderbird	Yes	6.1	Network	Low	None	Required	Changed	Low	Low	None	7,8
CVE-2022-0359	Oracle Linux	vim	No	6.1	Local	Low	None	Required	Changed	Low	Low	Low	8
CVE-2021-4091	Oracle Linux	389-ds:1.4	Yes	5.9	Network	High	None	None	Unchanged	None	None	High	8
CVE-2020-36516	Oracle Linux	Unbreakable Enterprise kernel-container	No	5.9	Network	High	Low	None	Unchanged	None	High	Low	7,8
CVE-2020-36516	Oracle Linux	Unbreakable Enterprise kernel	No	5.9	Network	High	Low	None	Unchanged	None	High	Low	7,8
CVE-2022-1016	Oracle Linux	Unbreakable Enterprise kernel-container	No	5.5	Local	Low	Low	None	Unchanged	High	None	None	7,8
CVE-2022-1016	Oracle Linux	Unbreakable Enterprise kernel	No	5.5	Local	Low	Low	None	Unchanged	High	None	None	7,8
CVE-2021-26401	Oracle Linux	Unbreakable Enterprise kernel	No	4.7	Local	High	Low	None	Unchanged	High	None	None	7,8
CVE-2022-23960	Oracle Linux	Unbreakable Enterprise kernel	No	4.7	Local	High	Low	None	Unchanged	High	None	None	7,8
CVE-2021-26341	Oracle Linux	Unbreakable Enterprise kernel-container	No	4.7	Local	High	Low	None	Unchanged	High	None	None	7,8
CVE-2021-26401	Oracle Linux	Unbreakable Enterprise kernel-container	No	4.7	Local	High	Low	None	Unchanged	High	None	None	7,8
CVE-2022-0617	Oracle Linux	Unbreakable Enterprise kernel-container	No	4.7	Local	High	Low	None	Unchanged	None	None	High	7,8
CVE-2022-23960	Oracle Linux	Unbreakable Enterprise kernel-container	No	4.7	Local	High	Low	None	Unchanged	High	None	None	7,8
CVE-2021-26341	Oracle Linux	Unbreakable Enterprise kernel	No	4.7	Local	High	Low	None	Unchanged	High	None	None	7,8
CVE-2021-26401	Oracle Linux	Unbreakable Enterprise kernel	No	4.7	Local	High	Low	None	Unchanged	High	None	None	7,8
CVE-2022-0617	Oracle Linux	Unbreakable Enterprise kernel	No	4.7	Local	High	Low	None	Unchanged	None	None	High	7,8
CVE-2022-23960	Oracle Linux	Unbreakable Enterprise kernel	No	4.7	Local	High	Low	None	Unchanged	High	None	None	7,8
CVE-2022-26966	Oracle Linux	Unbreakable Enterprise kernel-container	No	4.6	Local	Low	None	None	Unchanged	High	None	None	7,8
CVE-2022-26966	Oracle Linux	Unbreakable Enterprise kernel	No	4.6	Local	Low	None	None	Unchanged	High	None	None	7,8
CVE-2021-31566	Oracle Linux	libarchive	No	4.4	Local	Low	None	Required	Unchanged	None	Low	Low	8
CVE-2022-24713	Oracle Linux	firefox	Yes	4.3	Network	Low	None	Required	Unchanged	None	None	Low	7,8
CVE-2022-28286	Oracle Linux	firefox	Yes	4.3	Network	Low	None	Required	Unchanged	Low	None	None	7,8
CVE-2022-24713	Oracle Linux	thunderbird	Yes	4.3	Network	Low	None	Required	Unchanged	None	None	Low	7,8
CVE-2022-28286	Oracle Linux	thunderbird	Yes	4.3	Network	Low	None	Required	Unchanged	Low	None	None	7,8
CVE-2022-1158	Oracle Linux	Unbreakable Enterprise kernel-container	No	4.0	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-1196	Oracle Linux	firefox	No	4.0	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-1158	Oracle Linux	Unbreakable Enterprise kernel	No	4.0	Local	High	None	Required	Changed	None	None	None	7,8
CVE-2022-24448	Oracle Linux	Unbreakable Enterprise kernel-container	No	3.3	Local	Low	Low	None	Unchanged	Low	None	None	7,8
CVE-2022-24448	Oracle Linux	Unbreakable Enterprise kernel	No	3.3	Local	Low	Low	None	Unchanged	Low	None	None	7,8