pepelyaevip/vuln-list-update
1
0
Fork 0
Code Pull Requests Actions Packages Releases Activity
a62fe1fcc1
vuln-list-update/oracle/oval/testdata/golden/ELSA-2017-3516.json
rahul2393 a62fe1fcc1
Refactored based on operating system (#81)
2021-04-23 11:21:27 +03:00

250 lines
7.8 KiB
JSON
Raw Blame History

{
"Title": "ELSA-2017-3516: Unbreakable Enterprise kernel security update (IMPORTANT)",
"Description": "[2.6.39-400.294.2]\n- vfs: read file_handle only once in handle_to_path (Sasha Levin) [Orabug: 25388709] {CVE-2015-1420}\n- crypto: algif_hash - Only export and import on sockets with data (Herbert Xu) [Orabug: 25417807]\n- USB: usbfs: fix potential infoleak in devio (Kangjie Lu) [Orabug: 25462763] {CVE-2016-4482}\n- net: fix infoleak in llc (Kangjie Lu) [Orabug: 25462811] {CVE-2016-4485}\n- af_unix: Guard against other == sk in unix_dgram_sendmsg (Rainer Weikusat) [Orabug: 25464000] {CVE-2013-7446}\n- unix: avoid use-after-free in ep_remove_wait_queue (Rainer Weikusat) [Orabug: 25464000] {CVE-2013-7446}",
"Platform": [
"Oracle Linux 5",
"Oracle Linux 6"
],
"References": [
{
"Source": "elsa",
"URI": "http://linux.oracle.com/errata/ELSA-2017-3516.html",
"ID": "ELSA-2017-3516"
},
{
"Source": "CVE",
"URI": "http://linux.oracle.com/cve/CVE-2016-4485.html",
"ID": "CVE-2016-4485"
},
{
"Source": "CVE",
"URI": "http://linux.oracle.com/cve/CVE-2016-8646.html",
"ID": "CVE-2016-8646"
},
{
"Source": "CVE",
"URI": "http://linux.oracle.com/cve/CVE-2016-4482.html",
"ID": "CVE-2016-4482"
},
{
"Source": "CVE",
"URI": "http://linux.oracle.com/cve/CVE-2013-7446.html",
"ID": "CVE-2013-7446"
},
{
"Source": "CVE",
"URI": "http://linux.oracle.com/cve/CVE-2015-1420.html",
"ID": "CVE-2015-1420"
}
],
"Criteria": {
"Operator": "OR",
"Criterias": [
{
"Operator": "AND",
"Criterias": [
{
"Operator": "OR",
"Criterias": [
{
"Operator": "AND",
"Criterias": null,
"Criterions": [
{
"Comment": "kernel-uek-firmware is earlier than 0:2.6.39-400.294.2.el5uek"
},
{
"Comment": "kernel-uek-firmware is signed with the Oracle Linux 5 key"
}
]
},
{
"Operator": "AND",
"Criterias": null,
"Criterions": [
{
"Comment": "kernel-uek-debug is earlier than 0:2.6.39-400.294.2.el5uek"
},
{
"Comment": "kernel-uek-debug is signed with the Oracle Linux 5 key"
}
]
},
{
"Operator": "AND",
"Criterias": null,
"Criterions": [
{
"Comment": "kernel-uek-doc is earlier than 0:2.6.39-400.294.2.el5uek"
},
{
"Comment": "kernel-uek-doc is signed with the Oracle Linux 5 key"
}
]
},
{
"Operator": "AND",
"Criterias": null,
"Criterions": [
{
"Comment": "kernel-uek-debug-devel is earlier than 0:2.6.39-400.294.2.el5uek"
},
{
"Comment": "kernel-uek-debug-devel is signed with the Oracle Linux 5 key"
}
]
},
{
"Operator": "AND",
"Criterias": null,
"Criterions": [
{
"Comment": "kernel-uek-devel is earlier than 0:2.6.39-400.294.2.el5uek"
},
{
"Comment": "kernel-uek-devel is signed with the Oracle Linux 5 key"
}
]
},
{
"Operator": "AND",
"Criterias": null,
"Criterions": [
{
"Comment": "kernel-uek is earlier than 0:2.6.39-400.294.2.el5uek"
},
{
"Comment": "kernel-uek is signed with the Oracle Linux 5 key"
}
]
}
],
"Criterions": null
}
],
"Criterions": [
{
"Comment": "Oracle Linux 5 is installed"
}
]
},
{
"Operator": "AND",
"Criterias": [
{
"Operator": "OR",
"Criterias": [
{
"Operator": "AND",
"Criterias": null,
"Criterions": [
{
"Comment": "kernel-uek-debug-devel is earlier than 0:2.6.39-400.294.2.el6uek"
},
{
"Comment": "kernel-uek-debug-devel is signed with the Oracle Linux 6 key"
}
]
},
{
"Operator": "AND",
"Criterias": null,
"Criterions": [
{
"Comment": "kernel-uek is earlier than 0:2.6.39-400.294.2.el6uek"
},
{
"Comment": "kernel-uek is signed with the Oracle Linux 6 key"
}
]
},
{
"Operator": "AND",
"Criterias": null,
"Criterions": [
{
"Comment": "kernel-uek-firmware is earlier than 0:2.6.39-400.294.2.el6uek"
},
{
"Comment": "kernel-uek-firmware is signed with the Oracle Linux 6 key"
}
]
},
{
"Operator": "AND",
"Criterias": null,
"Criterions": [
{
"Comment": "kernel-uek-devel is earlier than 0:2.6.39-400.294.2.el6uek"
},
{
"Comment": "kernel-uek-devel is signed with the Oracle Linux 6 key"
}
]
},
{
"Operator": "AND",
"Criterias": null,
"Criterions": [
{
"Comment": "kernel-uek-doc is earlier than 0:2.6.39-400.294.2.el6uek"
},
{
"Comment": "kernel-uek-doc is signed with the Oracle Linux 6 key"
}
]
},
{
"Operator": "AND",
"Criterias": null,
"Criterions": [
{
"Comment": "kernel-uek-debug is earlier than 0:2.6.39-400.294.2.el6uek"
},
{
"Comment": "kernel-uek-debug is signed with the Oracle Linux 6 key"
}
]
}
],
"Criterions": null
}
],
"Criterions": [
{
"Comment": "Oracle Linux 6 is installed"
}
]
}
],
"Criterions": null
},
"Severity": "IMPORTANT",
"Cves": [
{
"Impact": "",
"Href": "http://linux.oracle.com/cve/CVE-2016-4485.html",
"ID": "CVE-2016-4485"
},
{
"Impact": "",
"Href": "http://linux.oracle.com/cve/CVE-2016-8646.html",
"ID": "CVE-2016-8646"
},
{
"Impact": "",
"Href": "http://linux.oracle.com/cve/CVE-2016-4482.html",
"ID": "CVE-2016-4482"
},
{
"Impact": "",
"Href": "http://linux.oracle.com/cve/CVE-2013-7446.html",
"ID": "CVE-2013-7446"
},
{
"Impact": "",
"Href": "http://linux.oracle.com/cve/CVE-2015-1420.html",
"ID": "CVE-2015-1420"
}
]
}
View Git Blame Copy Permalink