vulnerability

Oracle Linux: CVE-2017-13168: ELSA-2019-4316: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories)

Severity
4
CVSS
(AV:L/AC:H/Au:M/C:N/I:P/A:C)
Published
Dec 6, 2017
Added
Nov 7, 2018
Modified
Jan 23, 2025

Description

An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions: Android kernel. Android ID A-65023233.
It was found that SCSI driver in the Linux kernel can improperly access userspace memory outside the provided buffer. A local privileged attacker could potentially use this flaw to expose information from the kernel memory.

Solution

oracle-linux-upgrade-kernel-uek
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.