vulnerability

Oracle Linux: CVE-2018-16862: ELSA-2019-4575: Unbreakable Enterprise kernel security update (IMPORTANT)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
2	(AV:L/AC:L/Au:N/C:P/I:N/A:N)	Nov 24, 2018	Mar 12, 2019	Dec 3, 2025

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:N/A:N)

Published

Nov 24, 2018

Added

Mar 12, 2019

Modified

Dec 3, 2025

Description

A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.

Solution

oracle-linux-upgrade-kernel-uek

References

CVE-2018-16862
https://attackerkb.com/topics/CVE-2018-16862
ELSA-ELSA-2019-4575
CWE-200

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report