Discussions
Categories
- 17.9K All Categories
- 3.4K Industry Applications
- 3.3K Intelligent Advisor
- 62 Insurance
- 536.1K On-Premises Infrastructure
- 138.2K Analytics Software
- 38.6K Application Development Software
- 5.7K Cloud Platform
- 109.4K Database Software
- 17.5K Enterprise Manager
- 8.8K Hardware
- 71.1K Infrastructure Software
- 105.2K Integration
- 41.6K Security Software
Does the CVE-2017-18202 affect the OEL 7.6.1810 with UEK3 kernels?
We have got a vulnerability "kernel: Infoleak/use-after-free in __oom_reap_task_mm function in mm/oom_kill.c (CVE-2017-18202)" being reported on servers using the Oracle Enterprise Linux 7 using UEK 3 latest kernel 3.8.13-118.36.1.el7uek.x86_64 available on the OEL 7 repositories. Kindly confirm if this is affected by that vulnerability or not. I could not find any advisories released by Oracle about this CVE ID that has mentioned about any fixes for this vulnerability on OEL 7 UEK3 kernels. Please let me know if anyone has any information about the solution to fix this vulnerability.
Answers
-
You can search https://linux.oracle.com/pls/apex/f?p=130:21:::NO:RP::
If you don't find info, chances are it doesn't apply. However, if you need to know for sure, contact oracle support. I remember from past experience that Oracle does not discuss vulnerabilities in the public forum.
