Oracle Linux 8 : kernel (ELSA-2025-19102)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-19102 advisory. - Bluetooth: L2CAP: Fix user-after-free CKI Backport Bot RHEL-117369 CVE-2022-50386 - Bluetooth: Fix potential use-after-free when clear keys CKI...

Oracle Linux 10 : kernel (ELSA-2025-19106)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-19106 advisory. - ALSA: hda/ca0132: Fix buffer overflow in addtuningcontrol CKI Backport Bot RHEL-114853 CVE-2025-39751 - erofs: fix blksize PAGESIZE for file-backed...

kernel security update

4.18.0-553.81.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20719)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20719 advisory. - iouring/futex: ensure iofutexwait cleans up properly on failure Jens Axboe Orabug: 38572958 CVE-2025-39698 - fs: writeback: fix use-after-free ...

Oracle Linux 10 / 8 / 9 : java-21-openjdk (ELSA-2025-18824)

The remote Oracle Linux 10 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-18824 advisory. 1:21.0.9.0.10-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.9.0.10-1 - Update to jdk-21.0.9+10 GA - Update release notes to...

Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2025-18821)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-18821 advisory. 1:17.0.17.0.10-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.17.0.10-1 - Update to jdk-17.0.17+10 GA - Add to .gitignore...

Oracle Linux 8 / 9 : java-1.8.0-openjdk (ELSA-2025-18815)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-18815 advisory. 1:1.8.0.472.b08-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.472.b08-1 - Update to 8u472-b08 GA. - Update release notes for 8u472-b0...

Oracle Linux 8 : thunderbird (ELSA-2025-18983)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-18983 advisory. 140.4.0-2.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.4.0 - Add OpenELA debranding 140.4.0-2 - Update to 140.4.0 ESR...

Oracle Linux 10 : thunderbird (ELSA-2025-18320)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-18320 advisory. 140.4.0-2.0.1 - Add Oracle prefs 140.4.0-2 - Update to 140.4.0 ESR Tenable has extracted the preceding description block directly from the Oracle Lin...

Oracle Linux 7 : microcode_ctl (ELSA-2025-10108)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-10108 advisory. 2:2.1-73.24.0.20250512 - update microcode bundle to 20250512 Orabug: 38139038 2:2.1-73.23.0.20250211 - update microcode bundle to 20250211 Orabug: 37670820 -...

Oracle Linux 8 : libssh (ELSA-2025-18286)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-18286 advisory. 0.9.6-15 - Fix CVE-2025-5318 Resolves: RHEL-111724 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Oracle Linux 9 : thunderbird (ELSA-2025-18321)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-18321 advisory. 140.4.0-2.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.4.0 - Add OpenELA debranding 140.4.0-2 - Update to 140.4.0 ESR Tenable h...

kernel security update

5.14.0-570.55.1.0.1 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

kernel security update

4.18.0-553.80.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Oracle Linux 8 : firefox (ELSA-2025-18285)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-18285 advisory. 140.4.0-3.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 140.4.0-3 - Update to 140.4.0 ESR Tenable has extracted the preceding...

Oracle Linux 9 : kernel (ELSA-2025-18281)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-18281 advisory. - scsi: lpfc: Fix buffer free/clear order in deferred receive path CKI Backport Bot RHEL-119115 CVE-2025-39841 - firmware: armscpi: Ensure scpiinfo is...

Oracle Linux 8 : kernel (ELSA-2025-18297)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-18297 advisory. - ALSA: hda/ca0132: Fix buffer overflow in addtuningcontrol CKI Backport Bot RHEL-114840 CVE-2025-39751 - crypto: seqiv - Handle EBUSY correctly CKI...

Oracle Linux 9 : webkit2gtk3 (ELSA-2025-18097)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-18097 advisory. 2.50.1-1 - Update to 2.50.1 2.50.0-1 - Update to 2.50.0 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : libssh (ELSA-2025-18275)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-18275 advisory. 0.10.4-15 - Rebuild due to broken build auto-tagging 0.10.4-14 - Fix CVE-2025-5318 Resolves: RHEL-111730 Tenable has extracted the preceding description block...

Oracle Linux 9 : firefox (ELSA-2025-18155)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-18155 advisory. 140.4.0-3.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Re...