Oracle Linux 7 : squid (ELSA-2025-14414)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-14414 advisory. - Fixes CVE-2025-54574, add URN access disabling config options Orabug: 38350105 Tenable has extracted the preceding description block directly from t...

Oracle Linux 8 : mysql:8.0 (ELSA-2025-16861)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-16861 advisory. mecab mecab-ipadic mysql 8.0.43-1 - Rebase to MySQL 8.0.43 8.0.42-1 - Rebase to MySQL 8.0.42 Tenable has extracted the preceding description block...

kernel security update

4.18.0-553.77.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2025-20645)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20645 advisory. 5.4.17-2136.347.6.3 - uek-rpm: Move ifb module to nano modules Harshit Mogalapalli Orabug: 38462132 Tenable has extracted the preceding descriptio...

Oracle Linux 8 : openssh (ELSA-2025-16823)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-16823 advisory. 8.0p1-26.0.1 - Update upstream references Orabug: 36587718 8.0p1-26 - Fix missing invalid error code checks in OpenSSH. It prevents a MITM attack when...

Oracle Linux 7 : kernel (ELSA-2025-15648)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-15648 advisory. - scsi: lpfc: Use memcpy for BIOS version CVE-2025-38332 Orabug: 38414589 Tenable has extracted the preceding description block directly from the Orac...

Oracle Linux 7 : aide (ELSA-2025-15728)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-15728 advisory. 0.15.1-13.0.3 - aide security update CVE-2025-54389 Orabug: 38427919 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 10 : kernel (ELSA-2025-16354)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-16354 advisory. 6.12.0-55.34.1.0.1 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Add new Oracle Linux Driver Signing key 1 certificate Orabug:...

Oracle Linux 8 : thunderbird (ELSA-2025-16589)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-16589 advisory. 140.3.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.3.0 - Add OpenELA debranding 140.3.0-1 - Update to 140.3.0 ESR...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2025-20632)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20632 advisory. - cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns Al Viro Orabug: 38453918 CVE-2025-38499 Tenable has extracted the...

PT-2025-39347

🚨 New OracleLinux 8 Kernel Advisory: ELS-2025-16372 Patches CVE-2025-16372, a race condition flaw posing a DoS risk. Read more: 👉 https://t.co/kv9wdXoGbb Security https://t.co/CIpL06smgF...

Oracle Linux 10 : avahi (ELSA-2025-16441)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-16441 advisory. 0.9rc2-1.1 - Fix for CVE-2024-52615 RHEL-67715 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note th...

Oracle Linux 8 : firefox (ELSA-2025-16260)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-16260 advisory. 140.3.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 140.3.0 - Add debranding patches Mustafa Gezen - Add OpenELA default...

Oracle Linux 8 : kernel (ELSA-2025-16372)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-16372 advisory. - HID: core: Harden s32ton against conversion to 0 bits CKI Backport Bot RHEL-111027 CVE-2025-38556 - HID: stop exporting hidsnto32 CKI Backport Bot...

Oracle Linux 9 : kernel (ELSA-2025-16398)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-16398 advisory. - net: usb: smsc75xx: Move packet length check to prevent kernel panic in skbpull CKI Backport Bot RHEL-112246 CVE-2023-53125 - net: usb: smsc75xx:...

Oracle Linux 7 : firefox (ELSA-2025-15430)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-15430 advisory. 128.14.0-2.0.1 - Update to 128.14.0 Orabug: 38400668CVE-2025-9179CVE-2025-9180 CVE-2025-9181CVE-2025-9182CVE-2025-9185 Tenable has extracted the...

Oracle Linux 7 : ImageMagick (ELSA-2025-15666)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-15666 advisory. 6.9.10.68-7.0.1 - Fix for CVE-2025-55154 Orabug: 38417011 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...

Oracle Linux 10 : libtpms (ELSA-2025-16428)

The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-16428 advisory. 0.9.6-11 - Fix CVE-2025-49133 Resolves: RHEL-96247 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Not...

kernel security update

5.14.0-570.46.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

Oracle Linux 9 : mysql (ELSA-2025-16086)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-16086 advisory. 8.0.43-1 - Rebase to MySQL 8.0.43 8.0.42-1 - Rebase to MySQL 8.0.42 Tenable has extracted the preceding description block directly from the Oracle Lin...