Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20608)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20608 advisory. - x86/sev: Evict cache lines during SNP memory validation Tom Lendacky Orabug: 38453836 CVE-2025-38560 - xfrm: interface: fix use-after-free afte...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20609)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20609 advisory. - HID: core: do not bypass hidhwrawrequest Benjamin Tissoires Orabug: 38454666 CVE-2025-38494 - vsock: Do not allow binding to VMADDRPORTANY Budim...

Oracle Linux 9 : gnutls (ELSA-2025-16116)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-16116 advisory. 3.8.3-6.2 - keyupdate: rework the rekeying logic RHEL-107498 3.8.3-6.1 - Fix CVE-2025-32988, CVE-2025-32989, CVE-2025-32990, and CVE-2025-6395 Tenable...

Oracle Linux 10 : gnutls (ELSA-2025-16115)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-16115 advisory. 3.8.9-9.14 - keyupdate: rework the rekeying logic RHEL-107498 - Fix CVE-2025-6395, CVE-2025-32988, CVE-2025-32989, CVE-2025-32990 Tenable has extract...

kernel security update

4.18.0-553.76.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Oracle Linux 9 : gnutls (ELSA-2025-20606)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20606 advisory. 3.8.3-6.2fips - Add FIPS package change: add fips suffix to Release and set Epoch to 10 Orabug: 35925409 - Update FIPS module name for Oracle Linux...

USN-7758-4: Linux kernel (Oracle) vulnerability

It was discovered that the AFUNIX socket garbage collection implementation in Ubuntu Noble's 6.8 kernel did not properly handle out-of-band OOB messages, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary...

Oracle Linux 9 : thunderbird (ELSA-2025-16156)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-16156 advisory. 140.3.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.3.0 - Add OpenELA debranding 140.3.0-1 - Update to 140.3.0 ESR Tenable h...

Oracle Linux 10 : thunderbird (ELSA-2025-16157)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-16157 advisory. 140.3.0-1.0.1 - Add Oracle prefs 140.3.0 - Add OpenELA debranding 140.3.0-1 - Update to 140.3.0 ESR Tenable has extracted the preceding description...

Oracle Linux 9 : firefox (ELSA-2025-16108)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-16108 advisory. 140.3.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Re...

Oracle Linux 10 : grub2 (ELSA-2025-16154)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-16154 advisory. - Fix CVE-2022-3775 Orabug: 34871953 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note tha...

Oracle Linux 9 : mysql:8.4 (ELSA-2025-16046)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-16046 advisory. mecab mecab-ipadic mysql 8.4.6-1 - Rebase to 8.4.6 8.4.5-1 - Rebase to 8.4.5 rapidjson 1.1.0-19 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags...

Oracle Linux 10 : firefox (ELSA-2025-16109)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-16109 advisory. 140.3.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding R...

Oracle Linux 8 : container-tools:rhel8 (ELSA-2025-15904)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-15904 advisory. - fixes 'CVE-2025-9566 container-tools:rhel8/podman: Podman kube play command may overwrite host files rhel-8.10.z' Tenable has extracted the preceding...

Oracle Linux 9 : glibc (ELSA-2025-20595)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20595 advisory. 2.34-168.0.1.23 - Forward-port Oracle patches for ol9-u6 Reviewed-by: Jose E. Marchesi Oracle history: June-30-2025 Cupertino Miranda - 2.34-168.0.1.20 -...

Oracle Linux 8 : glibc (ELSA-2025-20594)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20594 advisory. - CVE-2025-8058: Double free in regcomp RHEL-105326 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Not...

Oracle Linux 9 : python-cryptography (ELSA-2025-15874)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-15874 advisory. 36.0.1-5 - Fix CVE-2023-49083: NULL-dereference when loading PKCS7 certificates, resolves RHEL-97450 Tenable has extracted the preceding description block...

Oracle Linux 7 : glibc (ELSA-2025-20596)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20596 advisory. - Back port fix for CVE-2025-4802 Orabug: 38144086 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Oracle Linux 8 : kernel (ELSA-2025-15785)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-15785 advisory. - net/sched: ets: use old 'nbands' while purging unused classes Ivan Vecera RHEL-107541 CVE-2025-38350 - netsched: schets: implement lockless etsdump...

Oracle Linux 9 : podman (ELSA-2025-15900)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-15900 advisory. - fixes 'CVE-2025-9566 podman: Podman kube play command may overwrite host files rhel-9.6.z' Tenable has extracted the preceding description block directly fro...