Oracle Linux 7 : glibc (ELSA-2025-10219)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-10219 advisory. 2.17-326.0.11.3 - Back port fix for CVE-2025-4802 Orabug: 38144086 Tenable has extracted the preceding description block directly from the Oracle Linux securit...

Oracle Linux 10 : tomcat (ELSA-2025-14179)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-14179 advisory. - tomcat: Apache Tomcat DoS in multipart upload CVE-2025-48988 - tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources...

Oracle Linux 10 : kernel (ELSA-2025-14009)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-14009 advisory. - tls: always refresh the queue when reading sock - CVE-2025-38471 - net: fix udp gso skbsegment after pull from fraglist - CVE-2025-38124 - Bluetoot...

Oracle Linux 9 : tomcat (ELSA-2025-14181)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-14181 advisory. - Resolves: RHEL-102200 tomcat: http/2 'MadeYouReset' DoS attack through HTTP/2 control frames CVE-2025-48989 - Resolves: RHEL-108491 tomcat: Apache...

Oracle Linux 10 : tomcat9 (ELSA-2025-14178)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-14178 advisory. - Resolves: tomcat: http/2 'MadeYouReset' DoS attack through HTTP/2 control frames CVE-2025-48989 - Resolves: tomcat: Apache Commons FileUpload DOS v...

Oracle Linux 8 : libarchive (ELSA-2025-14135)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-14135 advisory. - Resolves: CVE-2025-5914 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not test...

Oracle Linux 8 : tomcat (ELSA-2025-14177)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-14177 advisory. - Resolves: RHEL-102193 tomcat: http/2 'MadeYouReset' DoS attack through HTTP/2 control frames CVE-2025-48989 - Resolves: RHEL-108486 tomcat: Apache...

Oracle Linux 9 : libarchive (ELSA-2025-14130)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-14130 advisory. 3.5.3-6 - Resolves: CVE-2025-5914 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...

Oracle Linux 10 : libarchive (ELSA-2025-14137)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-14137 advisory. 3.7.7-4 - Resolves: CVE-2025-5914 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...

Oracle Linux 8 : mingw-sqlite (ELSA-2025-14101)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-14101 advisory. - Fix CVE-2019-5827 CVE-2019-13750 CVE-2019-13751 - Fix CVE-2019-19603 CVE-2020-13435 CVE-2020-35527 - Fix CVE-2020-35525 CVE-2022-35737 CVE-2020-24736 - Fix...

Oracle Linux 8 : go-toolset:rhel8 (ELSA-2025-13940)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-13940 advisory. delve 1.24.1-1.0.1 - Disable DWARF compression which has issues Alex Burmashev golang 1.24.6-1 - Update to Go 1.24.6 fips-1 - Resolves: RHEL-106455 go-toolset...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20530)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20530 advisory. - sunrpc: handle SVCGARBAGE during svc auth processing as auth error Jeff Layton Orabug: 38137447 CVE-2025-38089 - Add Zen34 clients Borislav...

Oracle Linux 9 : python-zipp (ELSA-2025-38828)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-38828 advisory. 3.20.1-2 - Make package buildable for epel=9 3.20.1-1 - Update to 3.20.1 rhbz2307990 3.20.0-1 - Update to 3.20.0 rhbz2304028 3.19.2-3 - Rebuilt for...

Oracle Linux 9 : xterm (ELSA-2025-14075)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-14075 advisory. - Fix CVE-2022-24130 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested fo...

kernel security update

5.14.0-570.35.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

Oracle Linux 10 : openjpeg2 (ELSA-2025-13944)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-13944 advisory. 2.5.2-4.1 - fix OpenJPEG OOB heap memory write CVE-2025-54874 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 8 : kernel (ELSA-2025-13960)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-13960 advisory. - i2c/designware: Fix an initialization issue CKI Backport Bot RHEL-106617 CVE-2025-38380 - Bluetooth: hcicore: Fix use-after-free in vhciflush David...

Oracle Linux 9 : python-zipp (ELSA-2025-20533)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-20533 advisory. 3.20.1-2 - Make package buildable for epel=9 3.20.1-1 - Update to 3.20.1 rhbz2307990 3.20.0-1 - Update to 3.20.0 rhbz2304028 3.19.2-3 - Rebuilt for...

Oracle Linux 10 : golang (ELSA-2025-13941)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-13941 advisory. 1.24.6-1 - Update to Go 1.24.6 fips-1 - Resolves: RHEL-106464 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : golang (ELSA-2025-13935)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-13935 advisory. 1.24.6-1 - Update to Go 1.24.6 fips-1 - Resolves: RHEL-106464 Tenable has extracted the preceding description block directly from the Oracle Linux security...