Oracle Linux 9 : icu (ELSA-2025-12083)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-12083 advisory. 67.1-10 - ICU-22973 Fix buffer overflow by using CharString Resolves: RHEL-96664 Tenable has extracted the preceding description block directly from the Oracle...

Oracle Linux 10 : thunderbird (ELSA-2025-12188)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-12188 advisory. 128.13.0-3.0.1 - Add Oracle prefs 128.13.0-3 - Update to 128.13.0 build3 128.13.0-2 - Update to 128.13.0 build2 128.13.0-1 - Update to 128.13.0 build...

kernel security update

5.14.0-570.30.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

Oracle Linux 8 / 9 : java-1.8.0-openjdk (ELSA-2025-10862)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-10862 advisory. 1:1.8.0.462.b08-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.462.b08-1 - Update to 8u462-b08 GA - Update release notes for 8u462-b08...

Oracle Linux 8 : sqlite (ELSA-2025-12010)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-12010 advisory. 3.26.0-20 - Fixes CVE-2025-6965 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has no...

Oracle Linux 8 : kernel (ELSA-2025-11850)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-11850 advisory. - sched/fair: Fix potential memory corruption in childcfsrqonlist CKI Backport Bot RHEL-100387 CVE-2025-21919 - ftrace: Fix NULL pointer dereference i...

Oracle Linux 9 : sqlite (ELSA-2025-11992)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-11992 advisory. 3.34.1-8 - Fixes CVE-2025-6965 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

kernel security update

4.18.0-553.64.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Oracle Linux 8 : perl (ELSA-2025-11805)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-11805 advisory. - Fix CVE-2025-40909 - Clone dirhandles without fchdir Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

Oracle Linux 9 : perl (ELSA-2025-11804)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-11804 advisory. 4:5.32.1-481.1 - Fixes: CVE-2025-40909 - Clone dirhandles without fchdir Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 8 : nodejs:22 (ELSA-2025-11803)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-11803 advisory. - Patch fix for sqlite CVE-2025-6965 Resolves: RHEL-103835 - Update to 22.16.0 Fixes: CVE-2025-23166 - Patch fix for sqlite CVE-2025-31498 Resolves: RHEL-87300...

Oracle Linux 10 : icu (ELSA-2025-11888)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-11888 advisory. - Resolves: rhbz1646703 CVE-2018-18928 - Resolves: rhbz1524820 CVE-2017-17484 - Resolves: rhbz1510932 CVE-2017-14952 - Resolves: rhbz1444101 CVE-2017-7867...

Oracle Linux 8 : unbound (ELSA-2025-11884)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-11884 advisory. - Fix RebirthDay Attack CVE-2025-5994 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

Oracle Linux 9 : unbound (ELSA-2025-11849)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-11849 advisory. - Fix RebirthDay Attack CVE-2025-5994 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

Oracle Linux 8 : firefox (ELSA-2025-11747)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-11747 advisory. 128.13.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 128.13.0 - Add debranding patches Mustafa Gezen - Add OpenELA defaul...

Oracle Linux 7 : tigervnc (ELSA-2025-10375)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-10375 advisory. 1.8.0-33.0.7 - Fix CVE-2025-49175, CVE-2025-49176, CVE-2025-49178, CVE-2025-49179, CVE-2025-49180 Orabug: 38157695 Tenable has extracted the preceding...

Oracle Linux 7 : xorg-x11-server (ELSA-2025-10360)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-10360 advisory. - Fix CVE-2025-49175, CVE-2025-49176, CVE-2025-49178, CVE-2025-49179, CVE-2025-49180 Orabug: 38157695 - Fixed CVE-2025-26594 CVE-2025-26595...

Oracle Linux 9 : firefox (ELSA-2025-11748)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-11748 advisory. 128.13.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding R...

Oracle Linux 7 : apache-commons-vfs (ELSA-2025-10548)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-10548 advisory. 2.0-11.0.1 - Simplify UriParser Orabug: 38161936CVE-2025-27553 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 10 : sudo (ELSA-2025-11537)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-11537 advisory. - CVE-2025-32462 sudo: LPE via host option Resolves: RHEL-100009 Tenable has extracted the preceding description block directly from the Oracle Linux...