Oracle Linux 10 : libsoup3 (ELSA-2025-8128)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-8128 advisory. - Fix CVE-2025-4035, CVE-2025-4948, CVE-2025-32049, CVE-2025-32907 Tenable has extracted the preceding description block directly from the Oracle Linu...

Oracle Linux 10 : ipa (ELSA-2025-9190)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9190 advisory. - Resolves: RHEL-89908 EMBARGOED CVE-2025-4404 ipa: Privilege escalation from host to domain admin in FreeIPA Tenable has extracted the preceding description...

Oracle Linux 10 : apache-commons-beanutils (ELSA-2025-9166)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9166 advisory. 1.9.4-21 - Fix improper access control vulnerability - Resolves: CVE-2025-48734 Tenable has extracted the preceding description block directly from the Oracle...

Oracle Linux 10 : Unbreakable Enterprise kernel (ELSA-2025-20371)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20371 advisory. 6.12.0-100.28.2.el10uek - sched/eevdf: Fix se-slice being set to U64MAX and resulting crash Omar Sandoval - certs: Add new Oracle Linux Driver Signing key 1...

Oracle Linux 9 : osbuild-composer (ELSA-2025-9634)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9634 advisory. 132.2-2.0.1 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Add support to create OpenScap images JIRA: OLDIS-35301 - Simplify repository names JIRA...

Oracle Linux 10 : git-lfs (ELSA-2025-9063)

The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9063 advisory. 3.6.1-2 - Rebuild with new Golang Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...

Oracle Linux 8 : perl-File-Find-Rule (ELSA-2025-9605)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9605 advisory. - Use 3 arg open in grep CVE-2011-10007 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

Oracle Linux 8 : kernel (ELSA-2025-9580)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-9580 advisory. - ndisc: use RCU protection in ndiscallocskb Xin Long RHEL-89535 CVE-2025-21764 - ipv6: use RCU protection in ip6defaultadvmss Xin Long RHEL-89535...

Oracle Linux 9 : weldr-client (ELSA-2025-9635)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9635 advisory. 35.12-4 - Bump release for y-stream AND z-stream building using centpkg build --rhel-target=zstream Related: RHEL-89344 35.12-3 - tests: OSTree does not support...

Oracle Linux 8 : perl-YAML-LibYAML (ELSA-2025-9329)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9329 advisory. 1:0.70-2 - Use 3-arg form of open in LoadFile CVE-2025-40908 Tenable has extracted the preceding description block directly from the Oracle Linux security...

kernel security update

4.18.0-553.58.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Oracle Linux 9 : tigervnc (ELSA-2025-9306)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-9306 advisory. - Additional fix to CVE-2025-49176: xorg-x11-server: Integer Overflow in Big Requests Extension Resolves: RHEL-97305 - Fix CVE-2025-49175:...

Oracle Linux 9 : perl-File-Find-Rule (ELSA-2025-9517)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9517 advisory. - Use 3 arg open in grep CVE-2011-10007 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

osbuild-composer security update

132.2-2.0.1 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Add support to create OpenScap images JIRA: OLDIS-35301 - Simplify repository names JIRA: OLDIS-35893 - Refactor patches to fix some naming and set a correct kernel for Oracle Linux Orabug: 37253643 - Support using OCI...

Oracle Linux 9 : kernel (ELSA-2025-9302)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-9302 advisory. - ext4: ignore xattrs past end CKI Backport Bot RHEL-94248 CVE-2025-37738 - ibmvnic: Use kernel helpers for hex dumps CKI Backport Bot RHEL-89019...

Oracle Linux 9 : perl-YAML-LibYAML (ELSA-2025-9330)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9330 advisory. 1:0.82-6.1 - Use 3-arg form of open in LoadFile CVE-2025-40908 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : mod_auth_openidc (ELSA-2025-9396)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9396 advisory. 2.4.10-1.el96.2 Resolves: RHEL-95948 - modauthopenidc: DoS via Empty POST in modauthopenidc with OIDCPreservePost Enabled CVE-2025-3891 Tenable has extracted th...

Oracle Linux 9 : libarchive (ELSA-2025-9431)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9431 advisory. 3.5.3-5 - Resolves: CVE-2025-25724 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...

Oracle Linux 9 : qt5-qtbase (ELSA-2025-9462)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9462 advisory. 5.15.9-11 - qt5: QtCore Assertion Failure Denial of Service Resolves: RHEL-96233 Tenable has extracted the preceding description block directly from the Oracle...

Oracle Linux 7 : perl-FCGI (ELSA-2025-8625)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-8625 advisory. 1:0.74-8.0.1 - Fix CVE-2025-40907 integer overflow when parsing FastCGI parameters Orabug: 38047531 Tenable has extracted the preceding description block direct...