Oracle Linux 9 : pam (ELSA-2025-9526)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9526 advisory. 1.5.1-25.0.1 - pamlimits: fix use after free in pamsmopensession Orabug: 36406534 1.5.1-25 - pamnamespace: fix potential privilege escalation. Resolves:...

Oracle Linux 9 : kernel (ELSA-2025-9302)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-9302 advisory. - ext4: ignore xattrs past end CKI Backport Bot RHEL-94248 CVE-2025-37738 - ibmvnic: Use kernel helpers for hex dumps CKI Backport Bot RHEL-89019...

Oracle Linux 9 : perl-YAML-LibYAML (ELSA-2025-9330)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9330 advisory. 1:0.82-6.1 - Use 3-arg form of open in LoadFile CVE-2025-40908 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : xorg-x11-server / and / xorg-x11-server-Xwayland (ELSA-2025-9303)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-9303 advisory. - CVE fix for: CVE-2025-49175 RHEL-97289, CVE-2025-49176 RHEL-97311, CVE-2025-49178 RHEL-97388, CVE-2025-49179 RHEL-97410, CVE-2025-49180 RHEL-97255...

Oracle Linux 9 : krb5 (ELSA-2025-9430)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9430 advisory. - Don't issue RC4 session keys by default CVE-2025-3576 Resolves: RHEL-88048 Tenable has extracted the preceding description block directly from the Oracle Linu...

Oracle Linux 7 : firefox (ELSA-2025-9074)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-9074 advisory. 128.11.0-1.0.1 - Update to 128.11.0 Orabug: 38077559CVE-2025-5263CVE-2025-5264 CVE-2025-5266CVE-2025-5267CVE-2025-5268CVE-2025-5269 Tenable has extract...

Oracle Linux 9 : mod_proxy_cluster (ELSA-2025-9434)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9434 advisory. 1.3.22-1.el96.1 - Resolves: RHEL-81070 Rebase modproxycluster to upstream 1.3.22.Final release 1.3.20-1 - Rebase modcluster to upstream 1.3.20.Final tag -...

Oracle Linux 8 : tigervnc (ELSA-2025-9392)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-9392 advisory. - Additional fix to CVE-2025-49176: xorg-x11-server: Integer Overflow in Big Requests Extension Resolves: RHEL-97294 - Fix CVE-2025-49175:...

Oracle Linux 9 : libblockdev (ELSA-2025-9327)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9327 advisory. 2.28-14.0.1 - enable btrfs support Orabug: 30792917 2.28-14 - Don't allow suid and dev set on fs resize CVE-2025-6019 Resolves: RHEL-96038 Tenable has extracted...

kernel security update

5.14.0-570.23.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

Oracle Linux 7 : postgresql (ELSA-2025-3978)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3978 advisory. - Resolves CVE-2025-1094: Improper neutralization of quoting syntax in certain Tenable has extracted the preceding description block directly from the Oracle...

Oracle Linux 9 : apache-commons-beanutils (ELSA-2025-9114)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9114 advisory. Fri Jun 13 2025 Mikolaj Izdebski - Fix improper access control vulnerability - Resolves: CVE-2025-48734 Tenable has extracted the preceding description block...

Oracle Linux 8 : container-tools:ol8 (ELSA-2025-9142)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9142 advisory. - fixes 'CVE-2025-22871 container-tools:rhel8/buildah: Request smuggling due to acceptance of invalid chunked data in net/http rhel-8.10.z' - rebuild for...

Oracle Linux 8 : idm:DL1 (ELSA-2025-9188)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9188 advisory. bind-dyndb-ldap 11.6-6 - Fix rpminspect warnings Resolves: RHEL-22497 custodia ipa 4.9.13-18.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug:...

Oracle Linux 8 : gimp:2.8 (ELSA-2025-9165)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-9165 advisory. - fix CVE-2025-5473 RHEL-95696 - fix CVE-2025-48797 RHEL-93503 - fix CVE-2025-48798 RHEL-93506 pygobject2 Tenable has extracted the preceding descripti...

idm:DL1 security update

bind-dyndb-ldap 11.6-6 - Fix rpminspect warnings Resolves: RHEL-22497 custodia ipa 4.9.13-18.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.9.13-18 - Set krbCanonicalName admin@REALM on the admin user Resolves: RHEL-89895 4.9.13-17 - kdb: keeep ipadbgetconnection from...

Oracle Linux 7 : kernel (ELSA-2025-7898)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7898 advisory. - netfilter: ipset: add missing range check in bitmapipuadt Jeongjun Park CVE-2024-53141 Orabug: 37964173 Tenable has extracted the preceding description block...

Oracle Linux 9 : ipa (ELSA-2025-9184)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9184 advisory. - Resolves: RHEL-89908 EMBARGOED CVE-2025-4404 ipa: Privilege escalation from host to domain admin in FreeIPA Tenable has extracted the preceding description...

ipa security update

4.12.2-14.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 - Add bind to ipa-server-common Requires Orabug: 36518596 4.12.2-14.1 - Resolves: RHEL-89908 EMBARGOED CVE-2025-4404 ipa: Privilege escalation from host to domain admin in FreeIPA - Resolves: RHEL-89144 kdb:...

Oracle Linux 9 : kernel (ELSA-2025-9080)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-9080 advisory. - Bluetooth: L2CAP: Fix corrupted list in hcichandel David Marlin RHEL-87890 CVE-2025-21969 - Bluetooth: L2CAP: Fix slab-use-after-free Read in...