Oracle Linux 9 : podman (ELSA-2025-9144)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9144 advisory. - rebuild to fix CVE-2025-22871 podman: Request smuggling due to acceptance of invalid chunked data in net/http Tenable has extracted the preceding description...

kernel security update

5.14.0-570.22.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

kernel security update

3.10.0-1160.119.1.0.9.el7.OL7 - netfilter: ipset: add missing range check in bitmapipuadt Jeongjun Park CVE-2024-53141 Orabug: 37964173 - Update OL SB certificates - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985797...

Oracle Linux 8 : libvpx (ELSA-2025-9119)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9119 advisory. 1.7.0-12 - Add patch for double free Resolves: RHEL-93914 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

Oracle Linux 9 : skopeo (ELSA-2025-9145)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9145 advisory. - rebuild to fix CVE-2025-22871 skopeo: Request smuggling due to acceptance of invalid chunked data in net/http Tenable has extracted the preceding description...

Oracle Linux 9 : containernetworking-plugins (ELSA-2025-9143)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9143 advisory. - rebuild to fix CVE-2025-22871 containernetworking-plugins: Request smuggling due to acceptance of invalid chunked data in net/http Tenable has extracted the...

Oracle Linux 9 : buildah (ELSA-2025-9147)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9147 advisory. - rebuild to fix CVE-2025-22871 buildah: Request smuggling due to acceptance of invalid chunked data in net/http Tenable has extracted the preceding description...

Oracle Linux 9 : gvisor-tap-vsock (ELSA-2025-9150)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9150 advisory. - rebuild for CVE-2025-22871 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Oracle Linux 8 : glibc (ELSA-2025-20375)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20375 advisory. - CVE-2025-4802: static setuid dlopen may search LDLIBRARYPATH RHEL-92685 - CVE-2025-0395: Fix a buffer overflow in assert RHEL-83306 - CVE-2024-33599: nscd:...

Oracle Linux 9 : libvpx (ELSA-2025-9118)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9118 advisory. 1.9.0-9 - Add patch for double free Resolves: RHEL-93908 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

Oracle Linux 9 : gimp (ELSA-2025-9162)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-9162 advisory. - fix CVE-2025-5473 RHEL-95700 - fix CVE-2025-48797 RHEL-93521 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 8 : git-lfs (ELSA-2025-9060)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9060 advisory. 3.4.1-5 - Rebuild with new Golang - Resolves: RHEL-89264 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

Oracle Linux 9 : git-lfs (ELSA-2025-9106)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9106 advisory. 3.6.1-2 - Rebuild with new Golang - Resolves: RHEL-89304 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

.NET 9.0 security update

9.0.107-1.0.1 - Add support for Oracle Linux 9.0.107-1 - Update to .NET SDK 9.0.107 and Runtime 9.0.6 - Resolves: RHEL-94424...

Oracle Linux 9 : .NET / 9.0 (ELSA-2025-8817)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8817 advisory. 9.0.107-1.0.1 - Add support for Oracle Linux 9.0.107-1 - Update to .NET SDK 9.0.107 and Runtime 9.0.6 - Resolves: RHEL-94424 Tenable has extracted the preceding...

Oracle Linux 8 : perl-FCGI:0.78 (ELSA-2025-8696)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-8696 advisory. - Fix CVE-2025-40907 integer overflow when parsing FastCGI parameters perl-FCGI - Fix CVE-2025-40907 integer overflow when parsing FastCGI parameters perl-FCGI ...

Oracle Linux 8 : nodejs:20 (ELSA-2025-8514)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8514 advisory. - Update to version 20.19.2 Fixes: CVE-2025-23166 Resolves: RHEL-91595 RHEL-89598 RHEL-92854 - Update c-ares to 1.34.5 to address CVE-2025-31498 - Update to...

Oracle Linux 8 : .NET / 8.0 (ELSA-2025-8812)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8812 advisory. 8.0.117-1.0.1 - Add support for Oracle Linux 8.0.117-1 - Update to .NET SDK 8.0.117 and Runtime 8.0.17 - Resolves: RHEL-94415 Tenable has extracted the precedin...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2025-20372)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20372 advisory. - net/mlx5e: Fix NULL deref in mlx5etirbuilderalloc Elena Salomatkina Orabug: 37206299,37670859 CVE-2024-50000 - net/mlx5: Fix error path in...

Oracle Linux 9 : .NET / 8.0 (ELSA-2025-8813)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8813 advisory. 8.0.117-1.0.1 - Add support for Oracle Linux 8.0.117-1 - Update to .NET SDK 8.0.117 and Runtime 8.0.17 - Resolves: RHEL-94420 Tenable has extracted the precedin...