kernel security update

4.18.0-553.50.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Oracle Linux 9 : gvisor-tap-vsock (ELSA-2025-3833)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-3833 advisory. - Fix CVE-2025-22869 by updating to 0.8.5 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Ness...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2025-20271)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20271 advisory. - ima: Fix use-after-free on a dentry's dname.name Stefan Berger Orabug: 36835558 CVE-2024-39494 Tenable has extracted the preceding description block...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20270)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20270 advisory. - net/mlx5: DR, prevent potential error pointer dereference Dan Carpenter Orabug: 37434242 CVE-2024-56660 - bnxten: Fix aggregation ID mask to...

Oracle Linux 7 : freetype (ELSA-2025-3395)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3395 advisory. 2.8-14.0.1.el79.1 - Fix CVE-2025-27363 Out-of-bounds Write Orabug: 37770275CVE-2025-27363 Tenable has extracted the preceding description block directly from th...

Oracle Linux 7 : grub2 (ELSA-2025-3396)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3396 advisory. - Fix OOB write in grubnetsearchconfigfile CVE-2025-0624 Orabug: 37770226 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 8 : go-toolset:ol8 (ELSA-2025-3772)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3772 advisory. delve 1.24.1-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.24.1-1 - Rebase to 1.24.1 - Skip unsupported tests - Resolves:...

Oracle Linux 9 : delve / and / golang (ELSA-2025-3773)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3773 advisory. delve 1.24.1-2.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.24.1-2 - Fix 3 test failures - Resolves: RHEL-83939 - Resolves: RHEL-83958 -...

Oracle Linux 8 : grub2 (ELSA-2025-3367)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3367 advisory. - Fix CVE-2022-3775 Orabug: 34867710 - Add CVE-2020-15706, CVE-2020-15707 to the list Orabug: 31225072 - Resolves CVE-2024-45775 CVE-2025-0624 Tenable has...

Oracle Linux 9 : webkit2gtk3 (ELSA-2025-3713)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3713 advisory. 2.48.1-1 - Update to 2.48.1 2.48.0-1 - Update to 2.48.0 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 8 : tomcat (ELSA-2025-3683)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3683 advisory. - Resolves: RHEL-82934 tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT CVE-2025-24813 Tenable has...

Oracle Linux 9 : python3.11 (ELSA-2025-3634)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3634 advisory. 3.11.9-7.3 - Security fix for CVE-2024-7592 Resolves: RHEL-85299 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : python3.12 (ELSA-2025-3631)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3631 advisory. 3.12.5-2.3 - Security fix for CVE-2024-7592 Resolves: RHEL-85300 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : tomcat (ELSA-2025-3645)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3645 advisory. - Resolves: RHEL-82946 tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT CVE-2025-24813 Tenable has...

Oracle Linux 7 : xorg-x11-server (ELSA-2025-2879)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-2879 advisory. - Fixed CVE-2025-26594 CVE-2025-26595 CVE-2025-26596 - CVE-2025-26597 CVE-2025-26598 CVE-2025-26599 CVE-2025-26600 Tenable has extracted the preceding...

Oracle Linux 9 : gimp (ELSA-2025-3617)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3617 advisory. - Fixes: CVE-2023-44441 CVE-2023-44442 CVE-2023-44443 CVE-2023-44444 Tenable has extracted the preceding description block directly from the Oracle Lin...

Oracle Linux 8 : libxslt (ELSA-2025-3615)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3615 advisory. - Fix CVE-2024-55549 RHEL-83506 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...

Oracle Linux 9 : kernel (ELSA-2025-3506)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3506 advisory. - md: fix deadlock between mddevsuspend and flush bio Nigel Croxon RHEL-76058 CVE-2024-43855 Tenable has extracted the preceding description block directly from...

Oracle Linux 9 : firefox (ELSA-2025-3556)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3556 advisory. 128.9.0-2.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red...

Oracle Linux 8 : firefox (ELSA-2025-3582)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-3582 advisory. 128.9.0-2.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 128.9.0 - Add debranding patches Mustafa Gezen - Add OpenELA default...