Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2025-20019)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20019 advisory. - objtool: Default ignore INT3 for unreachable Peter Zijlstra Orabug: 37273706 CVE-2022-29901 Tenable has extracted the preceding description bloc...

Oracle Linux 8 : firefox (ELSA-2025-0144)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-0144 advisory. 128.6.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 128.6.0 - Add debranding patches Mustafa Gezen - Add OpenELA default...

Oracle Linux 9 : kernel (ELSA-2025-0059)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-0059 advisory. - mlxsw: spectrumipip: Fix memory leak when changing remote IPv6 address CKI Backport Bot RHEL-66899 CVE-2024-50252 - CVE-2024-53122 mptcp: cope racing...

kernel security update

5.14.0-503.21.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

Oracle Linux 8 : dpdk (ELSA-2025-0222)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-0222 advisory. 23.11-2 - Backport fixes for CVE-2024-11614 RHEL-68600 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

Oracle Linux 8 : iperf3 (ELSA-2025-0168)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-0168 advisory. 3.5-11 - Resolves: RHEL-72924 - Denial of Service in iperf Due to Improper JSON Handling Tenable has extracted the preceding description block directly from the...

Oracle Linux 8 : cups (ELSA-2025-0083)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-0083 advisory. 1:2.2.6-62 - RHEL-60338 CVE-2024-47175 cups: remote command injection via attacker controlled data in PPD file Tenable has extracted the preceding description...

Oracle Linux 9 : thunderbird (ELSA-2025-0147)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-0147 advisory. 128.6.0-3.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 128.6.0 - Add OpenELA debranding 128.6.0-3 - Update to 128.6.0 build3 128.6.0...

Oracle Linux 9 : iperf3 (ELSA-2025-0161)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-0161 advisory. 3.9-13.1 - Resolves: RHEL-72929 - Denial of Service in iperf Due to Improper JSON Handling Tenable has extracted the preceding description block directly from t...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2025-20007)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20007 advisory. 4.1.12-124.93.1 - cachefiles: fix memory leak in cachefilesaddcache Baokun Li Orabug: 36544657 CVE-2024-26840 Tenable has extracted the preceding descripti...

Oracle Linux 8 : kernel (ELSA-2025-0065)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-0065 advisory. - mptcp: cope racing subflow creation in mptcprcvspaceadjust Davide Caratti RHEL-69667 CVE-2024-53122 - i40e: fix race condition by adding filter's...

Oracle Linux 8 : webkit2gtk3 (ELSA-2025-0145)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-0145 advisory. 2.46.5-1 - Update to 2.46.5 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus ha...

Oracle Linux 9 : webkit2gtk3 (ELSA-2025-0146)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-0146 advisory. 2.46.5-1 - Update to 2.46.5 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus ha...

Oracle Linux 9 : firefox (ELSA-2025-0080)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-0080 advisory. 128.6.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red...

Oracle Linux 9 : dpdk (ELSA-2025-0210)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-0210 advisory. 23.11-2 - Backport fixes for CVE-2024-11614 RHEL-68601 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

kernel security update

4.18.0-553.34.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

kernel security update

5.14.0-503.19.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

Oracle Linux 8 : python-requests (ELSA-2025-0012)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-0012 advisory. - Security fix for CVE-2024-35195 Resolves: RHEL-37605 - Security fix for CVE-2023-32681 Resolves: rhbz2209469 - Update to v2.20.0 for CVE-2018-18074. - Remove...

Oracle Linux 7 : postgresql (ELSA-2024-10882)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-10882 advisory. - Fixes CVE-2024-10979 where environment variable mutations Orabug: 37370704 Tenable has extracted the preceding description block directly from the Oracle Lin...

Oracle Linux 9 : python3.11-urllib3 (ELSA-2024-11238)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-11238 advisory. 1.26.12-2.2 - Security fix for CVE-2023-45803 Resolves: RHEL-66551 Tenable has extracted the preceding description block directly from the Oracle Linux securit...