Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2024-12851)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12851 advisory. - memcgwriteeventcontrol: fix a user-triggerable oops Al Viro Orabug: 37070674 CVE-2024-45021 - ocfs2: fix races between hole punching and AIO+DIO...

Oracle Linux 9 : tuned (ELSA-2024-10384)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10384 advisory. - Fixed privileged execution of arbitrary scripts by active local user, CVE-2024-52336 Resolves: RHEL-66639 Tenable has extracted the preceding...

Oracle Linux 8 : pam (ELSA-2024-10379)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10379 advisory. - pamaccess: rework resolving of tokens as hostname. Resolves: CVE-2024-10963 and RHEL-66242 - pamunix: always run the helper to obtain shadow passwor...

Oracle Linux 7 : krb5 (ELSA-2024-8788)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-8788 advisory. 1.15.1-55.0.7 - libkrad: implement support for Message-Authenticator CVE-2024-3596 Orabug: 37241077 Tenable has extracted the preceding description block direct...

Oracle Linux 8 : kernel:4.18.0 (ELSA-2024-10281)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10281 advisory. - media: edia: dvbdev: fix a use-after-free Kate Hsuan RHEL-35763 CVE-2024-27043 - bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in...

Oracle Linux 9 : python-tornado (ELSA-2024-10590)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-10590 advisory. 6.4.2-1 - Update to 6.4.2 Resolves: RHEL-68663 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note tha...

Oracle Linux 8 : webkit2gtk3 (ELSA-2024-10481)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-10481 advisory. 2.46.3-2 - Add patch for CVE-2024-44309 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...

Oracle Linux 9 : webkit2gtk3 (ELSA-2024-10472)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-10472 advisory. 2.46.3-2 - Add patch for CVE-2024-44309 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...

Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2024-8116)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-8116 advisory. - Fixes CVE-2024-21208 CVE-2024-21210 CVE-2024-21217 CVE-2024-21235 - 1001-orabug36904359-CVE-2024-21131-fix.patch -...

Oracle Linux 8 : container-tools:ol8 (ELSA-2024-10289)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10289 advisory. aardvark-dns buildah 2:1.33.11-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33...

Oracle Linux 7 : java-11-openjdk (ELSA-2024-8120)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-8120 advisory. - Fixes CVE-2024-21208 CVE-2024-21210 CVE-2024-21217 CVE-2024-21235 - 1001-orabug36904359-CVE-2024-21138-fix.patch -...

container-tools:ol8 security update

aardvark-dns buildah 2:1.33.11-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/fe85f0d - Resolves: RHEL-61853 2:1.33.10-1 - update to the latest content of...

Oracle Linux 9 : kernel (ELSA-2024-10274)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10274 advisory. - USB: serial: mos7840: fix crash on resume Desnes Nunes RHEL-65484 RHEL-59050 CVE-2024-42244 - bpf: Fix overrunning reservations in ringbuf CKI...

kernel:4.18.0 security update

4.18.0-553.30.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Oracle Linux 9 : pam:1.5.1 (ELSA-2024-10244)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-10244 advisory. - pamaccess: rework resolving of tokens as hostname. Resolves: CVE-2024-10963 and RHEL-66245 Tenable has extracted the preceding description block directly fro...

Oracle Linux 9 : perl-App-cpanminus (ELSA-2024-10218)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-10218 advisory. - Patch the code to use https instead of http CVE-2024-45321 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : edk2 (ELSA-2024-12842)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12842 advisory. - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division- By-Zero due to a UNIT32 overflow via local...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12845)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12845 advisory. - mm: avoid leaving partial pfn mappings around in error case Linus Torvalds Orabug: 37311329 CVE-2024-47674 - mm: add remappfnrangenotrack...

Oracle Linux 7 : xerces-c (ELSA-2024-8795)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-8795 advisory. 3.1.1-10.0.1 - back port fix for CVE-2023-37536 Orabug: 37241079 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 7 : squid (ELSA-2024-9738)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9738 advisory. 7:3.5.20-17.0.3 - Disable ESI support CVE-2024-45802Orabug: 37289058 Tenable has extracted the preceding description block directly from the Oracle Linux securi...