Oracle Linux 9 : expat (ELSA-2024-6754)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6754 advisory. - Fix CVE-2024-45492 integer overflow - Fix CVE-2024-45491 Integer Overflow or Wraparound - Fix CVE-2024-45490 Negative Length Parsing Vulnerability...

Oracle Linux 7 : kernel (ELSA-2024-5259)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5259 advisory. 3.10.0-1160.119.1.0.3.el7.OL7 - net: fix dstnegativeadvice race Eric Dumazet Orabug: 36947298 3.10.0-1160.119.1.0.2.el7.OL7 - md/raid5: fix oops during...

Oracle Linux 9 : fence-agents (ELSA-2024-6726)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-6726 advisory. 4.10.0-62.5 - bundled setuptools: fix CVE-2024-6345 Resolves: RHEL-49657 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 7 : ghostscript (ELSA-2024-4549)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4549 advisory. 9.25-5.0.1 - Fixes CVE-2024-33871 OPVP device arbitrary code execution via custom Driver library Tenable has extracted the preceding description block directly...

Oracle Linux 8 : pcs (ELSA-2024-6670)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6670 advisory. 0.10.18-2.0.1.el810.2 - Replace HAM-logo.png with a generic one 0.10.18-2.el810.2 - Updated rubygem rexml Resolves: RHEL-52409, RHEL-52788, RHEL-55997...

Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2024-4560)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4560 advisory. - CVE-2024-21131 Improve-UTF8-String-supports - CVE-2024-21138 Better-symbol-storage - CVE-2024-21140 Improved-loop-handling - CVE-2024-21144...

Oracle Linux 7 : httpd (ELSA-2024-4943)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4943 advisory. - Opt-ins for unsafe prefixstat and %3f Orabug: 36904263CVE-2024-38474CVE-2024-38475 Tenable has extracted the preceding description block directly fro...

Oracle Linux 8 : 389-ds:1.4 (ELSA-2024-6569)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-6569 advisory. - Resolves: RHEL-40943 - CVE-2024-5953 389-ds:1.4/389-ds-base: Malformed userPassword hash may cause Denial of Service rhel-8.10.z Tenable has extracted the...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2024-12618)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12618 advisory. - net: mana: Fix possible double free in error handling path Ma Ke Orabug: 36897038 CVE-2024-42069 - net: relax socket state check at accept time...

Oracle Linux 9 : kernel (ELSA-2024-6567)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6567 advisory. - usb-storage: alauda: Check whether the media is initialized CKI Backport Bot RHEL-43716 CVE-2024-38619 - mm: avoid overflows in dirty throttling logi...

kernel security update

5.14.0-427.35.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2024-12611)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12611 advisory. - MIPS: Octeon: Add PCIe link status check Dave Kleikamp Orabug: 36952386 CVE-2024-40968 - net: relax socket state check at accept time. Paolo Abeni...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2024-12612)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12612 advisory. 5.4.17-2136.335.4.el8 - mm: memcg/slab: enable kmalloc-cg- caches for x8664. Imran Khan Orabug: 36951041 - printk: add kthread for long-running...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12610)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12610 advisory. - MIPS: Octeon: Add PCIe link status check Dave Kleikamp Orabug: 36947196 CVE-2024-40968 - drm/amdgpu: Fix signedness bug in sdmav40processtrapirq...

Oracle Linux 9 : dovecot (ELSA-2024-6529)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6529 advisory. - fix CVE-2024-23184: using a large number of address headers may trigger a denial of service RHEL-55211 Tenable has extracted the preceding descriptio...

Oracle Linux 7 : java-11-openjdk (ELSA-2024-4564)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4564 advisory. - CVE-2024-21131 Improve-UTF8-String-supports - CVE-2024-21138 Better-symbol-storage - CVE-2024-21140 Improved-loop-handling - CVE-2024-21144...

Oracle Linux 9 : emacs (ELSA-2024-6510)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-6510 advisory. - org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code CVE-2024-39331 Tenable has extracted the preceding description block directly from the...

Oracle Linux 7 : qt5-qtbase (ELSA-2024-4647)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4647 advisory. 5.9.7-5.0.1 - Backport fix for CVE-2024-39936 Orabug: 36904373 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : glib2 (ELSA-2024-6464)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-6464 advisory. - Fix CVE-2024-34397, signal subscription vulnerabilities Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

Oracle Linux 7 : libndp (ELSA-2024-4622)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4622 advisory. 1.2-10.0.1 - Increasing release number as per Oracle package release policy Tenable has extracted the preceding description block directly from the Oracle Linux...