Oracle Linux 9 : httpd (ELSA-2024-5138)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-5138 advisory. - Resolves: RHEL-46047 - httpd: Security issues via backend applications whose response headers are malicious or exploitable CVE-2024-38476 Tenable has extracte...

Oracle Linux 8 : kernel (ELSA-2024-5101)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5101 advisory. - ionic: fix use after netifnapidel CKI Backport Bot RHEL-47624 CVE-2024-39502 - ionic: clean interrupt before enabling queue to avoid credit race CKI...

Oracle Linux 7 : linux-firmware (ELSA-2024-12579)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12579 advisory. 20240715-999.34.git4c8fb21e.el7 - Rebase to latest upstream Orabug: 36826157 Tenable has extracted the preceding description block directly from the Oracle Lin...

Oracle Linux 9 : qemu-kvm (ELSA-2024-12574)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12574 advisory. - hw/sd/sdhci: Do not update TRNMOD when Command Inhibit DAT is set hilippe Mathieu-Daude Orabug: 36575206 CVE-2024-3447 Tenable has extracted the preceding...

kernel security update

4.18.0-553.16.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Oracle Linux 8 : libtiff (ELSA-2024-5079)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5079 advisory. - Fix CVE-2023-6228 CVE-2023-52356 CVE-2023-25433 CVE-2018-15209 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2024-12571)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12571 advisory. - crypto: pcrypt - Fix hungtask for PADATARESET Lu Jialin Orabug: 36806710 CVE-2023-52813 - usbnet: sanity check for maxpacket Oliver Neukum Orabug:...

Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2024-12570)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12570 advisory. - crypto: pcrypt - Fix hungtask for PADATARESET Lu Jialin Orabug: 36806710 CVE-2023-52813 - usbnet: sanity check for maxpacket Oliver Neukum Orabug:...

Oracle Linux 9 : freeradius (ELSA-2024-4935)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4935 advisory. 3.0.21-40 - Backport fixes for BlastRADIUS CVE Resolves: RHEL-46566 Tenable has extracted the preceding description block directly from the Oracle Linux securit...

Oracle Linux 9 : kernel (ELSA-2024-4928)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4928 advisory. - mlxbfgige: call requestirq after NAPI initialized Kamal Heib RHEL-43012 RHEL-37179 CVE-2024-35907 - mlxbfgige: stop PHY during open error paths Kamal...

Oracle Linux 8 : freeradius:3.0 (ELSA-2024-4936)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4936 advisory. 3.0.20-15 - Backport BlastRADIUS CVE fix Resolves: RHEL-46572 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 8 : libndp (ELSA-2024-4620)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-4620 advisory. 1.7-7 - Validate route information option length Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note th...

Oracle Linux 9 : squid (ELSA-2024-4861)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-4861 advisory. - Resolves: RHEL-45056 - squid: Out-of-bounds write error may lead to Denial of Service CVE-2024-37894 Tenable has extracted the preceding description...

Oracle Linux 8 : thunderbird (ELSA-2024-4635)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-4635 advisory. 115.13.0-3.0.1 - Add Oracle prefs file 115.13.0 - Add OpenELA debranding 115.13.0-3 - Update to 115.13.0 build5 115.13.0-2 - Update to 115.13.0 build3...

Oracle Linux 9 : edk2 (ELSA-2024-4749)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4749 advisory. - edk2-NetworkPkg-SECURITY-PATCH-CVE-2023-45237.patch RHEL-40270 RHEL-40272 - edk2-NetworkPkg-TcpDxe-SECURITY-PATCH-CVE-2023-45236.patch RHEL-40270...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12547)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12547 advisory. 5.4.17-2136.333.5.1 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36660755 - pci: add hotplug patch support for SOLIDIGM Aura1...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2024-12546)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12546 advisory. 5.15.0-208.159.3.2 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36660755 Tenable has extracted the preceding description bloc...

Oracle Linux 9 : python3 (ELSA-2024-4766)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4766 advisory. - Security fix for CVE-2024-4032 Resolves: RHEL-44097 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2024-12548)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12548 advisory. 4.14.35-2047.538.5.1 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36660755 Tenable has extracted the preceding description block...

Oracle Linux 9 : runc (ELSA-2024-4762)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-4762 advisory. - rebuild for CVE-2024-1394 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...