Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12547)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12547 advisory. 5.4.17-2136.333.5.1 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36660755 - pci: add hotplug patch support for SOLIDIGM Aura1...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2024-12546)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12546 advisory. 5.15.0-208.159.3.2 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36660755 Tenable has extracted the preceding description bloc...

Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2024-12552)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12552 advisory. 5.4.17-2136.333.5.1.el8 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36660755 - pci: add hotplug patch support for SOLIDIGM Aura1...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2024-12548)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12548 advisory. 4.14.35-2047.538.5.1 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36660755 Tenable has extracted the preceding description block...

Oracle Linux 9 : edk2 (ELSA-2024-4749)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4749 advisory. - edk2-NetworkPkg-SECURITY-PATCH-CVE-2023-45237.patch RHEL-40270 RHEL-40272 - edk2-NetworkPkg-TcpDxe-SECURITY-PATCH-CVE-2023-45236.patch RHEL-40270...

Oracle Linux 9 : libuv (ELSA-2024-4756)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4756 advisory. 1:1.42.0-2 - Backport fix for CVE-2024-24806 Resolves: RHEL-24791 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : containernetworking-plugins (ELSA-2024-4761)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-4761 advisory. - rebuild for CVE-2024-1394 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2024-12549)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12549 advisory. 4.1.12-124.87.2.2 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36660755 Tenable has extracted the preceding description block...

Oracle Linux 9 : libreoffice (ELSA-2024-4755)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4755 advisory. 7.1.8.1-13.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Added the --with-hamcrest option to configure. 1:7.1.8.1-13 - Fix CVE-2024-3044 add notify...

Oracle Linux 8 : httpd:2.4 (ELSA-2024-4720)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4720 advisory. - Resolves: RHEL-45812 - httpd:2.4/httpd: Substitution encoding issue in modrewrite CVE-2024-38474 - Resolves: RHEL-45785 - httpd:2.4/httpd: Encoding...

Oracle Linux 9 : httpd (ELSA-2024-4726)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4726 advisory. - Resolves: RHEL-45792 - httpd: Encoding problem in modproxy CVE-2024-38473 - Resolves: RHEL-45766 - httpd: null pointer dereference in modproxy...

Oracle Linux 9 : thunderbird (ELSA-2024-4624)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-4624 advisory. 115.13.0-3.0.1 - Add Oracle prefs 115.13.0 - Add OpenELA debranding 115.13.0-3 - Update to 115.13.0 build5 115.13.0-2 - Update to 115.13.0 build3...

Oracle Linux 8 / 9 : java-1.8.0-openjdk (ELSA-2024-4563)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4563 advisory. 1.8.0.422.b05-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.422.b05-1.1 - Update to shenandoah-jdk8u422-b05 GA - Update release notes...

Oracle Linux 8 / 9 : java-21-openjdk (ELSA-2024-4573)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4573 advisory. 1:21.0.4.0.7-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.4.0.7-1 - Update to jdk-21.0.4+7 GA - Update release notes to 21.0.4+7 -...

Oracle Linux 9 : kernel (ELSA-2024-4583)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4583 advisory. - net: ena: Fix incorrect descriptor free behavior Kamal Heib RHEL-39217 RHEL-37430 CVE-2024-35958 - tcp: Use refcountincnotzero in tcptwskunique...

kernel security update

5.14.0-427.26.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2024-4568)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4568 advisory. 1:17.0.12.0.7-2.0.1 - Add Oracle vendor bug URL 1:17.0.12.0.7-2 - Update to jdk-17.0.12+7 GA - Update .gitignore to ignore openjdk-17.0.12+7.tar.xz...

Oracle Linux 9 : qt5-qtbase (ELSA-2024-4623)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4623 advisory. 5.15.9-10 - HTTP2: Delay any communication until encrypted can be responded to Resolves: RHEL-46348 Tenable has extracted the preceding description block direct...

Oracle Linux 8 / 9 : java-11-openjdk (ELSA-2024-4567)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4567 advisory. 11.0.24.0.8-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:11.0.24.0.8-1 - Update to jdk-11.0.24+8 GA - Update release notes to 11.0.24+8 -...

Oracle Linux 9 : libndp (ELSA-2024-4636)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-4636 advisory. 1.8-6 - Validate route information option length 1.8-5 - Convert the license tag to SPDX format Related: RHELMISC-1363 Tenable has extracted the preceding...