Oracle Linux 9 : libnbd (ELSA-2024-2204)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2204 advisory. - Fix assertion in ext-mode BLOCKSTATUS CVE-2023-5871 resolves: RHEL-15143 Tenable has extracted the preceding description block directly from the Orac...

Oracle Linux 9 : xorg-x11-server-Xwayland (ELSA-2024-2170)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-2170 advisory. - Fix for CVE-2023-6377, CVE-2023-6478 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note tha...

Oracle Linux 9 : pcp (ELSA-2024-2213)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2213 advisory. 6.2.0-1.0.1 - Fixed libpcp derived metric issue for ol9 Orabug: 36538820 6.2.0-1 - Rebase to latest stable version of PCP RHEL-2317 6.1.1-4 - Fix pcp-ss1 handli...

Oracle Linux 9 : pam (ELSA-2024-2438)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2438 advisory. - pamnamespace: protectdir: use ODIRECTORY to prevent local DoS situations. CVE-2024-22365. Resolves: RHEL-21244 Tenable has extracted the preceding description...

Oracle Linux 9 : libX11 (ELSA-2024-2145)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2145 advisory. - Fix CVE-2023-43785: out-of-bounds memory access in XkbReadKeySyms - Fix CVE-2023-43786: stack exhaustion from infinite recursion in PutSubImage Tenab...

Oracle Linux 9 : qemu-kvm (ELSA-2024-2135)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2135 advisory. - Resolves: RHEL-19629 CVE-2023-6683 qemu-kvm: QEMU: VNC: NULL pointer dereference in qemuclipboardrequest rhel-9 - Resolves: RHEL-2828 CVE-2023-42467...

Oracle Linux 9 : tcpdump (ELSA-2024-2211)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-2211 advisory. 14:4.99.0-9 - Resolves: RHEL-21558 - tcpslice: use-after-free in extractslice 14:4.99.0-8 - Resolves: RHEL-10714 - Fix PGM option printing Tenable has extracted...

Oracle Linux 9 : pcs (ELSA-2024-2113)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2113 advisory. - Fixed CVE-2024-25126, CVE-2024-26141, CVE-2024-26146 in bundled dependency rack Resolves: RHEL-26446, RHEL-26448, RHEL-26450 Tenable has extracted th...

Oracle Linux 9 : frr (ELSA-2024-2156)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2156 advisory. 8.5.3-4 - Resolves: RHEL-14825 - crafted BGP UPDATE message leading to a crash 8.5.3-3 - Resolves: RHEL-14822 - mishandled malformed data leading to a...

Oracle Linux 9 : libXpm (ELSA-2024-2146)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2146 advisory. - CVE-2023-43786 libX11: stack exhaustion from infinite recursion in PutSubImage - CVE-2023-43787 libX11: integer overflow in XCreateImage leading to a...

Oracle Linux 9 : libtiff (ELSA-2024-2289)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2289 advisory. - Fix CVE-2023-6228 - Fix CVE-2023-40090 CVE-2023-3618 CVE-2023-40745 CVE-2023-41175 Tenable has extracted the preceding description block directly fro...

Oracle Linux 9 : freeglut (ELSA-2024-2366)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2366 advisory. 3.2.1-10 - Fix CVE-2024-24258 and CVE-2024-24259 Resolves: https://issues.redhat.com/browse/RHEL-25176 Resolves:...

Oracle Linux 9 : openssl / and / openssl-fips-provider (ELSA-2024-2447)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2447 advisory. - POLY1305 MAC implementation corrupts vector registers on PowerPC CVE-2023-6129 Resolves: RHEL-21151 - Excessive time spent checking invalid RSA publi...

Oracle Linux 9 : kernel (ELSA-2024-2394)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2394 advisory. - mm/sparsemem: fix race in accessing memorysection-usage Waiman Long RHEL-28877 RHEL-28878 CVE-2023-52489 - mlxsw: spectrumacltcam: Fix stack corrupti...

Oracle Linux 9 : traceroute (ELSA-2024-2483)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-2483 advisory. 3:2.1.0-18 - add gating.yaml 3:2.1.0-17 - fix improper command line parsing CVE-2023-46316 Tenable has extracted the preceding description block directly from t...

Oracle Linux 9 : qt5-qtbase (ELSA-2024-2276)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2276 advisory. - Fix CVE-2024-25580: potential buffer overflow when reading KTX images Resolves: RHEL-25726 Tenable has extracted the preceding description block...

Oracle Linux 9 : edk2 (ELSA-2024-2264)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2264 advisory. - edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Pa.patch RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853 -...

Oracle Linux 9 : buildah (ELSA-2024-2245)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2245 advisory. - Rebuild for CVEs: CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322 - rebuild for following CVEs: CVE-2023-25173 CVE-2022-41724...

Oracle Linux 9 : mod_http2 (ELSA-2024-2368)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-2368 advisory. 2.0.26-1 - Resolves: RHEL-14691 - modhttp2 rebase to 2.0.26 Tenable has extracted the preceding description block directly from the Oracle Linux securi...

Oracle Linux 9 : libvirt (ELSA-2024-2236)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2236 advisory. - storage: Fix returning of locked objects from 'virStoragePoolObjListSearch' CVE-2023-3750, rhbz2221851 Tenable has extracted the preceding description block...