Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2024-12272)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12272 advisory. - KVM: x86: Add BHINO Daniel Sneddon Orabug: 36384802 CVE-2024-2201 - x86/bhi: Mitigate KVM by default Pawan Gupta Orabug: 36384802 CVE-2024-2201 ...

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2024-12274)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12274 advisory. - KVM: x86: Add BHINO Daniel Sneddon Orabug: 36384803 CVE-2024-2201 - x86/bhi: Mitigate KVM by default Pawan Gupta Orabug: 36384803 CVE-2024-2201 -...

Oracle Linux 8 : varnish (ELSA-2024-1690)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-1690 advisory. varnish 6.0.13-1 - new version 6.0.13 - Resolves: RHEL-30378 - varnish:6/varnish: HTTP/2 Broken Window Attack may result in denial of service CVE-2024-30156...

Oracle Linux 9 : varnish (ELSA-2024-1691)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-1691 advisory. - Resolves: RHEL-30387 - varnish: HTTP/2 Broken Window Attack may result in denial of service CVE-2024-30156 - Add parameters h2rstallowance and...

Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2024-12275)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12275 advisory. - KVM: x86: Add BHINO Daniel Sneddon Orabug: 36384803 CVE-2024-2201 - x86/bhi: Mitigate KVM by default Pawan Gupta Orabug: 36384803 CVE-2024-2201 -...

Oracle Linux 9 : less (ELSA-2024-1692)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1692 advisory. - Fix CVE-2022-48624 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

Oracle Linux 9 : nodejs:20 (ELSA-2024-1688)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1688 advisory. - Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 high Tenable has extracted the preceding description block directly from the Oracl...

Oracle Linux 8 : nodejs:20 (ELSA-2024-1687)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1687 advisory. - Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 high Tenable has extracted the preceding description block directly from the Oracl...

Oracle Linux 8 : curl (ELSA-2024-1601)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1601 advisory. - unify the upload/method handling CVE-2023-28322 - fix cookie injection with none file CVE-2023-38546 Tenable has extracted the preceding description...

Oracle Linux 8 : grafana (ELSA-2024-1646)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1646 advisory. 9.2.10-8 - Rebuild with latest version of golang - resolves CVE-2024-1394 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 9 : kernel (ELSA-2024-12265)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12265 advisory. - netfilter: nftables: reject QUEUE/DROP verdict parameters Orabug: 36461940 CVE-2024-1086 Tenable has extracted the preceding description block directly from...

Oracle Linux 8 : expat (ELSA-2024-1615)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-1615 advisory. - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 - CVE-2023-52425 expat: parsing large tokens can trigger a denial of service Tenable...

Oracle Linux 8 : less (ELSA-2024-1610)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1610 advisory. - Fix CVE-2022-48624 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

Oracle Linux 8 : grafana-pcp (ELSA-2024-1644)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1644 advisory. 5.1.1-2 - Rebuild with latest version of golang - resolves CVE-2024-1394 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 8 : opencryptoki (ELSA-2024-1608)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-1608 advisory. 3.21.0-10 - timing side-channel in handling of RSA PKCS1 v1.5 padded ciphertexts Marvin Resolves: RHEL-22791 Tenable has extracted the preceding description blo...

Oracle Linux 8 : kernel (ELSA-2024-12266)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12266 advisory. - netfilter: nftables: reject QUEUE/DROP verdict parameters Orabug: 36461932 CVE-2024-1086 Tenable has extracted the preceding description block directly from...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2024-12257)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12257 advisory. 4.14.35-2047.534.3.1 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36251145 CVE-2024-1086 Tenable has extracted the...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12256)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12256 advisory. 5.4.17-2136.329.3.2 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36465920 CVE-2024-1086 Tenable has extracted the...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2024-12258)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12258 advisory. - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36251327 CVE-2024-1086 - kobject: Fix slab-out-of-bounds in...

Oracle Linux 9 : olcne (ELSA-2024-12261)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12261 advisory. - Update modules and components built with golang 1.20.12 to address CVE-2023-39326 Tenable has extracted the preceding description block directly from the...