Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2024-12154)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12154 advisory. - smb: client: fix OOB in smbCalcSize Paulo Alcantara CVE-2023-6606 - RDMA/irdma: Prevent zero-length STAG registration Christopher Bednarz...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2024-12150)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12150 advisory. - sched/rt: picknextrtentity: check listentry Pietro Borrello Orabug: 35181559 CVE-2023-1077 - net/sched: schhfsc: Ensure inner classes have fsc curve...

Oracle Linux 9 : kernel (ELSA-2024-12149)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12149 advisory. - net/sched: schhfsc: Ensure inner classes have fsc curve CVE-2023-4623 - net/sched: schhfsc: upgrade 'rt' to 'sc' when it becomes a inner curve...

Oracle Linux 7 : runc (ELSA-2024-17931)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-17931 advisory. 1.1.12-1 - Update runc to 1.1.12 JIRA: OLDIS-30530 1.1.10-1 - Update runc to 1.1.10 JIRA: OLDIS-30530 Tenable has extracted the preceding description block...

Oracle Linux 7 : runc (ELSA-2024-12148)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-12148 advisory. 1.1.12-1 - Update runc to 1.1.12 JIRA: OLDIS-30530 1.1.10-1 - Update runc to 1.1.10 JIRA: OLDIS-30530 Tenable has extracted the preceding description block...

Oracle Linux 9 : gimp (ELSA-2024-0675)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0675 advisory. - fix CVE-2023-44441 - fix CVE-2023-44442 - fix CVE-2023-44443 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 8 : gnutls (ELSA-2024-12135)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12135 advisory. 3.6.16-8.1fips - Allow RSA keygen with modulus sizes bigger than 3072 bits and validate the seed length as defined in FIPS 186-4 section B.3.2 Orabug: 33200526...

Oracle Linux 9 : runc (ELSA-2024-0670)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-0670 advisory. - Rebuild for CVEs: CVE-2023-39321 CVE-2023-39322 CVE-2023-29409 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : gnutls (ELSA-2024-0533)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0533 advisory. 3.7.6-23.3 - Fixes for CVE-2023-5981, CVE-2024-0553, CVE-2024-0567 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 8 : gnutls (ELSA-2024-0627)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0627 advisory. 3.6.16-8.1 - auth/rsa-psk: minimize branching after decryption RHEL-21550 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2024-12110)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12110 advisory. - Bluetooth: Reject connection with the device which has same BDADDR Lee, Chun-Yi Orabug: 35959598 CVE-2020-26555 - sched/rt: picknextrtentity:...

Oracle Linux 8 : rpm (ELSA-2024-0647)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0647 advisory. - Import additional patches to fix regressions with CVE-2021-35937, CVE-2021-35938 and CVE-2021-35939 patchset Orabug: 36256318 - Backport file handlin...

Oracle Linux 7 : tigervnc (ELSA-2024-0629)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0629 advisory. - Dropped xorg-CVE-2023-5367.patch, xorg-CVE-2023-6816.patch, xorg-CVE-2023-6377.patch, xorg- CVE-2023-6478.patch, xorg-CVE-2024-0229-1.patch,...

Oracle Linux 8 : tigervnc (ELSA-2024-0607)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0607 advisory. - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice Resolves: RHEL-20388 - Fix CVE-2024-21885 tigervnc:...

Oracle Linux 8 : libssh (ELSA-2024-0628)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0628 advisory. - Client and Server side mitigations CVE-2023-48795 - Strip extensions from both kex lists for matching CVE-2023-48795 Tenable has extracted the preceding...

Oracle Linux 8 : openssh (ELSA-2024-0606)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0606 advisory. - Forbid shell metasymbols in username/hostname Resolves: CVE-2023-51385 Tenable has extracted the preceding description block directly from the Oracle...

Oracle Linux 9 : thunderbird (ELSA-2024-0602)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0602 advisory. 115.7.0-1.0.1 - Update to 115.7.0 build1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Oracle Linux 9 : firefox (ELSA-2024-0603)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0603 advisory. 115.7.0.1.0.1 - Update to 115.7.0 build 1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Oracle Linux 9 : tigervnc (ELSA-2024-0557)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0557 advisory. - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice Resolves: RHEL-20389 - Fix CVE-2024-21885 tigervnc:...

Oracle Linux 8 : firefox (ELSA-2024-0608)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0608 advisory. 115.7.0.1.0.1 - Update to 115.7.0 build 1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...