Oracle Linux 7 : tigervnc (ELSA-2024-0006)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0006 advisory. - Dropped xorg-CVE-2023-5367.patch, xorg-CVE-2023-6377.patch, and xorg-CVE-2023-6478.patch - Updated fix for CVE-2023-6377 tigervnc: xorg-x11-server:...

Oracle Linux 7 : gstreamer1-plugins-bad-free (ELSA-2024-0013)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0013 advisory. - Patch CVE-2023-44446: MXF demuxer use-after-free Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Oracle Linux 7 : thunderbird (ELSA-2024-0027)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0027 advisory. 115.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.6.0-1 - Update to...

firefox security update

115.6.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.6.0-1 - Update to 115.6.0 build1...

Oracle Linux 7 : xorg-x11-server (ELSA-2024-0009)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0009 advisory. 1.20.4-25 - CVE fix for: CVE-2023-6377, CVE-2023-6478 Resolves: https://issues.redhat.com/browse/RHEL-18416 Resolves:...

Oracle Linux 9 : kernel (ELSA-2023-7749)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7749 advisory. - x86/retpoline: Document some thunk handling aspects Borislav Petkov CVE-2023-20569 - objtool: Fix return thunk patching in retpolines Josh Poimboeuf...

Oracle Linux 9 : conmon (ELSA-2023-13053)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-13053 advisory. - A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the tota...

Oracle Linux 8 : conmon (ELSA-2023-13054)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-13054 advisory. - Resolve CVE-2023-39325 - Resolve CVE-2023-39325 - Resolve CVE-2023-39325 - Resolve CVE-2023-44487 and CVE-2023-39325 - address CVE-2023-44487 and...

Oracle Linux 8 : postgresql:15 (ELSA-2023-7884)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7884 advisory. - Fixes: CVE-2023-5868 CVE-2023-5869 CVE-2023-5870 CVE-2023-39417 CVE-2023-39418 Tenable has extracted the preceding description block directly from th...

Oracle Linux 8 : gstreamer1-plugins-bad-free (ELSA-2023-7841)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7841 advisory. 1.16.1-2 - Resolves MXF demuxer use-after-free vulnerability CVE-2023-44446 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 8 : postgresql:10 (ELSA-2023-7790)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7790 advisory. 10.23-3.0.1 - Resolves: CVE-2023-5869 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...

Oracle Linux 9 : opensc (ELSA-2023-7879)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-7879 advisory. - Fix CVE-2023-40660: Potential PIN bypass - Fix CVE-2023-40661: Dynamic analyzers reports in pkcs15init - Fix CVE-2023-4535: Out-of-bounds read in MyE...

Oracle Linux 8 : opensc (ELSA-2023-7876)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-7876 advisory. - Fix CVE-2023-40660: Potential PIN bypass - Fix CVE-2023-40661: Dynamic analyzers reports in pkcs15init Tenable has extracted the preceding descriptio...

Oracle Linux 8 : openssl (ELSA-2023-7877)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7877 advisory. - Backport implicit rejection mechanism for RSA PKCS1 v1.5 to RHEL-8 series a proper fix for CVE-2020-25659 Resolves: RHEL-17696 - Fix CVE-2023-5678:...

Oracle Linux 8 : postgresql:12 (ELSA-2023-7714)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7714 advisory. pgaudit pgrepack postgres-decoderbufs postgresql Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

Oracle Linux 9 : fence-agents (ELSA-2023-7753)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7753 advisory. - python-certifi: Removal of e-Tugra root certificate CVE-2023-37920 Tenable has extracted the preceding description block directly from the Oracle Lin...

Oracle Linux 8 : avahi (ELSA-2023-7836)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7836 advisory. - Fix CVE-2021-3468 1939614 - Fix CVE-2023-38469 2191687 - Fix CVE-2023-38470 2191694 - Fix CVE-2023-38471 2191690 - Fix CVE-2023-38472 2191692 Tenable...

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2023-13048)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-13048 advisory. - nvmet-tcp: Fix a possible UAF in queue intialization setup Sagi Grimberg Orabug: 36028026 CVE-2023-5178 - Bluetooth: Reject connection with the device which...

Oracle Linux 9 : runc (ELSA-2023-7763)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-7763 advisory. - Rebuild for CVEs: CVE-2023-39321 CVE-2023-39322 CVE-2023-29409 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 8 : webkit2gtk3 (ELSA-2023-7716)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7716 advisory. - A memory corruption vulnerability was addressed with improved locking. CVE-2023-42917 Note that Nessus has not tested for this issue but has instead relied on...