Oracle Linux 9 : gstreamer1-plugins-bad-free (ELSA-2023-7791)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7791 advisory. - Patch CVE-2023-44429: AV1 codec parser heap-based buffer overflow - Patch CVE-2023-44446: MXF demuxer use-after-free Tenable has extracted the...

Oracle Linux 9 : buildah (ELSA-2023-7764)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7764 advisory. 1.31.3-2.0.1 - Rebuild for CVEs: CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322 CVE-2023-29409 Tenable has extracted the preceding...

Oracle Linux 9 : postgresql (ELSA-2023-7784)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7784 advisory. 13.13-1.0.1 - Update to 13.13 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, and CVE-2023-39417 Tenable has extracted the preceding description...

Oracle Linux 9 : postgresql:15 (ELSA-2023-7785)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7785 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 15.5-1 - update to 15.5 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, CVE-2023-39417, and...

Oracle Linux 8 : tracker-miners (ELSA-2023-7732)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-7732 advisory. 2.1.5-2.1 - Bump dist 2.1.5-2 - Backport stricter seccomp jail Resolves: RHEL-12466 Tenable has extracted the preceding description block directly from the Orac...

Oracle Linux 9 : kernel (ELSA-2023-13047)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-13047 advisory. - cifs: Fix UAF in cifsdemultiplexthread Zhang Xiaoxu Steve French CVE-2023-1192 - fs/smb/client: Reset password pointer to NULL Quang Le Steve French...

Oracle Linux 9 : webkit2gtk3 (ELSA-2023-7715)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7715 advisory. - A memory corruption vulnerability was addressed with improved locking. CVE-2023-42917 Note that Nessus has not tested for this issue but has instead relied on...

Oracle Linux 9 : podman (ELSA-2023-7765)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7765 advisory. - Rebuild for following CVEs: CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322 CVE-2023-29409 Tenable has extracted the preceding descriptio...

Oracle Linux 9 : skopeo (ELSA-2023-7762)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7762 advisory. 2:1.13.3-3 - Rebuild with golang 1.20.10 - Related: Jira:RHEL-2786 2:1.13.3-2 - Rebuild with golang 1.21.3 - Related: Jira:RHEL-2786 Tenable has...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2023-13043)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-13043 advisory. - nvmet-tcp: Fix a possible UAF in queue intialization setup Sagi Grimberg Orabug: 36028025 CVE-2023-5178 - x86: KVM: SVM: always update the x2avi...

Oracle Linux 9 : containernetworking-plugins (ELSA-2023-7766)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-7766 advisory. - rebuild for following CVEs: CVE-2023-29409 CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322 Tenable has extracted the preceding descriptio...

kernel security update

5.14.0-362.13.0.13.OL9 - cifs: Fix UAF in cifsdemultiplexthread Zhang Xiaoxu Steve French CVE-2023-1192 - fs/smb/client: Reset password pointer to NULL Quang Le Steve French CVE-2023-5345 - igb: set max size RX buffer when store bad packet is enabled Tony Nguyen David S. Miller CVE-2023-45871 -...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2023-13044)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-13044 advisory. - nvmet-tcp: Fix a possible UAF in queue intialization setup Sagi Grimberg Orabug: 36028026 CVE-2023-5178 Tenable has extracted the preceding description...

Oracle Linux 7 : curl (ELSA-2023-7743)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7743 advisory. - Fix TFTP small blocksize heap buffer overflow https://curl.haxx.se/docs/CVE-2019-5482.htmlCVE-2019-5482Orabug: 30568724 - CVE-2016-8615 cookie injection for...

Oracle Linux 9 : libxml2 (ELSA-2023-7747)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7747 advisory. 2.9.13-5 - Fix CVE-2023-39615 RHEL-5180 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

Oracle Linux 7 : postgresql (ELSA-2023-7783)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7783 advisory. 9.2.24-9 - Backport fix for CVE-2023-5869 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Ness...

Oracle Linux 9 : pixman (ELSA-2023-7754)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7754 advisory. 0.40.0-6 - Backport fix for CVE-2022-44638 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2023-13049)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-13049 advisory. - nvmet-tcp: Fix a possible UAF in queue intialization setup Sagi Grimberg Orabug: 36028026 CVE-2023-5178 - Bluetooth: Reject connection with the device which...

Oracle Linux 9 : tracker-miners (ELSA-2023-7712)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-7712 advisory. 3.1.2-4 - Backport stricter seccomp jail Resolves: RHEL-12469 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2023-13039)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-13039 advisory. - net/sched: schhfsc: Ensure inner classes have fsc curve Budimir Markovic Orabug: 35810543 CVE-2023-4623 Tenable has extracted the preceding description block...