Oracle Linux 10 : glibc (ELSA-2026-50078)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50078 advisory. - CVE-2026-0915: Stack memory disclosure in getnetbyaddr RHEL-141848 - CVE-2026-0861: Check for alignment overflow in memalign functions RHEL-141732...

Oracle Linux 10 : glibc (ELSA-2026-1334)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1334 advisory. - CVE-2026-0915: Stack memory disclosure in getnetbyaddr RHEL-141848 - CVE-2026-0861: Check for alignment overflow in memalign functions RHEL-141732...

Oracle Linux 9 : python3.11 (ELSA-2026-1410)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1410 advisory. - Security fix for CVE-2025-13836 Resolves: RHEL-141025 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : gcc-toolset-15-binutils (ELSA-2026-1359)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1359 advisory. 2.44-3.1 - Fix a potential illegal memory access when linking a corrupt input file. RHEL-130674 Tenable has extracted the preceding description block directly...

Oracle Linux 8 : php:8.2 (ELSA-2026-1412)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1412 advisory. libzip 1.7.3-1 - update to 1.7.3 1.6.1-1 - update to 1.6.1 - enable lzma support 1.5.2-1 - update to 1.5.2 - add all explicit cmake options to ensure...

Oracle Linux 8 : python3.11 (ELSA-2026-1374)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1374 advisory. - Security fix for CVE-2025-13836 Resolves: RHEL-140992 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : osbuild-composer (ELSA-2026-1381)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1381 advisory. 149-3.0.1 - Add missing dependency over dracut-config-rescue for image-installer ORABUG: 38587453 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Ad...

Oracle Linux 9 : python3.12 (ELSA-2026-1408)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1408 advisory. - Security fix for CVE-2025-13836 Resolves: RHEL-141026 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 7 : mariadb (ELSA-2026-0367)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0367 advisory. - Fixes CVE-2025-13699, remote code execution via improper path validation Orabug: 38829265 Tenable has extracted the preceding description block directly from...

osbuild-composer security update

101.4-2.0.1 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types Minimal-raw and wsl JIRA: OLDIS-38123 - Increase default /boot size to 1GB Orabug: 36827079 - support for building OL8/9 images on Oracle Linu...

Oracle Linux 8 : java-1.8.0-openjdk (ELSA-2026-0932)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0932 advisory. 1.8.0.482.b08-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.482.b08-1 - Update to 8u482-b08 GA. - Update release notes for 8u482-b08. -...

Oracle Linux 10 : kernel (ELSA-2026-1178)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1178 advisory. - mm/vmalloc: fix data race in shownumainfo Waiman Long RHEL-137997 CVE-2025-38383 Tenable has extracted the preceding description block directly from the Orac...

Oracle Linux 8 : fence-agents (ELSA-2026-1240)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1240 advisory. - bundled urllib3: fix CVE-2025-66471 - bundled urllib3: fix CVE-2026-21441 Resolves: RHEL-139756, RHEL-140783 - bundled urllib3: fix CVE-2025-66418...

Oracle Linux 9 : python-urllib3 (ELSA-2026-1087)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-1087 advisory. - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 Tenable has extracted the preceding description block directly from the Oracle Linu...

Oracle Linux 9 : curl (ELSA-2026-1350)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1350 advisory. 7.76.1-35.el97.3 - http: fix crash in rate-limited upload RHEL-129493 7.76.1-35.el97.2 - openssl: respect system crypto policy for TLS max version RHEL-128921...

Oracle Linux 8 : python-urllib3 (ELSA-2026-1254)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-1254 advisory. - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 Tenable has extracted the preceding description block directly from the Oracle Linu...

Oracle Linux 9 : fence-agents (ELSA-2026-1239)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1239 advisory. - bundled urllib3: fix CVE-2025-66471 - bundled urllib3: fix CVE-2026-21441 Resolves: RHEL-139793, RHEL-140795 Tenable has extracted the preceding...

Oracle Linux 8 : grafana (ELSA-2026-1344)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1344 advisory. - Fixes CVE-2024-1442 Add email verification when updating user email Orabug: 38550520 Tenable has extracted the preceding description block directly from the...

kernel security update

4.18.0-553.97.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

kernel security update

6.12.0-124.29.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...