Oracle Linux 8 : libssh (ELSA-2025-21977)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21977 advisory. 0.9.6-16 - Fix CVE-2025-5372 Resolves: RHEL-121232 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Oracle Linux 8 : kernel (ELSA-2025-21917)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21917 advisory. - i40e: add max boundary check for VF filters Michal Schmidt RHEL-123799 CVE-2025-39968 - i40e: fix validation of VF state in get resources Michal...

Oracle Linux 9 : openssl (ELSA-2025-28011)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-28011 advisory. - Fix CVE-2025-9230 Resolves: RHEL-115929 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

Oracle Linux 8 : cups (ELSA-2025-22063)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-22063 advisory. 1:2.2.6-64 - RHEL-122666 CVE-2025-58364 cups: Null Pointer Dereference in CUPS ippreadio Leading to Remote DoS Tenable has extracted the preceding description...

Oracle Linux 9 : ELSA-2025-20518-0: / kernel (ELSA-2025-205180)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-205180 advisory. - iouring/futex: ensure iofutexwait cleans up properly on failure CKI Backport Bot RHEL-114336 CVE-2025-39698 - NFS: Fix filehandle bounds checking i...

Oracle Linux 9 : ELSA-2025-20559-0: / shadow-utils (ELSA-2025-205590)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-205590 advisory. 2:4.9-15 - nss.c: shadowlogfd to stderr. Resolves: RHEL-83431 - vipw: restore the original terminal pgrp after editing. Resolves: RHEL-70844 and RHEL-72940...

Oracle Linux 9 : ELSA-2025-20532-0: / grub2 (ELSA-2025-205320)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-205320 advisory. - Fix CVE-2022-3775 Orabug: 34871953 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

Oracle Linux 8 : mingw-expat (ELSA-2025-21974)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21974 advisory. - Fix the following CVEs CVE-2023-52425 CVE-2024-28757 CVE-2024-45490 CVE-2024-45491 CVE-2024-45492 CVE-2024-50602 CVE-2024-8176 CVE-2025-59375 Tenable has...

Oracle Linux 9 : zziplib (ELSA-2025-20838)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20838 advisory. 0.13.71-12 - Fix a directory traversal issue in unzip-mem Resolves: RHEL-6266 Tenable has extracted the preceding description block directly from the Oracle...

kernel security update

4.18.0-553.85.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Oracle Linux 8 : thunderbird (ELSA-2025-21881)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-21881 advisory. 140.5.0-2.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.5.0 - Add OpenELA debranding 140.5.0-2 - Update to 140.5.0 ESR...

Oracle Linux 8 : expat (ELSA-2025-21776)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21776 advisory. - Fix CVE-2025-59375 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested fo...

Oracle Linux 8 : lasso (ELSA-2025-21628)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21628 advisory. 2.6.0-14 - Fixing CVE-2025-47151 Resolves: RHEL-126687 CVE-2025-47151 lasso: Type confusion in Entr'ouvert Lasso Tenable has extracted the preceding descriptio...

Oracle Linux 7 : postgresql (ELSA-2025-16099)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-16099 advisory. - Restrict psql meta-commands in plain-text dumps Orabug: 38442031CVE-2025-8714 - Resolves CVE-2025-1094: Improper neutralization of quoting syntax in certain...

Oracle Linux 7 : squid (ELSA-2025-19167)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-19167 advisory. - Fixes CVE-2025-62168, squid: Squid vulnerable to information disclosure via - Fixes CVE-2025-54574, add URN access disabling config options Orabug: 38350105 ...

Oracle Linux 8 : kernel (ELSA-2025-21398)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21398 advisory. - vsock/virtio: Validate length in packet header before skbput Jon Maloy RHEL-114296 CVE-2025-39718 Tenable has extracted the preceding description block...

Oracle Linux 8 : idm:DL1 (ELSA-2025-21140)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21140 advisory. - Use DNS discovery for declared realms only CVE-2025-59088 Resolves: RHEL-113657 Tenable has extracted the preceding description block directly from...

idm:DL1 security update

bind-dyndb-ldap 11.6-6 - Fix rpminspect warnings Resolves: RHEL-22497 custodia ipa 4.9.13-20.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 ipa-healthcheck opendnssec 2.1.7-2 - Don't creat /var/run/opendnssec directory - Resolves: RHEL-12163 python-jwcrypto python-kdcproxy...

Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2025-18814)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-18814 advisory. - Fixes CVE-2025-53057 CVE-2025-53066 - Fixed CVE-2025-21587, CVE-2025-30691 and CVE-2025-30698 Orabug: 37840723 Tenable has extracted the preceding...

Oracle Linux 7 : ipa (ELSA-2025-17649)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-17649 advisory. - Fixes CVE-2025-7493 Enforce uniqueness across krbprincipalname Tenable has extracted the preceding description block directly from the Oracle Linux security...