Moderate: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Enhance Path Factories CVE-2025-53066 JDK: Enhance Certificate Handling CVE-2025-53057 Bug Fixes: Since the 8.8 release of AlmaLinuxand the 9.2 relea...

AlmaLinux 9 : thunderbird (ALSA-2025:18321)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:18321 advisory. thunderbird: firefox: Memory safety bugs CVE-2025-11714 thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL texture...

AlmaLinux 10 : kernel (ALSA-2025:18318)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:18318 advisory. kernel: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush CVE-2025-38351 kernel: sunrpc: fix client side handling of tls alerts...

AlmaLinux 9 : ipa (ALSA-2025:17084)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:17084 advisory. FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA CVE-2025-7493 Tenable has extracted the preceding description block directly from the...

AlmaLinux 8 : perl-JSON-XS (ALSA-2025:17163)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:17163 advisory. JSON-XS: integer buffer overflow causing a segfault when parsing crafted JSON CVE-2025-40928 Tenable has extracted the preceding description block directly from t...

AlmaLinux 9 : firefox (ALSA-2025:18155)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:18155 advisory. thunderbird: firefox: Memory safety bugs CVE-2025-11714 thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL texture...

AlmaLinux 8 : kernel (ALSA-2025:18297)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:18297 advisory. kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors CVE-2025-39757 kernel: ALSA: hda/ca0132: Fix buffer overflow in addtuningcontrol...

AlmaLinux 8 : .NET 8.0 (ALSA-2025:18148)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:18148 advisory. dotnet: .NET Information Disclosure Vulnerability CVE-2025-55248 dotnet: .NET Security Feature Bypass Vulnerability CVE-2025-55315 dotnet: .NET Denial of...

AlmaLinux 9 : perl-JSON-XS (ALSA-2025:17162)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:17162 advisory. JSON-XS: integer buffer overflow causing a segfault when parsing crafted JSON CVE-2025-40928 Tenable has extracted the preceding description block directly from t...

AlmaLinux 9 : .NET 8.0 (ALSA-2025:18149)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:18149 advisory. dotnet: .NET Information Disclosure Vulnerability CVE-2025-55248 dotnet: .NET Security Feature Bypass Vulnerability CVE-2025-55315 dotnet: .NET Denial of...

AlmaLinux 10 : libssh (ALSA-2025:18231)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:18231 advisory. libssh: out-of-bounds read in sftphandle CVE-2025-5318 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...

AlmaLinux 10 : kernel (ALSA-2025:17776)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:17776 advisory. kernel: HID: core: Harden s32ton against conversion to 0 bits CVE-2025-38556 kernel: wifi: ath12k: Decrement TID on RX peer frag setup error handling...

AlmaLinux 9 : libssh (ALSA-2025:18275)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:18275 advisory. libssh: out-of-bounds read in sftphandle CVE-2025-5318 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...

AlmaLinux 10 : libsoup3 (ALSA-2025:18183)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:18183 advisory. libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library CVE-2025-11021 Tenable has extracted the preceding description block directly from th...

AlmaLinux 9 : kernel (ALSA-2025:17760)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:17760 advisory. kernel: HID: core: Harden s32ton against conversion to 0 bits CVE-2025-38556 kernel: eventpoll: Fix semi-unbounded recursion CVE-2025-38614 kernel: ALSA:...

AlmaLinux 9 : vim (ALSA-2025:17742)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:17742 advisory. vim: Vim path traversal CVE-2025-53906 vim: Vim path traversial CVE-2025-53905 Tenable has extracted the preceding description block directly from the...

AlmaLinux 8 : gnutls (ALSA-2025:17415)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:17415 advisory. gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS otherName SAN export CVE-2025-32988 gnutls: NULL...

AlmaLinux 8 : kernel-rt (ALSA-2025:17812)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:17812 advisory. kernel: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 CVE-2022-50228 kernel: Bluetooth: L2CAP: Fix use-after-free CVE-2023-53305 Tenab...

AlmaLinux 8 : kernel (ALSA-2025:17797)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:17797 advisory. kernel: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 CVE-2022-50228 kernel: Bluetooth: L2CAP: Fix use-after-free CVE-2023-53305 Tenab...

AlmaLinux 8 : kernel-rt (ALSA-2025:17398)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:17398 advisory. kernel: smb: client: fix use-after-free in cifsoplockbreak CVE-2025-38527 kernel: NFS: Fix filehandle bounds checking in nfsfhtodentry CVE-2025-39730...