Oracle Linux 8 : bind9.16 (ELSA-2026-23360)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-23360 advisory. - Fix GSS-API resource leak CVE-2026-3039 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Oracle Linux 8 : kernel (ELSA-2026-23258)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-23258 advisory. - smb: client: reject userspace cifs.spnego descriptions Paulo Alcantara RHEL-178938 CVE-2026-46243 - smb: client: fix OOB reads parsing symlink error response...

kernel security update

4.18.0-553.129.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Oracle Linux 8 : php:8.2 (ELSA-2026-22305)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-22305 advisory. libzip php 8.2.31-1 - rebase to 8.2.31 php-pear php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip Tenable has extracted the preceding descripti...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50294)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50294 advisory. - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39368827 CVE-2026-46300 - ptrace: slightly saner...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50299)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50299 advisory. - ptrace: slightly saner 'getdumpable' logic Linus Torvalds Orabug: 39384275,39391459 CVE-2026-46333 - net: skbuff: propagate shared-frag marker...

Oracle Linux 8 : samba (ELSA-2026-22644)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-22644 advisory. - resolves: RHEL-156322 - Fix CVE-2026-3012 - resolves: RHEL-161647 - Fix CVE-2026-4480 - resolves: RHEL-177933 - Fix CVE-2026-4408 Tenable has...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50293)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50293 advisory. - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39442660 CVE-2026-46300 - ptrace: slightly saner...

Oracle Linux 8 : thunderbird (ELSA-2026-22643)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-22643 advisory. 140.11.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.11.0 - Add OpenELA debranding 140.11.0-1 - Update to 140.11.0 ESR...

Oracle Linux 8 : expat (ELSA-2026-22721)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-22721 advisory. - Fix CVE-2026-45186 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested fo...

Oracle Linux 8 : go-toolset:ol8 (ELSA-2026-22112)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-22112 advisory. delve 1.25.2-1.0.1 golang 1.25.9-1.0.1 - EXPERIMENTAL: Introduce fipsnoenforceems GODEBUG var - Backported from OL9u7 - Resolves: OLDIS-53586 Tenable...

Oracle Linux 8 : gnutls (ELSA-2026-20611)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-20611 advisory. - Fix CVE-2026-33846 DTLS fragment reassembly, High, heap overwrite - Fix CVE-2026-42009 DTLS fragment reassembly, High, undefined behaviour - Fix...

Oracle Linux 8 : compat-openssl10 (ELSA-2026-22315)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-22315 advisory. 1.1.0.2o-4.2 - Fixes CVE-2026-28390: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing Resolves: RHEL-165754 Tenable has...

Oracle Linux 8 : kernel (ELSA-2026-21706)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-21706 advisory. - smb: client: validate the whole DACL before rewriting it in cifsacl Paulo Alcantara RHEL-172815 CVE-2026-31709 - netfilter: xttcpmss: check remainin...

Oracle Linux 8 : httpd:2.4 (ELSA-2026-22140)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-22140 advisory. - Resolves: RHEL-166277 - httpd:2.4/httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 modmd Tenable has extracted the preceding...

Oracle Linux 8 : glibc (ELSA-2026-50291)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50291 advisory. - Add tests for CVE-2026-4437 and CVE-2026-4438 RHEL-173358 - CVE-2026-4046: Fix assertion failure in IBM1390 and IBM1399 iconv modules RHEL-162891 -...

Oracle Linux 8 : flatpak (ELSA-2026-21756)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-21756 advisory. 1.12.9-4 - Fix arbitrary code execution via crafted symlinks in sandbox-expose options Resolves: RHEL-165633 - Fix arbitrary file deletion on host via...

Oracle Linux 7 : freerdp (ELSA-2026-7292)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7292 advisory. - Fixed CVE-2026-26955 CVE-2026-26956 Orabug: 39189643 - Fixed CVE-2026-22855 CVE-2026-22858 CVE-2026-22859 Orabug: 39075086 - fixed CVE-2026-23530...

.NET 8.0 security update

8.0.127-1.0.1 - Add support for Oracle Linux 8.0.127-1 - Update to .NET SDK 8.0.127 and Runtime 8.0.27 - Resolves: RHEL-173920...

Oracle Linux 8 : thunderbird (ELSA-2026-20586)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-20586 advisory. 140.10.1-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.10.1 - Add OpenELA debranding 140.10.1-1 - Update to 140.10.1 ESR...