OracleVM 3.4 : kernel-uek (OVMSA-2025-0001)

The remote OracleVM system is missing necessary patches to address security updates: 4.1.12-124.93.1- cachefiles: fix memory leak in cachefilesaddcache Baokun Li Orabug: 36544657 CVE-2024-26840 Tenable has extracted the preceding description block directly from the OracleVM security advisory. Not...

OracleVM 3.4 : kernel-uek (OVMSA-2024-0016)

The remote OracleVM system is missing necessary patches to address security updates: 4.1.12-124.92.3- memcgwriteeventcontrol: fix a user-triggerable oops Al Viro Orabug: 37070674 CVE-2024-45021- ocfs2: fix races between hole punching and AIO+DIO Su Yue Orabug: 36835819...

OracleVM 3.4 : kernel-uek (OVMSA-2024-0015)

The remote OracleVM system is missing necessary patches to address security updates: 4.1.12-124.91.3- nfsatomicopen: prevent parallel nfslookup on a negative hashed Al Viro Orabug: 370062394.1.12-124.91.2- vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug:...

OracleVM 3.4 : kernel-uek (OVMSA-2024-0014)

The remote OracleVM system is missing necessary patches to address security updates: 4.1.12-124.90.3.1- vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37132352 Tenable has extracted the preceding description block directly from the OracleVM security advisory. Note that...

OracleVM 3.4 : kernel-uek (OVMSA-2024-0013)

The remote OracleVM system is missing necessary patches to address security updates: 4.1.12-124.90.3- SUNRPC: increase size of rpcwaitqueue.qlen from unsigned short to unsigned int Dai Ngo Orabug: 370554394.1.12-124.90.2- scsi: lpfc: Fix possible memory leak in lpfcrcvpadisc Justin Tee Orabug:...

OracleVM 3.4 : kernel-uek (OVMSA-2024-0011)

The remote OracleVM system is missing necessary patches to address security updates: 4.1.12-124.89.4- isdn: mISDN: netjet: Fix crash in njprobe: Zheyu Ma Orabug: 36940405 CVE-2021-47284- tracing: Restructure traceclockglobal to never block Steven Rostedt VMware Orabug: 36940388 CVE-2021-46939- ud...

OracleVM 3.4 : kernel-uek (OVMSA-2024-0009)

The remote OracleVM system is missing necessary patches to address security updates: 4.1.12-124.87.2.2- net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36660755 Tenable has extracted the preceding description block directly from the OracleVM security advisory. Note that Nessus has...

OracleVM 3.4 : kernel-uek (OVMSA-2024-0006)

The remote OracleVM system is missing necessary patches to address security updates: 4.1.12-124.87.2- net: sched: fix race condition in qdiscgraft Eric Dumazet Orabug: 35250827 CVE-2023-05904.1.12-124.87.1- ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet Zhengchao Shao Orabug:...

OracleVM 3.4 : kernel-uek (OVMSA-2024-0004)

The remote OracleVM system is missing necessary patches to address security updates: - A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a...

OracleVM 3.4 : kernel-uek (OVMSA-2024-0003)

The remote OracleVM system is missing necessary patches to address security updates: - An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service panic because inputsetcapability mishandles the situation in which an event code...

OracleVM 3.4 : kernel-uek (OVMSA-2024-0002)

The remote OracleVM system is missing necessary patches to address security updates: - Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BDADDR of the peer device to complete pairing without knowledge...

OracleVM 3.4 : kernel-uek (OVMSA-2023-0025)

The remote OracleVM system is missing necessary patches to address security updates: - A flaw was found in the Netfilter subsystem in the Linux kernel. The xtu32 module did not validate the fields in the xtu32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds rea...

OracleVM 3.4 : kernel-uek (OVMSA-2023-0024)

The remote OracleVM system is missing necessary patches to address security updates: - An issue was discovered in l2capsockrelease in net/bluetooth/l2capsock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled. CVE-2023-40283 - A...

OracleVM 3.4 : kernel-uek (OVMSA-2023-0023)

The remote OracleVM system is missing necessary patches to address security updates: - An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nftseteleminit leading to a buffer overflow could be used by a local attacker to escalate privileges, a different vulnerabilit...

OracleVM 3.4 : busybox (OVMSA-2023-5178)

The remote OracleVM system is missing necessary patches to address security updates: - There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution...

OracleVM 3.4 : kernel-uek (OVMSA-2023-0021)

The remote OracleVM system is missing necessary patches to address security updates: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The package checks in this plugin were extracted...

OracleVM 3.4 : kernel-uek (OVMSA-2023-0020)

The remote OracleVM system is missing necessary patches to address security updates: - A flaw was found in the Linux kernel in linux/net/netfilter/nftablesapi.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue. CVE-2022-1015 - A NULL pointer...

OracleVM 3.4 : openssh (OVMSA-2023-0019)

The remote OracleVM system is missing necessary patches to address security updates: - sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate user...

OracleVM 3.4 : kernel-uek (OVMSA-2023-0017)

The remote OracleVM system is missing necessary patches to address security updates: - A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the ath9khtcwaitfortarget function to fail with some input messages. This flaw allows a local user ...

OracleVM 3.4 : kernel-uek (OVMSA-2023-0016)

The remote OracleVM system is missing necessary patches to address security updates: - A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVMEIOCTLRESET and the NVMEIOCTLSUBSYSRESET through the device file of the driver, resulting in ...