Detections
Analytics

Oracle Linux 9 : glibc (ELSA-2025-20411)

medium Nessus Plugin ID 241519

Language:

Synopsis

The remote Oracle Linux host is missing a security update.

Description

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20411 advisory.

 [2.34-168.0.1.20]
 - Forward-port Oracle patches for ol9-u6 Reviewed-by: Jose E. Marchesi <[email protected]> Oracle history:
 June-9-2025 Cupertino Miranda <[email protected]> - 2.34-168.0.1.19
 - Forward-port Oracle patches for ol9-u6 Reviewed-by: David Faust <[email protected]> May-17-2025 Cupertino Miranda <[email protected]> - 2.34-168.0.1.14
 - Forward-port Oracle patches for ol9-u6 Reviewed-by: Jose E. Marchesi <[email protected]> March-6-2025 Cupertino Miranda <[email protected]> - 2.34-168.0.1
 - Forward-port Oracle patches for ol9-u6 Reviewed by: Jose E. Marchesi <[email protected]> February-18-2025 Cupertino Miranda <[email protected]> - 2.34-160.0.1
 - Forward-port Oracle patches for ol9-u6 DP Reviewed by: Jose E. Marchesi <[email protected]> November-12-2024 Cupertino Miranda <[email protected]> - 2.34-125.0.1.1
 - Forward-port Oracle patches for ol9-u5 Reviewed by: Jose E. Marchesi <[email protected]> October-1-2024 Cupertino Miranda <[email protected]> - 2.34-100.0.1.4
 - Forward-port Oracle patches for ol9-u4 Reviewed by: David Faust <[email protected]> August-26-2024 Jose E. Marchesi <[email protected]> - 2.34-100.0.1.3
 - Forward-port Oracle patches for ol9-u4 Reviewed by: David Faust <[email protected]> May-24-2024 Cupertino Miranda <[email protected]> - 2.34-100.0.1.2
 - Forward-port Oracle patches for ol9-u4 Reviewed by: Jose E. Marchesi <[email protected]> April-30-2024 Cupertino Miranda <[email protected]> - 2.34-100.0.1
 - Forward-port Oracle patches for ol9-u4 Reviewed by: Indu Bhagat <[email protected]> March-28-2024 Cupertino Miranda <[email protected]> - 2.34-100.0.1
 - Forward-port Oracle patches for ol9-u4-beta Reviewed by: Jose E. Marchesi <[email protected]> March 15 2024 Cupertino Miranda <[email protected]> - 2.34-83.0.2.12
 - Forward-port Oracle patches for ol9 Reviewed by: Jose E. Marchesi <[email protected]> February-26-2024 Cupertino Miranda <[email protected]> - 2.34-83.0.2.7
 - OraBug 36322437 getaddrinfo does not return correct ipv6 address and family Reviewed by: Jose E. Marchesi <[email protected]> October-24-2023 Cupertino Miranda <[email protected]> - 2.34-83.0.1.7
 - Forward-port Oracle patches for ol9 Reviewed by: Jose E. Marchesi <[email protected]> October-4-2023 Cupertino Miranda <[email protected]> - 2.34-82.0.1
 - Forward-port Oracle patches for ol9 Reviewed by: Jose E. Marchesi <[email protected]> April-18-2023 Cupertino Miranda <[email protected]> - 2.34-60.0.2
 - OraBug 35305078 Glibc tunable to disable huge pages on pthread_create stacks
 - Created tunable glibc.pthread.stack_hugetlb to control when hugepages can be used for stack allocation.
 - In case THP are enabled and glibc.pthread.stack_hugetlb is set to 0, glibc will madvise the kernel not to use allow hugepages for stack allocations.
 Reviewed by: Jose E. Marchesi <[email protected]> March-28-2023 Cupertino Miranda <[email protected]> - 2.34-60.0.1
 - Merge Oracle patches for ol9-u2 beta Reviewed by: Jose E. Marchesi <[email protected]> September-28-2022 Patrick McGehearty <[email protected]> - 2.34-40.0.1
 - Merge Oracle patches for ol9-u1 beta Reviewed by: Jose E. Marchesi <[email protected]> April-25-2022 Patrick McGehearty <[email protected]> - 2.34-28.0.1
 - Merge Oracle patches with ol9 beta
 - Reviewed-by: Jose E. Marchesi <[email protected]>

 [2.34-168.20]
 - CVE-2025-5702 glibc: Vector register overwrite bug in glibc (RHEL-95547)

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://linux.oracle.com/errata/ELSA-2025-20411.html

Plugin Details

Severity: Medium

ID: 241519

File Name: oraclelinux_ELSA-2025-20411.nasl

Version: 1.1

Type: local

Agent: unix

Published: 7/8/2025

Updated: 7/8/2025

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5.1

Temporal Score: 3.8

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2025-5702

CVSS v3

Risk Factor: Medium

Base Score: 5.6

Temporal Score: 4.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:glibc-langpack-ug, p-cpe:/a:oracle:linux:glibc-langpack-yi, p-cpe:/a:oracle:linux:glibc-langpack-gez, p-cpe:/a:oracle:linux:glibc-langpack-ga, p-cpe:/a:oracle:linux:glibc-langpack-te, p-cpe:/a:oracle:linux:glibc-langpack-dz, p-cpe:/a:oracle:linux:glibc-langpack-fi, p-cpe:/a:oracle:linux:glibc-langpack-or, p-cpe:/a:oracle:linux:glibc-langpack-fil, p-cpe:/a:oracle:linux:libnsl, p-cpe:/a:oracle:linux:glibc-langpack-ig, p-cpe:/a:oracle:linux:glibc-langpack-mk, p-cpe:/a:oracle:linux:glibc-langpack-ja, p-cpe:/a:oracle:linux:glibc-langpack-ks, p-cpe:/a:oracle:linux:glibc-langpack-sid, p-cpe:/a:oracle:linux:glibc-langpack-et, p-cpe:/a:oracle:linux:glibc-langpack-ha, p-cpe:/a:oracle:linux:glibc-langpack-yuw, p-cpe:/a:oracle:linux:glibc-langpack-nl, p-cpe:/a:oracle:linux:glibc-langpack-ve, p-cpe:/a:oracle:linux:glibc-langpack-bo, p-cpe:/a:oracle:linux:glibc-langpack-mhr, p-cpe:/a:oracle:linux:glibc-langpack-tg, p-cpe:/a:oracle:linux:nss_hesiod, p-cpe:/a:oracle:linux:glibc-langpack-lv, p-cpe:/a:oracle:linux:glibc-langpack-pt, p-cpe:/a:oracle:linux:glibc-langpack-zh, p-cpe:/a:oracle:linux:glibc-langpack-agr, p-cpe:/a:oracle:linux:glibc-langpack-anp, p-cpe:/a:oracle:linux:glibc-langpack-tpi, p-cpe:/a:oracle:linux:glibc-langpack-se, p-cpe:/a:oracle:linux:glibc-langpack-wal, p-cpe:/a:oracle:linux:glibc-langpack-oc, p-cpe:/a:oracle:linux:glibc-langpack-nb, p-cpe:/a:oracle:linux:glibc-langpack-mni, p-cpe:/a:oracle:linux:glibc-langpack-mr, p-cpe:/a:oracle:linux:glibc-langpack-sr, p-cpe:/a:oracle:linux:glibc-langpack-ml, p-cpe:/a:oracle:linux:glibc-langpack-wo, p-cpe:/a:oracle:linux:glibc-langpack-ar, p-cpe:/a:oracle:linux:glibc-langpack-si, p-cpe:/a:oracle:linux:glibc-langpack-wae, p-cpe:/a:oracle:linux:glibc-langpack-sd, p-cpe:/a:oracle:linux:glibc-langpack-xh, p-cpe:/a:oracle:linux:glibc-langpack-crh, p-cpe:/a:oracle:linux:glibc-headers, p-cpe:/a:oracle:linux:glibc-langpack-nan, p-cpe:/a:oracle:linux:glibc-langpack-ayc, p-cpe:/a:oracle:linux:glibc-langpack-am, p-cpe:/a:oracle:linux:glibc-langpack-eo, p-cpe:/a:oracle:linux:glibc-langpack-ta, p-cpe:/a:oracle:linux:glibc-langpack-vi, p-cpe:/a:oracle:linux:glibc-langpack-hak, p-cpe:/a:oracle:linux:glibc-langpack-ss, p-cpe:/a:oracle:linux:glibc-langpack-fy, p-cpe:/a:oracle:linux:glibc-langpack-bho, p-cpe:/a:oracle:linux:glibc-langpack-bi, p-cpe:/a:oracle:linux:glibc-langpack-ln, p-cpe:/a:oracle:linux:glibc-langpack-gl, p-cpe:/a:oracle:linux:glibc-minimal-langpack, p-cpe:/a:oracle:linux:glibc-langpack-aa, p-cpe:/a:oracle:linux:glibc-langpack-sat, p-cpe:/a:oracle:linux:glibc-langpack-sw, p-cpe:/a:oracle:linux:glibc-langpack-fur, p-cpe:/a:oracle:linux:glibc-langpack-mi, p-cpe:/a:oracle:linux:glibc-langpack-yo, p-cpe:/a:oracle:linux:glibc-langpack-id, p-cpe:/a:oracle:linux:glibc-langpack-kk, p-cpe:/a:oracle:linux:glibc-langpack-sm, p-cpe:/a:oracle:linux:glibc-langpack-so, p-cpe:/a:oracle:linux:glibc-langpack-nso, p-cpe:/a:oracle:linux:glibc-langpack-szl, p-cpe:/a:oracle:linux:glibc-benchtests, p-cpe:/a:oracle:linux:glibc-langpack-pl, p-cpe:/a:oracle:linux:glibc-langpack-kw, p-cpe:/a:oracle:linux:glibc-langpack-cs, p-cpe:/a:oracle:linux:glibc-langpack-mai, p-cpe:/a:oracle:linux:glibc-langpack-it, p-cpe:/a:oracle:linux:glibc-langpack-ne, p-cpe:/a:oracle:linux:glibc-langpack-ro, p-cpe:/a:oracle:linux:glibc-langpack-ru, p-cpe:/a:oracle:linux:glibc-langpack-hy, p-cpe:/a:oracle:linux:glibc-langpack-tt, p-cpe:/a:oracle:linux:glibc-langpack-lt, p-cpe:/a:oracle:linux:glibc-langpack-li, p-cpe:/a:oracle:linux:glibc-nss-devel, p-cpe:/a:oracle:linux:glibc-langpack-lb, p-cpe:/a:oracle:linux:glibc-langpack-ko, p-cpe:/a:oracle:linux:glibc-langpack-kok, p-cpe:/a:oracle:linux:glibc-langpack-hu, p-cpe:/a:oracle:linux:glibc-langpack-hif, p-cpe:/a:oracle:linux:glibc-langpack-as, p-cpe:/a:oracle:linux:glibc-langpack-bn, p-cpe:/a:oracle:linux:glibc-langpack-hr, p-cpe:/a:oracle:linux:glibc-langpack-mg, p-cpe:/a:oracle:linux:glibc-langpack-sl, p-cpe:/a:oracle:linux:glibc-langpack-wa, p-cpe:/a:oracle:linux:glibc-langpack-sa, p-cpe:/a:oracle:linux:glibc-langpack-ht, p-cpe:/a:oracle:linux:glibc-langpack-cv, p-cpe:/a:oracle:linux:glibc-langpack-km, p-cpe:/a:oracle:linux:glibc-langpack-ff, p-cpe:/a:oracle:linux:glibc-langpack-unm, p-cpe:/a:oracle:linux:glibc-langpack-quz, p-cpe:/a:oracle:linux:glibc-langpack-af, p-cpe:/a:oracle:linux:glibc-langpack-ckb, p-cpe:/a:oracle:linux:glibc-langpack-kn, p-cpe:/a:oracle:linux:glibc-locale-source, p-cpe:/a:oracle:linux:glibc-langpack-sk, p-cpe:/a:oracle:linux:glibc-langpack-bg, p-cpe:/a:oracle:linux:glibc-langpack-ber, p-cpe:/a:oracle:linux:glibc-all-langpacks, p-cpe:/a:oracle:linux:glibc-langpack-csb, p-cpe:/a:oracle:linux:glibc-langpack-ps, cpe:/o:oracle:linux:9, p-cpe:/a:oracle:linux:glibc-langpack-mfe, p-cpe:/a:oracle:linux:glibc-langpack-iu, p-cpe:/a:oracle:linux:glibc-langpack-ti, p-cpe:/a:oracle:linux:glibc-langpack-ms, p-cpe:/a:oracle:linux:glibc-langpack-an, p-cpe:/a:oracle:linux:glibc-langpack-en, p-cpe:/a:oracle:linux:glibc-langpack-ka, p-cpe:/a:oracle:linux:nss_db, p-cpe:/a:oracle:linux:glibc-langpack-mag, p-cpe:/a:oracle:linux:glibc-common, p-cpe:/a:oracle:linux:glibc-langpack-lzh, p-cpe:/a:oracle:linux:glibc-langpack-gu, p-cpe:/a:oracle:linux:glibc-langpack-tl, p-cpe:/a:oracle:linux:glibc-langpack-raj, p-cpe:/a:oracle:linux:glibc-langpack-th, p-cpe:/a:oracle:linux:glibc-langpack-kl, p-cpe:/a:oracle:linux:glibc-langpack-hsb, p-cpe:/a:oracle:linux:glibc-gconv-extra, p-cpe:/a:oracle:linux:glibc-langpack-miq, p-cpe:/a:oracle:linux:glibc-langpack-cmn, p-cpe:/a:oracle:linux:glibc-langpack-ky, p-cpe:/a:oracle:linux:glibc-langpack-mjw, p-cpe:/a:oracle:linux:glibc-langpack-st, p-cpe:/a:oracle:linux:glibc-langpack-lg, p-cpe:/a:oracle:linux:glibc-langpack-nhn, p-cpe:/a:oracle:linux:glibc-langpack-tn, p-cpe:/a:oracle:linux:glibc-langpack-the, p-cpe:/a:oracle:linux:glibc-langpack-rw, p-cpe:/a:oracle:linux:glibc-static, p-cpe:/a:oracle:linux:glibc-langpack-doi, p-cpe:/a:oracle:linux:glibc-langpack-sq, p-cpe:/a:oracle:linux:glibc-langpack-tig, p-cpe:/a:oracle:linux:glibc-langpack-tr, p-cpe:/a:oracle:linux:glibc-langpack-uz, p-cpe:/a:oracle:linux:glibc-langpack-byn, p-cpe:/a:oracle:linux:glibc-langpack-hne, p-cpe:/a:oracle:linux:glibc-langpack-mn, p-cpe:/a:oracle:linux:glibc-langpack-uk, p-cpe:/a:oracle:linux:glibc-langpack-ce, p-cpe:/a:oracle:linux:glibc-langpack-da, p-cpe:/a:oracle:linux:glibc-langpack-chr, p-cpe:/a:oracle:linux:glibc-langpack-zu, p-cpe:/a:oracle:linux:glibc-langpack-cy, p-cpe:/a:oracle:linux:nscd, p-cpe:/a:oracle:linux:glibc-langpack-el, p-cpe:/a:oracle:linux:glibc-langpack-pa, p-cpe:/a:oracle:linux:glibc-langpack-gv, p-cpe:/a:oracle:linux:glibc-langpack-hi, p-cpe:/a:oracle:linux:glibc-langpack-ca, p-cpe:/a:oracle:linux:glibc-langpack-bem, p-cpe:/a:oracle:linux:glibc-langpack-om, p-cpe:/a:oracle:linux:glibc-langpack-gd, p-cpe:/a:oracle:linux:glibc-langpack-be, p-cpe:/a:oracle:linux:glibc-langpack-yue, p-cpe:/a:oracle:linux:glibc-langpack-nds, p-cpe:/a:oracle:linux:glibc-langpack-nr, p-cpe:/a:oracle:linux:glibc-langpack-sc, p-cpe:/a:oracle:linux:glibc-langpack-is, p-cpe:/a:oracle:linux:glibc-langpack-os, p-cpe:/a:oracle:linux:glibc-langpack-fa, p-cpe:/a:oracle:linux:glibc-langpack-ku, p-cpe:/a:oracle:linux:glibc-langpack-mnw, p-cpe:/a:oracle:linux:glibc-langpack-lo, p-cpe:/a:oracle:linux:glibc-langpack-sah, p-cpe:/a:oracle:linux:glibc-langpack-az, p-cpe:/a:oracle:linux:glibc-langpack-ur, p-cpe:/a:oracle:linux:glibc, p-cpe:/a:oracle:linux:glibc-langpack-sgs, p-cpe:/a:oracle:linux:glibc-langpack-fr, p-cpe:/a:oracle:linux:glibc-langpack-he, p-cpe:/a:oracle:linux:glibc-langpack-my, p-cpe:/a:oracle:linux:glibc-langpack-dsb, p-cpe:/a:oracle:linux:glibc-langpack-ts, p-cpe:/a:oracle:linux:glibc-devel, p-cpe:/a:oracle:linux:glibc-langpack-fo, p-cpe:/a:oracle:linux:glibc-langpack-es, p-cpe:/a:oracle:linux:glibc-langpack-kab, p-cpe:/a:oracle:linux:glibc-langpack-shn, p-cpe:/a:oracle:linux:glibc-langpack-br, p-cpe:/a:oracle:linux:glibc-langpack-ia, p-cpe:/a:oracle:linux:glibc-langpack-brx, p-cpe:/a:oracle:linux:glibc-langpack-shs, p-cpe:/a:oracle:linux:glibc-langpack-mt, p-cpe:/a:oracle:linux:glibc-langpack-niu, p-cpe:/a:oracle:linux:glibc-langpack-pap, p-cpe:/a:oracle:linux:glibc-langpack-tk, p-cpe:/a:oracle:linux:glibc-langpack-to, p-cpe:/a:oracle:linux:glibc-langpack-lij, p-cpe:/a:oracle:linux:glibc-langpack-sv, p-cpe:/a:oracle:linux:glibc-langpack-ik, p-cpe:/a:oracle:linux:glibc-langpack-ast, p-cpe:/a:oracle:linux:glibc-langpack-tcy, p-cpe:/a:oracle:linux:glibc-utils, p-cpe:/a:oracle:linux:glibc-langpack-bhb, p-cpe:/a:oracle:linux:glibc-langpack-eu, p-cpe:/a:oracle:linux:glibc-langpack-dv, p-cpe:/a:oracle:linux:glibc-langpack-ak, p-cpe:/a:oracle:linux:glibc-langpack-bs, p-cpe:/a:oracle:linux:glibc-langpack-de, p-cpe:/a:oracle:linux:glibc-doc, p-cpe:/a:oracle:linux:glibc-langpack-nn

Required KB Items: Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list, Host/local_checks_enabled

Exploit Ease: No known exploits are available

Patch Publication Date: 7/7/2025

Vulnerability Publication Date: 6/5/2025

Reference Information

CVE: CVE-2025-5702