The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8267 advisory.

    - posix-cpu-timers: Cleanup CPU timers before freeing them during exec (Wander Lairson Costa) [2116968]     {CVE-2022-2585}
    - fix race between exit_itimers() and /proc/pid/timers (Wander Lairson Costa) [2116968] {CVE-2022-2585}
    - ath9k: htc: clean up statistics macros (Jose Ignacio Tornos Martinez) [2084600] {CVE-2022-1679}
    - ath9k: hif_usb: simplify if-if to if-else (Jose Ignacio Tornos Martinez) [2084600] {CVE-2022-1679}
    - ath9k: fix use-after-free in ath9k_hif_usb_rx_cb (Jose Ignacio Tornos Martinez) [2084600]     {CVE-2022-1679}
    - x86/speculation: Add LFENCE to RSB fill sequence (Waiman Long) [2115086] {CVE-2022-26373}
    - x86/speculation: Add RSB VM Exit protections (Waiman Long) [2115086] {CVE-2022-26373}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Oracle Linux 9 : kernel (ELSA-2022-8267)

high Nessus Plugin ID 168085

Version 1.7