Oracle Linux Security Advisories Address Critical and Moderate Vulnerabilities

Oracle released security advisories for Oracle Linux 8 and 9 addressing critical and moderate vulnerabilities. The advisory for Oracle Linux 8 (CVE-2026-9064) details a denial-of-service threat affecting the 389 Directory Server, published on May 20, 2026. This vulnerability could lead to service disruptions for organizations using affected versions. The advisory for Oracle Linux 9 addresses multiple memory issues in FreeRDP, including use-after-free and heap buffer overflow vulnerabilities, with CVEs published between February and March 2026. These vulnerabilities could potentially allow attackers to exploit memory management flaws, impacting system stability and security. Users are advised to apply the latest patches to mitigate these risks. Both advisories highlight the importance of timely updates to safeguard against exploitation.

Key Points: • CVE-2026-9064 poses a critical DoS threat to Oracle Linux 8's 389 Directory Server. • Oracle Linux 9's FreeRDP advisory includes multiple CVEs addressing memory vulnerabilities. • Timely patching is essential to protect systems from these identified vulnerabilities.