Oracle Audit Vault and Database Firewall (AVDF) 20.18: Critical Security and Platform Updates Now Available

Upgrade to Oracle Audit Vault and Database Firewall (AVDF) 20.18 to maintain a secure, stable deployment for your organization. If you’re running AVDF 20.17 or an earlier release, Oracle recommends applying this update now.

AVDF 20.18 delivers critical security updates across the entire software stack, addressing widely known vulnerabilities in the underlying operating system and platform components.

For the complete list of changes, enhancements, and resolved issues, see the AVDF 20.18 Release Notes.

Security and Platform Updates in AVDF 20.18

AVDF 20.18 includes Oracle Database Server Release Update 19.31 from the April 2026 Critical Patch Update (CPU), which addresses seven Common Vulnerabilities and Exposures (CVEs) in the underlying AVDF repository database.

In addition, AVDF 20.18 incorporates fixes for several significant Linux kernel vulnerabilities, including:

• Copy-Fail (CVE-2026-31431)
• Dirty-Frag (CVE-2026-43284 and CVE-2026-43500)
• Fragnesia (CVE-2026-46300)

These vulnerabilities are broadly recognized for their potential impact on system security and stability. AVDF 20.18 provides the latest protections through Oracle’s integrated platform updates.

Additional security updates in this release address:

• CVEs in underlying AVDF repository components — including Oracle APEX, Oracle REST Data Services (ORDS), Oracle Java SE, Oracle Autonomous Health Framework (AHF), and Oracle GoldenGate — addressed as part of the April 2026 Critical Patch Update.

• Security fixes for the embedded Oracle Linux 8.10 operating system.
• Additional platform maintenance and stability improvements across the AVDF software stack.

Why Update Now?

Keeping AVDF current maintains a secure infrastructure for auditing and database activity monitoring. By upgrading to AVDF 20.18, your team can:

• Address important security vulnerabilities across the AVDF platform.
• Improve overall system stability and reliability.
• Align with Oracle’s latest Critical Patch Update (CPU) recommendations.
• Maintain a secure foundation for database auditing, monitoring, and compliance initiatives.

Caution: Before applying this update, review the AVDF 20.18 “Release Notes” for supported upgrade paths and prerequisites, and ensure you have a current backup of your AVDF deployment.

Call to Action

• Update existing AVDF deployment: Download patch 39497251 from My Oracle Support. Sign in, search for “Patches and Product Certification Matrix,” and enter the patch number.
• AVDF fresh install: Download AVDF 20.18 from Oracle Software Delivery Cloud
• AVDF on Oracle Cloud Infrastructure: Provision AVDF from the OCI Marketplace
• AWS-compatible AMI: Download AVDF 20.18 from the Oracle Software Delivery Cloud

Learn more

• Visit the AVDF home page
• Take the LiveLabs guided AVDF workshop
• View AVDF feature spotlight videos
• Check out the Database Auditing and Monitoring YouTube channel