Probably because they are not relevant to RHEL9 - as seen here: https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-RHEL9-unaffected/
The problem is your vulnerability scanner is reporting the wrong results for a system it doesn’t seem to recognise properly. I would suggest reporting the inaccuracies to the vendor of your vulnerability scanner.