|
|
Subscribe / Log in / New account

Oracle alert ELSA-2025-14748 (kernel)



From:
              Errata Announcements for Oracle Linux via El-errata <el-errata@oss.oracle.com>


To:
              el-errata@oss.oracle.com


Subject:
              [El-errata] ELSA-2025-14748 Important: Oracle Linux 7 kernel security update


Date:
              Mon, 22 Sep 2025 01:28:27 -0700


Message-ID:
              <mailman.2.1758529715.31.el-errata@oss.oracle.com>


Oracle Linux Security Advisory ELSA-2025-14748

http://linux.oracle.com/errata/ELSA-2025-14748.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-1160.119.1.0.11.el7.noarch.rpm
kernel-debug-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-devel-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-doc-3.10.0-1160.119.1.0.11.el7.noarch.rpm
kernel-headers-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-tools-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
perf-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
python-perf-3.10.0-1160.119.1.0.11.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-3.10.0-116...

Related CVEs:

CVE-2022-49788
CVE-2022-50020
CVE-2022-50022
CVE-2024-57980
CVE-2025-21928
CVE-2025-23150
CVE-2025-38000
CVE-2025-38177
CVE-2025-38350




Description of changes:

[3.10.0-1160.119.1.0.11.el7.OL7]
- kernel: media: uvcvideo: Fix double free in error path (CVE-2024-57980)
- kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (CVE-2025-21928)
- kernel: ext4: fix off-by-one error in do_split (CVE-2025-23150)
- kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() (CVE-2022-49788)
- kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (CVE-2025-38000)
- kernel: ext4: avoid resizing to a partial cluster size (CVE-2022-50020)
- kernel: drivers:md:fix a potential use-after-free bug (CVE-2022-50022)
- kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (CVE-2025-38177)
- kernel: net/sched: Always pass notifications when child class becomes empty (CVE-2025-38350)
- crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079)

_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds