|
|
Subscribe / Log in / New account

Oracle alert ELSA-2025-20609 (kernel)



From:
              Errata Announcements for Oracle Linux via El-errata <el-errata@oss.oracle.com>


To:
              el-errata@oss.oracle.com


Subject:
              [El-errata] ELSA-2025-20609 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update


Date:
              Wed, 24 Sep 2025 07:12:08 -0700


Message-ID:
              <mailman.49.1758723137.31.el-errata@oss.oracle.com>


Oracle Linux Security Advisory ELSA-2025-20609

http://linux.oracle.com/errata/ELSA-2025-20609.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-5.15.0-312.187.5.3.el9uek.x86_64.rpm
kernel-uek-5.15.0-312.187.5.3.el9uek.x86_64.rpm
kernel-uek-core-5.15.0-312.187.5.3.el9uek.x86_64.rpm
kernel-uek-debug-5.15.0-312.187.5.3.el9uek.x86_64.rpm
kernel-uek-debug-core-5.15.0-312.187.5.3.el9uek.x86_64.rpm
kernel-uek-debug-devel-5.15.0-312.187.5.3.el9uek.x86_64.rpm
kernel-uek-debug-modules-5.15.0-312.187.5.3.el9uek.x86_64.rpm
kernel-uek-debug-modules-extra-5.15.0-312.187.5.3.el9uek.x86_64.rpm
kernel-uek-devel-5.15.0-312.187.5.3.el9uek.x86_64.rpm
kernel-uek-doc-5.15.0-312.187.5.3.el9uek.noarch.rpm
kernel-uek-modules-5.15.0-312.187.5.3.el9uek.x86_64.rpm
kernel-uek-modules-extra-5.15.0-312.187.5.3.el9uek.x86_64.rpm
kernel-uek-container-5.15.0-312.187.5.3.el9uek.x86_64.rpm
kernel-uek-container-debug-5.15.0-312.187.5.3.el9uek.x86_64.rpm



SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/kernel-uek-5.15.0...

Related CVEs:

CVE-2025-38264
CVE-2025-38494
CVE-2025-38495
CVE-2025-38499
CVE-2025-38618




Description of changes:

[5.15.0-312.187.5.3.el9uek]
- HID: core: do not bypass hid_hw_raw_request (Benjamin Tissoires)  [Orabug: 38454666]
{CVE-2025-38494}
- vsock: Do not allow binding to VMADDR_PORT_ANY (Budimir Markovic)  [Orabug: 38454665]
{CVE-2025-38618}
- clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (Al Viro)
[Orabug: 38454664]  {CVE-2025-38499}
- HID: core: ensure the allocated report buffer can contain the reserved report ID (Benjamin
Tissoires)  [Orabug: 38454662]  {CVE-2025-38495}
- nvme-tcp: sanitize request list handling (Hannes Reinecke)  [Orabug: 38454661]  {CVE-2025-38264}
- llist: add interface to check if a node is on a list. (NeilBrown)  [Orabug: 38454661]


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds