Oracle alert ELSA-2025-19447 (kernel)
| From: | Errata Announcements for Oracle Linux via El-errata <el-errata@oss.oracle.com> | |
| To: | el-errata@oss.oracle.com | |
| Subject: | [El-errata] ELSA-2025-19447 Moderate: Oracle Linux 8 kernel security update | |
| Date: | Thu, 06 Nov 2025 15:55:27 -0800 | |
| Message-ID: | <mailman.45.1762473337.31.el-errata@oss.oracle.com> |
Oracle Linux Security Advisory ELSA-2025-19447 http://linux.oracle.com/errata/ELSA-2025-19447.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-4.18.0-553.82.1.el8_10.x86_64.rpm kernel-4.18.0-553.82.1.el8_10.x86_64.rpm kernel-abi-stablelists-4.18.0-553.82.1.el8_10.noarch.rpm kernel-core-4.18.0-553.82.1.el8_10.x86_64.rpm kernel-cross-headers-4.18.0-553.82.1.el8_10.x86_64.rpm kernel-debug-4.18.0-553.82.1.el8_10.x86_64.rpm kernel-debug-core-4.18.0-553.82.1.el8_10.x86_64.rpm kernel-debug-devel-4.18.0-553.82.1.el8_10.x86_64.rpm kernel-debug-modules-4.18.0-553.82.1.el8_10.x86_64.rpm kernel-debug-modules-extra-4.18.0-553.82.1.el8_10.x86_64.rpm kernel-devel-4.18.0-553.82.1.el8_10.x86_64.rpm kernel-doc-4.18.0-553.82.1.el8_10.noarch.rpm kernel-headers-4.18.0-553.82.1.el8_10.x86_64.rpm kernel-modules-4.18.0-553.82.1.el8_10.x86_64.rpm kernel-modules-extra-4.18.0-553.82.1.el8_10.x86_64.rpm kernel-tools-4.18.0-553.82.1.el8_10.x86_64.rpm kernel-tools-libs-4.18.0-553.82.1.el8_10.x86_64.rpm kernel-tools-libs-devel-4.18.0-553.82.1.el8_10.x86_64.rpm perf-4.18.0-553.82.1.el8_10.x86_64.rpm python3-perf-4.18.0-553.82.1.el8_10.x86_64.rpm aarch64: bpftool-4.18.0-553.82.1.el8_10.aarch64.rpm kernel-cross-headers-4.18.0-553.82.1.el8_10.aarch64.rpm kernel-headers-4.18.0-553.82.1.el8_10.aarch64.rpm kernel-tools-4.18.0-553.82.1.el8_10.aarch64.rpm kernel-tools-libs-4.18.0-553.82.1.el8_10.aarch64.rpm kernel-tools-libs-devel-4.18.0-553.82.1.el8_10.aarch64.rpm perf-4.18.0-553.82.1.el8_10.aarch64.rpm python3-perf-4.18.0-553.82.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/kernel-4.18.0-553... Related CVEs: CVE-2023-53226 CVE-2023-53257 CVE-2025-39864 Description of changes: [4.18.0-553.82.1] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3 - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652] - Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985772] [4.18.0-553.82.1] - smb: client: fix missing timestamp updates after utime(2) (Paulo Alcantara) [RHEL-109431] - cifs: fix leak of iface for primary channel (Paulo Alcantara) [RHEL-109546] - cifs: reset iface weights when we cannot find a candidate (Paulo Alcantara) [RHEL-109546] - cifs: deal with the channel loading lag while picking channels (Paulo Alcantara) [RHEL-109546] - smb3: missing lock when picking channel (Paulo Alcantara) [RHEL-109546] {CVE-2024-35999} - smb: client: fix potential deadlock when reconnecting channels (Paulo Alcantara) [RHEL-109546] {CVE-2025-38244} - cifs: update dstaddr whenever channel iface is updated (Paulo Alcantara) [RHEL-109546] - smb: client: fix oops due to unset link speed (Paulo Alcantara) [RHEL-109546] {CVE-2025-21725} - smb: client: fix use-after-free of signing key (Paulo Alcantara) [RHEL-109546] {CVE-2024-53179} - smb: client: fix UAF in smb2_reconnect_server() (Paulo Alcantara) [RHEL-109546] {CVE-2024-35870} - cifs: failure to add channel on iface should bump up weight (Paulo Alcantara) [RHEL-109546] - cifs: update iface_last_update on each query-and-update (Paulo Alcantara) [RHEL-109546] - cifs: do not depend on release_iface for maintaining iface_list (Paulo Alcantara) [RHEL-109546] - cifs: cifs_chan_is_iface_active should be called with chan_lock held (Paulo Alcantara) [RHEL-109546] - cifs: account for primary channel in the interface list (Paulo Alcantara) [RHEL-109546] - cifs: distribute channels across interfaces based on speed (Paulo Alcantara) [RHEL-109546] - cifs: handle cases where a channel is closed (Paulo Alcantara) [RHEL-109546] - cifs: force interface update before a fresh session setup (Paulo Alcantara) [RHEL-109546] - cifs: do not reset chan_max if multichannel is not supported at mount (Paulo Alcantara) [RHEL-109546] - cifs: reconnect helper should set reconnect for the right channel (Paulo Alcantara) [RHEL-109546] - smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (Paulo Alcantara) [RHEL-109546] {CVE-2023-52752} - cifs: print last update time for interface list (Paulo Alcantara) [RHEL-109546] - cifs: fix session state transition to avoid use-after-free issue (Paulo Alcantara) [RHEL-109546] - cifs: log session id when a matching ses is not found (Paulo Alcantara) [RHEL-109546] - cifs: fix session state check in smb2_find_smb_ses (Paulo Alcantara) [RHEL-109546] - cifs: fix session state check in reconnect to avoid use-after-free issue (Paulo Alcantara) [RHEL-109546] - cifs: do all necessary checks for credits within or before locking (Paulo Alcantara) [RHEL-109546] - cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname (Paulo Alcantara) [RHEL-109546] - cifs: print smb3_fs_context::source when mounting (Paulo Alcantara) [RHEL-109546] - cifs: protect session status check in smb2_reconnect() (Paulo Alcantara) [RHEL-109546] - cifs: missing lock when updating session status (Paulo Alcantara) [RHEL-109546] - cifs: refcount only the selected iface during interface update (Paulo Alcantara) [RHEL-109546] - cifs: double lock in cifs_reconnect_tcon() (Paulo Alcantara) [RHEL-109546] - cifs: get rid of dead check in smb2_reconnect() (Paulo Alcantara) [RHEL-109546] - cifs: avoid races in parallel reconnects in smb1 (Paulo Alcantara) [RHEL-109546] - cifs: fix missing unload_nls() in smb2_reconnect() (Paulo Alcantara) [RHEL-109546] - cifs: avoid race conditions with parallel reconnects (Paulo Alcantara) [RHEL-109546] - cifs: empty interface list when server doesn't support query interfaces (Paulo Alcantara) [RHEL-109546] - cifs: do not poll server interfaces too regularly (Paulo Alcantara) [RHEL-109546] - cifs: generate signkey for the channel that's reconnecting (Paulo Alcantara) [RHEL-109546] - cifs: Move the in_send statistic to __smb_send_rqst() (Paulo Alcantara) [RHEL-109546] - cifs: prevent data race in cifs_reconnect_tcon() (Paulo Alcantara) [RHEL-109546] - cifs: reuse cifs_match_ipaddr for comparison of dstaddr too (Paulo Alcantara) [RHEL-109546] - cifs: match even the scope id for ipv6 addresses (Paulo Alcantara) [RHEL-109546] - cifs: update ip_addr for ses only for primary chan setup (Paulo Alcantara) [RHEL-109546] - cifs: use tcon allocation functions even for dummy tcon (Paulo Alcantara) [RHEL-109546] - cifs: use the least loaded channel for sending requests (Paulo Alcantara) [RHEL-109546] - cifs: get rid of dns resolve worker (Paulo Alcantara) [RHEL-109546] - cifs: prevent data race in smb2_reconnect() (Paulo Alcantara) [RHEL-109546] - cifs: do not query ifaces on smb1 mounts (Paulo Alcantara) [RHEL-109546] - cifs: fix interface count calculation during refresh (Paulo Alcantara) [RHEL-109546] - cifs: protect access of TCP_Server_Info::{dstaddr,hostname} (Paulo Alcantara) [RHEL-109546] - cifs: fix race in assemble_neg_contexts() (Paulo Alcantara) [RHEL-109546] - cifs: set correct status of tcon ipc when reconnecting (Paulo Alcantara) [RHEL-109546] - cifs: set correct ipc status after initial tree connect (Paulo Alcantara) [RHEL-109546] - cifs: set correct tcon status after initial tree connect (Paulo Alcantara) [RHEL-109546] - cifs: Use after free in debug code (Paulo Alcantara) [RHEL-109546] - cifs: avoid unnecessary iteration of tcp sessions (Paulo Alcantara) [RHEL-109546] - smb3: interface count displayed incorrectly (Paulo Alcantara) [RHEL-109546] - cifs: Fix xid leak in cifs_ses_add_channel() (Paulo Alcantara) [RHEL-109546] - smb3: clarify multichannel warning (Paulo Alcantara) [RHEL-109546] - smb3: do not log confusing message when server returns no network interfaces (Paulo Alcantara) [RHEL-109546] - cifs: return correct error in ->calc_signature() (Paulo Alcantara) [RHEL-109546] - cifs: add missing spinlock around tcon refcount (Paulo Alcantara) [RHEL-109546] - cifs: fix small mempool leak in SMB2_negotiate() (Paulo Alcantara) [RHEL-109546] {CVE-2022-49938} - cifs: remove useless parameter 'is_fsctl' from SMB2_ioctl() (Paulo Alcantara) [RHEL-109546] - cifs: remove unused server parameter from calc_smb_size() (Paulo Alcantara) [RHEL-109546] - smb3: limit noisy error (Paulo Alcantara) [RHEL-109546] - cifs: alloc_mid function should be marked as static (Paulo Alcantara) [RHEL-109546] - cifs: remove "cifs_" prefix from init/destroy mids functions (Paulo Alcantara) [RHEL-109546] - cifs: fix wrong unlock before return from cifs_tree_connect() (Paulo Alcantara) [RHEL-109546] - cifs: avoid use of global locks for high contention data (Paulo Alcantara) [RHEL-109546] - cifs: remove remaining build warnings (Paulo Alcantara) [RHEL-109546] - cifs: remove minor build warning (Paulo Alcantara) [RHEL-109546] - cifs: remove some camelCase and also some static build warnings (Paulo Alcantara) [RHEL-109546] - cifs: remove unnecessary (void*) conversions. (Paulo Alcantara) [RHEL-109546] - cifs: remove unnecessary type castings (Paulo Alcantara) [RHEL-109546] - cifs: remove redundant initialization to variable mnt_sign_enabled (Paulo Alcantara) [RHEL-109546] - smb3: check xattr value length earlier (Paulo Alcantara) [RHEL-109546] - cifs: remove unnecessary locking of chan_lock while freeing session (Paulo Alcantara) [RHEL-109546] - cifs: fix race condition with delayed threads (Paulo Alcantara) [RHEL-109546] - cifs: update cifs_ses::ip_addr after failover (Paulo Alcantara) [RHEL-109546] - cifs: avoid deadlocks while updating iface (Paulo Alcantara) [RHEL-109546] - cifs: periodically query network interfaces from server (Paulo Alcantara) [RHEL-109546] - cifs: during reconnect, update interface if necessary (Paulo Alcantara) [RHEL-109546] - cifs: change iface_list from array to sorted linked list (Paulo Alcantara) [RHEL-109546] - cifs: when a channel is not found for server, log its connection id (Paulo Alcantara) [RHEL-109546] - cifs: fix potential deadlock in direct reclaim (Paulo Alcantara) [RHEL-109546] - cifs: return errors during session setup during reconnects (Paulo Alcantara) [RHEL-109546] - cifs: remove repeated debug message on cifs_put_smb_ses() (Paulo Alcantara) [RHEL-109546] - cifs: avoid parallel session setups on same channel (Paulo Alcantara) [RHEL-109546] - cifs: use new enum for ses_status (Paulo Alcantara) [RHEL-109546] - cifs: fix incorrect use of list iterator after the loop (Paulo Alcantara) [RHEL-109546] - cifs: do not use tcpStatus after negotiate completes (Paulo Alcantara) [RHEL-109546] - cifs: use correct lock type in cifs_reconnect() (Paulo Alcantara) [RHEL-109546] - cifs: Use kzalloc instead of kmalloc/memset (Paulo Alcantara) [RHEL-109546] - cifs: force new session setup and tcon for dfs (Paulo Alcantara) [RHEL-109546] - cifs: fix potential race with cifsd thread (Paulo Alcantara) [RHEL-109546] - smb3: cleanup and clarify status of tree connections (Paulo Alcantara) [RHEL-109546] - cifs: use a different reconnect helper for non-cifsd threads (Paulo Alcantara) [RHEL-109546] - smb3: fix incorrect session setup check for multiuser mounts (Paulo Alcantara) [RHEL-109546] - cifs: mark sessions for reconnection in helper function (Paulo Alcantara) [RHEL-109546] - cifs: call helper functions for marking channels for reconnect (Paulo Alcantara) [RHEL-109546] - cifs: call cifs_reconnect when a connection is marked (Paulo Alcantara) [RHEL-109546] - cifs: unlock chan_lock before calling cifs_put_tcp_session (Paulo Alcantara) [RHEL-109546] - cifs: cifs_ses_mark_for_reconnect should also update reconnect bits (Paulo Alcantara) [RHEL-109546] - cifs: update tcpStatus during negotiate and sess setup (Paulo Alcantara) [RHEL-109546] - cifs: make status checks in version independent callers (Paulo Alcantara) [RHEL-109546] - cifs: remove repeated state change in dfs tree connect (Paulo Alcantara) [RHEL-109546] - cifs: fix the cifs_reconnect path for DFS (Paulo Alcantara) [RHEL-109546] - cifs: remove unused variable ses_selected (Paulo Alcantara) [RHEL-109546] - cifs: protect all accesses to chan_* with chan_lock (Paulo Alcantara) [RHEL-109546] - cifs: fix the connection state transitions with multichannel (Paulo Alcantara) [RHEL-109546] - cifs: check reconnects for channels of active tcons too (Paulo Alcantara) [RHEL-109546] - cifs: avoid race during socket reconnect between send and recv (Paulo Alcantara) [RHEL-109546] - cifs: maintain a state machine for tcp/smb/tcon sessions (Paulo Alcantara) [RHEL-109546] - cifs: fix hang on cifs_get_next_mid() (Paulo Alcantara) [RHEL-109546] - cifs: take cifs_tcp_ses_lock for status checks (Paulo Alcantara) [RHEL-109546] - cifs: reconnect only the connection and not smb session where possible (Paulo Alcantara) [RHEL-109546] - cifs: add WARN_ON for when chan_count goes below minimum (Paulo Alcantara) [RHEL-109546] - cifs: adjust DebugData to use chans_need_reconnect for conn status (Paulo Alcantara) [RHEL-109546] - cifs: use the chans_need_reconnect bitmap for reconnect status (Paulo Alcantara) [RHEL-109546] - cifs: track individual channel status using chans_need_reconnect (Paulo Alcantara) [RHEL-109546] - cifs: Adjust key sizes and key generation routines for AES256 encryption (Paulo Alcantara) [RHEL-109546] - cifs: fix allocation size on newly created files (Paulo Alcantara) [RHEL-109546] - veth: try harder when allocating queue memory (Davide Caratti) [RHEL-92515] - net: enable memcg accounting for veth queues (Davide Caratti) [RHEL-92515] - gfs2: No more gfs2_find_jhead caching (Andreas Gruenbacher) [RHEL-92461] - gfs2: Clean up revokes on normal withdraws (Bob Peterson) [RHEL-92461] - gfs2: Get rid of duplicate log head lookup (Andreas Gruenbacher) [RHEL-92461] - gfs2: Improve gfs2_make_fs_rw error handling (Andreas Gruenbacher) [RHEL-92461] - gfs2: Simplify clean_journal (Andreas Gruenbacher) [RHEL-92461] - gfs2: Simplify gfs2_log_pointers_init (Andreas Gruenbacher) [RHEL-92461] - gfs2: Fix glock recursion in freeze_go_xmote_bh (Bob Peterson) [RHEL-92461] - gfs2: Move gfs2_log_pointers_init (Andreas Gruenbacher) [RHEL-92461] - mm: hugetlb: conditionally disable tlb_remove_table_sync_one() in huge_pmd_unshare() (Rafael Aquini) [RHEL-120391] - kernel: extend rh_waived to cope better with the CVE mitigations case (Rafael Aquini) [RHEL-120391] - Add support to rh_waived cmdline boot parameter (Rafael Aquini) [RHEL-120391] - wifi: cfg80211: fix use-after-free in cmp_bss() (CKI Backport Bot) [RHEL-117792] {CVE-2025-39864} - ext4: prevent stale extent cache entries caused by concurrent I/O writeback (Brian Foster) [RHEL-50745] - ext4: ext4: unify EXT4_EX_NOCACHE|NOFAIL flags in ext4_ext_remove_space() (Brian Foster) [RHEL-50745] - ext4: check the extent status again before inserting delalloc block (Brian Foster) [RHEL-50745] - ext4: factor out a common helper to query extent map (Brian Foster) [RHEL-50745] - ext4: convert to exclusive lock while inserting delalloc extents (Brian Foster) [RHEL-50745] - ext4: refactor ext4_da_map_blocks() (Brian Foster) [RHEL-50745] - wifi: mac80211: check S1G action frame size (Jose Ignacio Tornos Martinez) [RHEL-116069] {CVE-2023-53257} - wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet (Jose Ignacio Tornos Martinez) [RHEL-115516] {CVE-2023-53226} - wifi: mwifiex: Fix missed return in oob checks failed path (Jose Ignacio Tornos Martinez) [RHEL-115516] {CVE-2023-53226} - wifi: mwifiex: Fix OOB and integer underflow when rx packets (Jose Ignacio Tornos Martinez) [RHEL-115516] {CVE-2023-53226} _______________________________________________ El-errata mailing list El-errata@oss.oracle.com https://oss.oracle.com/mailman/listinfo/el-errata