Oracle alert ELSA-2026-6571 (kernel)
| From: | Errata Announcements for Oracle Linux via El-errata <el-errata@oss.oracle.com> | |
| To: | el-errata@oss.oracle.com | |
| Subject: | [El-errata] ELSA-2026-6571 Moderate: Oracle Linux 8 kernel security update | |
| Date: | Mon, 13 Apr 2026 21:54:40 -0700 | |
| Message-ID: | <mailman.0.1776338630.31.el-errata@oss.oracle.com> |
Oracle Linux Security Advisory ELSA-2026-6571 http://linux.oracle.com/errata/ELSA-2026-6571.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-4.18.0-553.117.1.el8_10.x86_64.rpm kernel-4.18.0-553.117.1.el8_10.x86_64.rpm kernel-abi-stablelists-4.18.0-553.117.1.el8_10.noarch.rpm kernel-core-4.18.0-553.117.1.el8_10.x86_64.rpm kernel-cross-headers-4.18.0-553.117.1.el8_10.x86_64.rpm kernel-debug-4.18.0-553.117.1.el8_10.x86_64.rpm kernel-debug-core-4.18.0-553.117.1.el8_10.x86_64.rpm kernel-debug-devel-4.18.0-553.117.1.el8_10.x86_64.rpm kernel-debug-modules-4.18.0-553.117.1.el8_10.x86_64.rpm kernel-debug-modules-extra-4.18.0-553.117.1.el8_10.x86_64.rpm kernel-devel-4.18.0-553.117.1.el8_10.x86_64.rpm kernel-doc-4.18.0-553.117.1.el8_10.noarch.rpm kernel-headers-4.18.0-553.117.1.el8_10.x86_64.rpm kernel-modules-4.18.0-553.117.1.el8_10.x86_64.rpm kernel-modules-extra-4.18.0-553.117.1.el8_10.x86_64.rpm kernel-tools-4.18.0-553.117.1.el8_10.x86_64.rpm kernel-tools-libs-4.18.0-553.117.1.el8_10.x86_64.rpm kernel-tools-libs-devel-4.18.0-553.117.1.el8_10.x86_64.rpm perf-4.18.0-553.117.1.el8_10.x86_64.rpm python3-perf-4.18.0-553.117.1.el8_10.x86_64.rpm aarch64: bpftool-4.18.0-553.117.1.el8_10.aarch64.rpm kernel-cross-headers-4.18.0-553.117.1.el8_10.aarch64.rpm kernel-headers-4.18.0-553.117.1.el8_10.aarch64.rpm kernel-tools-4.18.0-553.117.1.el8_10.aarch64.rpm kernel-tools-libs-4.18.0-553.117.1.el8_10.aarch64.rpm kernel-tools-libs-devel-4.18.0-553.117.1.el8_10.aarch64.rpm perf-4.18.0-553.117.1.el8_10.aarch64.rpm python3-perf-4.18.0-553.117.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/kernel-4.18.0-553... Related CVEs: CVE-2024-26984 CVE-2025-71238 CVE-2026-23193 CVE-2026-23231 Description of changes: [4.18.0-553.117.1] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3 - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652] - Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985772] [4.18.0-553.117.1] - nvme-pci: do not directly handle subsys reset fallout (Maurizio Lombardi) [RHEL-136436] - scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (CKI Backport Bot) [RHEL-150417] {CVE-2026-23193} [4.18.0-553.116.1] - nouveau: fix instmem race condition around ptr stores (Lyude Paul) [RHEL-111846] {CVE-2024-26984} - s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump (Mete Durlu) [RHEL-157930] - NFSv4/flexfiles: Fix layout merge mirror check. (Mike Snitzer) [RHEL-157242] - flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read (Mike Snitzer) [RHEL-157242] - pnfs/flexfiles: retry getting layout segment for reads (Mike Snitzer) [RHEL-157242] - pNFS/flexfiles: don't attempt pnfs on fatal DS errors (Mike Snitzer) [RHEL-157242] - NFSv4/flexfiles: Fix handling of NFS level errors in I/O (Mike Snitzer) [RHEL-157242] - flexfiles/pNFS: update stats on NFS4ERR_DELAY for v4.1 DSes (Mike Snitzer) [RHEL-157242] - pNFS/flexfiles: Record the RPC errors in the I/O tracepoints (Mike Snitzer) [RHEL-157242] - NFSv4/pnfs: Layoutreturn on close must handle fatal networking errors (Mike Snitzer) [RHEL-157242] - NFSv4: Handle fatal ENETDOWN and ENETUNREACH errors (Mike Snitzer) [RHEL-157242] - pNFS/flexfiles: Report ENETDOWN as a connection error (Mike Snitzer) [RHEL-157242] - pNFS/flexfiles: Treat ENETUNREACH errors as fatal in containers (Mike Snitzer) [RHEL-157242] - NFS: Treat ENETUNREACH errors as fatal in containers (Mike Snitzer) [RHEL-157242] - NFS: Add a mount option to make ENETUNREACH errors fatal (Mike Snitzer) [RHEL-157242] - NFSv4.1 another fix for EXCHGID4_FLAG_USE_PNFS_DS for DS server (Mike Snitzer) [RHEL-157242] - SUNRPC: ECONNRESET might require a rebind (Mike Snitzer) [RHEL-157242] - NFS/pNFS: Set the connect timeout for the pNFS flexfiles driver (Mike Snitzer) [RHEL-157242] - SUNRPC: Don't override connect timeouts in rpc_clnt_add_xprt() (Mike Snitzer) [RHEL-157242] - SUNRPC: Allow specification of TCP client connect timeout at setup (Mike Snitzer) [RHEL-157242] - SUNRPC: Refactor and simplify connect timeout (Mike Snitzer) [RHEL-157242] - SUNRPC: Set the TCP_SYNCNT to match the socket timeout (Mike Snitzer) [RHEL-157242] - NFS: discard NFS_RPC_SWAPFLAGS and RPC_TASK_ROOTCREDS (Mike Snitzer) [RHEL-157242] - NFS: O_DIRECT writes must check and adjust the file length (Mike Snitzer) [RHEL-156419] - nfs: properly protect nfs_direct_req fields (Mike Snitzer) [RHEL-156419] - pNFS: Fix the pnfs block driver's calculation of layoutget size (Mike Snitzer) [RHEL-156419] - NFS: More fixes for nfs_direct_write_reschedule_io() (Mike Snitzer) [RHEL-156419] - NFS: Use the correct commit info in nfs_join_page_group() (Mike Snitzer) [RHEL-156419] - NFS: More O_DIRECT accounting fixes for error paths (Mike Snitzer) [RHEL-156419] - NFS: Fix O_DIRECT locking issues (Mike Snitzer) [RHEL-156419] - NFS: Fix error handling for O_DIRECT write scheduling (Mike Snitzer) [RHEL-156419] - NFS: Fix a potential data corruption (Mike Snitzer) [RHEL-156419] - NFS: Fix a use after free in nfs_direct_join_group() (Mike Snitzer) [RHEL-156419] - NFS: Clean up O_DIRECT request allocation (Mike Snitzer) [RHEL-156419] - NFS: add nfs_page_create and nfs_page_assign_page as backport prereq (Mike Snitzer) [RHEL-156419] - nfs: only issue commit in DIO codepath if we have uncommitted data (Mike Snitzer) [RHEL-156419] - nfs: always check dreq->error after a commit (Mike Snitzer) [RHEL-156419] - nfs: add new nfs_direct_req tracepoint events (Mike Snitzer) [RHEL-156419] - scsi: qla2xxx: Fix bsg_done() causing double free (Ewan D. Milne) [RHEL-153405] {CVE-2025-71238} - netfilter: nf_tables: fix use-after-free in nf_tables_addchain() (Florian Westphal) [RHEL-153264] {CVE-2026-23231} - ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (Mark Langsdorf) [RHEL-123942] _______________________________________________ El-errata mailing list El-errata@oss.oracle.com https://oss.oracle.com/mailman/listinfo/el-errata