|
|
Log in / Subscribe / Register

Oracle alert ELSA-2026-50281 (kernel)



From:
              Errata Announcements for Oracle Linux via El-errata <el-errata@oss.oracle.com>


To:
              el-errata@oss.oracle.com


Subject:
              [El-errata] ELSA-2026-50281 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update


Date:
              Fri, 22 May 2026 00:23:47 -0700


Message-ID:
              <mailman.23.1779434640.34.el-errata@oss.oracle.com>


Oracle Linux Security Advisory ELSA-2026-50281

http://linux.oracle.com/errata/ELSA-2026-50281.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.355.3.3.el7uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.355.3.3.el7uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.355.3.3.el7uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.355.3.3.el7uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.355.3.3.el7uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.355.3.3.el7uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.355.3.3.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2136.355.3.3.el7uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-5.4.17...

Related CVEs:

CVE-2026-46333




Description of changes:

[5.4.17-2136.355.3.3]
- ptrace: slightly saner 'get_dumpable()' logic (Linus Torvalds)  [Orabug: 39391459]
{CVE-2026-46333}

[5.4.17-2136.355.3.2]
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (Maurizio Lombardi)
[Orabug: 39368774]  {CVE-2026-23193}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (Maurizio Lombardi)
[Orabug: 39368732]  {CVE-2026-23216}
- nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Jeff Layton)  [Orabug: 39368718]
{CVE-2026-31402}

[5.4.17-2136.355.3.1]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen)  [Orabug: 39344527]
{CVE-2026-43284}
- x86/CPU/AMD: Add a fix for AMD-SB-7052 (Prathyushi Nangia)  [Orabug: 39344576]  {CVE-2025-54518}

[5.4.17-2136.355.3]
- crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [Orabug:
39250687,39331106] {CVE-2026-43077}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Herbert Xu) [Orabug:
39250687,39331111] {CVE-2026-43078}
- crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [Orabug: 39250687]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu)
[Orabug: 39250687,39300911] {CVE-2026-43033}
- crypto: authenc - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687]
- crypto: algif_aead - snapshot IV for async AEAD requests (Douya Le) [Orabug: 39250687]
- crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [Orabug:
39250687,39283868,39292250] {CVE-2026-31431}
- crypto: algif_aead - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug:
39250687] {CVE-2026-31431}
- crypto: scatterwalk - Backport memcpy_sglist() (Eric Biggers) [Orabug: 39250687]
- crypto: doc - fix kernel-doc notation in chacha.c and af_alg.c (Randy Dunlap) [Orabug: 39250687]

[5.4.17-2136.355.2]
- Revert "rds: Drop rds conn in connect worker if not in down state." (Alok Tiwari) [Orabug:
39253770]
- x86/CPU: Fix FPDSS on Zen1 (Siddh Raman Pant) [Orabug: 39241225,39273723] {CVE-2026-31628}
- SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (Joshua
Rogers) [Orabug: 38852342] {CVE-2025-71120}

[5.4.17-2136.355.1]
- net/sched: Enforce that teql can only be used as root qdisc (Jamal Hadi Salim) [Orabug: 38930950]
{CVE-2026-23074}

[5.4.17-2136.354.4]
- macvlan: fix possible UAF in macvlan_forward_source() (Eric Dumazet) [Orabug: 38887731]
{CVE-2026-23001}
- macvlan: Use 'hash' iterators to simplify code (Christophe Jaillet) [Orabug: 38887731]
{CVE-2026-23001}
- macvlan: Add nodst option to macvlan type source (Jethro Beekman) [Orabug: 38887731]
{CVE-2026-23001}
- macvlan: observe an RCU grace period in macvlan_common_newlink() error path (Eric Dumazet)
[Orabug: 38970510,39188399] {CVE-2026-23209,CVE-2026-23273}
- macvlan: fix error recovery in macvlan_common_newlink() (Eric Dumazet) [Orabug: 38970510]
{CVE-2026-23209}

[5.4.17-2136.354.3]
- io_uring: fix filename leak in __io_openat_prep() (Prithvi Tambewagh) [Orabug: 39064937]
{CVE-2025-68814}
- rds: Drop rds conn in connect worker if not in down state. (Rohit Nair) [Orabug: 39045035]

[5.4.17-2136.354.2]
- ext4/jbd2: skip sb flush when EIO happened (Wengang Wang) [Orabug: 38916908]
- jbd2: store more accurate errno in superblock (Wengang Wang) [Orabug: 38916908]
- ext4: save the error code which triggered an (Wengang Wang) [Orabug: 38916908]

[5.4.17-2136.354.1]
- genirq/cpuhotplug: Notify about affinity changes breaking the affinity mask (Imran Khan) [Orabug:
39001911]
- rds: Add state field to RDS trace logs. (Rohit Nair) [Orabug: 38870347]


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds