Oracle Linux Security Advisory ELSA-2025-20018 http://linux.oracle.com/errata/ELSA-2025-20018.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: aarch64: bpftool-5.15.0-304.171.4.el9uek.aarch64.rpm kernel-uek-5.15.0-304.171.4.el9uek.aarch64.rpm kernel-uek-container-5.15.0-304.171.4.el9uek.aarch64.rpm kernel-uek-container-debug-5.15.0-304.171.4.el9uek.aarch64.rpm kernel-uek-core-5.15.0-304.171.4.el9uek.aarch64.rpm kernel-uek-debug-5.15.0-304.171.4.el9uek.aarch64.rpm kernel-uek-debug-core-5.15.0-304.171.4.el9uek.aarch64.rpm kernel-uek-debug-devel-5.15.0-304.171.4.el9uek.aarch64.rpm kernel-uek-debug-modules-5.15.0-304.171.4.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-5.15.0-304.171.4.el9uek.aarch64.rpm kernel-uek-devel-5.15.0-304.171.4.el9uek.aarch64.rpm kernel-uek-doc-5.15.0-304.171.4.el9uek.noarch.rpm kernel-uek-modules-5.15.0-304.171.4.el9uek.aarch64.rpm kernel-uek-modules-extra-5.15.0-304.171.4.el9uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-5.15.0-304.171.4.el9uek.src.rpm Related CVEs: CVE-2024-46770 CVE-2024-53060 CVE-2024-53070 CVE-2024-53097 CVE-2024-53206 CVE-2024-53226 Description of changes: [5.15.0-304.171.4.el9uek] - Revert "unicode: Don't special case ignorable code points" (Linus Torvalds) - Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" (Aurelien Jarno) - tcp: Fix use-after-free of nreq in reqsk_timer_handler(). (Kuniyuki Iwashima) - lib/buildid: Fix build ID parsing logic (Jiri Olsa) - powerpc/vdso: Flag VDSO64 entry points as functions (Christophe Leroy) - mm: krealloc: Fix MTE false alarm in __do_krealloc (Qun-Wei Lin) - Revert "ALSA: hda/conexant: Mute speakers at suspend / shutdown" (Jarosław Janik) - usb: dwc3: fix fault at system suspend if device was already runtime suspended (Roger Quadros) - ACPI: PRM: Clean up guid type in struct prm_handler_info (Dan Carpenter) - RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (Junxian Huang) - mm: revert "mm: shmem: fix data-race in shmem_getattr()" (Andrew Morton) - ACPI: CPPC: Fix _CPC register setting issue (Lifeng Zheng) - scsi: qla2xxx: Fix abort in bsg timeout (Quinn Tran) - drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported (Antonio Quartulli) - RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (Kashyap Desai) - vhost_scsi: log write descriptors (Dongli Zhang) [Orabug: 37393531] - vhost-scsi: protect vq->log_base with vq->mutex (Dongli Zhang) [Orabug: 37393531] [5.15.0-304.171.3.el9uek] - build: populate modules_thick.builtin for dirs containing only modules (Nick Alcock) [Orabug: 37381702] - mtd: fix use-after-free in mtd release (Alexander Usyskin) [Orabug: 37371929] - mtd: Clean refcounting with MTD_PARTITIONED_MASTER (Miquel Raynal) [Orabug: 37371929] - mtd: call external _get and _put in right order (Alexander Usyskin) [Orabug: 37371929] - nvmem: core: Check input parameter for NULL in nvmem_unregister() (Andy Shevchenko) [Orabug: 37371929] - Revert "ocfs2: fix the la space leak when unmounting an ocfs2 volume" (Sherry Yang) [Orabug: 37364544] - x86/pkeys: Ensure updated PKRU value is XRSTOR'd (Aruna Ramakrishna) [Orabug: 37361290] - x86/pkeys: Change caller of update_pkru_in_sigframe() (Aruna Ramakrishna) [Orabug: 37361290] - cgroup: cgroup-v1: do not exclude cgrp_dfl_root (Vishal Verma) [Orabug: 37347419] - mm/memcontrol: Fix memcg stat calculation (Aruna Ramakrishna) [Orabug: 37306542] [5.15.0-304.171.2.el9uek] - uek-rpm: Add mstflint_access module to the core list (Thomas Tai) [Orabug: 37345530] - uek-rpm/ol8/config-aarch64-emb3: Enable CONFIG_ARM_SDE_INTERFACE (Thomas Tai) [Orabug: 37345530] - sunrpc: fix a NULL deref in svc_process() when ->sv_stats doesn't exist (Calum Mackay) [Orabug: 37329531] - Partial revert "rds: Add inc/frag cache statistics" (Hans Westgaard Ry) [Orabug: 37232315] [5.15.0-304.171.1.el9uek] - kpcimgr: assign CPU to handle PCIE transactions during kexec (Joe Dobosenski) [Orabug: 37295980] - kexec: update start address for LPI table data (Joe Dobosenski) [Orabug: 37295980] - kpcimgr: fix flush_icache_range arguments (Joe Dobosenski) [Orabug: 37295980] - embedded2: Enable CONFIG_SQUASHFS_ZSTD to support zstd compression (Joe Dobosenski) [Orabug: 37295980] - embedded2: Support booting an encrypted root filesystem (Joe Dobosenski) [Orabug: 37295980] - Update embedded2 config for UEK7 (Joe Dobosenski) [Orabug: 37295980] - Pensando: kernel config changes for kdump (Rob Gardner) [Orabug: 34091165] [Orabug: 37295980] - arm64: Reserve elfcorehdr before scanning reserved memory from device tree (Joe Dobosenski) [Orabug: 37295980] - arm64: kexec: add support for kexec with spin-table (Henry Willard) [Orabug: 32549965] [Orabug: 37295980] - drivers/soc/pensando/cap_mem.c: Support DM region mapping. (David Clear) [Orabug: 37295980] - drivers/edac: elba: Support multiple DDR bypass ranges. (David Clear) [Orabug: 37295980] - mmc: sdhci-cadence: Enable host driver defined bounce buffer (Brad Larson) [Orabug: 37295980] - Fix NULL pointer dereference in cn_filter() (Anjali Kulkarni) [Orabug: 37280567] - selftests: connector: Fix input argument error paths to skip (Shuah Khan) [Orabug: 37280567] - connector/cn_proc: Selftest for proc connector (Anjali Kulkarni) [Orabug: 37280567] - connector/cn_proc: Allow non-root users access (Anjali Kulkarni) [Orabug: 37280567] - connector/cn_proc: Performance improvements (Anjali Kulkarni) [Orabug: 37280567] - connector/cn_proc: Add filtering to fix some bugs (Anjali Kulkarni) [Orabug: 37280567] - netlink: Add new netlink_release function (Anjali Kulkarni) [Orabug: 37280567] - ice: Add netif_device_attach/detach into PF reset flow (Dawid Osuchowski) [Orabug: 37214589] {CVE-2024-46770} _______________________________________________ El-errata mailing list El-errata@oss.oracle.com https://oss.oracle.com/mailman/listinfo/el-errata