Oracle has released several updates for its Linux platform, including security patches and bug fixes. The affected releases are Oracle Linux 10 and version 9 of the platform, with various packages receiving updates to improve their functionality and address vulnerabilities. Packages such as binutils, virt-v2v, nodejs-packaging, man-pages, rust-bootupd, skopeo, net-snmp, git-lfs, fence-agents, and gcc-toolset-13-binutils have received updates, which are categorized as either moderate or important security issues.

ELSA-2025-23306 Moderate: Oracle Linux 10 binutils security update
ELBA-2025-23288 Oracle Linux 10 virt-v2v bug fix and enhancement update
ELBA-2025-23298 Oracle Linux 10 nodejs-packaging bug fix and enhancement update
ELBA-2025-23303 Oracle Linux 10 man-pages bug fix and enhancement update
ELBA-2025-23302 Oracle Linux 10 rust-bootupd bug fix and enhancement update
ELSA-2025-23294 Moderate: Oracle Linux 10 skopeo security update
ELBA-2025-23297 Oracle Linux 10 net-snmp bug fix and enhancement update
ELSA-2025-23667 Important: Oracle Linux 10 git-lfs security update
ELBA-2025-23292 Oracle Linux 10 fence-agents bug fix and enhancement update
ELSA-2025-23336 Moderate: Oracle Linux 9 gcc-toolset-13-binutils security update

ELSA-2025-23306 Moderate: Oracle Linux 10 binutils security update

Oracle Linux Security Advisory ELSA-2025-23306

http://linux.oracle.com/errata/ELSA-2025-23306.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
binutils-2.41-58.0.1.el10_1.2.x86_64.rpm
binutils-devel-2.41-58.0.1.el10_1.2.x86_64.rpm
binutils-gold-2.41-58.0.1.el10_1.2.x86_64.rpm

aarch64:
binutils-2.41-58.0.1.el10_1.2.aarch64.rpm
binutils-devel-2.41-58.0.1.el10_1.2.aarch64.rpm
binutils-gold-2.41-58.0.1.el10_1.2.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/binutils-2.41-58.0.1.el10_1.2.src.rpm

Related CVEs:

CVE-2025-11082
CVE-2025-11083

Description of changes:

[2.41-58.0.1.2]
- Forward-port Oracle patches to 2.41-58.2
- CVE-2025-11082
- CVE-2025-11083
Reviewed-by: David Faust [david.faust@oracle.com]
Oracle history:
September-29-2025 David Faust [david.faust@oracle.com] - 2.41-58.0.1
- Forward-port Oracle patches to 2.41-58.
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]
August-29-2025 Bruce McCulloch [bruce.mcculloch@oracle.com] - 2.41-57.0.1
- Forward-port Oracle patches to 2.41-57.
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]
Jun-04-2025 Bruce McCulloch [bruce.mcculloch@oracle.com] - 2.41-53.0.3
- Add binutils-orabug-38018827.patch.
- Fix ctf_dict_open clobbering errno.
- Backport of upstream commit:
- 14303d6295e libctf: archive, open: when opening, always set errp to
something.
- [Orabug: 38018827]
- Add binutils-orabug-38018828.patch.
- In kernel links, properly hide CTF types only if conflicting.
- Backport of upstream commits:
- 75e514cfa56 Revert "libctf: fix linking of non-root-visible types"
- 002957be18e libctf: dedup: improve hiding of conflicting types in the
same dict
- [Orabug: 38018828]
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]
Reviewed-by: Nick Alcock [nick.alcock@oracle.com]
Reviewed-by: Elena Zannoni [elena.zannoni@oracle.com]
May-28-2025 Vladimir Mezentsev [vladimir.mezentsev@oracle.com] - 2.41-53.0.2
- Backported updates for gprofng.
Reviewed-by: Bruce McCulloch [bruce.mcculloch@oracle.com]
April-02-2025 Bruce McCulloch [bruce.mcculloch@oracle.com] - 2.41-53.0.1
- Merge Oracle patches to 2.41-53.
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]
November-28-2024 Nick Alcock [nick.alcock@oracle.com] - 2.41-45.0.1
- Latest CTF changes from upstream
- add ctf_dict_set_flag, ctf_lookup_enumerator, ctf_lookup_enumerator_next,
ctf_arc_lookup_enumerator_next; consider enums with differing enumerators
to be conflicting
- add documentation to ctf-api.h
- allow modification of ctf_opened dicts and opening of foreign-
endian older dicts
- looking up types by name prefers non-bitfields if possible
- bugfixes to parent propagation, rewriting of existing dicts,
ctf_archive_count, CU-mapped links, and dumping and linking of
non-root-visible types.
- fix a bunch of small leaks and one big one (on ctf_open error)
- fix a write into freed memory after ctf_rollback and writeout
- internal improvements to serialization, name lookup, symbol
lookup, string handling, and more
- explicitly disable zstd support (enabling requires addition of zstd to
the .so scripts)

[2.41-58.2]
- Fix a potential illegal memory access when linking a corrupt input file. (RHEL-126875)

[2.41-58.1]
- Fix a potential illegal memory access when linking a corrupt input file. (RHEL-125206)

ELBA-2025-23288 Oracle Linux 10 virt-v2v bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2025-23288

http://linux.oracle.com/errata/ELBA-2025-23288.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
virt-v2v-2.8.1-13.0.1.el10_1.x86_64.rpm
virt-v2v-bash-completion-2.8.1-13.0.1.el10_1.noarch.rpm
virt-v2v-man-pages-ja-2.8.1-13.0.1.el10_1.noarch.rpm
virt-v2v-man-pages-uk-2.8.1-13.0.1.el10_1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/virt-v2v-2.8.1-13.0.1.el10_1.src.rpm

Description of changes:

[2.8.1-13.0.1]
- Replaced bugzilla.oracle.com references [Orabug: 34202300]
- replaced upstream references [Orabug:34089586]

[1:2.8.1-13]
- Fix pnputil driver store after conversion
resolves: RHEL-128908

[1:2.8.1-12]
- Fix ESP conversion if C:\Windows\Temp has alternate case
resolves: RHEL-124791

ELBA-2025-23298 Oracle Linux 10 nodejs-packaging bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2025-23298

http://linux.oracle.com/errata/ELBA-2025-23298.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
nodejs-packaging-2023.10-12.el10_1.noarch.rpm

aarch64:
nodejs-packaging-2023.10-12.el10_1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/nodejs-packaging-2023.10-12.el10_1.src.rpm

Description of changes:

[2023.10-12]
- Properly handle @group/package deps in nodejs-symlink-deps

ELBA-2025-23303 Oracle Linux 10 man-pages bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2025-23303

http://linux.oracle.com/errata/ELBA-2025-23303.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
man-pages-6.06-12.el10_1.noarch.rpm

aarch64:
man-pages-6.06-12.el10_1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/man-pages-6.06-12.el10_1.src.rpm

Description of changes:

[6.06-12]
- rtnetlink.7: Document metrics attributes (RTAX_*) (RHEL-86830)

[6.06-11]
- madvise(2): madvise can return EBUSY on MADV_SOFT_OFFLINE requests.
(RHEL-115501)

[6.06-10]
- Document RWF_ATOMIC, STATX_ATTR_WRITE_ATOMIC flags (RHEL-87647)

[6.06-9]
- Update gating.yaml

ELBA-2025-23302 Oracle Linux 10 rust-bootupd bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2025-23302

http://linux.oracle.com/errata/ELBA-2025-23302.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
bootupd-0.2.31-1.el10_1.x86_64.rpm

aarch64:
bootupd-0.2.31-1.el10_1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/rust-bootupd-0.2.31-1.el10_1.src.rpm

Description of changes:

[0.2.31-1]
- Update to 0.2.31

[0.2.29-1]
- Update to 0.2.29

ELSA-2025-23294 Moderate: Oracle Linux 10 skopeo security update

Oracle Linux Security Advisory ELSA-2025-23294

http://linux.oracle.com/errata/ELSA-2025-23294.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
skopeo-1.20.0-2.el10_1.x86_64.rpm
skopeo-tests-1.20.0-2.el10_1.x86_64.rpm

aarch64:
skopeo-1.20.0-2.el10_1.aarch64.rpm
skopeo-tests-1.20.0-2.el10_1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/skopeo-1.20.0-2.el10_1.src.rpm

Related CVEs:

CVE-2025-58183

Description of changes:

[1:1.20.0-2]
- rebuild for CVE-2025-58183
- Resolves: RHEL-125643

ELBA-2025-23297 Oracle Linux 10 net-snmp bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2025-23297

http://linux.oracle.com/errata/ELBA-2025-23297.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
net-snmp-5.9.4-15.0.1.el10_1.1.x86_64.rpm
net-snmp-agent-libs-5.9.4-15.0.1.el10_1.1.x86_64.rpm
net-snmp-devel-5.9.4-15.0.1.el10_1.1.x86_64.rpm
net-snmp-libs-5.9.4-15.0.1.el10_1.1.x86_64.rpm
net-snmp-perl-5.9.4-15.0.1.el10_1.1.x86_64.rpm
net-snmp-perl-module-5.9.4-15.0.1.el10_1.1.x86_64.rpm
net-snmp-utils-5.9.4-15.0.1.el10_1.1.x86_64.rpm
python3-net-snmp-5.9.4-15.0.1.el10_1.1.x86_64.rpm

aarch64:
net-snmp-5.9.4-15.0.1.el10_1.1.aarch64.rpm
net-snmp-agent-libs-5.9.4-15.0.1.el10_1.1.aarch64.rpm
net-snmp-devel-5.9.4-15.0.1.el10_1.1.aarch64.rpm
net-snmp-libs-5.9.4-15.0.1.el10_1.1.aarch64.rpm
net-snmp-perl-5.9.4-15.0.1.el10_1.1.aarch64.rpm
net-snmp-perl-module-5.9.4-15.0.1.el10_1.1.aarch64.rpm
net-snmp-utils-5.9.4-15.0.1.el10_1.1.aarch64.rpm
python3-net-snmp-5.9.4-15.0.1.el10_1.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/net-snmp-5.9.4-15.0.1.el10_1.1.src.rpm

Description of changes:

[1:5.9.4-15.0.1.1]
- fix error index value when snmpget is used a proxy pass [Orabug: 35010262]

[1:5.9.4-15.1]
- enable PQC (RHEL-112338)

ELSA-2025-23667 Important: Oracle Linux 10 git-lfs security update

Oracle Linux Security Advisory ELSA-2025-23667

http://linux.oracle.com/errata/ELSA-2025-23667.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
git-lfs-3.6.1-4.el10_1.x86_64.rpm

aarch64:
git-lfs-3.6.1-4.el10_1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/git-lfs-3.6.1-4.el10_1.src.rpm

Related CVEs:

CVE-2025-26625

Description of changes:

[3.6.1-4]
- Backport fix for CVE-2025-26625

ELBA-2025-23292 Oracle Linux 10 fence-agents bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2025-23292

http://linux.oracle.com/errata/ELBA-2025-23292.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
fence-agents-aliyun-4.16.0-13.el10_1.1.x86_64.rpm
fence-agents-all-4.16.0-13.el10_1.1.x86_64.rpm
fence-agents-amt-ws-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-apc-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-apc-snmp-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-aws-4.16.0-13.el10_1.1.x86_64.rpm
fence-agents-azure-arm-4.16.0-13.el10_1.1.x86_64.rpm
fence-agents-bladecenter-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-brocade-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-cisco-mds-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-cisco-ucs-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-common-4.16.0-13.el10_1.1.x86_64.rpm
fence-agents-drac5-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-eaton-snmp-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-emerson-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-eps-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-gce-4.16.0-13.el10_1.1.x86_64.rpm
fence-agents-heuristics-ping-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-hpblade-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ibm-powervs-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ibm-vpc-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ibmblade-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ifmib-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ilo-moonshot-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ilo-mp-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ilo-ssh-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ilo2-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-intelmodular-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ipdu-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ipmilan-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-kdump-4.16.0-13.el10_1.1.x86_64.rpm
fence-agents-kubevirt-4.16.0-13.el10_1.1.x86_64.rpm
fence-agents-mpath-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-openstack-4.16.0-13.el10_1.1.x86_64.rpm
fence-agents-redfish-4.16.0-13.el10_1.1.x86_64.rpm
fence-agents-rhevm-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-rsa-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-rsb-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-sbd-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-scsi-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-virsh-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-vmware-rest-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-vmware-soap-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-wti-4.16.0-13.el10_1.1.noarch.rpm
fence-virt-4.16.0-13.el10_1.1.x86_64.rpm
fence-virtd-4.16.0-13.el10_1.1.x86_64.rpm
fence-virtd-cpg-4.16.0-13.el10_1.1.x86_64.rpm
fence-virtd-libvirt-4.16.0-13.el10_1.1.x86_64.rpm
fence-virtd-multicast-4.16.0-13.el10_1.1.x86_64.rpm
fence-virtd-serial-4.16.0-13.el10_1.1.x86_64.rpm
fence-virtd-tcp-4.16.0-13.el10_1.1.x86_64.rpm
ha-cloud-support-4.16.0-13.el10_1.1.x86_64.rpm

aarch64:
fence-agents-all-4.16.0-13.el10_1.1.aarch64.rpm
fence-agents-amt-ws-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-apc-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-apc-snmp-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-bladecenter-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-brocade-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-cisco-mds-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-cisco-ucs-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-common-4.16.0-13.el10_1.1.aarch64.rpm
fence-agents-drac5-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-eaton-snmp-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-emerson-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-eps-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-heuristics-ping-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-hpblade-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ibm-powervs-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ibm-vpc-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ibmblade-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ifmib-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ilo-moonshot-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ilo-mp-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ilo-ssh-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ilo2-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-intelmodular-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ipdu-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-ipmilan-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-kdump-4.16.0-13.el10_1.1.aarch64.rpm
fence-agents-kubevirt-4.16.0-13.el10_1.1.aarch64.rpm
fence-agents-mpath-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-redfish-4.16.0-13.el10_1.1.aarch64.rpm
fence-agents-rhevm-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-rsa-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-rsb-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-sbd-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-scsi-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-virsh-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-vmware-rest-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-vmware-soap-4.16.0-13.el10_1.1.noarch.rpm
fence-agents-wti-4.16.0-13.el10_1.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/fence-agents-4.16.0-13.el10_1.1.src.rpm

Description of changes:

[4.16.0-13.1]
- fence_nutanix_ahv: add new fence agent
Resolves: RHEL-128285

ELSA-2025-23336 Moderate: Oracle Linux 9 gcc-toolset-13-binutils security update

Oracle Linux Security Advisory ELSA-2025-23336

http://linux.oracle.com/errata/ELSA-2025-23336.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
gcc-toolset-13-binutils-2.40-21.0.1.el9_7.1.x86_64.rpm
gcc-toolset-13-binutils-devel-2.40-21.0.1.el9_7.1.i686.rpm
gcc-toolset-13-binutils-devel-2.40-21.0.1.el9_7.1.x86_64.rpm
gcc-toolset-13-binutils-gold-2.40-21.0.1.el9_7.1.x86_64.rpm

aarch64:
gcc-toolset-13-binutils-2.40-21.0.1.el9_7.1.aarch64.rpm
gcc-toolset-13-binutils-devel-2.40-21.0.1.el9_7.1.aarch64.rpm
gcc-toolset-13-binutils-gold-2.40-21.0.1.el9_7.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/gcc-toolset-13-binutils-2.40-21.0.1.el9_7.1.src.rpm

Related CVEs:

CVE-2025-11083

Description of changes:

[2.40-21.0.1.1]
- Forward-port Oracle patches to 2.40-21.1.
- CVE-2025-11083
- Reviewed-by: David Faust [david.faust@oracle.com]
Oracle history:
April-02-2024 Jose E. Marchesi [jose.marchesi@oracle.com] - 2.40-21.0.1
- Forward-port Oracle patchs to 2.40-21.
- Reviewed-by: Cupertino Miranda [cupertino.miranda@oracle.com]
December-15-2023 Jose E. Marchesi [jose.marchesi@oracle.com] - 2.40-13.0.1
- libctf, link: fix CU-mapped links with CTF_LINK_EMPTY_CU_MAPPINGS.
Backport of upstream commit 869a750c0ec0abcab84e38a43a1ed73321ef4371.
[Orabug: 36113992]
- Reviewed-by: David Faust [david.faust@oracle.com]

[2.40-21.1]
- Fix a potential illegal memory access when linking a corrupt input file. (RHEL-130652)