Oracle has released multiple security advisories for Linux versions seven through ten, making updated packages available on the Unbreakable Linux Network. The majority of these patches address kernel vulnerabilities, particularly CVE-2026-46300 which resolves network buffer handling issues across both x86_64 and aarch64 systems. Users on Oracle Linux eight must also install a separate Firefox update that bumps the browser to version 140.10.1 ESR for several critical fixes.

ELSA-2026-19666 Important: Oracle Linux 8 kernel security update
ELSA-2026-19588 Important: Oracle Linux 8 firefox security update
ELSA-2026-50288 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update : Fragnesia
ELBA-2026-19666-1 Oracle Linux 8 kernel bug fix update
ELSA-2026-50288 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update : Fragnesia
ELSA-2026-50287 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update : Fragnesia
ELSA-2026-50287 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update : Fragnesia
ELSA-2026-50286 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update: Frafnesia
ELSA-2026-50286 Important: Unbreakable Enterprise kernel security update

ELSA-2026-19666 Important: Oracle Linux 8 kernel security update

Oracle Linux Security Advisory ELSA-2026-19666

http://linux.oracle.com/errata/ELSA-2026-19666.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-4.18.0-553.125.1.el8_10.x86_64.rpm
kernel-4.18.0-553.125.1.el8_10.x86_64.rpm
kernel-abi-stablelists-4.18.0-553.125.1.el8_10.noarch.rpm
kernel-core-4.18.0-553.125.1.el8_10.x86_64.rpm
kernel-cross-headers-4.18.0-553.125.1.el8_10.x86_64.rpm
kernel-debug-4.18.0-553.125.1.el8_10.x86_64.rpm
kernel-debug-core-4.18.0-553.125.1.el8_10.x86_64.rpm
kernel-debug-devel-4.18.0-553.125.1.el8_10.x86_64.rpm
kernel-debug-modules-4.18.0-553.125.1.el8_10.x86_64.rpm
kernel-debug-modules-extra-4.18.0-553.125.1.el8_10.x86_64.rpm
kernel-devel-4.18.0-553.125.1.el8_10.x86_64.rpm
kernel-doc-4.18.0-553.125.1.el8_10.noarch.rpm
kernel-headers-4.18.0-553.125.1.el8_10.x86_64.rpm
kernel-modules-4.18.0-553.125.1.el8_10.x86_64.rpm
kernel-modules-extra-4.18.0-553.125.1.el8_10.x86_64.rpm
kernel-tools-4.18.0-553.125.1.el8_10.x86_64.rpm
kernel-tools-libs-4.18.0-553.125.1.el8_10.x86_64.rpm
kernel-tools-libs-devel-4.18.0-553.125.1.el8_10.x86_64.rpm
perf-4.18.0-553.125.1.el8_10.x86_64.rpm
python3-perf-4.18.0-553.125.1.el8_10.x86_64.rpm

aarch64:
bpftool-4.18.0-553.125.1.el8_10.aarch64.rpm
kernel-cross-headers-4.18.0-553.125.1.el8_10.aarch64.rpm
kernel-headers-4.18.0-553.125.1.el8_10.aarch64.rpm
kernel-tools-4.18.0-553.125.1.el8_10.aarch64.rpm
kernel-tools-libs-4.18.0-553.125.1.el8_10.aarch64.rpm
kernel-tools-libs-devel-4.18.0-553.125.1.el8_10.aarch64.rpm
perf-4.18.0-553.125.1.el8_10.aarch64.rpm
python3-perf-4.18.0-553.125.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-4.18.0-553.125.1.el8_10.src.rpm

Related CVEs:

CVE-2026-46300
CVE-2026-46333

Description of changes:

[4.18.0-553.125.1]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64