Kernel, Firefox, Freeipmi, and more updates for Oracle Linux

Oracle Linux 6496 Published by

Oracle has released a batch of critical security advisories for Oracle Linux 8 and 9 to address multiple vulnerabilities across essential system packages. The updates patch serious flaws in the Unbreakable Enterprise kernel, Firefox browser, Dnsmasq DNS server, and compatibility libraries by fixing memory corruption issues and preventing denial of service attacks. Administrators should also apply recent bug fixes that improve firewall configuration handling and ensure FIPS compliance for secret management tools. Installing these patches promptly will protect your infrastructure from known exploits while maintaining system stability across x86_64 and aarch64 architectures.

ELSA-2026-50288 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update : Fragnesia
ELBA-2026-20931 Oracle Linux 8 firewalld bug fix and enhancement update
ELSA-2026-20566 Important: Oracle Linux 8 firefox security update
ELSA-2026-20589 Important: Oracle Linux 8 dnsmasq security update
ELSA-2026-20579 Moderate: Oracle Linux 8 freeipmi security update
ELSA-2026-20585 Important: Oracle Linux 8 compat-libtiff3 security update
ELSA-2026-50287 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update : Fragnesia
ELBA-2026-20559 Oracle Linux 8 volume_key bug fix and enhancement update




ELSA-2026-50288 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update : Fragnesia


Oracle Linux Security Advisory ELSA-2026-50288

http://linux.oracle.com/errata/ELSA-2026-50288.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

aarch64:
kernel-uek-5.4.17-2136.355.3.4.el8uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.355.3.4.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.355.3.4.el8uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.355.3.4.el8uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.355.3.4.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.355.3.4.el8uek.src.rpm

Related CVEs:

CVE-2026-46300

Description of changes:

[5.4.17-2136.355.3.4]
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim) [Orabug: 39420568] {CVE-2026-46300}
- net: skbuff: preserve shared-frag marker during coalescing (William Bowling) [Orabug: 39420568]



ELBA-2026-20931 Oracle Linux 8 firewalld bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2026-20931

http://linux.oracle.com/errata/ELBA-2026-20931.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
firewall-applet-0.9.11-11.0.1.el8_10.noarch.rpm
firewall-config-0.9.11-11.0.1.el8_10.noarch.rpm
firewalld-0.9.11-11.0.1.el8_10.noarch.rpm
firewalld-filesystem-0.9.11-11.0.1.el8_10.noarch.rpm
python3-firewall-0.9.11-11.0.1.el8_10.noarch.rpm

aarch64:
firewall-applet-0.9.11-11.0.1.el8_10.noarch.rpm
firewall-config-0.9.11-11.0.1.el8_10.noarch.rpm
firewalld-0.9.11-11.0.1.el8_10.noarch.rpm
firewalld-filesystem-0.9.11-11.0.1.el8_10.noarch.rpm
python3-firewall-0.9.11-11.0.1.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/firewalld-0.9.11-11.0.1.el8_10.src.rpm

Description of changes:

[0.9.11-11.0.1]
- Remove capsule file as well, since it references removed config [Orabug: 33513329]
- discard empty RH-Satellite-6.xml [Orabug: 30328734]
- Red Hat Satellite and Red Hat high availaibility reference found in cockpit UI [Orabug: 30257573]

[0.9.11-11]
- fix(policy): allow-host-ipv6: allow MLD packets



ELSA-2026-20566 Important: Oracle Linux 8 firefox security update


Oracle Linux Security Advisory ELSA-2026-20566

http://linux.oracle.com/errata/ELSA-2026-20566.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-140.10.2-1.0.1.el8_10.x86_64.rpm

aarch64:
firefox-140.10.2-1.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/firefox-140.10.2-1.0.1.el8_10.src.rpm

Related CVEs:

CVE-2026-8090
CVE-2026-8092
CVE-2026-8094

Description of changes:

[140.10.2-1.0.1]
- Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079789]
- diable wasi_sdk to prevent build failure with newer llvm

[140.10.2]
- Add debranding patches (Mustafa Gezen)
- Add OpenELA default preferences (Louis Abel)

[140.10.2-1]
- Update to 140.10.2 ESR



ELSA-2026-20589 Important: Oracle Linux 8 dnsmasq security update


Oracle Linux Security Advisory ELSA-2026-20589

http://linux.oracle.com/errata/ELSA-2026-20589.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
dnsmasq-2.79-36.el8_10.x86_64.rpm
dnsmasq-utils-2.79-36.el8_10.x86_64.rpm

aarch64:
dnsmasq-2.79-36.el8_10.aarch64.rpm
dnsmasq-utils-2.79-36.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/dnsmasq-2.79-36.el8_10.src.rpm

Related CVEs:

CVE-2026-2291
CVE-2026-4890
CVE-2026-4891
CVE-2026-4892
CVE-2026-4893

Description of changes:

[2.79-36]
- Prevent overflow in extract_name function (CVE-2026-2291)
- Prevent DoS in DNSSEC validation (CVE-2026-4890)
- Prevent out-of-bounds read in DNSSEC validation (CVE-2026-4891)
- Prevent out-of-bounds write in DHCPv6 server (CVE-2026-4892)
- Prevent source check avoidance by RFC 7871 client-subnet (CVE-2026-4893)



ELSA-2026-20579 Moderate: Oracle Linux 8 freeipmi security update


Oracle Linux Security Advisory ELSA-2026-20579

http://linux.oracle.com/errata/ELSA-2026-20579.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
freeipmi-1.6.17-1.el8_10.i686.rpm
freeipmi-1.6.17-1.el8_10.x86_64.rpm
freeipmi-bmc-watchdog-1.6.17-1.el8_10.x86_64.rpm
freeipmi-devel-1.6.17-1.el8_10.i686.rpm
freeipmi-devel-1.6.17-1.el8_10.x86_64.rpm
freeipmi-ipmidetectd-1.6.17-1.el8_10.x86_64.rpm
freeipmi-ipmiseld-1.6.17-1.el8_10.x86_64.rpm

aarch64:
freeipmi-1.6.17-1.el8_10.aarch64.rpm
freeipmi-bmc-watchdog-1.6.17-1.el8_10.aarch64.rpm
freeipmi-devel-1.6.17-1.el8_10.aarch64.rpm
freeipmi-ipmidetectd-1.6.17-1.el8_10.aarch64.rpm
freeipmi-ipmiseld-1.6.17-1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/freeipmi-1.6.17-1.el8_10.src.rpm

Related CVEs:

CVE-2026-33554

Description of changes:

[1.6.17-1]
- Update to 1.6.17, fixes CVE-2026-33554



ELSA-2026-20585 Important: Oracle Linux 8 compat-libtiff3 security update


Oracle Linux Security Advisory ELSA-2026-20585

http://linux.oracle.com/errata/ELSA-2026-20585.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
compat-libtiff3-3.9.4-15.el8_10.i686.rpm
compat-libtiff3-3.9.4-15.el8_10.x86_64.rpm

aarch64:
compat-libtiff3-3.9.4-15.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/compat-libtiff3-3.9.4-15.el8_10.src.rpm

Related CVEs:

CVE-2026-4775

Description of changes:

[3.9.4-15]
- fix CVE-2026-4775: signed integer overflow in putcontig8bitYCbCr44tile (RHEL-159315)



ELSA-2026-50287 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update : Fragnesia


Oracle Linux Security Advisory ELSA-2026-50287

http://linux.oracle.com/errata/ELSA-2026-50287.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-5.15.0-320.202.8.5.el9uek.x86_64.rpm
kernel-uek-5.15.0-320.202.8.5.el9uek.x86_64.rpm
kernel-uek-core-5.15.0-320.202.8.5.el9uek.x86_64.rpm
kernel-uek-debug-5.15.0-320.202.8.5.el9uek.x86_64.rpm
kernel-uek-debug-core-5.15.0-320.202.8.5.el9uek.x86_64.rpm
kernel-uek-debug-devel-5.15.0-320.202.8.5.el9uek.x86_64.rpm
kernel-uek-debug-modules-5.15.0-320.202.8.5.el9uek.x86_64.rpm
kernel-uek-debug-modules-extra-5.15.0-320.202.8.5.el9uek.x86_64.rpm
kernel-uek-devel-5.15.0-320.202.8.5.el9uek.x86_64.rpm
kernel-uek-doc-5.15.0-320.202.8.5.el9uek.noarch.rpm
kernel-uek-modules-5.15.0-320.202.8.5.el9uek.x86_64.rpm
kernel-uek-modules-extra-5.15.0-320.202.8.5.el9uek.x86_64.rpm
kernel-uek-container-5.15.0-320.202.8.5.el9uek.x86_64.rpm
kernel-uek-container-debug-5.15.0-320.202.8.5.el9uek.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/kernel-uek-5.15.0-320.202.8.5.el9uek.src.rpm

Related CVEs:

CVE-2026-46300

Description of changes:

[5.15.0-320.202.8.5]
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim) [Orabug: 39420565] {CVE-2026-46300}
- net: skbuff: preserve shared-frag marker during coalescing (William Bowling) [Orabug: 39420565]



ELBA-2026-20559 Oracle Linux 8 volume_key bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2026-20559

http://linux.oracle.com/errata/ELBA-2026-20559.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
volume_key-0.3.11-7.el8_10.x86_64.rpm
volume_key-devel-0.3.11-7.el8_10.i686.rpm
volume_key-devel-0.3.11-7.el8_10.x86_64.rpm
volume_key-libs-0.3.11-7.el8_10.i686.rpm
volume_key-libs-0.3.11-7.el8_10.x86_64.rpm

aarch64:
volume_key-0.3.11-7.el8_10.aarch64.rpm
volume_key-devel-0.3.11-7.el8_10.aarch64.rpm
volume_key-libs-0.3.11-7.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/volume_key-0.3.11-7.el8_10.src.rpm

Description of changes:

[0.3.11-7]
- make getting password from backed up secret FIPS compatible (RHEL-113242)


Rrdtool, Kernel, Nginx, and more updates for Fedora

Kernel, .NET, OpenShift, and more updates for RHEL

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...