Kernel, Gnome-Remote-Desktop, QEMU, Podman, RPM-OSTree updates for Oracle Linux

Oracle Linux 6415 Published by

Oracle Linux has issued a series of security updates, which encompass Unbreakable Enterprise kernel security update, gnome-remote-desktop security update, qemu-kvm bug fix update, podman security update, and rpm-ostree bug fix update:

ELSA-2025-20405 Moderate: Unbreakable Enterprise kernel security update
ELSA-2025-10635 Moderate: Oracle Linux 10 gnome-remote-desktop security update
ELBA-2025-9481 Oracle Linux 10 qemu-kvm bug fix update
ELSA-2025-10549 Important: Oracle Linux 10 podman security update
ELBA-2025-7465 Oracle Linux 10 rpm-ostree bug fix update
ELSA-2025-20405 Moderate: Oracle Linux 9 Unbreakable Enterprise kernel security update
ELSA-2025-20404 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
ELSA-2025-20404 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2025-20406 Moderate: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2025-20406 Moderate: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2025-20406 Moderate: Oracle Linux 7 Unbreakable Enterprise kernel security update




ELSA-2025-20405 Moderate: Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2025-20405

http://linux.oracle.com/errata/ELSA-2025-20405.html

The following updated rpms for have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-core-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-devel-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-doc-6.12.0-100.28.2.2.el10uek.noarch.rpm
kernel-uek-modules-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-modules-core-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-modules-deprecated-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-modules-desktop-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-modules-extra-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-modules-extra-netfilter-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-modules-usb-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-modules-wireless-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-tools-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-debug-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-debug-core-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-debug-devel-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-debug-modules-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-debug-modules-core-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-debug-modules-deprecated-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-debug-modules-desktop-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-debug-modules-extra-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-debug-modules-extra-netfilter-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-debug-modules-usb-6.12.0-100.28.2.2.el10uek.x86_64.rpm
kernel-uek-debug-modules-wireless-6.12.0-100.28.2.2.el10uek.x86_64.rpm

aarch64:
kernel-uek-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-core-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-devel-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-modules-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-modules-core-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-modules-deprecated-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-modules-desktop-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-modules-extra-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-modules-extra-netfilter-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-modules-usb-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-modules-wireless-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-tools-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-debug-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-debug-core-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-debug-devel-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-debug-modules-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-debug-modules-core-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-debug-modules-deprecated-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-debug-modules-desktop-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-debug-modules-extra-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-debug-modules-extra-netfilter-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-debug-modules-usb-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek-debug-modules-wireless-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek64k-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek64k-core-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek64k-devel-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek64k-modules-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek64k-modules-core-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek64k-modules-deprecated-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek64k-modules-desktop-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek64k-modules-extra-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek64k-modules-extra-netfilter-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek64k-modules-usb-6.12.0-100.28.2.2.el10uek.aarch64.rpm
kernel-uek64k-modules-wireless-6.12.0-100.28.2.2.el10uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/kernel-uek-6.12.0-100.28.2.2.el10uek.src.rpm

Related CVEs:

CVE-2024-36350
CVE-2024-36357

Description of changes:

[6.12.0-100.28.2.2.el10uek]
- Add Zen34 clients (Borislav Petkov (AMD)) [Orabug: 38129827] {CVE-2024-36350} {CVE-2024-36357}
- x86/process: Move the buffer clearing before MONITOR (Kim Phillips) [Orabug: 38129827] {CVE-2024-36350} {CVE-2024-36357}
- Add normal counters (Borislav Petkov (AMD)) [Orabug: 38129827] {CVE-2024-36350} {CVE-2024-36357}
- KVM: SVM: Advertize TSA CPUID bits to guests (Borislav Petkov (AMD)) [Orabug: 38129827] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Add a Transient Scheduler Attacks mitigation (Borislav Petkov (AMD)) [Orabug: 38129827] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Rename MDS machinery to something more generic (Borislav Petkov (AMD)) [Orabug: 38129827] {CVE-2024-36350} {CVE-2024-36357}



ELSA-2025-10635 Moderate: Oracle Linux 10 gnome-remote-desktop security update


Oracle Linux Security Advisory ELSA-2025-10635

http://linux.oracle.com/errata/ELSA-2025-10635.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
gnome-remote-desktop-47.3-2.el10_0.x86_64.rpm

aarch64:
gnome-remote-desktop-47.3-2.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/gnome-remote-desktop-47.3-2.el10_0.src.rpm

Related CVEs:

CVE-2025-5024

Description of changes:

[47.3-2]
- Backport connection throttling
Resolves: RHEL-92787



ELBA-2025-9481 Oracle Linux 10 qemu-kvm bug fix update


Oracle Linux Bug Fix Advisory ELBA-2025-9481

http://linux.oracle.com/errata/ELBA-2025-9481.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
qemu-guest-agent-9.1.0-15.el10_0.2.x86_64.rpm
qemu-img-9.1.0-15.el10_0.2.x86_64.rpm
qemu-kvm-9.1.0-15.el10_0.2.x86_64.rpm
qemu-kvm-audio-pa-9.1.0-15.el10_0.2.x86_64.rpm
qemu-kvm-block-blkio-9.1.0-15.el10_0.2.x86_64.rpm
qemu-kvm-block-curl-9.1.0-15.el10_0.2.x86_64.rpm
qemu-kvm-block-rbd-9.1.0-15.el10_0.2.x86_64.rpm
qemu-kvm-common-9.1.0-15.el10_0.2.x86_64.rpm
qemu-kvm-core-9.1.0-15.el10_0.2.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-9.1.0-15.el10_0.2.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-pci-9.1.0-15.el10_0.2.x86_64.rpm
qemu-kvm-device-display-virtio-vga-9.1.0-15.el10_0.2.x86_64.rpm
qemu-kvm-device-usb-host-9.1.0-15.el10_0.2.x86_64.rpm
qemu-kvm-device-usb-redirect-9.1.0-15.el10_0.2.x86_64.rpm
qemu-kvm-docs-9.1.0-15.el10_0.2.x86_64.rpm
qemu-kvm-tools-9.1.0-15.el10_0.2.x86_64.rpm
qemu-kvm-ui-egl-headless-9.1.0-15.el10_0.2.x86_64.rpm
qemu-kvm-ui-opengl-9.1.0-15.el10_0.2.x86_64.rpm
qemu-pr-helper-9.1.0-15.el10_0.2.x86_64.rpm

aarch64:
qemu-guest-agent-9.1.0-15.el10_0.2.aarch64.rpm
qemu-img-9.1.0-15.el10_0.2.aarch64.rpm
qemu-kvm-9.1.0-15.el10_0.2.aarch64.rpm
qemu-kvm-audio-pa-9.1.0-15.el10_0.2.aarch64.rpm
qemu-kvm-block-blkio-9.1.0-15.el10_0.2.aarch64.rpm
qemu-kvm-block-curl-9.1.0-15.el10_0.2.aarch64.rpm
qemu-kvm-block-rbd-9.1.0-15.el10_0.2.aarch64.rpm
qemu-kvm-common-9.1.0-15.el10_0.2.aarch64.rpm
qemu-kvm-core-9.1.0-15.el10_0.2.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-9.1.0-15.el10_0.2.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-pci-9.1.0-15.el10_0.2.aarch64.rpm
qemu-kvm-device-usb-host-9.1.0-15.el10_0.2.aarch64.rpm
qemu-kvm-device-usb-redirect-9.1.0-15.el10_0.2.aarch64.rpm
qemu-kvm-docs-9.1.0-15.el10_0.2.aarch64.rpm
qemu-kvm-tools-9.1.0-15.el10_0.2.aarch64.rpm
qemu-pr-helper-9.1.0-15.el10_0.2.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/qemu-kvm-9.1.0-15.el10_0.2.src.rpm

Description of changes:

[9.1.0-15.2]
- kvm-hw-i386-Fix-machine-type-compatibility.patch [RHEL-92430]
- Resolves: RHEL-92430
(Fix x86 M-type compats [rhel-10.0.z])

[9.1.0-15.1]
- kvm-net-vhost-user-add-QAPI-events-to-report-connection-.patch [RHEL-80622]
- Resolves: RHEL-80622
(Allow libvirt to restart passt/vhost-user when the process is killed



ELSA-2025-10549 Important: Oracle Linux 10 podman security update


Oracle Linux Security Advisory ELSA-2025-10549

http://linux.oracle.com/errata/ELSA-2025-10549.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
podman-5.4.0-12.0.1.el10_0.x86_64.rpm
podman-docker-5.4.0-12.0.1.el10_0.noarch.rpm
podman-remote-5.4.0-12.0.1.el10_0.x86_64.rpm
podman-tests-5.4.0-12.0.1.el10_0.x86_64.rpm

aarch64:
podman-5.4.0-12.0.1.el10_0.aarch64.rpm
podman-docker-5.4.0-12.0.1.el10_0.noarch.rpm
podman-remote-5.4.0-12.0.1.el10_0.aarch64.rpm
podman-tests-5.4.0-12.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/podman-5.4.0-12.0.1.el10_0.src.rpm

Related CVEs:

CVE-2025-6032

Description of changes:

[6:5.4.0-12.0.1]
- Add devices on container startup, not on creation
- overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404]

[6:5.4.0-12]
- update to the latest content of https://github.com/containers/podman/tree/v5.4-rhel
( https://github.com/containers/podman/commit/9811294)
- fixes "CVE-2025-6032 podman: podman missing TLS verification [rhel-9.6.z]"
- Resolves: RHEL-96708



ELBA-2025-7465 Oracle Linux 10 rpm-ostree bug fix update


Oracle Linux Bug Fix Advisory ELBA-2025-7465

http://linux.oracle.com/errata/ELBA-2025-7465.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
rpm-ostree-2025.6-4.el10_0.x86_64.rpm
rpm-ostree-libs-2025.6-4.el10_0.x86_64.rpm

aarch64:
rpm-ostree-2025.6-4.el10_0.aarch64.rpm
rpm-ostree-libs-2025.6-4.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/rpm-ostree-2025.6-4.el10_0.src.rpm

Description of changes:

[2025.6-4]
- backport: https://github.com/coreos/rpm-ostree/pull/5322
https://github.com/coreos/rpm-ostree/pull/5339 which pairs with the
previous backport: https://github.com/coreos/rpm-ostree/pull/5341

[2025.6-3]
- backport: https://github.com/coreos/rpm-ostree/pull/5341

[2025.6-2]
- Add tmt tests

[2025.6-1]
- Update to 2025.6



ELSA-2025-20405 Moderate: Oracle Linux 9 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2025-20405

http://linux.oracle.com/errata/ELSA-2025-20405.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-core-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-debug-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-debug-core-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-debug-devel-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-debug-modules-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-debug-modules-core-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-debug-modules-deprecated-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-debug-modules-desktop-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-debug-modules-extra-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-debug-modules-extra-netfilter-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-debug-modules-usb-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-debug-modules-wireless-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-devel-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-doc-6.12.0-100.28.2.2.el9uek.noarch.rpm
kernel-uek-modules-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-modules-core-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-modules-deprecated-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-modules-desktop-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-modules-extra-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-modules-extra-netfilter-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-modules-usb-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-modules-wireless-6.12.0-100.28.2.2.el9uek.x86_64.rpm
kernel-uek-tools-6.12.0-100.28.2.2.el9uek.x86_64.rpm

aarch64:
kernel-uek-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-core-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-debug-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-debug-core-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-debug-devel-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-debug-modules-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-debug-modules-core-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-debug-modules-deprecated-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-debug-modules-desktop-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-debug-modules-extra-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-debug-modules-extra-netfilter-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-debug-modules-usb-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-debug-modules-wireless-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-devel-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-modules-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-modules-extra-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-modules-core-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-modules-deprecated-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-modules-desktop-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-modules-extra-netfilter-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-modules-usb-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-modules-wireless-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek-tools-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek64k-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek64k-core-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek64k-devel-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek64k-modules-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek64k-modules-core-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek64k-modules-deprecated-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek64k-modules-desktop-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek64k-modules-extra-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek64k-modules-extra-netfilter-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek64k-modules-usb-6.12.0-100.28.2.2.el9uek.aarch64.rpm
kernel-uek64k-modules-wireless-6.12.0-100.28.2.2.el9uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/kernel-uek-6.12.0-100.28.2.2.el9uek.src.rpm

Related CVEs:

CVE-2024-36350
CVE-2024-36357

Description of changes:

[6.12.0-100.28.2.2.el9uek]
- Add Zen34 clients (Borislav Petkov (AMD)) [Orabug: 38129827] {CVE-2024-36350} {CVE-2024-36357}
- x86/process: Move the buffer clearing before MONITOR (Kim Phillips) [Orabug: 38129827] {CVE-2024-36350} {CVE-2024-36357}
- Add normal counters (Borislav Petkov (AMD)) [Orabug: 38129827] {CVE-2024-36350} {CVE-2024-36357}
- KVM: SVM: Advertize TSA CPUID bits to guests (Borislav Petkov (AMD)) [Orabug: 38129827] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Add a Transient Scheduler Attacks mitigation (Borislav Petkov (AMD)) [Orabug: 38129827] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Rename MDS machinery to something more generic (Borislav Petkov (AMD)) [Orabug: 38129827] {CVE-2024-36350} {CVE-2024-36357}



ELSA-2025-20404 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2025-20404

http://linux.oracle.com/errata/ELSA-2025-20404.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-core-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-debug-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-debug-core-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-debug-devel-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-debug-modules-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-debug-modules-extra-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-devel-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-doc-5.15.0-309.180.4.2.el9uek.noarch.rpm
kernel-uek-modules-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-modules-extra-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-container-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-container-debug-5.15.0-309.180.4.2.el9uek.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/kernel-uek-5.15.0-309.180.4.2.el9uek.src.rpm

Related CVEs:

CVE-2024-36350
CVE-2024-36357

Description of changes:

[5.15.0-309.180.4.2.el9uek]
- Add Zen34 clients (Borislav Petkov (AMD)) [Orabug: 38129825] {CVE-2024-36350} {CVE-2024-36357}
- x86/process: Move the buffer clearing before MONITOR (Kim Phillips) [Orabug: 38129825] {CVE-2024-36350} {CVE-2024-36357}
- Add normal counters (Borislav Petkov (AMD)) [Orabug: 38129825] {CVE-2024-36350} {CVE-2024-36357}
- KVM: SVM: Advertize TSA CPUID bits to guests (Borislav Petkov (AMD)) [Orabug: 38129825] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Add a Transient Scheduler Attacks mitigation (Borislav Petkov (AMD)) [Orabug: 38129825] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Rename MDS machinery to something more generic (Borislav Petkov (AMD)) [Orabug: 38129825] {CVE-2024-36350} {CVE-2024-36357}
- x86/CPU/AMD: Add ZenX generations flags (Borislav Petkov (AMD)) [Orabug: 38129825] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Free X86_BUG_AMD_APIC_C1E and X86_BUG_AMD_E400 bits (Boris Ostrovsky) [Orabug: 38129825] {CVE-2024-36350} {CVE-2024-36357}



ELSA-2025-20404 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2025-20404

http://linux.oracle.com/errata/ELSA-2025-20404.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-5.15.0-309.180.4.2.el8uek.x86_64.rpm
kernel-uek-5.15.0-309.180.4.2.el8uek.x86_64.rpm
kernel-uek-core-5.15.0-309.180.4.2.el8uek.x86_64.rpm
kernel-uek-debug-5.15.0-309.180.4.2.el8uek.x86_64.rpm
kernel-uek-debug-core-5.15.0-309.180.4.2.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.15.0-309.180.4.2.el8uek.x86_64.rpm
kernel-uek-debug-modules-5.15.0-309.180.4.2.el8uek.x86_64.rpm
kernel-uek-debug-modules-extra-5.15.0-309.180.4.2.el8uek.x86_64.rpm
kernel-uek-devel-5.15.0-309.180.4.2.el8uek.x86_64.rpm
kernel-uek-doc-5.15.0-309.180.4.2.el8uek.noarch.rpm
kernel-uek-modules-5.15.0-309.180.4.2.el8uek.x86_64.rpm
kernel-uek-modules-extra-5.15.0-309.180.4.2.el8uek.x86_64.rpm
kernel-uek-container-5.15.0-309.180.4.2.el8uek.x86_64.rpm
kernel-uek-container-debug-5.15.0-309.180.4.2.el8uek.x86_64.rpm

aarch64:
bpftool-5.15.0-309.180.4.2.el8uek.aarch64.rpm
kernel-uek-5.15.0-309.180.4.2.el8uek.aarch64.rpm
kernel-uek-core-5.15.0-309.180.4.2.el8uek.aarch64.rpm
kernel-uek-debug-5.15.0-309.180.4.2.el8uek.aarch64.rpm
kernel-uek-debug-core-5.15.0-309.180.4.2.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.15.0-309.180.4.2.el8uek.aarch64.rpm
kernel-uek-debug-modules-5.15.0-309.180.4.2.el8uek.aarch64.rpm
kernel-uek-debug-modules-extra-5.15.0-309.180.4.2.el8uek.aarch64.rpm
kernel-uek-devel-5.15.0-309.180.4.2.el8uek.aarch64.rpm
kernel-uek-doc-5.15.0-309.180.4.2.el8uek.noarch.rpm
kernel-uek-modules-5.15.0-309.180.4.2.el8uek.aarch64.rpm
kernel-uek-modules-extra-5.15.0-309.180.4.2.el8uek.aarch64.rpm
kernel-uek-container-5.15.0-309.180.4.2.el8uek.aarch64.rpm
kernel-uek-container-debug-5.15.0-309.180.4.2.el8uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.15.0-309.180.4.2.el8uek.src.rpm

Related CVEs:

CVE-2024-36350
CVE-2024-36357

Description of changes:

[5.15.0-309.180.4.2.el8uek]
- Add Zen34 clients (Borislav Petkov (AMD)) [Orabug: 38129825] {CVE-2024-36350} {CVE-2024-36357}
- x86/process: Move the buffer clearing before MONITOR (Kim Phillips) [Orabug: 38129825] {CVE-2024-36350} {CVE-2024-36357}
- Add normal counters (Borislav Petkov (AMD)) [Orabug: 38129825] {CVE-2024-36350} {CVE-2024-36357}
- KVM: SVM: Advertize TSA CPUID bits to guests (Borislav Petkov (AMD)) [Orabug: 38129825] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Add a Transient Scheduler Attacks mitigation (Borislav Petkov (AMD)) [Orabug: 38129825] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Rename MDS machinery to something more generic (Borislav Petkov (AMD)) [Orabug: 38129825] {CVE-2024-36350} {CVE-2024-36357}
- x86/CPU/AMD: Add ZenX generations flags (Borislav Petkov (AMD)) [Orabug: 38129825] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Free X86_BUG_AMD_APIC_C1E and X86_BUG_AMD_E400 bits (Boris Ostrovsky) [Orabug: 38129825] {CVE-2024-36350} {CVE-2024-36357}



ELSA-2025-20406 Moderate: Oracle Linux 8 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2025-20406

http://linux.oracle.com/errata/ELSA-2025-20406.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.344.4.3.el8uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.344.4.3.el8uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.344.4.3.el8uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.344.4.3.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.344.4.3.el8uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.344.4.3.el8uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.344.4.3.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.344.4.3.el8uek.src.rpm

Related CVEs:

CVE-2024-28956
CVE-2024-36350
CVE-2024-36357

Description of changes:

[5.4.17-2136.344.4.3.el8uek]
- Add Zen34 clients (Borislav Petkov (AMD)) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- x86/process: Move the buffer clearing before MONITOR (Kim Phillips) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- KVM: SVM: Advertize TSA CPUID bits to guests (Borislav Petkov (AMD)) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Add a Transient Scheduler Attacks mitigation (Borislav Petkov (AMD)) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- KVM: x86: add support for CPUID leaf 0x80000021 (Paolo Bonzini) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Rename MDS machinery to something more generic (Borislav Petkov (AMD)) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- x86/CPU/AMD: Add ZenX generations flags (Borislav Petkov (AMD)) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Free X86_BUG_AMD_APIC_C1E and X86_BUG_AMD_E400 bits (Boris Ostrovsky) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Enabling Retbleed and SRSO mitigation can taint the kernel (Alexandre Chartre) [Orabug: 38129010]
- selftest/x86/bugs: Add selftests for ITS (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- x86/its: Align RETs in BHB clear sequence to avoid thunking (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- x86/its: Add "vmexit" option to skip mitigation on some CPUs (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- x86/its: Enable Indirect Target Selection mitigation (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- x86/its: Add support for ITS-safe return thunk (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- x86/its: Add support for ITS-safe indirect thunk (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- x86/its: Enumerate Indirect Target Selection (ITS) bug (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- Documentation: x86/bugs/its: Add ITS documentation (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}



ELSA-2025-20406 Moderate: Oracle Linux 8 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2025-20406

http://linux.oracle.com/errata/ELSA-2025-20406.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

aarch64:
kernel-uek-5.4.17-2136.344.4.3.el8uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.344.4.3.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.344.4.3.el8uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.344.4.3.el8uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.344.4.3.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.344.4.3.el8uek.src.rpm

Related CVEs:

CVE-2024-28956
CVE-2024-36350
CVE-2024-36357

Description of changes:

[5.4.17-2136.344.4.3.el8uek]
- Add Zen34 clients (Borislav Petkov (AMD)) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- x86/process: Move the buffer clearing before MONITOR (Kim Phillips) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- KVM: SVM: Advertize TSA CPUID bits to guests (Borislav Petkov (AMD)) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Add a Transient Scheduler Attacks mitigation (Borislav Petkov (AMD)) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- KVM: x86: add support for CPUID leaf 0x80000021 (Paolo Bonzini) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Rename MDS machinery to something more generic (Borislav Petkov (AMD)) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- x86/CPU/AMD: Add ZenX generations flags (Borislav Petkov (AMD)) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Free X86_BUG_AMD_APIC_C1E and X86_BUG_AMD_E400 bits (Boris Ostrovsky) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Enabling Retbleed and SRSO mitigation can taint the kernel (Alexandre Chartre) [Orabug: 38129010]
- selftest/x86/bugs: Add selftests for ITS (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- x86/its: Align RETs in BHB clear sequence to avoid thunking (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- x86/its: Add "vmexit" option to skip mitigation on some CPUs (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- x86/its: Enable Indirect Target Selection mitigation (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- x86/its: Add support for ITS-safe return thunk (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- x86/its: Add support for ITS-safe indirect thunk (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- x86/its: Enumerate Indirect Target Selection (ITS) bug (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- Documentation: x86/bugs/its: Add ITS documentation (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}



ELSA-2025-20406 Moderate: Oracle Linux 7 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2025-20406

http://linux.oracle.com/errata/ELSA-2025-20406.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.344.4.3.el7uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.344.4.3.el7uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.344.4.3.el7uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.344.4.3.el7uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.344.4.3.el7uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.344.4.3.el7uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.344.4.3.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2136.344.4.3.el7uek.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-5.4.17-2136.344.4.3.el7uek.src.rpm

Related CVEs:

CVE-2024-28956
CVE-2024-36350
CVE-2024-36357

Description of changes:

[5.4.17-2136.344.4.3.el7uek]
- Add Zen34 clients (Borislav Petkov (AMD)) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- x86/process: Move the buffer clearing before MONITOR (Kim Phillips) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- KVM: SVM: Advertize TSA CPUID bits to guests (Borislav Petkov (AMD)) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Add a Transient Scheduler Attacks mitigation (Borislav Petkov (AMD)) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- KVM: x86: add support for CPUID leaf 0x80000021 (Paolo Bonzini) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Rename MDS machinery to something more generic (Borislav Petkov (AMD)) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- x86/CPU/AMD: Add ZenX generations flags (Borislav Petkov (AMD)) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Free X86_BUG_AMD_APIC_C1E and X86_BUG_AMD_E400 bits (Boris Ostrovsky) [Orabug: 38129026] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Enabling Retbleed and SRSO mitigation can taint the kernel (Alexandre Chartre) [Orabug: 38129010]
- selftest/x86/bugs: Add selftests for ITS (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- x86/its: Align RETs in BHB clear sequence to avoid thunking (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- x86/its: Add "vmexit" option to skip mitigation on some CPUs (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- x86/its: Enable Indirect Target Selection mitigation (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- x86/its: Add support for ITS-safe return thunk (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- x86/its: Add support for ITS-safe indirect thunk (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- x86/its: Enumerate Indirect Target Selection (ITS) bug (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}
- Documentation: x86/bugs/its: Add ITS documentation (Pawan Gupta) [Orabug: 38128642] {CVE-2024-28956}


Podman, Container-Tools, Jq, Socat updates for AlmaLinux

GIT update for Slackware

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...