Oracle Linux 6507 Published by

Oracle Linux published a series of security and bug fix advisories covering the Unbreakable Enterprise Kernel and base kernel versions for Oracle Linux 7, 8, and 9. These kernel updates resolve dozens of CVEs affecting network subsystems, memory management, cryptographic operations, and user-space tracing. The release also addresses vulnerabilities in critical user-space packages including nginx 1.24, OpenSSL 3.5.5, Firefox 140.x, perl-IO-Compress, and git-lfs. System administrators should apply these patches immediately to close known attack vectors and maintain system stability across x86_64 and aarch64 architectures.

ELSA-2026-50351 Important: Unbreakable Enterprise kernel security update
ELSA-2026-50351 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
ELSA-2026-50352 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
ELSA-2026-30859 Important: Oracle Linux 9 perl-IO-Compress security update
ELSA-2026-28212 Important: Oracle Linux 9 nginx:1.24 security update
ELSA-2026-30856 Important: Oracle Linux 9 perl-Archive-Tar security update
ELSA-2026-25217 Important: Oracle Linux 9 kernel security update
ELSA-2026-24381 Important: Oracle Linux 9 kernel security update
ELSA-2026-30854 Important: Oracle Linux 9 git-lfs security update
ELSA-2026-22312 Moderate: Oracle Linux 9 openssl security update
ELBA-2026-28248 Oracle Linux 9 passt bug fix and enhancement update
ELSA-2026-50352 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
ELSA-2026-50352 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2026-50353 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2026-50353 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2026-50353 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
ELSA-2026-26551 Important: Oracle Linux 7 firefox security update
ELSA-2026-24983 Important: Oracle Linux 7 firefox security update




ELSA-2026-50351 Important: Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2026-50351

http://linux.oracle.com/errata/ELSA-2026-50351.html

The following updated rpms for have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-core-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-devel-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-doc-6.12.0-203.76.7.6.el10uek.noarch.rpm
kernel-uek-modules-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-modules-core-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-modules-deprecated-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-modules-desktop-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-modules-extra-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-modules-usb-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-modules-wireless-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-tools-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-debug-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-debug-core-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-debug-devel-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-debug-modules-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-debug-modules-core-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-debug-modules-deprecated-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-debug-modules-desktop-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-debug-modules-extra-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-debug-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-debug-modules-usb-6.12.0-203.76.7.6.el10uek.x86_64.rpm
kernel-uek-debug-modules-wireless-6.12.0-203.76.7.6.el10uek.x86_64.rpm

aarch64:
kernel-uek-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-devel-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-doc-6.12.0-203.76.7.6.el10uek.noarch.rpm
kernel-uek-modules-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-modules-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-modules-deprecated-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-modules-desktop-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-modules-extra-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-modules-usb-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-modules-wireless-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-tools-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-debug-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-debug-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-debug-devel-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-debug-modules-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-debug-modules-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-debug-modules-deprecated-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-debug-modules-desktop-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-debug-modules-extra-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-debug-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-debug-modules-usb-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek-debug-modules-wireless-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek64k-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek64k-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek64k-devel-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek64k-modules-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek64k-modules-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek64k-modules-deprecated-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek64k-modules-desktop-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek64k-modules-extra-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek64k-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek64k-modules-usb-6.12.0-203.76.7.6.el10uek.aarch64.rpm
kernel-uek64k-modules-wireless-6.12.0-203.76.7.6.el10uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/kernel-uek-6.12.0-203.76.7.6.el10uek.src.rpm

Related CVEs:

CVE-2026-52943

Description of changes:

[6.12.0-203.76.7.6]
- net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39639984] {CVE-2026-52943}



ELSA-2026-50351 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2026-50351

http://linux.oracle.com/errata/ELSA-2026-50351.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-core-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-debug-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-debug-core-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-debug-devel-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-debug-modules-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-debug-modules-core-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-debug-modules-deprecated-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-debug-modules-desktop-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-debug-modules-extra-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-debug-modules-extra-netfilter-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-debug-modules-usb-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-debug-modules-wireless-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-devel-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-doc-6.12.0-203.76.7.6.el9uek.noarch.rpm
kernel-uek-modules-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-modules-core-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-modules-deprecated-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-modules-desktop-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-modules-extra-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-modules-extra-netfilter-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-modules-usb-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-modules-wireless-6.12.0-203.76.7.6.el9uek.x86_64.rpm
kernel-uek-tools-6.12.0-203.76.7.6.el9uek.x86_64.rpm

aarch64:
kernel-uek-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-core-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-debug-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-debug-core-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-debug-devel-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-debug-modules-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-debug-modules-core-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-debug-modules-deprecated-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-debug-modules-desktop-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-debug-modules-extra-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-debug-modules-extra-netfilter-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-debug-modules-usb-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-debug-modules-wireless-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-devel-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-doc-6.12.0-203.76.7.6.el9uek.noarch.rpm
kernel-uek-modules-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-modules-extra-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-modules-core-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-modules-deprecated-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-modules-desktop-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-modules-extra-netfilter-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-modules-usb-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-modules-wireless-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek-tools-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek64k-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek64k-core-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek64k-devel-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek64k-modules-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek64k-modules-core-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek64k-modules-deprecated-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek64k-modules-desktop-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek64k-modules-extra-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek64k-modules-extra-netfilter-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek64k-modules-usb-6.12.0-203.76.7.6.el9uek.aarch64.rpm
kernel-uek64k-modules-wireless-6.12.0-203.76.7.6.el9uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/kernel-uek-6.12.0-203.76.7.6.el9uek.src.rpm

Related CVEs:

CVE-2026-52943

Description of changes:

[6.12.0-203.76.7.6]
- net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39639984] {CVE-2026-52943}



ELSA-2026-50352 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2026-50352

http://linux.oracle.com/errata/ELSA-2026-50352.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-5.15.0-321.202.5.3.el9uek.x86_64.rpm
kernel-uek-5.15.0-321.202.5.3.el9uek.x86_64.rpm
kernel-uek-core-5.15.0-321.202.5.3.el9uek.x86_64.rpm
kernel-uek-debug-5.15.0-321.202.5.3.el9uek.x86_64.rpm
kernel-uek-debug-core-5.15.0-321.202.5.3.el9uek.x86_64.rpm
kernel-uek-debug-devel-5.15.0-321.202.5.3.el9uek.x86_64.rpm
kernel-uek-debug-modules-5.15.0-321.202.5.3.el9uek.x86_64.rpm
kernel-uek-debug-modules-extra-5.15.0-321.202.5.3.el9uek.x86_64.rpm
kernel-uek-devel-5.15.0-321.202.5.3.el9uek.x86_64.rpm
kernel-uek-doc-5.15.0-321.202.5.3.el9uek.noarch.rpm
kernel-uek-modules-5.15.0-321.202.5.3.el9uek.x86_64.rpm
kernel-uek-modules-extra-5.15.0-321.202.5.3.el9uek.x86_64.rpm
kernel-uek-container-5.15.0-321.202.5.3.el9uek.x86_64.rpm
kernel-uek-container-debug-5.15.0-321.202.5.3.el9uek.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/kernel-uek-5.15.0-321.202.5.3.el9uek.src.rpm

Related CVEs:

CVE-2026-52943

Description of changes:

[5.15.0-321.202.5.3]
- net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39639981] {CVE-2026-52943}



ELSA-2026-30859 Important: Oracle Linux 9 perl-IO-Compress security update


Oracle Linux Security Advisory ELSA-2026-30859

http://linux.oracle.com/errata/ELSA-2026-30859.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
perl-IO-Compress-2.102-4.el9_8.1.noarch.rpm

aarch64:
perl-IO-Compress-2.102-4.el9_8.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/perl-IO-Compress-2.102-4.el9_8.1.src.rpm

Related CVEs:

CVE-2026-48962

Description of changes:

[2.102-4.1]
- Fix CVE-2026-48962: remove use of eval in File::GlobMapper
- Resolves: RHEL-180418



ELSA-2026-28212 Important: Oracle Linux 9 nginx:1.24 security update


Oracle Linux Security Advisory ELSA-2026-28212

http://linux.oracle.com/errata/ELSA-2026-28212.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
nginx-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.x86_64.rpm
nginx-all-modules-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.noarch.rpm
nginx-core-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.x86_64.rpm
nginx-filesystem-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.noarch.rpm
nginx-mod-devel-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.x86_64.rpm
nginx-mod-http-image-filter-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.x86_64.rpm
nginx-mod-http-perl-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.x86_64.rpm
nginx-mod-http-xslt-filter-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.x86_64.rpm
nginx-mod-mail-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.x86_64.rpm
nginx-mod-stream-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.x86_64.rpm

aarch64:
nginx-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.aarch64.rpm
nginx-all-modules-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.noarch.rpm
nginx-core-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.aarch64.rpm
nginx-filesystem-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.noarch.rpm
nginx-mod-devel-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.aarch64.rpm
nginx-mod-http-image-filter-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.aarch64.rpm
nginx-mod-http-perl-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.aarch64.rpm
nginx-mod-http-xslt-filter-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.aarch64.rpm
nginx-mod-mail-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.aarch64.rpm
nginx-mod-stream-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/nginx-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.src.rpm

Related CVEs:

CVE-2026-9256

Description of changes:

[1.24.0-7.0.1.2]
- Reference oracle-indexhtml within Requires [Orabug: 33802044]
- Remove Red Hat references [Orabug: 29498217]

[1:1.24.0-7.2]
- Resolves: RHEL-178681 - nginx:1.24/nginx: code execution and denial
of service (CVE-2026-9256)
- Resolves: RHEL-182554 - nginx:1.24/nginx: HTTP/2: Remote Denial of
Service via compression bomb and Slowloris-style attack

[1:1.24.0-7.1]
- Resolves: RHEL-176234 - nginx:1.24/nginx: NGINX: Arbitrary Code Execution
Vulnerability (CVE-2026-42945)

[1:1.24.0-7]
- Resolves: RHEL-157889 CVE-2026-32647 nginx:1.24/nginx: NGINX: Denial of
Service or Code Execution via specially crafted MP4 files
- Resolves: RHEL-159448 CVE-2026-27651 nginx:1.24/nginx: NGINX: Denial of
Service via undisclosed requests when ngx_mail_auth_http_module is enabled
- Resolves: RHEL-159561 CVE-2026-27654 nginx:1.24/nginx: NGINX: Denial of
Service or file modification via buffer overflow in ngx_http_dav_module
- Resolves: RHEL-159540 CVE-2026-27784 nginx:1.24/nginx: NGINX: Denial of
Service due to memory corruption via crafted MP4 file

[1:1.24.0-6]
- Resolves: RHEL-146529 - CVE-2026-1642 nginx: NGINX: Data injection via
man-in-the-middle attack on TLS proxied connections

[1:1.24.0-5]
- Resolves: RHEL-84480 - nginx:1.24/nginx: specially crafted MP4 file may cause
denial of service (CVE-2024-7347)

[1:1.24.0-4]
- Resolves: RHEL-49350 - nginx worker processes memory leak



ELSA-2026-30856 Important: Oracle Linux 9 perl-Archive-Tar security update


Oracle Linux Security Advisory ELSA-2026-30856

http://linux.oracle.com/errata/ELSA-2026-30856.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
perl-Archive-Tar-2.38-6.el9_8.1.noarch.rpm

aarch64:
perl-Archive-Tar-2.38-6.el9_8.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/perl-Archive-Tar-2.38-6.el9_8.1.src.rpm

Related CVEs:

CVE-2026-42496

Description of changes:

[2.38-6.1]
- Fix CVE-2026-42496: validate symlink and hardlink targets in secure
extract mode
- Resolves: RHEL-181662



ELSA-2026-25217 Important: Oracle Linux 9 kernel security update


Oracle Linux Security Advisory ELSA-2026-25217

http://linux.oracle.com/errata/ELSA-2026-25217.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-abi-stablelists-5.14.0-687.17.1.el9_8.noarch.rpm
kernel-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-cross-headers-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-devel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-devel-matched-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-modules-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-modules-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-modules-extra-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-uki-virt-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-devel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-devel-matched-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-doc-5.14.0-687.17.1.el9_8.noarch.rpm
kernel-headers-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-modules-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-modules-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-modules-extra-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-tools-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-tools-libs-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-tools-libs-devel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-uki-virt-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-uki-virt-addons-5.14.0-687.17.1.el9_8.x86_64.rpm
libperf-5.14.0-687.17.1.el9_8.x86_64.rpm
perf-5.14.0-687.17.1.el9_8.x86_64.rpm
python3-perf-5.14.0-687.17.1.el9_8.x86_64.rpm
rtla-5.14.0-687.17.1.el9_8.x86_64.rpm
rv-5.14.0-687.17.1.el9_8.x86_64.rpm

aarch64:
kernel-cross-headers-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-headers-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-tools-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-tools-libs-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-tools-libs-devel-5.14.0-687.17.1.el9_8.aarch64.rpm
libperf-5.14.0-687.17.1.el9_8.aarch64.rpm
perf-5.14.0-687.17.1.el9_8.aarch64.rpm
python3-perf-5.14.0-687.17.1.el9_8.aarch64.rpm
rtla-5.14.0-687.17.1.el9_8.aarch64.rpm
rv-5.14.0-687.17.1.el9_8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/kernel-5.14.0-687.17.1.el9_8.src.rpm

Related CVEs:

CVE-2026-23216
CVE-2026-31419
CVE-2026-31508
CVE-2026-31581
CVE-2026-43037
CVE-2026-43056
CVE-2026-43116
CVE-2026-43125
CVE-2026-43501
CVE-2026-45852
CVE-2026-46181

Description of changes:

[5.14.0-687.17.1]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 cb[] in ip4ip6_err() (Guillaume Nault) [RHEL-172646] {CVE-2026-43037}
- net: openvswitch: Avoid releasing netdev before teardown completes (CKI Backport Bot) [RHEL-170539] {CVE-2026-31508}

[5.14.0-687.14.1]
- RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() (Kamal Heib) [RHEL-179988] {CVE-2026-46181}
- redhat: Remove the mlx5 symbols from kabi (Kamal Heib) [RHEL-181822]
- ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (Antoine Tenart) [RHEL-178408] {CVE-2026-43501}
- RDMA/rxe: Fix double free in rxe_srq_from_init (CKI Backport Bot) [RHEL-179712] {CVE-2026-45852}
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173843] {CVE-2026-43116}
- ice: fix stats array overflow when VF requests more queues (Michal Schmidt) [RHEL-177526]
- ice: set max queues in alloc_etherdev_mqs() (Michal Schmidt) [RHEL-174336]
- ice: use netif_get_num_default_rss_queues() (Michal Schmidt) [RHEL-174336]
- ice: set default rss queues num to physical cores / 2 (Michal Schmidt) [RHEL-174336]
- dlm: fix buffer overflow from negative len in dlm_search_rsb_tree (Alexander Aring) [RHEL-173993] {CVE-2026-43125}
- dlm: validate length in dlm_search_rsb_tree (Alexander Aring) [RHEL-173993] {CVE-2026-43125}
- dpll: zl3073x: add ref-sync pair support (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: add ref sync and output clock type helpers (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: use FIELD_MODIFY() for clear-and-set patterns (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: clean up esync get/set and use zl3073x_out_is_ndiv() (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: implement frequency monitoring (Ivan Vecera) [RHEL-167833]
- dpll: add frequency monitoring callback ops (Ivan Vecera) [RHEL-167833]
- dpll: add frequency monitoring to netlink spec (Ivan Vecera) [RHEL-167833]
- dpll: zl3073x: drop selected and simplify connected ref getter (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add reference priority to zl3073x_chan (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add DPLL channel status fields to zl3073x_chan (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: introduce zl3073x_chan for DPLL channel state (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add zl3073x_ref_state_update helper (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: use struct_group to partition states (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add die temperature reporting for supported chips (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: detect DPLL channel count from chip ID at runtime (Ivan Vecera) [RHEL-172938]
- ALSA: 6fire: fix use-after-free on disconnect (CKI Backport Bot) [RHEL-172969] {CVE-2026-31581}
- net: mana: fix use-after-free in add_adev() error path (CKI Backport Bot) [RHEL-172768] {CVE-2026-43056}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (CKI Backport Bot) [RHEL-165564] {CVE-2026-23216}
- net: bonding: fix use-after-free in bond_xmit_broadcast() (CKI Backport Bot) [RHEL-168068] {CVE-2026-31419}
- x86/kvm: Avoid freeing stack-allocated node in kvm_async_pf_queue_task (Ryosuke Yasuoka) [RHEL-158916]

[5.14.0-687.13.1]
- smb: client: reject userspace cifs.spnego descriptions (Paulo Alcantara) [RHEL-178944] {CVE-2026-46243}
- s390/dasd: Copy detected format information to secondary device (Ramesh Chhetri) [RHEL-176472]
- s390/dasd: Move quiesce state with pprc swap (Ramesh Chhetri) [RHEL-176472]
- s390/dasd: Fix gendisk parent after copy pair swap (Ramesh Chhetri) [RHEL-176472]
- nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (Ewan D. Milne) [RHEL-171745]
- nvme: nvme-fc: move tagset removal to nvme_fc_delete_ctrl() (Ewan D. Milne) [RHEL-171745]
- Buffer overflow in drivers/xen/sys-hypervisor.c (Vitaly Kuznetsov) [RHEL-172510] {CVE-2026-31786}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172167]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172167]
- smb: client: fix OOB reads parsing symlink error response (CKI Backport Bot) [RHEL-171471] {CVE-2026-31613}
- mm/page_alloc: add vm.thp_thisnode_reclaim sysctl to allow THP reclaim on local node (Nico Pache) [RHEL-164778]
- mm/page_alloc: simplify __alloc_pages_slowpath() flow (Nico Pache) [RHEL-164778]
- mm/page_alloc: refactor the initial compaction handling (Nico Pache) [RHEL-164778]
- mm/page_alloc: ignore the exact initial compaction result (Nico Pache) [RHEL-164778]
- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (Nico Pache) [RHEL-164778]
- mm/page_alloc.c: avoid infinite retries caused by cpuset race (Nico Pache) [RHEL-164778]
- mm: warn about illegal __GFP_NOFAIL usage in a more appropriate location and manner (Nico Pache) [RHEL-164778]
- mm: document __GFP_NOFAIL must be blockable (Nico Pache) [RHEL-164778]

[5.14.0-687.12.1]
- dm-thin: fix metadata refcount underflow (Benjamin Marzinski) [RHEL-169626]
- netfilter: xt_tcpmss: check remaining length before reading optlen (CKI Backport Bot) [RHEL-174216] {CVE-2026-43190}
- wifi: brcmfmac: validate bsscfg indices in IF events (CKI Backport Bot) [RHEL-173848] {CVE-2026-43110}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172599] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172572] {CVE-2026-43020}
- crypto: tegra - Disable softirqs before finalizing request (CKI Backport Bot) [RHEL-170914]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-163343] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-163343] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (CKI Backport Bot) [RHEL-163343] {CVE-2025-38653}
- pNFS: fix a missing wake up while waiting on NFS_LAYOUT_DRAIN (Olga Kornievskaia) [RHEL-157470]

[5.14.0-687.11.1]
- mm/page_alloc: clear page->private in free_pages_prepare() (Rafael Aquini) [RHEL-174750] {CVE-2026-43303}
- ice: fix infinite recursion in ice_cfg_tx_topo via ice_init_dev_hw (CKI Backport Bot) [RHEL-175441]
- smb: client: validate dacloffset before building DACL pointers (Paulo Alcantara) [RHEL-172821]
- smb: client: use kzalloc to zero-initialize security descriptor buffer (Paulo Alcantara) [RHEL-172821]
- smb: client: scope end_of_dacl to CIFS_DEBUG2 use in parse_dacl (Paulo Alcantara) [RHEL-172821]
- smb: client: require a full NFS mode SID before reading mode bits (Paulo Alcantara) [RHEL-172821]
- smb: client: validate the whole DACL before rewriting it in cifsacl (Paulo Alcantara) [RHEL-172821] {CVE-2026-31709}
- Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (David Marlin) [RHEL-165063] {CVE-2026-31408}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174058] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174058] {CVE-2026-43158}
- redhat/configs: enable CONFIG_SCLP_OFB for s390x (Jan Polensky) [RHEL-172927]
- HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (CKI Backport Bot) [RHEL-172740] {CVE-2026-43051}
- netfilter: nf_conntrack_helper: pass helper to expect cleanup (CKI Backport Bot) [RHEL-172620] {CVE-2026-43027}
- s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump (Ramesh Chhetri) [RHEL-166859]
- ice: add dpll peer notification for paired SMA and U.FL pins (Petr Oros) [RHEL-171829]
- ice: fix missing dpll notifications for SW pins (Petr Oros) [RHEL-171829]
- dpll: export __dpll_pin_change_ntf() for use under dpll_lock (Petr Oros) [RHEL-171829]
- ice: fix SMA and U.FL pin state changes affecting paired pin (Petr Oros) [RHEL-162179]
- ice: fix missing SMA pin initialization in DPLL subsystem (Petr Oros) [RHEL-171832]
- ice: fix NULL pointer dereference in ice_reset_all_vfs() (Petr Oros) [RHEL-172257]
- dpll: zl3073x: Remove redundant cleanup in devm_dpll_init() (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: fix REF_PHASE_OFFSET_COMP register width for some chip IDs (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: Fix ref frequency setting (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: Include current frequency in supported frequencies list (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: Add output pin frequency helper (CKI Backport Bot) [RHEL-164442]
- scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (Vitaly Kuznetsov) [RHEL-171378]
- netfilter: ip6t_eui64: reject invalid MAC header for all packets (CKI Backport Bot) [RHEL-171155] {CVE-2026-31685}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171138] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-170960]
- ice: fix ice_ptp_read_tx_hwtstamp_status_eth56g (Petr Oros) [RHEL-170701]
- ice: fix ready bitmap check for non-E822 devices (Petr Oros) [RHEL-170701]
- ice: perform PHY soft reset for E825C ports at initialization (Petr Oros) [RHEL-170701]
- ice: fix timestamp interrupt configuration for E825C (Petr Oros) [RHEL-170701]
- drm/mgag200: fix mgag200_bmc_stop_scanout() (Jocelyn Falempe) [RHEL-150179]
- nbd: defer config unlock in nbd_genl_connect (Jeff Moyer) [RHEL-166950] {CVE-2025-68366}
- x86/mm: flush IOMMU before freeing kernel page table pages (Jerry Snitselaar) [RHEL-167100] {CVE-2025-71089}
- iommu/sva: add kernel page table IOTLB flush notification (Jerry Snitselaar) [RHEL-167100] {CVE-2025-71089}
- netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (CKI Backport Bot) [RHEL-166987] {CVE-2026-23455}
- crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (CKI Backport Bot) [RHEL-166927] {CVE-2025-68724}
- ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (Bruno Meneguele) [RHEL-169734] {CVE-2025-68183}
- i2c: i801: Revert "i2c: i801: replace acpi_lock with I2C bus lock" (David Arcari) [RHEL-155312]
- ice: fix PTP timestamping broken by SyncE code on E825C (Petr Oros) [RHEL-162182]
- ice: fix missing TX timestamps interrupts on E825 devices (CKI Backport Bot) [RHEL-162185]
- Revert "mm: pcp: increase pcp->free_count threshold to trigger free_high" (Luiz Capitulino) [RHEL-163464]
- netfilter: nf_tables: release flowtable after rcu grace period on error (CKI Backport Bot) [RHEL-160461] {CVE-2026-23392}

[5.14.0-687.10.1]
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300}
- net: move skb_gro_receive_list from udp to core (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300}
- net: skbuff: preserve shared-frag marker during coalescing (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300}
- ptrace: slightly saner 'get_dumpable()' logic (Ricardo Robaina) [RHEL-176454] {CVE-2026-46333}
- md/bitmap: fix GPF in write_page caused by resize race (Nigel Croxon) [RHEL-174091] {CVE-2026-43163}
- RDMA/umem: Fix double dma_buf_unpin in failure path (CKI Backport Bot) [RHEL-174020] {CVE-2026-43128}
- usbip: validate number_of_packets in usbip_pack_ret_submit() (CKI Backport Bot) [RHEL-171430] {CVE-2026-31607}
- can: raw: fix ro->uniq use-after-free in raw_rcv() (CKI Backport Bot) [RHEL-170759] {CVE-2026-31532}

[5.14.0-687.9.1]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174563] {CVE-2026-43284}



ELSA-2026-24381 Important: Oracle Linux 9 kernel security update


Oracle Linux Security Advisory ELSA-2026-24381

http://linux.oracle.com/errata/ELSA-2026-24381.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-abi-stablelists-5.14.0-687.17.1.el9_8.noarch.rpm
kernel-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-cross-headers-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-devel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-devel-matched-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-modules-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-modules-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-modules-extra-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-debug-uki-virt-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-devel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-devel-matched-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-doc-5.14.0-687.17.1.el9_8.noarch.rpm
kernel-headers-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-modules-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-modules-core-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-modules-extra-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-tools-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-tools-libs-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-tools-libs-devel-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-uki-virt-5.14.0-687.17.1.el9_8.x86_64.rpm
kernel-uki-virt-addons-5.14.0-687.17.1.el9_8.x86_64.rpm
libperf-5.14.0-687.17.1.el9_8.x86_64.rpm
perf-5.14.0-687.17.1.el9_8.x86_64.rpm
python3-perf-5.14.0-687.17.1.el9_8.x86_64.rpm
rtla-5.14.0-687.17.1.el9_8.x86_64.rpm
rv-5.14.0-687.17.1.el9_8.x86_64.rpm

aarch64:
kernel-cross-headers-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-headers-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-tools-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-tools-libs-5.14.0-687.17.1.el9_8.aarch64.rpm
kernel-tools-libs-devel-5.14.0-687.17.1.el9_8.aarch64.rpm
libperf-5.14.0-687.17.1.el9_8.aarch64.rpm
perf-5.14.0-687.17.1.el9_8.aarch64.rpm
python3-perf-5.14.0-687.17.1.el9_8.aarch64.rpm
rtla-5.14.0-687.17.1.el9_8.aarch64.rpm
rv-5.14.0-687.17.1.el9_8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/kernel-5.14.0-687.17.1.el9_8.src.rpm

Related CVEs:

CVE-2026-31613
CVE-2026-31786
CVE-2026-46243

Description of changes:

[5.14.0-687.17.1]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 cb[] in ip4ip6_err() (Guillaume Nault) [RHEL-172646] {CVE-2026-43037}
- net: openvswitch: Avoid releasing netdev before teardown completes (CKI Backport Bot) [RHEL-170539] {CVE-2026-31508}

[5.14.0-687.14.1]
- RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() (Kamal Heib) [RHEL-179988] {CVE-2026-46181}
- redhat: Remove the mlx5 symbols from kabi (Kamal Heib) [RHEL-181822]
- ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (Antoine Tenart) [RHEL-178408] {CVE-2026-43501}
- RDMA/rxe: Fix double free in rxe_srq_from_init (CKI Backport Bot) [RHEL-179712] {CVE-2026-45852}
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173843] {CVE-2026-43116}
- ice: fix stats array overflow when VF requests more queues (Michal Schmidt) [RHEL-177526]
- ice: set max queues in alloc_etherdev_mqs() (Michal Schmidt) [RHEL-174336]
- ice: use netif_get_num_default_rss_queues() (Michal Schmidt) [RHEL-174336]
- ice: set default rss queues num to physical cores / 2 (Michal Schmidt) [RHEL-174336]
- dlm: fix buffer overflow from negative len in dlm_search_rsb_tree (Alexander Aring) [RHEL-173993] {CVE-2026-43125}
- dlm: validate length in dlm_search_rsb_tree (Alexander Aring) [RHEL-173993] {CVE-2026-43125}
- dpll: zl3073x: add ref-sync pair support (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: add ref sync and output clock type helpers (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: use FIELD_MODIFY() for clear-and-set patterns (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: clean up esync get/set and use zl3073x_out_is_ndiv() (Ivan Vecera) [RHEL-167273]
- dpll: zl3073x: implement frequency monitoring (Ivan Vecera) [RHEL-167833]
- dpll: add frequency monitoring callback ops (Ivan Vecera) [RHEL-167833]
- dpll: add frequency monitoring to netlink spec (Ivan Vecera) [RHEL-167833]
- dpll: zl3073x: drop selected and simplify connected ref getter (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add reference priority to zl3073x_chan (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add DPLL channel status fields to zl3073x_chan (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: introduce zl3073x_chan for DPLL channel state (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add zl3073x_ref_state_update helper (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: use struct_group to partition states (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: add die temperature reporting for supported chips (Ivan Vecera) [RHEL-172938]
- dpll: zl3073x: detect DPLL channel count from chip ID at runtime (Ivan Vecera) [RHEL-172938]
- ALSA: 6fire: fix use-after-free on disconnect (CKI Backport Bot) [RHEL-172969] {CVE-2026-31581}
- net: mana: fix use-after-free in add_adev() error path (CKI Backport Bot) [RHEL-172768] {CVE-2026-43056}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (CKI Backport Bot) [RHEL-165564] {CVE-2026-23216}
- net: bonding: fix use-after-free in bond_xmit_broadcast() (CKI Backport Bot) [RHEL-168068] {CVE-2026-31419}
- x86/kvm: Avoid freeing stack-allocated node in kvm_async_pf_queue_task (Ryosuke Yasuoka) [RHEL-158916]

[5.14.0-687.13.1]
- smb: client: reject userspace cifs.spnego descriptions (Paulo Alcantara) [RHEL-178944] {CVE-2026-46243}
- s390/dasd: Copy detected format information to secondary device (Ramesh Chhetri) [RHEL-176472]
- s390/dasd: Move quiesce state with pprc swap (Ramesh Chhetri) [RHEL-176472]
- s390/dasd: Fix gendisk parent after copy pair swap (Ramesh Chhetri) [RHEL-176472]
- nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (Ewan D. Milne) [RHEL-171745]
- nvme: nvme-fc: move tagset removal to nvme_fc_delete_ctrl() (Ewan D. Milne) [RHEL-171745]
- Buffer overflow in drivers/xen/sys-hypervisor.c (Vitaly Kuznetsov) [RHEL-172510] {CVE-2026-31786}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172167]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172167]
- smb: client: fix OOB reads parsing symlink error response (CKI Backport Bot) [RHEL-171471] {CVE-2026-31613}
- mm/page_alloc: add vm.thp_thisnode_reclaim sysctl to allow THP reclaim on local node (Nico Pache) [RHEL-164778]
- mm/page_alloc: simplify __alloc_pages_slowpath() flow (Nico Pache) [RHEL-164778]
- mm/page_alloc: refactor the initial compaction handling (Nico Pache) [RHEL-164778]
- mm/page_alloc: ignore the exact initial compaction result (Nico Pache) [RHEL-164778]
- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (Nico Pache) [RHEL-164778]
- mm/page_alloc.c: avoid infinite retries caused by cpuset race (Nico Pache) [RHEL-164778]
- mm: warn about illegal __GFP_NOFAIL usage in a more appropriate location and manner (Nico Pache) [RHEL-164778]
- mm: document __GFP_NOFAIL must be blockable (Nico Pache) [RHEL-164778]

[5.14.0-687.12.1]
- dm-thin: fix metadata refcount underflow (Benjamin Marzinski) [RHEL-169626]
- netfilter: xt_tcpmss: check remaining length before reading optlen (CKI Backport Bot) [RHEL-174216] {CVE-2026-43190}
- wifi: brcmfmac: validate bsscfg indices in IF events (CKI Backport Bot) [RHEL-173848] {CVE-2026-43110}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172599] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172572] {CVE-2026-43020}
- crypto: tegra - Disable softirqs before finalizing request (CKI Backport Bot) [RHEL-170914]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-163343] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-163343] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (CKI Backport Bot) [RHEL-163343] {CVE-2025-38653}
- pNFS: fix a missing wake up while waiting on NFS_LAYOUT_DRAIN (Olga Kornievskaia) [RHEL-157470]

[5.14.0-687.11.1]
- mm/page_alloc: clear page->private in free_pages_prepare() (Rafael Aquini) [RHEL-174750] {CVE-2026-43303}
- ice: fix infinite recursion in ice_cfg_tx_topo via ice_init_dev_hw (CKI Backport Bot) [RHEL-175441]
- smb: client: validate dacloffset before building DACL pointers (Paulo Alcantara) [RHEL-172821]
- smb: client: use kzalloc to zero-initialize security descriptor buffer (Paulo Alcantara) [RHEL-172821]
- smb: client: scope end_of_dacl to CIFS_DEBUG2 use in parse_dacl (Paulo Alcantara) [RHEL-172821]
- smb: client: require a full NFS mode SID before reading mode bits (Paulo Alcantara) [RHEL-172821]
- smb: client: validate the whole DACL before rewriting it in cifsacl (Paulo Alcantara) [RHEL-172821] {CVE-2026-31709}
- Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (David Marlin) [RHEL-165063] {CVE-2026-31408}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174058] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174058] {CVE-2026-43158}
- redhat/configs: enable CONFIG_SCLP_OFB for s390x (Jan Polensky) [RHEL-172927]
- HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (CKI Backport Bot) [RHEL-172740] {CVE-2026-43051}
- netfilter: nf_conntrack_helper: pass helper to expect cleanup (CKI Backport Bot) [RHEL-172620] {CVE-2026-43027}
- s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump (Ramesh Chhetri) [RHEL-166859]
- ice: add dpll peer notification for paired SMA and U.FL pins (Petr Oros) [RHEL-171829]
- ice: fix missing dpll notifications for SW pins (Petr Oros) [RHEL-171829]
- dpll: export __dpll_pin_change_ntf() for use under dpll_lock (Petr Oros) [RHEL-171829]
- ice: fix SMA and U.FL pin state changes affecting paired pin (Petr Oros) [RHEL-162179]
- ice: fix missing SMA pin initialization in DPLL subsystem (Petr Oros) [RHEL-171832]
- ice: fix NULL pointer dereference in ice_reset_all_vfs() (Petr Oros) [RHEL-172257]
- dpll: zl3073x: Remove redundant cleanup in devm_dpll_init() (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: fix REF_PHASE_OFFSET_COMP register width for some chip IDs (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: Fix ref frequency setting (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: Include current frequency in supported frequencies list (CKI Backport Bot) [RHEL-164442]
- dpll: zl3073x: Add output pin frequency helper (CKI Backport Bot) [RHEL-164442]
- scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (Vitaly Kuznetsov) [RHEL-171378]
- netfilter: ip6t_eui64: reject invalid MAC header for all packets (CKI Backport Bot) [RHEL-171155] {CVE-2026-31685}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171138] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-170960]
- ice: fix ice_ptp_read_tx_hwtstamp_status_eth56g (Petr Oros) [RHEL-170701]
- ice: fix ready bitmap check for non-E822 devices (Petr Oros) [RHEL-170701]
- ice: perform PHY soft reset for E825C ports at initialization (Petr Oros) [RHEL-170701]
- ice: fix timestamp interrupt configuration for E825C (Petr Oros) [RHEL-170701]
- drm/mgag200: fix mgag200_bmc_stop_scanout() (Jocelyn Falempe) [RHEL-150179]
- nbd: defer config unlock in nbd_genl_connect (Jeff Moyer) [RHEL-166950] {CVE-2025-68366}
- x86/mm: flush IOMMU before freeing kernel page table pages (Jerry Snitselaar) [RHEL-167100] {CVE-2025-71089}
- iommu/sva: add kernel page table IOTLB flush notification (Jerry Snitselaar) [RHEL-167100] {CVE-2025-71089}
- netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (CKI Backport Bot) [RHEL-166987] {CVE-2026-23455}
- crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (CKI Backport Bot) [RHEL-166927] {CVE-2025-68724}
- ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (Bruno Meneguele) [RHEL-169734] {CVE-2025-68183}
- i2c: i801: Revert "i2c: i801: replace acpi_lock with I2C bus lock" (David Arcari) [RHEL-155312]
- ice: fix PTP timestamping broken by SyncE code on E825C (Petr Oros) [RHEL-162182]
- ice: fix missing TX timestamps interrupts on E825 devices (CKI Backport Bot) [RHEL-162185]
- Revert "mm: pcp: increase pcp->free_count threshold to trigger free_high" (Luiz Capitulino) [RHEL-163464]
- netfilter: nf_tables: release flowtable after rcu grace period on error (CKI Backport Bot) [RHEL-160461] {CVE-2026-23392}

[5.14.0-687.10.1]
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300}
- net: move skb_gro_receive_list from udp to core (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300}
- net: skbuff: preserve shared-frag marker during coalescing (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300}
- ptrace: slightly saner 'get_dumpable()' logic (Ricardo Robaina) [RHEL-176454] {CVE-2026-46333}
- md/bitmap: fix GPF in write_page caused by resize race (Nigel Croxon) [RHEL-174091] {CVE-2026-43163}
- RDMA/umem: Fix double dma_buf_unpin in failure path (CKI Backport Bot) [RHEL-174020] {CVE-2026-43128}
- usbip: validate number_of_packets in usbip_pack_ret_submit() (CKI Backport Bot) [RHEL-171430] {CVE-2026-31607}
- can: raw: fix ro->uniq use-after-free in raw_rcv() (CKI Backport Bot) [RHEL-170759] {CVE-2026-31532}

[5.14.0-687.9.1]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174563] {CVE-2026-43284}



ELSA-2026-30854 Important: Oracle Linux 9 git-lfs security update


Oracle Linux Security Advisory ELSA-2026-30854

http://linux.oracle.com/errata/ELSA-2026-30854.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
git-lfs-3.7.1-4.el9_8.1.x86_64.rpm

aarch64:
git-lfs-3.7.1-4.el9_8.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/git-lfs-3.7.1-4.el9_8.1.src.rpm

Related CVEs:

CVE-2026-39821

Description of changes:

[3.7.1-4.1]
- Fix CVE-2026-39821: vendored golang.org/x/net/idna ToUnicode
incorrectly accepting all-ASCII xn-- labels
- Resolves: RHEL-183797



ELSA-2026-22312 Moderate: Oracle Linux 9 openssl security update


Oracle Linux Security Advisory ELSA-2026-22312

http://linux.oracle.com/errata/ELSA-2026-22312.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
openssl-3.5.5-4.0.1.el9_8.x86_64.rpm
openssl-devel-3.5.5-4.0.1.el9_8.i686.rpm
openssl-devel-3.5.5-4.0.1.el9_8.x86_64.rpm
openssl-libs-3.5.5-4.0.1.el9_8.i686.rpm
openssl-libs-3.5.5-4.0.1.el9_8.x86_64.rpm
openssl-perl-3.5.5-4.0.1.el9_8.x86_64.rpm

aarch64:
openssl-3.5.5-4.0.1.el9_8.aarch64.rpm
openssl-devel-3.5.5-4.0.1.el9_8.aarch64.rpm
openssl-libs-3.5.5-4.0.1.el9_8.aarch64.rpm
openssl-perl-3.5.5-4.0.1.el9_8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/openssl-3.5.5-4.0.1.el9_8.src.rpm

Related CVEs:

CVE-2026-28390

Description of changes:

[3.5.5-4.0.1]
- Replace upstream references [Orabug: 34340177]

[3.5.5.openela.0.1]
- Add OpenELA specific changes

[1:3.5.5-4]
- Fix CVE-2026-7383, CVE-2026-9076, CVE-2026-34180, CVE-2026-34181,
CVE-2026-34183, CVE-2026-42764, CVE-2026-42766, CVE-2026-42767, CVE-2026-42768,
CVE-2026-42769, CVE-2026-42770, CVE-2026-45445, CVE-2026-45446, CVE-2026-45447,
CVE-2026-34182.
Resolves: RHEL-179274
Resolves: RHEL-179287
Resolves: RHEL-179539
Resolves: RHEL-179544
Resolves: RHEL-179547
Resolves: RHEL-179552
Resolves: RHEL-179556
Resolves: RHEL-179633
Resolves: RHEL-179661
Resolves: RHEL-179678
Resolves: RHEL-179684
Resolves: RHEL-179688
Resolves: RHEL-179691
Resolves: RHEL-179696
Resolves: RHEL-179699

[1:3.5.5-3]
- Fix CVE-2026-28390
Resolves: RHEL-165870



ELBA-2026-28248 Oracle Linux 9 passt bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2026-28248

http://linux.oracle.com/errata/ELBA-2026-28248.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
passt-0^20251210.gd04c480-5.el9_8.x86_64.rpm
passt-selinux-0^20251210.gd04c480-5.el9_8.noarch.rpm

aarch64:
passt-0^20251210.gd04c480-5.el9_8.aarch64.rpm
passt-selinux-0^20251210.gd04c480-5.el9_8.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/passt-0^20251210.gd04c480-5.el9_8.src.rpm

Description of changes:

[0^20251210.gd04c480-5]
- Resolves: RHEL-184106 RHEL-183990

[0^20251210.gd04c480-4]
- Resolves: RHEL-169637 RHEL-169639 RHEL-169648

[0^20251210.gd04c480-3]
- Resolves: RHEL-137588 RHEL-136313

[0^20251210.gd04c480-2]
- Resolves: RHEL-136313 RHEL-136461 RHEL-137439 RHEL-137588

[0^20251210.gd04c480-1]
- Resolves: RHEL-134942 RHEL-134943

[0^20251209.gc3f1ba7-1]
- Resolves: RHEL-134119

[0^20250512.g8ec1341-3]
- Resolves: RHEL-123376 RHEL-123438

[0^20250512.g8ec1341-2]
- Resolves: RHEL-106326

[0^20250512.g8ec1341-1]
- Resolves: RHEL-84283

[0^20250320.g32f6212-1]
- Resolves: RHEL-84283



ELSA-2026-50352 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2026-50352

http://linux.oracle.com/errata/ELSA-2026-50352.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

aarch64:
bpftool-5.15.0-321.202.5.3.el9uek.aarch64.rpm
kernel-uek-5.15.0-321.202.5.3.el9uek.aarch64.rpm
kernel-uek-container-5.15.0-321.202.5.3.el9uek.aarch64.rpm
kernel-uek-container-debug-5.15.0-321.202.5.3.el9uek.aarch64.rpm
kernel-uek-core-5.15.0-321.202.5.3.el9uek.aarch64.rpm
kernel-uek-debug-5.15.0-321.202.5.3.el9uek.aarch64.rpm
kernel-uek-debug-core-5.15.0-321.202.5.3.el9uek.aarch64.rpm
kernel-uek-debug-devel-5.15.0-321.202.5.3.el9uek.aarch64.rpm
kernel-uek-debug-modules-5.15.0-321.202.5.3.el9uek.aarch64.rpm
kernel-uek-debug-modules-extra-5.15.0-321.202.5.3.el9uek.aarch64.rpm
kernel-uek-devel-5.15.0-321.202.5.3.el9uek.aarch64.rpm
kernel-uek-doc-5.15.0-321.202.5.3.el9uek.noarch.rpm
kernel-uek-modules-5.15.0-321.202.5.3.el9uek.aarch64.rpm
kernel-uek-modules-extra-5.15.0-321.202.5.3.el9uek.aarch64.rpm
kernel-uek64k-5.15.0-321.202.5.3.el9uek.aarch64.rpm
kernel-uek64k-core-5.15.0-321.202.5.3.el9uek.aarch64.rpm
kernel-uek64k-devel-5.15.0-321.202.5.3.el9uek.aarch64.rpm
kernel-uek64k-modules-5.15.0-321.202.5.3.el9uek.aarch64.rpm
kernel-uek64k-modules-extra-5.15.0-321.202.5.3.el9uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/kernel-uek-5.15.0-321.202.5.3.el9uek.src.rpm

Related CVEs:

CVE-2026-52943

Description of changes:

[5.15.0-321.202.5.3]
- net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39639981] {CVE-2026-52943}

[5.15.0-321.202.5.2]
- net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (Muhammad Alifa Ramdhan) [Orabug: 39543209] {CVE-2026-31533}
- net: fix fanout UAF in packet_release() via NETDEV_UP race (Yochai Eisenrich) [Orabug: 39543208] {CVE-2026-31504}
- net: tap: NULL pointer derefence in dev_parse_header_protocol when skb->dev is null (Cezar Bulinaru) [Orabug: 39543201] {CVE-2022-50073}
- mptcp: fix slab-use-after-free in __inet_lookup_established (Jiayuan Chen) [Orabug: 39543200] {CVE-2026-31669}
- batman-adv: hold claim backbone gateways by reference (Haoze Xie) [Orabug: 39543197] {CVE-2026-31657}
- arm64: dts: pensando: drop elba penfw firmware node (Tom Saeger) [Orabug: 39543196]

[5.15.0-321.202.5.1]
- arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39017590] {CVE-2025-10263}
- arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [Orabug: 39017590]
- ARM: uek: Disable CONFIG_NVIDIA_CARMEL_CNP_ERRATUM (Boris Ostrovsky) [Orabug: 39017590]
- arm64: tlb: allow XZR argument to TLBI ops (Mark Rutland) [Orabug: 39017590]
- arm64: cputype: Add C1-Premium definitions (Mark Rutland) [Orabug: 39017590]
- arm64: cputype: Add C1-Ultra definitions (Mark Rutland) [Orabug: 39017590]

[5.15.0-321.202.5]
- Revert "ip6_tunnel: Fix usage of skb_vlan_inet_prepare()" (Harshit Mogalapalli) [Orabug: 39476647]
- smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada) [Orabug: 39463672]

[5.15.0-321.202.4]
- tun: free page on build_skb failure in tun_xdp_one() (Weiming Shi) [Orabug: 39429143]
- tap: free page on error paths in tap_get_user_xdp() (Weiming Shi) [Orabug: 39429143]
- tun: free page on short-frame rejection in tun_xdp_one() (Weiming Shi) [Orabug: 39429143]

[5.15.0-321.202.3]
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim) [Orabug: 39368827] {CVE-2026-46300}
- net: skbuff: preserve shared-frag marker during coalescing (William Bowling) [Orabug: 39368827]
- ptrace: slightly saner 'get_dumpable()' logic (Linus Torvalds) [Orabug: 39384274] {CVE-2026-46333}
- mm/hugetlb: fix excessive IPI broadcasts when unsharing PMD tables using mmu_gather (David Hildenbrand (Red Hat)) [Orabug: 38474901]
- Revert "mm/hugetlb: add option to allows disabling CVE-2025-38085 mitigation" (Samasth Norway Ananda) [Orabug: 38474901]
- mm/rmap: fix two comments related to huge_pmd_unshare() (David Hildenbrand (Red Hat)) [Orabug: 38474901]
- mm/hugetlb: fix two comments related to huge_pmd_unshare() (David Hildenbrand (Red Hat)) [Orabug: 38474901]
- mm/hugetlb: fix hugetlb_pmd_shared() (David Hildenbrand (Red Hat)) [Orabug: 38474901]

[5.15.0-321.202.2]
- dpaa2-switch: Fix interrupt storm after receiving bad if_id in IRQ handler (Guenter Roeck)
- Revert "arm64: dts: qcom: sdm845-oneplus: Mark l14a regulator as boot-on" (Sasha Levin)
- ip6_tunnel: Fix usage of skb_vlan_inet_prepare() (Ben Hutchings)
- hwmon: (max16065) Use READ/WRITE_ONCE to avoid compiler optimization induced race (Gui-Dong Han)
- wifi: wlcore: Return -ENOMEM instead of -EAGAIN if there is not enough headroom (Guenter Roeck)
- sched: idle: Make skipping governor callbacks more consistent (Rafael J. Wysocki)
- nvmet-tcp: fix use-before-check of sg in bounds validation (Cengiz Can)
- remoteproc: mediatek: Unprepare SCP clock during system suspend (Tzung-Bi Shih)
- net: openvswitch: Avoid releasing netdev before teardown completes (Toke Høiland-Jørgensen)
- ACPI: processor: Fix previous acpi_processor_errata_piix4() fix (Rafael J. Wysocki)
- net: hsr: fix VLAN add unwind on slave errors (Luka Gejak)
- x86/CPU/AMD: Add a fix for AMD-SB-7052 (Prathyushi Nangia) [Orabug: 39327141] {CVE-2025-54518}
- xfrm: esp: ipv4: fix up flags setting (Greg Kroah-Hartman) [Orabug: 39342679] {CVE-2026-43284}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen) [Orabug: 39342679] {CVE-2026-43284}
- KVM: x86: disable preemption around the call to kvm_arch_vcpu_{un|}blocking (Maxim Levitsky) [Orabug: 39334996]
- KVM: Don't block+unblock when halt-polling is successful (Sean Christopherson) [Orabug: 39334996]
- nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Jeff Layton) [Orabug: 39167616] {CVE-2026-31402}
- net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks (Victor Nogueira) [Orabug: 39103230] {CVE-2026-23270}
- exadata: tools: perf: update column to comm_nodigit (Stephen Brennan) [Orabug: 39327019]
- perf report: Add comm_nodigit sort key (Stephen Brennan) [Orabug: 39327019]
- Revert "tools: perf: add comm_ignore_digit column" (Stephen Brennan) [Orabug: 39327019]

[5.15.0-321.202.1]
- virtio-net: add cond_resched() to the command waiting loop (Jason Wang) [Orabug: 39291988]
- virtio-net: convert rx mode setting to use workqueue (Jason Wang) [Orabug: 39291988]
- x86: KVM: Add common feature flag for AMD's PSFD (Sean Christopherson) [Orabug: 35586248]
- KVM: x86: Insert "AMD" in KVM_X86_FEATURE_PSFD (Jim Mattson) [Orabug: 35586248]
- KVM: x86: Expose Predictive Store Forwarding Disable (Babu Moger) [Orabug: 35586248]
- i2c: designware: fix __i2c_dw_disable() in case master is holding SCL low (Yann Sionneau) [Orabug: 39174661]

[5.15.0-320.202.8]
- iommu/arm-smmu-v3: Handle zeroed A4-2C HTTU override settings (Joao Martins) [Orabug: 39186453]
- iommu: Move IOMMU_DIRTY_NO_CLEAR define (Shameer Kolothum) [Orabug: 39186453]
- iommu/arm-smmu-v3: Enable HTTU for stage1 with io-pgtable mapping (Kunkun Jiang) [Orabug: 39186453]
- iommu/arm-smmu-v3: Add support for dirty tracking in domain alloc (Joao Martins) [Orabug: 39186453]
- iommu/io-pgtable-arm: Add read_and_clear_dirty() support (Shameer Kolothum) [Orabug: 39186453]
- iommu/arm-smmu-v3: Add feature detection for HTTU (Jean-Philippe Brucker) [Orabug: 39186453]

[5.15.0-320.202.7]
- crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [Orabug: 39250686,39331104] {CVE-2026-43077}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Herbert Xu) [Orabug: 39250686,39331109] {CVE-2026-43078}
- crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [Orabug: 39250686]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [Orabug: 39250686,39300910] {CVE-2026-43033}
- crypto: authenc - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250686]
- crypto: algif_aead - snapshot IV for async AEAD requests (Douya Le) [Orabug: 39250686]
- crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [Orabug: 39250686,39283867,39291961] {CVE-2026-31431}
- crypto: algif_aead - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250686] {CVE-2026-31431}
- crypto: scatterwalk - Backport memcpy_sglist() (Eric Biggers) [Orabug: 39250686]
- uek-rpm: Enable FWCTL for aarch64 (Dave Kleikamp) [Orabug: 39252913]



ELSA-2026-50352 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2026-50352

http://linux.oracle.com/errata/ELSA-2026-50352.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-5.15.0-321.202.5.3.el8uek.x86_64.rpm
kernel-uek-5.15.0-321.202.5.3.el8uek.x86_64.rpm
kernel-uek-core-5.15.0-321.202.5.3.el8uek.x86_64.rpm
kernel-uek-debug-5.15.0-321.202.5.3.el8uek.x86_64.rpm
kernel-uek-debug-core-5.15.0-321.202.5.3.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.15.0-321.202.5.3.el8uek.x86_64.rpm
kernel-uek-debug-modules-5.15.0-321.202.5.3.el8uek.x86_64.rpm
kernel-uek-debug-modules-extra-5.15.0-321.202.5.3.el8uek.x86_64.rpm
kernel-uek-devel-5.15.0-321.202.5.3.el8uek.x86_64.rpm
kernel-uek-doc-5.15.0-321.202.5.3.el8uek.noarch.rpm
kernel-uek-modules-5.15.0-321.202.5.3.el8uek.x86_64.rpm
kernel-uek-modules-extra-5.15.0-321.202.5.3.el8uek.x86_64.rpm
kernel-uek-container-5.15.0-321.202.5.3.el8uek.x86_64.rpm
kernel-uek-container-debug-5.15.0-321.202.5.3.el8uek.x86_64.rpm

aarch64:
bpftool-5.15.0-321.202.5.3.el8uek.aarch64.rpm
kernel-uek-5.15.0-321.202.5.3.el8uek.aarch64.rpm
kernel-uek-core-5.15.0-321.202.5.3.el8uek.aarch64.rpm
kernel-uek-debug-5.15.0-321.202.5.3.el8uek.aarch64.rpm
kernel-uek-debug-core-5.15.0-321.202.5.3.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.15.0-321.202.5.3.el8uek.aarch64.rpm
kernel-uek-debug-modules-5.15.0-321.202.5.3.el8uek.aarch64.rpm
kernel-uek-debug-modules-extra-5.15.0-321.202.5.3.el8uek.aarch64.rpm
kernel-uek-devel-5.15.0-321.202.5.3.el8uek.aarch64.rpm
kernel-uek-doc-5.15.0-321.202.5.3.el8uek.noarch.rpm
kernel-uek-modules-5.15.0-321.202.5.3.el8uek.aarch64.rpm
kernel-uek-modules-extra-5.15.0-321.202.5.3.el8uek.aarch64.rpm
kernel-uek-container-5.15.0-321.202.5.3.el8uek.aarch64.rpm
kernel-uek-container-debug-5.15.0-321.202.5.3.el8uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.15.0-321.202.5.3.el8uek.src.rpm

Related CVEs:

CVE-2026-52943

Description of changes:

[5.15.0-321.202.5.3]
- net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39639981] {CVE-2026-52943}



ELSA-2026-50353 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2026-50353

http://linux.oracle.com/errata/ELSA-2026-50353.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.356.4.3.el8uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.356.4.3.el8uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.356.4.3.el8uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.356.4.3.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.356.4.3.el8uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.356.4.3.el8uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.356.4.3.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.356.4.3.el8uek.src.rpm

Related CVEs:

CVE-2026-52943

Description of changes:

[5.4.17-2136.356.4.3]
- net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39639989] {CVE-2026-52943}



ELSA-2026-50353 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2026-50353

http://linux.oracle.com/errata/ELSA-2026-50353.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

aarch64:
kernel-uek-5.4.17-2136.356.4.3.el8uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.356.4.3.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.356.4.3.el8uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.356.4.3.el8uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.356.4.3.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.356.4.3.el8uek.src.rpm

Related CVEs:

CVE-2026-52943

Description of changes:

[5.4.17-2136.356.4.3]
- net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39639989] {CVE-2026-52943}

[5.4.17-2136.356.4.2]
- arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39017592] {CVE-2025-10263}
- arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [Orabug: 39017592]
- ARM: uek: Disable CONFIG_QCOM_FALKOR_ERRATUM_1003 (Boris Ostrovsky) [Orabug: 39017592]
- arm64: tlb: allow XZR argument to TLBI ops (Mark Rutland) [Orabug: 39017592]
- arm64: cputype: Add C1-Premium definitions (Mark Rutland) [Orabug: 39017592]
- arm64: cputype: Add C1-Ultra definitions (Mark Rutland) [Orabug: 39017592]

[5.4.17-2136.356.4.1]
- smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada) [Orabug: 39463669]

[5.4.17-2136.356.4]
- tun: free page on build_skb failure in tun_xdp_one() (Weiming Shi) [Orabug: 39429147]
- tap: free page on error paths in tap_get_user_xdp() (Weiming Shi) [Orabug: 39429147]
- tun: free page on short-frame rejection in tun_xdp_one() (Weiming Shi) [Orabug: 39429147]

[5.4.17-2136.356.3]
- ptrace: slightly saner 'get_dumpable()' logic (Linus Torvalds) [Orabug: 39384275,39391459] {CVE-2026-46333}
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim) [Orabug: 39368828,39441326] {CVE-2026-43503,CVE-2026-46300}
- net: skbuff: preserve shared-frag marker during coalescing (William Bowling) [Orabug: 39368828] {CVE-2026-46300}

[5.4.17-2136.356.2]
- nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Jeff Layton) [Orabug: 39167617,39368718] {CVE-2026-31402}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (Maurizio Lombardi) [Orabug: 38985173,39368732] {CVE-2026-23216}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (Maurizio Lombardi) [Orabug: 38970455,39368774] {CVE-2026-23193}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen) [Orabug: 39334580,39367147] {CVE-2026-43284}
- x86/CPU/AMD: Add a fix for AMD-SB-7052 (Prathyushi Nangia) [Orabug: 39218897] {CVE-2025-54518}

[5.4.17-2136.356.1]
- arm64/kvm: Include linux/random.h in trng.c (Siddh Raman Pant) [Orabug: 39327096]
- i2c: designware: Disable TX_EMPTY irq while waiting for block length byte (Tam Nguyen) [Orabug: 39174662]
- i2c: designware: Handle invalid SMBus block data response length value (Tam Nguyen) [Orabug: 39174662]
- i2c: designware: fix __i2c_dw_disable() in case master is holding SCL low (Yann Sionneau) [Orabug: 39174662]

[5.4.17-2136.355.3]
- crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [Orabug: 39250687,39331106] {CVE-2026-43077}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Herbert Xu) [Orabug: 39250687,39331111] {CVE-2026-43078}
- crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [Orabug: 39250687]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [Orabug: 39250687,39300911] {CVE-2026-43033}
- crypto: authenc - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687]
- crypto: algif_aead - snapshot IV for async AEAD requests (Douya Le) [Orabug: 39250687,39452217] {CVE-2026-46028}
- crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [Orabug: 39250687,39283868,39292250] {CVE-2026-31431}
- crypto: algif_aead - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687] {CVE-2026-31431}
- crypto: scatterwalk - Backport memcpy_sglist() (Eric Biggers) [Orabug: 39250687]
- crypto: doc - fix kernel-doc notation in chacha.c and af_alg.c (Randy Dunlap) [Orabug: 39250687]

[5.4.17-2136.355.2]
- Revert "rds: Drop rds conn in connect worker if not in down state." (Alok Tiwari) [Orabug: 39253770]
- x86/CPU: Fix FPDSS on Zen1 (Siddh Raman Pant) [Orabug: 39241225,39273723] {CVE-2026-31628}
- SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (Joshua Rogers) [Orabug: 38852342] {CVE-2025-71120}

[5.4.17-2136.355.1]
- net/sched: Enforce that teql can only be used as root qdisc (Jamal Hadi Salim) [Orabug: 38930950] {CVE-2026-23074}



ELSA-2026-50353 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2026-50353

http://linux.oracle.com/errata/ELSA-2026-50353.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.356.4.3.el7uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.356.4.3.el7uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.356.4.3.el7uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.356.4.3.el7uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.356.4.3.el7uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.356.4.3.el7uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.356.4.3.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2136.356.4.3.el7uek.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-5.4.17-2136.356.4.3.el7uek.src.rpm

Related CVEs:

CVE-2026-52943

Description of changes:

[5.4.17-2136.356.4.3]
- net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39639989] {CVE-2026-52943}

[5.4.17-2136.356.4.2]
- arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39017592] {CVE-2025-10263}
- arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [Orabug: 39017592]
- ARM: uek: Disable CONFIG_QCOM_FALKOR_ERRATUM_1003 (Boris Ostrovsky) [Orabug: 39017592]
- arm64: tlb: allow XZR argument to TLBI ops (Mark Rutland) [Orabug: 39017592]
- arm64: cputype: Add C1-Premium definitions (Mark Rutland) [Orabug: 39017592]
- arm64: cputype: Add C1-Ultra definitions (Mark Rutland) [Orabug: 39017592]

[5.4.17-2136.356.4.1]
- smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada) [Orabug: 39463669]

[5.4.17-2136.356.4]
- tun: free page on build_skb failure in tun_xdp_one() (Weiming Shi) [Orabug: 39429147]
- tap: free page on error paths in tap_get_user_xdp() (Weiming Shi) [Orabug: 39429147]
- tun: free page on short-frame rejection in tun_xdp_one() (Weiming Shi) [Orabug: 39429147]

[5.4.17-2136.356.3]
- ptrace: slightly saner 'get_dumpable()' logic (Linus Torvalds) [Orabug: 39384275,39391459] {CVE-2026-46333}
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim) [Orabug: 39368828,39441326] {CVE-2026-43503,CVE-2026-46300}
- net: skbuff: preserve shared-frag marker during coalescing (William Bowling) [Orabug: 39368828] {CVE-2026-46300}

[5.4.17-2136.356.2]
- nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Jeff Layton) [Orabug: 39167617,39368718] {CVE-2026-31402}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (Maurizio Lombardi) [Orabug: 38985173,39368732] {CVE-2026-23216}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (Maurizio Lombardi) [Orabug: 38970455,39368774] {CVE-2026-23193}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen) [Orabug: 39334580,39367147] {CVE-2026-43284}
- x86/CPU/AMD: Add a fix for AMD-SB-7052 (Prathyushi Nangia) [Orabug: 39218897] {CVE-2025-54518}

[5.4.17-2136.356.1]
- arm64/kvm: Include linux/random.h in trng.c (Siddh Raman Pant) [Orabug: 39327096]
- i2c: designware: Disable TX_EMPTY irq while waiting for block length byte (Tam Nguyen) [Orabug: 39174662]
- i2c: designware: Handle invalid SMBus block data response length value (Tam Nguyen) [Orabug: 39174662]
- i2c: designware: fix __i2c_dw_disable() in case master is holding SCL low (Yann Sionneau) [Orabug: 39174662]

[5.4.17-2136.355.3]
- crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [Orabug: 39250687,39331106] {CVE-2026-43077}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Herbert Xu) [Orabug: 39250687,39331111] {CVE-2026-43078}
- crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [Orabug: 39250687]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [Orabug: 39250687,39300911] {CVE-2026-43033}
- crypto: authenc - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687]
- crypto: algif_aead - snapshot IV for async AEAD requests (Douya Le) [Orabug: 39250687,39452217] {CVE-2026-46028}
- crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [Orabug: 39250687,39283868,39292250] {CVE-2026-31431}
- crypto: algif_aead - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687] {CVE-2026-31431}
- crypto: scatterwalk - Backport memcpy_sglist() (Eric Biggers) [Orabug: 39250687]
- crypto: doc - fix kernel-doc notation in chacha.c and af_alg.c (Randy Dunlap) [Orabug: 39250687]

[5.4.17-2136.355.2]
- Revert "rds: Drop rds conn in connect worker if not in down state." (Alok Tiwari) [Orabug: 39253770]
- x86/CPU: Fix FPDSS on Zen1 (Siddh Raman Pant) [Orabug: 39241225,39273723] {CVE-2026-31628}
- SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (Joshua Rogers) [Orabug: 38852342] {CVE-2025-71120}

[5.4.17-2136.355.1]
- net/sched: Enforce that teql can only be used as root qdisc (Jamal Hadi Salim) [Orabug: 38930950] {CVE-2026-23074}



ELSA-2026-26551 Important: Oracle Linux 7 firefox security update


Oracle Linux Security Advisory ELSA-2026-26551

http://linux.oracle.com/errata/ELSA-2026-26551.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-140.11.0-1.0.1.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/firefox-140.11.0-1.0.1.el7_9.src.rpm

Related CVEs:

CVE-2026-8388
CVE-2026-8391
CVE-2026-8401
CVE-2026-8946
CVE-2026-8947
CVE-2026-8950
CVE-2026-8953
CVE-2026-8954
CVE-2026-8955
CVE-2026-8956
CVE-2026-8957
CVE-2026-8958
CVE-2026-8961
CVE-2026-8962
CVE-2026-8968
CVE-2026-8970
CVE-2026-8974
CVE-2026-8975

Description of changes:

[140.11.0-1.0.1]
- Update to 140.11.0 ESR [Orabug: 39573358]

[140.10.2-1.0.1]
- Update to 140.10.2 ESR [Orabug: 39534787][CVE-2026-8090][CVE-2026-8092]
[CVE-2026-8094]

[140.10.1-1.0.1]
- Update to 140.10.1 ESR [Orabug: 39481850][CVE-2026-7320][CVE-2026-7321]
[CVE-2026-7322][CVE-2026-7323]

[140.10.0-1.0.1]
- Update to 140.10.0 ESR [Orabug: 39499844][CVE-2026-6746][CVE-2026-6747]
[CVE-2026-6748][CVE-2026-6749][CVE-2026-6750][CVE-2026-6751][CVE-2026-6752]
[CVE-2026-6753][CVE-2026-6754][CVE-2026-6757][CVE-2026-6759][CVE-2026-6761]
[CVE-2026-6762][CVE-2026-6763][CVE-2026-6764][CVE-2026-6765][CVE-2026-6766]
[CVE-2026-6767][CVE-2026-6769][CVE-2026-6770][CVE-2026-6771][CVE-2026-6772]
[CVE-2026-6776][CVE-2026-6785][CVE-2026-6786]

[140.9.1-1.0.1]
- Update to 140.9.1 ESR [Orabug: 39324689][CVE-2026-5731][CVE-2026-5732]
[CVE-2026-5734][CVE-2026-33416][CVE-2026-33636]

[140.9.0-1.0.1]
- Update to 140.9.0 ESR [Orabug: 39361657][CVE-2026-4684][CVE-2026-4685]
[CVE-2026-4686][CVE-2026-4687][CVE-2026-4688][CVE-2026-4689][CVE-2026-4690]
[CVE-2026-4691][CVE-2026-4692][CVE-2026-4693][CVE-2026-4694][CVE-2026-4695]
[CVE-2026-4696][CVE-2026-4697][CVE-2026-4698][CVE-2026-4699][CVE-2026-4700]
[CVE-2026-4701][CVE-2026-4702][CVE-2026-4704][CVE-2026-4705][CVE-2026-4706]
[CVE-2026-4707][CVE-2026-4708][CVE-2026-4709][CVE-2026-4710][CVE-2026-4711]
[CVE-2026-4712][CVE-2026-4713][CVE-2026-4714][CVE-2026-4715][CVE-2026-4716]
[CVE-2026-4717][CVE-2026-4718][CVE-2026-4719][CVE-2026-4720][CVE-2026-4721]

[140.8.0-2.0.1]
- Update to 140.8.0 ESR [Orabug: 39361647][CVE-2026-2447][CVE-2026-2757]
[CVE-2026-2758][CVE-2026-2759][CVE-2026-2760][CVE-2026-2761][CVE-2026-2762]
[CVE-2026-2763][CVE-2026-2764][CVE-2026-2765][CVE-2026-2766][CVE-2026-2767]
[CVE-2026-2768][CVE-2026-2769][CVE-2026-2770][CVE-2026-2771][CVE-2026-2772]
[CVE-2026-2773][CVE-2026-2774][CVE-2026-2775][CVE-2026-2776][CVE-2026-2777]
[CVE-2026-2778][CVE-2026-2779][CVE-2026-2780][CVE-2026-2781][CVE-2026-2782]
[CVE-2026-2783][CVE-2026-2784][CVE-2026-2785][CVE-2026-2786][CVE-2026-2787]
[CVE-2026-2788][CVE-2026-2789][CVE-2026-2790][CVE-2026-2791][CVE-2026-2792]
[CVE-2026-2793]

[140.7.0-1.0.1]
- Update to 140.7.0 ESR [Orabug: 38940976][CVE-2025-14327][CVE-2026-0877]
[CVE-2026-0878][CVE-2026-0879][CVE-2026-0880][CVE-2026-0882][CVE-2026-0883]
[CVE-2026-0884][CVE-2026-0885][CVE-2026-0886][CVE-2026-0887][CVE-2026-0890]
[CVE-2026-0891]

[140.6.0-1.0.1]
- Update to 140.6.0 ESR [Orabug: 38813993][CVE-2025-14321][CVE-2025-14322]
[CVE-2025-14323][CVE-2025-14324][CVE-2025-14325][CVE-2025-14328]
[CVE-2025-14329][CVE-2025-14330][CVE-2025-14331][CVE-2025-14333]

[140.5.0-1.0.1]
- Update to 140.5.0 ESR [Orabug: 38708474][CVE-2025-13012][CVE-2025-13013]
[CVE-2025-13014][CVE-2025-13015][CVE-2025-13016][CVE-2025-13017]
[CVE-2025-13018][CVE-2025-13019][CVE-2025-13020]



ELSA-2026-24983 Important: Oracle Linux 7 firefox security update


Oracle Linux Security Advisory ELSA-2026-24983

http://linux.oracle.com/errata/ELSA-2026-24983.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-140.10.2-1.0.1.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/firefox-140.10.2-1.0.1.el7_9.src.rpm

Related CVEs:

CVE-2026-8090
CVE-2026-8092
CVE-2026-8094

Description of changes:

[140.10.2-1.0.1]
- Update to 140.10.2 ESR [Orabug: 39534787][CVE-2026-8090][CVE-2026-8092]
[CVE-2026-8094]

[140.10.1-1.0.1]
- Update to 140.10.1 ESR [Orabug: 39481850][CVE-2026-7320][CVE-2026-7321]
[CVE-2026-7322][CVE-2026-7323]

[140.10.0-1.0.1]
- Update to 140.10.0 ESR [Orabug: 39499844][CVE-2026-6746][CVE-2026-6747]
[CVE-2026-6748][CVE-2026-6749][CVE-2026-6750][CVE-2026-6751][CVE-2026-6752]
[CVE-2026-6753][CVE-2026-6754][CVE-2026-6757][CVE-2026-6759][CVE-2026-6761]
[CVE-2026-6762][CVE-2026-6763][CVE-2026-6764][CVE-2026-6765][CVE-2026-6766]
[CVE-2026-6767][CVE-2026-6769][CVE-2026-6770][CVE-2026-6771][CVE-2026-6772]
[CVE-2026-6776][CVE-2026-6785][CVE-2026-6786]

[140.9.1-1.0.1]
- Update to 140.9.1 ESR [Orabug: 39324689][CVE-2026-5731][CVE-2026-5732]
[CVE-2026-5734][CVE-2026-33416][CVE-2026-33636]

[140.9.0-1.0.1]
- Update to 140.9.0 ESR [Orabug: 39361657][CVE-2026-4684][CVE-2026-4685]
[CVE-2026-4686][CVE-2026-4687][CVE-2026-4688][CVE-2026-4689][CVE-2026-4690]
[CVE-2026-4691][CVE-2026-4692][CVE-2026-4693][CVE-2026-4694][CVE-2026-4695]
[CVE-2026-4696][CVE-2026-4697][CVE-2026-4698][CVE-2026-4699][CVE-2026-4700]
[CVE-2026-4701][CVE-2026-4702][CVE-2026-4704][CVE-2026-4705][CVE-2026-4706]
[CVE-2026-4707][CVE-2026-4708][CVE-2026-4709][CVE-2026-4710][CVE-2026-4711]
[CVE-2026-4712][CVE-2026-4713][CVE-2026-4714][CVE-2026-4715][CVE-2026-4716]
[CVE-2026-4717][CVE-2026-4718][CVE-2026-4719][CVE-2026-4720][CVE-2026-4721]

[140.8.0-2.0.1]
- Update to 140.8.0 ESR [Orabug: 39361647][CVE-2026-2447][CVE-2026-2757]
[CVE-2026-2758][CVE-2026-2759][CVE-2026-2760][CVE-2026-2761][CVE-2026-2762]
[CVE-2026-2763][CVE-2026-2764][CVE-2026-2765][CVE-2026-2766][CVE-2026-2767]
[CVE-2026-2768][CVE-2026-2769][CVE-2026-2770][CVE-2026-2771][CVE-2026-2772]
[CVE-2026-2773][CVE-2026-2774][CVE-2026-2775][CVE-2026-2776][CVE-2026-2777]
[CVE-2026-2778][CVE-2026-2779][CVE-2026-2780][CVE-2026-2781][CVE-2026-2782]
[CVE-2026-2783][CVE-2026-2784][CVE-2026-2785][CVE-2026-2786][CVE-2026-2787]
[CVE-2026-2788][CVE-2026-2789][CVE-2026-2790][CVE-2026-2791][CVE-2026-2792]
[CVE-2026-2793]

[140.7.0-1.0.1]
- Update to 140.7.0 ESR [Orabug: 38940976][CVE-2025-14327][CVE-2026-0877]
[CVE-2026-0878][CVE-2026-0879][CVE-2026-0880][CVE-2026-0882][CVE-2026-0883]
[CVE-2026-0884][CVE-2026-0885][CVE-2026-0886][CVE-2026-0887][CVE-2026-0890]
[CVE-2026-0891]

[140.6.0-1.0.1]
- Update to 140.6.0 ESR [Orabug: 38813993][CVE-2025-14321][CVE-2025-14322]
[CVE-2025-14323][CVE-2025-14324][CVE-2025-14325][CVE-2025-14328]
[CVE-2025-14329][CVE-2025-14330][CVE-2025-14331][CVE-2025-14333]

[140.5.0-1.0.1]
- Update to 140.5.0 ESR [Orabug: 38708474][CVE-2025-13012][CVE-2025-13013]
[CVE-2025-13014][CVE-2025-13015][CVE-2025-13016][CVE-2025-13017]
[CVE-2025-13018][CVE-2025-13019][CVE-2025-13020]

[140.4.0-4.0.1]
- Update to 140.4.0 ESR [Orabug: 38595697][CVE-2025-11708][CVE-2025-11709]
[CVE-2025-11710][CVE-2025-11711][CVE-2025-11712][CVE-2025-11714]
[CVE-2025-11715]