Kernel, Tomcat, glib2, java-17-OpenJDK, OLAM 2.2, Cloud-Init, Scap-Security-Guide updates for Oracle Linux

Oracle Linux 6415 Published 2025-07-18 06:50 by Philipp Esselbach

News

ELSA-2025-20471 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2025-20471

http://linux.oracle.com/errata/ELSA-2025-20471.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.345.5.3.el8uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.345.5.3.el8uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.345.5.3.el8uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.345.5.3.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.345.5.3.el8uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.345.5.3.el8uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.345.5.3.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.345.5.3.el8uek.src.rpm

Related CVEs:

CVE-2021-47352
CVE-2024-26744
CVE-2024-28956
CVE-2024-36350
CVE-2024-36357
CVE-2024-50154
CVE-2025-23140
CVE-2025-23142
CVE-2025-23147
CVE-2025-23150
CVE-2025-23157
CVE-2025-23158
CVE-2025-23159
CVE-2025-23163
CVE-2025-37738
CVE-2025-37740
CVE-2025-37741
CVE-2025-37749
CVE-2025-37757
CVE-2025-37758
CVE-2025-37765
CVE-2025-37766
CVE-2025-37768
CVE-2025-37770
CVE-2025-37773
CVE-2025-37780
CVE-2025-37781
CVE-2025-37785
CVE-2025-37789
CVE-2025-37792
CVE-2025-37794
CVE-2025-37796
CVE-2025-37797
CVE-2025-37803
CVE-2025-37808
CVE-2025-37810
CVE-2025-37812
CVE-2025-37817
CVE-2025-37823
CVE-2025-37824
CVE-2025-37829
CVE-2025-37838
CVE-2025-37839
CVE-2025-37840
CVE-2025-37841
CVE-2025-37850
CVE-2025-37857
CVE-2025-37858
CVE-2025-37859
CVE-2025-37862
CVE-2025-37881
CVE-2025-37892
CVE-2025-37940
CVE-2025-37982
CVE-2025-37983
CVE-2025-37989

Description of changes:

[5.4.17-2136.345.5.3.el8uek]
- x86/bpf: Classic BPF program can fail when BHB barrier is used (Alexandre Chartre) [Orabug: 38167806]

[5.4.17-2136.345.5.2.el8uek]
- Add Zen34 clients (Borislav Petkov (AMD)) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- x86/process: Move the buffer clearing before MONITOR (Kim Phillips) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- KVM: SVM: Advertize TSA CPUID bits to guests (Borislav Petkov (AMD)) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Add a Transient Scheduler Attacks mitigation (Borislav Petkov (AMD)) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- KVM: x86: add support for CPUID leaf 0x80000021 (Paolo Bonzini) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Rename MDS machinery to something more generic (Borislav Petkov (AMD)) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- x86/CPU/AMD: Add ZenX generations flags (Borislav Petkov (AMD)) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Free X86_BUG_AMD_APIC_C1E and X86_BUG_AMD_E400 bits (Boris Ostrovsky) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}

[5.4.17-2136.345.5.el8uek]
- rds: ib: Add cm_id generation scheme in order to detect new ones (Håkon Bugge) [Orabug: 37799171]

[5.4.17-2136.345.4.el8uek]
- x86/its: BPF can crash in bpf_jit_comp.c when ITS is enabled (Alexandre Chartre) [Orabug: 38043586]
- shmem: add support to ignore swap (Luis Chamberlain) [Orabug: 38034040]
- shmem: update documentation (Luis Chamberlain) [Orabug: 38034040]
- mm: hold the source mmap write lock when copying PTEs (Anthony Yznaga) [Orabug: 38029050]
- mm: do not write protect COW mappings when preserving across exec (Anthony Yznaga) [Orabug: 38029050]
- mm: differentiate copying PTEs for preservation from copying for fork (Anthony Yznaga) [Orabug: 38029050]
- mm/fork: Pass new vma pointer into copy_page_range() (Peter Xu) [Orabug: 38029050]
- xen/swiotlb: relax alignment requirements (Juergen Gross) [Orabug: 37523168]
- Reapply "xen/swiotlb: add alignment check for dma buffers" (Harshvardhan Jha) [Orabug: 37523168]

[5.4.17-2136.345.3.el8uek]
- dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" (Nathan Lynch)
- nvme: unblock ctrl state transition for firmware update (Daniel Wagner)
- memcg: always call cond_resched() after fn() (Breno Leitao)
- ACPI: PPTT: Fix processor subtable walk (Jeremy Linton)
- LTS tag: v5.4.293 (Sherry Yang)
- MIPS: cm: Fix warning if MIPS_CM is disabled (Thomas Bogendoerfer)
- crypto: atmel-sha204a - Set hwrng quality to lowest possible (Marek Behún)
- comedi: jr3_pci: Fix synchronous deletion of timer (Ian Abbott)
- md/raid1: Add check for missing source disk in process_checks() (Meir Elisha)
- scsi: pm80xx: Set phy_attached to zero when device is gone (Igor Pylypiv)
- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (Jean-Marc Eurin)
- selftests: ublk: fix test_stripe_04 (Ming Lei)
- udmabuf: fix a buf size overflow issue during udmabuf creation (Xiaogang Chen) [Orabug: 37929939] {CVE-2025-37803}
- KVM: s390: Don't use %pK through tracepoints (Thomas Weißschuh)
- sched/isolation: Make CONFIG_CPU_ISOLATION depend on CONFIG_SMP (Oleg Nesterov)
- ntb: reduce stack usage in idt_scan_mws (Arnd Bergmann)
- qibfs: fix _another_ leak (Al Viro) [Orabug: 37977084] {CVE-2025-37983}
- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (Chenyuan Yang) [Orabug: 37937504] {CVE-2025-37881}
- dmaengine: dmatest: Fix dmatest waiting less when interrupted (Vinicius Costa Gomes)
- usb: host: max3421-hcd: Add missing spi_device_id table (Alexander Stein)
- parisc: PDT: Fix missing prototype warning (Yu-Chun Lin)
- clk: check for disabled clock-provider in of_clk_get_hw_from_clkspec() (Heiko Stuebner)
- crypto: null - Use spin lock instead of mutex (Herbert Xu) [Orabug: 37929974] {CVE-2025-37808}
- MIPS: cm: Detect CM quirks from device tree (Gregory Clement)
- USB: VLI disk crashes if LPM is used (Oliver Neukum)
- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (Miao Li)
- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (Miao Li)
- usb: dwc3: gadget: check that event count does not exceed event buffer length (Frode Isaksen) [Orabug: 37929982] {CVE-2025-37810}
- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (Huacai Chen)
- usb: cdns3: Fix deadlock when using NCM gadget (Ralph Siemsen) [Orabug: 37929989] {CVE-2025-37812}
- USB: serial: simple: add OWON HDS200 series oscilloscope support (Craig Hesling)
- USB: serial: option: add Sierra Wireless EM9291 (Adam Xue)
- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (Michael Ehrenreich)
- serial: sifive: lock port in startup()/shutdown() callbacks (Ryo Takakura)
- USB: storage: quirk for ADATA Portable HDD CH94 (Oliver Neukum)
- mcb: fix a double free bug in chameleon_parse_gdd() (Haoxiang Li) [Orabug: 37930001] {CVE-2025-37817}
- virtio_console: fix missing byte order handling for cols and rows (Halil Pasic)
- net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (Cong Wang) [Orabug: 37930029] {CVE-2025-37823}
- net_sched: hfsc: Fix a UAF vulnerability in class handling (Cong Wang) [Orabug: 37908485] {CVE-2025-37797}
- tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (Tung Nguyen) [Orabug: 37930040] {CVE-2025-37824}
- net: phy: leds: fix memory leak (Qingfang Deng) [Orabug: 37977113] {CVE-2025-37989}
- cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (Henry Martin) [Orabug: 37930052] {CVE-2025-37829}
- drm/amd/pm: Prevent division by zero (Denis Arefev) [Orabug: 37901824,37901841,37901831] {CVE-2025-37766,CVE-2025-37768,CVE-2025-37770}
- misc: pci_endpoint_test: Fix displaying 'irq_type' after 'request_irq' error (Kunihiko Hayashi)
- misc: pci_endpoint_test: Use INTX instead of LEGACY (Damien Le Moal)
- PCI: Rename PCI_IRQ_LEGACY to PCI_IRQ_INTX (Bjorn Helgaas)
- iio: adc: ad7768-1: Fix conversion result sign (Sergiu Cuciurean)
- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (Jonathan Cameron)
- net: dsa: mv88e6xxx: fix VTU methods for 6320 family (Marek Behún)
- media: vim2m: print device name after registering device (Matthew Majewski)
- ext4: fix OOB read when checking dotdot dir (Jakub Acs) [Orabug: 37855335] {CVE-2025-37785}
- ext4: optimize __ext4_check_dir_entry() (Theodore Ts'O)
- ext4: don't over-report free space or inodes in statvfs (Theodore Ts'O)
- ext4: code cleanup for ext4_statfs_project() (Chengguang Xu)
- ext4: simplify checking quota limits in ext4_statfs() (Jan Kara)
- platform/x86: ISST: Correct command storage data length (Srinivas Pandruvada)
- MIPS: ds1287: Match ds1287_set_base_clock() function types (Yuli Wang)
- MIPS: cevt-ds1287: Add missing ds1287.h include (Yuli Wang)
- MIPS: dec: Declare which_prom() as static (Yuli Wang)
- virtio-net: Add validation for used length (Xie Yongji) [Orabug: 37079171] {CVE-2021-47352}
- RDMA/srpt: Support specifying the srpt_service_guid parameter (Bart Van Assche) [Orabug: 36530711] {CVE-2024-26744}
- openvswitch: fix lockup on tx to unregistering netdev with carrier (Ilya Maximets)
- net: openvswitch: fix race on port output (Felix Huettner)
- mmc: cqhci: Fix checking of CQHCI_HALT state (Seunghwan Baek)
- nvmet-fc: Remove unused functions (Yuli Wang)
- usb: dwc3: support continuous runtime PM with dual role (Martin Kepplinger)
- misc: pci_endpoint_test: Fix 'irq_type' to convey the correct type (Kunihiko Hayashi)
- misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (Kunihiko Hayashi) [Orabug: 37901587] {CVE-2025-23140}
- tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). (Kuniyuki Iwashima) [Orabug: 37264115] {CVE-2024-50154}
- powerpc/prom_init: Use -ffreestanding to avoid a reference to bcmp (Nathan Chancellor)
- kbuild: Add '-fno-builtin-wcslen' (Nathan Chancellor)
- cpufreq: Reference count policy in cpufreq_update_limits() (Rafael J. Wysocki)
- drm/sti: remove duplicate object names (Rolf Eike Beer)
- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (Chris Bainbridge) [Orabug: 37901818] {CVE-2025-37765}
- drm/repaper: fix integer overflows in repeat functions (Nikita Zhandarovich)
- module: sign with sha512 instead of sha1 by default (Thorsten Leemhuis)
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on SNR (Kan Liang)
- perf/x86/intel: Allow to update user space GPRs from PEBS records (Dapeng Mi)
- virtiofs: add filesystem context source name check (Xiangsheng Hou) [Orabug: 37901855] {CVE-2025-37773}
- riscv: Avoid fortify warning in syscall_get_arguments() (Nathan Chancellor)
- isofs: Prevent the use of too small fid (Edward Adam Davis) [Orabug: 37901890] {CVE-2025-37780}
- i2c: cros-ec-tunnel: defer probe if parent EC is not present (Thadeu Lima de Souza Cascardo) [Orabug: 37901898] {CVE-2025-37781}
- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (Vasiliy Kovalev)
- btrfs: correctly escape subvol in btrfs_show_options() (Johannes Kimmel)
- nfs: add missing selections of CONFIG_CRC32 (Eric Biggers)
- nfs: move nfs_fhandle_hash to common include file (Jeff Layton)
- NFSD: Constify @fh argument of knfsd_fh_hash() (Chuck Lever)
- asus-laptop: Fix an uninitialized variable (Denis Arefev)
- writeback: fix false warning in inode_to_wb() (Andreas Gruenbacher)
- net: b53: enable BPDU reception for management port (Jonas Gorski)
- net: openvswitch: fix nested key length validation in the set() action (Ilya Maximets) [Orabug: 37901923] {CVE-2025-37789}
- Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (Johannes Berg)
- Bluetooth: btrtl: Prevent potential NULL dereference (Dan Carpenter) [Orabug: 37901934] {CVE-2025-37792}
- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (Luiz Augusto von Dentz)
- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (Yue Haibing)
- scsi: iscsi: Fix missing scsi_host_put() in error path (Miaoqian Lin)
- wifi: wl1251: fix memory leak in wl1251_tx_work (Abdun Nihaal) [Orabug: 37977076] {CVE-2025-37982}
- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (Remi Pommarel) [Orabug: 37901940] {CVE-2025-37794}
- wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (Remi Pommarel)
- wifi: at76c50x: fix use after free access in at76_disconnect (Abdun Nihaal) [Orabug: 37901953] {CVE-2025-37796}
- HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition (Kaixin Wang) [Orabug: 37855341] {CVE-2025-37838}
- pwm: mediatek: always use bus clock for PWM on MT7622 (Daniel Golle)
- Bluetooth: hci_uart: Fix another race during initialization (Arseniy Krasnov)
- x86/e820: Fix handling of subpage regions when calculating nosave ranges in e820__register_nosave_regions() (Myrrh Periwinkle)
- PCI: Fix reference leak in pci_alloc_child_bus() (Ma Ke)
- of/irq: Fix device node refcount leakages in of_irq_init() (Zijun Hu)
- of/irq: Fix device node refcount leakage in API irq_of_parse_and_map() (Zijun Hu)
- of/irq: Fix device node refcount leakages in of_irq_count() (Zijun Hu)
- ntb: use 64-bit arithmetic for the MSI doorbell mask (Fedor Pchelkin)
- gpio: zynq: Fix wakeup source leaks on device unbind (Krzysztof Kozlowski)
- ftrace: Add cond_resched() to ftrace_graph_set_hash() (Zhoumin) [Orabug: 37976893] {CVE-2025-37940}
- dm-integrity: set ti->error on memory allocation failure (Mikulas Patocka)
- crypto: ccp - Fix check for the primary ASP device (Tom Lendacky)
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (Trevor Woerner)
- sctp: detect and prevent references to a freed transport in sendmsg (Ricardo Cañuelo Navarro) [Orabug: 37901597] {CVE-2025-23142}
- mm: add missing release barrier on PGDAT_RECLAIM_LOCKED unlock (Mathieu Desnoyers)
- sparc/mm: disable preemption in lazy mmu mode (Ryan Roberts)
- arm64: dts: mediatek: mt8173: Fix disp-pwm compatible string (Chen-Yu Tsai)
- mtd: rawnand: Add status chack in r852_ready() (Xu Wang)
- mtd: inftlcore: Add error check for inftl_read_oob() (Xu Wang) [Orabug: 37976720] {CVE-2025-37892}
- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (T Pratham)
- locking/lockdep: Decrease nr_unused_locks if lock unused in zap_class() (Boqun Feng)
- jbd2: remove wrong sb->s_sequence check (Jan Kara) [Orabug: 37937283] {CVE-2025-37839}
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (Manjunatha Venkatesh) [Orabug: 37901622] {CVE-2025-23147}
- ext4: fix off-by-one error in do_split (Artem Sadovnikov) [Orabug: 37901631] {CVE-2025-23150}
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (Gavrilov Ilia)
- net: dsa: mv88e6xxx: workaround RGMII transmit delay erratum for 6320 family (Marek Behún)
- media: venus: hfi_parser: add check to avoid out of bound access (Vikash Garodia) [Orabug: 37901653] {CVE-2025-23157}
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (Sakari Ailus)
- media: i2c: ov7251: Set enable GPIO low in probe (Sakari Ailus)
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (Karina Yankevich)
- media: streamzap: prevent processing IR data on URB failure (Murad Masimov)
- mtd: rawnand: brcmnand: fix PM resume warning (Kamal Dasu) [Orabug: 37937292] {CVE-2025-37840}
- arm64: cputype: Add MIDR_CORTEX_A76AE (Douglas Anderson)
- xenfs/xensyms: respect hypervisor's "next" indication (Jan Beulich)
- media: siano: Fix error handling in smsdvb_module_init() (Yuan Can)
- media: venus: hfi: add check to handle incorrect queue size (Vikash Garodia) [Orabug: 37901657] {CVE-2025-23158}
- media: venus: hfi: add a check to handle OOB in sfr region (Vikash Garodia) [Orabug: 37901662] {CVE-2025-23159}
- media: i2c: adv748x: Fix test pattern selection mask (Niklas Söderlund)
- ext4: don't treat fhandle lookup of ea_inode as FS corruption (Jann Horn)
- ext4: reject casefold inode flag without casefold feature (Eric Biggers)
- bpf: support SKF_NET_OFF and SKF_LL_OFF on skb frags (Willem de Bruijn)
- bpf: Add endian modifiers to fix endian warnings (Ben Dooks)
- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (Uwe Kleine-König)
- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (Josh Poimboeuf) [Orabug: 37937329] {CVE-2025-37850}
- pwm: mediatek: Always use bus clock (Fabien Parent)
- fbdev: omapfb: Add 'plane' value check (Leonid Arapov)
- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (AngeloGioacchino Del Regno)
- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (Philip Yang)
- drm/amdkfd: clamp queue size to minimum (David Yat Sin)
- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (Andrew Wyatt)
- drm: panel-orientation-quirks: Add support for AYANEO 2S (Andrew Wyatt)
- drm: allow encoder mode_set even when connectors change for crtc (Abhinav Kumar)
- Bluetooth: hci_uart: fix race during initialization (Arseniy Krasnov)
- tracing: fix return value in __ftrace_event_enable_disable for TRACE_REG_UNREGISTER (Gabriele Paoloni)
- net: vlan: don't propagate flags on open (Stanislav Fomichev) [Orabug: 37901684] {CVE-2025-23163}
- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (Icenowy Zheng)
- scsi: st: Fix array overflow in st_setup() (Kai Mäkisara) [Orabug: 37937379] {CVE-2025-37857}
- ext4: ignore xattrs past end (Bhupesh) [Orabug: 37901692] {CVE-2025-37738}
- ext4: protect ext4_release_dquot against freezing (Ojaswin Mujoo)
- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (Daniel Kral)
- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (Niklas Cassel)
- jfs: add sanity check for agwidth in dbMount (Edward Adam Davis) [Orabug: 37901707] {CVE-2025-37740}
- jfs: Prevent copying of nlink with value 0 from disk inode (Edward Adam Davis) [Orabug: 37901716] {CVE-2025-37741}
- fs/jfs: Prevent integer overflow in AG size calculation (Rand Deeb) [Orabug: 37937387] {CVE-2025-37858}
- fs/jfs: cast inactags to s64 to prevent potential overflow (Rand Deeb)
- page_pool: avoid infinite loop to schedule delayed worker (Jason Xing) [Orabug: 37937395] {CVE-2025-37859}
- ALSA: usb-audio: Fix CME quirk for UF series keyboards (Ricard Wanderlof)
- ALSA: hda: intel: Fix Optimus when GPU has no sound (Maxim Mikityanskiy)
- HID: pidff: Fix null pointer dereference in pidff_find_fields (Tomasz Pakuła) [Orabug: 37937410] {CVE-2025-37862}
- HID: pidff: Do not send effect envelope if it's empty (Tomasz Pakuła)
- HID: pidff: Convert infinite length from Linux API to PID standard (Tomasz Pakuła)
- xen/mcelog: Add __nonstring annotations for unterminated strings (Kees Cook)
- perf: arm_pmu: Don't disable counter in armpmu_add() (Mark Rutland)
- x86/cpu: Don't clear X86_FEATURE_LAHF_LM flag in init_amd_k8() on AMD when running in a virtual machine (Max Grobecker)
- pm: cpupower: bench: Prevent NULL dereference on malloc failure (Zhongqiu Han) [Orabug: 37937297] {CVE-2025-37841}
- net: ppp: Add bound checking for skb data on ppp_sync_txmung (Arnaud Lecomte) [Orabug: 37901766] {CVE-2025-37749}
- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (Xu Wang)
- ata: sata_sx4: Drop pointless VPRINTK() calls and convert the remaining ones (Hannes Reinecke)
- tipc: fix memory leak in tipc_link_xmit (Tung Nguyen) [Orabug: 37901790] {CVE-2025-37757}
- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (Henry Martin) [Orabug: 37901796] {CVE-2025-37758}

[5.4.17-2136.345.2.el8uek]
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (Pawan Gupta) [Orabug: 37959995]
- x86/bpf: Add IBHF call at end of classic BPF (Daniel Sneddon) [Orabug: 37959995]
- x86/bpf: Call branch history clearing sequence on exit (Daniel Sneddon) [Orabug: 37959995]
- certs: Reference revocation list for all keyrings (Eric Snowberg) [Orabug: 38026794]

[5.4.17-2136.345.1.el8uek]
- RDS: use get_user_pages_fast() in rdma_pin_pages() (Stephen Brennan) [Orabug: 37973441]
- x86/bugs: Enabling Retbleed and SRSO mitigation can taint the kernel (Alexandre Chartre) [Orabug: 37959151]
- selftest/x86/bugs: Add selftests for ITS (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- x86/its: Align RETs in BHB clear sequence to avoid thunking (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- x86/its: Add "vmexit" option to skip mitigation on some CPUs (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- x86/its: Enable Indirect Target Selection mitigation (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- x86/its: Add support for ITS-safe return thunk (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- x86/its: Add support for ITS-safe indirect thunk (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- x86/its: Enumerate Indirect Target Selection (ITS) bug (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- Documentation: x86/bugs/its: Add ITS documentation (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}

ELBA-2025-20472 Oracle Linux 7 linux-firmware bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20472

http://linux.oracle.com/errata/ELBA-2025-20472.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
iwl1000-firmware-39.31.5.1-999.41.el7.noarch.rpm
iwl100-firmware-39.31.5.1-999.41.el7.noarch.rpm
iwl105-firmware-18.168.6.1-999.41.el7.noarch.rpm
iwl135-firmware-18.168.6.1-999.41.el7.noarch.rpm
iwl2000-firmware-18.168.6.1-999.41.el7.noarch.rpm
iwl2030-firmware-18.168.6.1-999.41.el7.noarch.rpm
iwl3160-firmware-22.0.7.0-999.41.el7.noarch.rpm
iwl3945-firmware-15.32.2.9-999.41.el7.noarch.rpm
iwl4965-firmware-228.61.2.24-999.41.el7.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.41.el7.noarch.rpm
iwl5150-firmware-8.24.2.2-999.41.el7.noarch.rpm
iwl6000-firmware-9.221.4.1-999.41.el7.noarch.rpm
iwl6000g2a-firmware-17.168.5.3-999.41.el7.noarch.rpm
iwl6000g2b-firmware-17.168.5.2-999.41.el7.noarch.rpm
iwl6050-firmware-41.28.5.1-999.41.el7.noarch.rpm
iwl7260-firmware-22.0.7.0-999.41.el7.noarch.rpm
iwlax2xx-firmware-20250611-999.41.el7.noarch.rpm
linux-firmware-20250611-999.41.git356f06bf.el7.noarch.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/linux-firmware-20250611-999.41.git356f06bf.el7.src.rpm

Description of changes:

[20250611-999.41.git356f06bf.el7]
- Rebase to latest upstream [Orabug: 38028345]

[20250423-999.40.git32f3227b.el7]
- Rebase to latest upstream [Orabug: 37868435]

[20250319-999.39.git430633ec.el7]
- Rebase to latest upstream [Orabug: 37729115]

[20250203-999.38.git0fd450ee.el7]
- Rebase to latest upstream [Orabug: 37535629]

[20241213-999.36.git2cdfe09e.el7]
- Rebase to latest upstream [Orabug: 37405529]

ELSA-2025-20471 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2025-20471

http://linux.oracle.com/errata/ELSA-2025-20471.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.345.5.3.el7uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.345.5.3.el7uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.345.5.3.el7uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.345.5.3.el7uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.345.5.3.el7uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.345.5.3.el7uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.345.5.3.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2136.345.5.3.el7uek.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-5.4.17-2136.345.5.3.el7uek.src.rpm

Related CVEs:

CVE-2021-47352
CVE-2024-26744
CVE-2024-28956
CVE-2024-36350
CVE-2024-36357
CVE-2024-50154
CVE-2025-23140
CVE-2025-23142
CVE-2025-23147
CVE-2025-23150
CVE-2025-23157
CVE-2025-23158
CVE-2025-23159
CVE-2025-23163
CVE-2025-37738
CVE-2025-37740
CVE-2025-37741
CVE-2025-37749
CVE-2025-37757
CVE-2025-37758
CVE-2025-37765
CVE-2025-37766
CVE-2025-37768
CVE-2025-37770
CVE-2025-37773
CVE-2025-37780
CVE-2025-37781
CVE-2025-37785
CVE-2025-37789
CVE-2025-37792
CVE-2025-37794
CVE-2025-37796
CVE-2025-37797
CVE-2025-37803
CVE-2025-37808
CVE-2025-37810
CVE-2025-37812
CVE-2025-37817
CVE-2025-37823
CVE-2025-37824
CVE-2025-37829
CVE-2025-37838
CVE-2025-37839
CVE-2025-37840
CVE-2025-37841
CVE-2025-37850
CVE-2025-37857
CVE-2025-37858
CVE-2025-37859
CVE-2025-37862
CVE-2025-37881
CVE-2025-37892
CVE-2025-37940
CVE-2025-37982
CVE-2025-37983
CVE-2025-37989

Description of changes:

[5.4.17-2136.345.5.3.el7uek]
- x86/bpf: Classic BPF program can fail when BHB barrier is used (Alexandre Chartre) [Orabug: 38167806]

[5.4.17-2136.345.5.2.el7uek]
- Add Zen34 clients (Borislav Petkov (AMD)) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- x86/process: Move the buffer clearing before MONITOR (Kim Phillips) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- KVM: SVM: Advertize TSA CPUID bits to guests (Borislav Petkov (AMD)) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Add a Transient Scheduler Attacks mitigation (Borislav Petkov (AMD)) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- KVM: x86: add support for CPUID leaf 0x80000021 (Paolo Bonzini) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Rename MDS machinery to something more generic (Borislav Petkov (AMD)) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- x86/CPU/AMD: Add ZenX generations flags (Borislav Petkov (AMD)) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Free X86_BUG_AMD_APIC_C1E and X86_BUG_AMD_E400 bits (Boris Ostrovsky) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}

[5.4.17-2136.345.5.el7uek]
- rds: ib: Add cm_id generation scheme in order to detect new ones (Håkon Bugge) [Orabug: 37799171]

[5.4.17-2136.345.4.el7uek]
- x86/its: BPF can crash in bpf_jit_comp.c when ITS is enabled (Alexandre Chartre) [Orabug: 38043586]
- shmem: add support to ignore swap (Luis Chamberlain) [Orabug: 38034040]
- shmem: update documentation (Luis Chamberlain) [Orabug: 38034040]
- mm: hold the source mmap write lock when copying PTEs (Anthony Yznaga) [Orabug: 38029050]
- mm: do not write protect COW mappings when preserving across exec (Anthony Yznaga) [Orabug: 38029050]
- mm: differentiate copying PTEs for preservation from copying for fork (Anthony Yznaga) [Orabug: 38029050]
- mm/fork: Pass new vma pointer into copy_page_range() (Peter Xu) [Orabug: 38029050]
- xen/swiotlb: relax alignment requirements (Juergen Gross) [Orabug: 37523168]
- Reapply "xen/swiotlb: add alignment check for dma buffers" (Harshvardhan Jha) [Orabug: 37523168]

[5.4.17-2136.345.3.el7uek]
- dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" (Nathan Lynch)
- nvme: unblock ctrl state transition for firmware update (Daniel Wagner)
- memcg: always call cond_resched() after fn() (Breno Leitao)
- ACPI: PPTT: Fix processor subtable walk (Jeremy Linton)
- LTS tag: v5.4.293 (Sherry Yang)
- MIPS: cm: Fix warning if MIPS_CM is disabled (Thomas Bogendoerfer)
- crypto: atmel-sha204a - Set hwrng quality to lowest possible (Marek Behún)
- comedi: jr3_pci: Fix synchronous deletion of timer (Ian Abbott)
- md/raid1: Add check for missing source disk in process_checks() (Meir Elisha)
- scsi: pm80xx: Set phy_attached to zero when device is gone (Igor Pylypiv)
- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (Jean-Marc Eurin)
- selftests: ublk: fix test_stripe_04 (Ming Lei)
- udmabuf: fix a buf size overflow issue during udmabuf creation (Xiaogang Chen) [Orabug: 37929939] {CVE-2025-37803}
- KVM: s390: Don't use %pK through tracepoints (Thomas Weißschuh)
- sched/isolation: Make CONFIG_CPU_ISOLATION depend on CONFIG_SMP (Oleg Nesterov)
- ntb: reduce stack usage in idt_scan_mws (Arnd Bergmann)
- qibfs: fix _another_ leak (Al Viro) [Orabug: 37977084] {CVE-2025-37983}
- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (Chenyuan Yang) [Orabug: 37937504] {CVE-2025-37881}
- dmaengine: dmatest: Fix dmatest waiting less when interrupted (Vinicius Costa Gomes)
- usb: host: max3421-hcd: Add missing spi_device_id table (Alexander Stein)
- parisc: PDT: Fix missing prototype warning (Yu-Chun Lin)
- clk: check for disabled clock-provider in of_clk_get_hw_from_clkspec() (Heiko Stuebner)
- crypto: null - Use spin lock instead of mutex (Herbert Xu) [Orabug: 37929974] {CVE-2025-37808}
- MIPS: cm: Detect CM quirks from device tree (Gregory Clement)
- USB: VLI disk crashes if LPM is used (Oliver Neukum)
- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (Miao Li)
- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (Miao Li)
- usb: dwc3: gadget: check that event count does not exceed event buffer length (Frode Isaksen) [Orabug: 37929982] {CVE-2025-37810}
- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (Huacai Chen)
- usb: cdns3: Fix deadlock when using NCM gadget (Ralph Siemsen) [Orabug: 37929989] {CVE-2025-37812}
- USB: serial: simple: add OWON HDS200 series oscilloscope support (Craig Hesling)
- USB: serial: option: add Sierra Wireless EM9291 (Adam Xue)
- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (Michael Ehrenreich)
- serial: sifive: lock port in startup()/shutdown() callbacks (Ryo Takakura)
- USB: storage: quirk for ADATA Portable HDD CH94 (Oliver Neukum)
- mcb: fix a double free bug in chameleon_parse_gdd() (Haoxiang Li) [Orabug: 37930001] {CVE-2025-37817}
- virtio_console: fix missing byte order handling for cols and rows (Halil Pasic)
- net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (Cong Wang) [Orabug: 37930029] {CVE-2025-37823}
- net_sched: hfsc: Fix a UAF vulnerability in class handling (Cong Wang) [Orabug: 37908485] {CVE-2025-37797}
- tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (Tung Nguyen) [Orabug: 37930040] {CVE-2025-37824}
- net: phy: leds: fix memory leak (Qingfang Deng) [Orabug: 37977113] {CVE-2025-37989}
- cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (Henry Martin) [Orabug: 37930052] {CVE-2025-37829}
- drm/amd/pm: Prevent division by zero (Denis Arefev) [Orabug: 37901824,37901841,37901831] {CVE-2025-37766,CVE-2025-37768,CVE-2025-37770}
- misc: pci_endpoint_test: Fix displaying 'irq_type' after 'request_irq' error (Kunihiko Hayashi)
- misc: pci_endpoint_test: Use INTX instead of LEGACY (Damien Le Moal)
- PCI: Rename PCI_IRQ_LEGACY to PCI_IRQ_INTX (Bjorn Helgaas)
- iio: adc: ad7768-1: Fix conversion result sign (Sergiu Cuciurean)
- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (Jonathan Cameron)
- net: dsa: mv88e6xxx: fix VTU methods for 6320 family (Marek Behún)
- media: vim2m: print device name after registering device (Matthew Majewski)
- ext4: fix OOB read when checking dotdot dir (Jakub Acs) [Orabug: 37855335] {CVE-2025-37785}
- ext4: optimize __ext4_check_dir_entry() (Theodore Ts'O)
- ext4: don't over-report free space or inodes in statvfs (Theodore Ts'O)
- ext4: code cleanup for ext4_statfs_project() (Chengguang Xu)
- ext4: simplify checking quota limits in ext4_statfs() (Jan Kara)
- platform/x86: ISST: Correct command storage data length (Srinivas Pandruvada)
- MIPS: ds1287: Match ds1287_set_base_clock() function types (Yuli Wang)
- MIPS: cevt-ds1287: Add missing ds1287.h include (Yuli Wang)
- MIPS: dec: Declare which_prom() as static (Yuli Wang)
- virtio-net: Add validation for used length (Xie Yongji) [Orabug: 37079171] {CVE-2021-47352}
- RDMA/srpt: Support specifying the srpt_service_guid parameter (Bart Van Assche) [Orabug: 36530711] {CVE-2024-26744}
- openvswitch: fix lockup on tx to unregistering netdev with carrier (Ilya Maximets)
- net: openvswitch: fix race on port output (Felix Huettner)
- mmc: cqhci: Fix checking of CQHCI_HALT state (Seunghwan Baek)
- nvmet-fc: Remove unused functions (Yuli Wang)
- usb: dwc3: support continuous runtime PM with dual role (Martin Kepplinger)
- misc: pci_endpoint_test: Fix 'irq_type' to convey the correct type (Kunihiko Hayashi)
- misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (Kunihiko Hayashi) [Orabug: 37901587] {CVE-2025-23140}
- tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). (Kuniyuki Iwashima) [Orabug: 37264115] {CVE-2024-50154}
- powerpc/prom_init: Use -ffreestanding to avoid a reference to bcmp (Nathan Chancellor)
- kbuild: Add '-fno-builtin-wcslen' (Nathan Chancellor)
- cpufreq: Reference count policy in cpufreq_update_limits() (Rafael J. Wysocki)
- drm/sti: remove duplicate object names (Rolf Eike Beer)
- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (Chris Bainbridge) [Orabug: 37901818] {CVE-2025-37765}
- drm/repaper: fix integer overflows in repeat functions (Nikita Zhandarovich)
- module: sign with sha512 instead of sha1 by default (Thorsten Leemhuis)
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on SNR (Kan Liang)
- perf/x86/intel: Allow to update user space GPRs from PEBS records (Dapeng Mi)
- virtiofs: add filesystem context source name check (Xiangsheng Hou) [Orabug: 37901855] {CVE-2025-37773}
- riscv: Avoid fortify warning in syscall_get_arguments() (Nathan Chancellor)
- isofs: Prevent the use of too small fid (Edward Adam Davis) [Orabug: 37901890] {CVE-2025-37780}
- i2c: cros-ec-tunnel: defer probe if parent EC is not present (Thadeu Lima de Souza Cascardo) [Orabug: 37901898] {CVE-2025-37781}
- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (Vasiliy Kovalev)
- btrfs: correctly escape subvol in btrfs_show_options() (Johannes Kimmel)
- nfs: add missing selections of CONFIG_CRC32 (Eric Biggers)
- nfs: move nfs_fhandle_hash to common include file (Jeff Layton)
- NFSD: Constify @fh argument of knfsd_fh_hash() (Chuck Lever)
- asus-laptop: Fix an uninitialized variable (Denis Arefev)
- writeback: fix false warning in inode_to_wb() (Andreas Gruenbacher)
- net: b53: enable BPDU reception for management port (Jonas Gorski)
- net: openvswitch: fix nested key length validation in the set() action (Ilya Maximets) [Orabug: 37901923] {CVE-2025-37789}
- Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (Johannes Berg)
- Bluetooth: btrtl: Prevent potential NULL dereference (Dan Carpenter) [Orabug: 37901934] {CVE-2025-37792}
- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (Luiz Augusto von Dentz)
- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (Yue Haibing)
- scsi: iscsi: Fix missing scsi_host_put() in error path (Miaoqian Lin)
- wifi: wl1251: fix memory leak in wl1251_tx_work (Abdun Nihaal) [Orabug: 37977076] {CVE-2025-37982}
- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (Remi Pommarel) [Orabug: 37901940] {CVE-2025-37794}
- wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (Remi Pommarel)
- wifi: at76c50x: fix use after free access in at76_disconnect (Abdun Nihaal) [Orabug: 37901953] {CVE-2025-37796}
- HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition (Kaixin Wang) [Orabug: 37855341] {CVE-2025-37838}
- pwm: mediatek: always use bus clock for PWM on MT7622 (Daniel Golle)
- Bluetooth: hci_uart: Fix another race during initialization (Arseniy Krasnov)
- x86/e820: Fix handling of subpage regions when calculating nosave ranges in e820__register_nosave_regions() (Myrrh Periwinkle)
- PCI: Fix reference leak in pci_alloc_child_bus() (Ma Ke)
- of/irq: Fix device node refcount leakages in of_irq_init() (Zijun Hu)
- of/irq: Fix device node refcount leakage in API irq_of_parse_and_map() (Zijun Hu)
- of/irq: Fix device node refcount leakages in of_irq_count() (Zijun Hu)
- ntb: use 64-bit arithmetic for the MSI doorbell mask (Fedor Pchelkin)
- gpio: zynq: Fix wakeup source leaks on device unbind (Krzysztof Kozlowski)
- ftrace: Add cond_resched() to ftrace_graph_set_hash() (Zhoumin) [Orabug: 37976893] {CVE-2025-37940}
- dm-integrity: set ti->error on memory allocation failure (Mikulas Patocka)
- crypto: ccp - Fix check for the primary ASP device (Tom Lendacky)
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (Trevor Woerner)
- sctp: detect and prevent references to a freed transport in sendmsg (Ricardo Cañuelo Navarro) [Orabug: 37901597] {CVE-2025-23142}
- mm: add missing release barrier on PGDAT_RECLAIM_LOCKED unlock (Mathieu Desnoyers)
- sparc/mm: disable preemption in lazy mmu mode (Ryan Roberts)
- arm64: dts: mediatek: mt8173: Fix disp-pwm compatible string (Chen-Yu Tsai)
- mtd: rawnand: Add status chack in r852_ready() (Xu Wang)
- mtd: inftlcore: Add error check for inftl_read_oob() (Xu Wang) [Orabug: 37976720] {CVE-2025-37892}
- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (T Pratham)
- locking/lockdep: Decrease nr_unused_locks if lock unused in zap_class() (Boqun Feng)
- jbd2: remove wrong sb->s_sequence check (Jan Kara) [Orabug: 37937283] {CVE-2025-37839}
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (Manjunatha Venkatesh) [Orabug: 37901622] {CVE-2025-23147}
- ext4: fix off-by-one error in do_split (Artem Sadovnikov) [Orabug: 37901631] {CVE-2025-23150}
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (Gavrilov Ilia)
- net: dsa: mv88e6xxx: workaround RGMII transmit delay erratum for 6320 family (Marek Behún)
- media: venus: hfi_parser: add check to avoid out of bound access (Vikash Garodia) [Orabug: 37901653] {CVE-2025-23157}
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (Sakari Ailus)
- media: i2c: ov7251: Set enable GPIO low in probe (Sakari Ailus)
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (Karina Yankevich)
- media: streamzap: prevent processing IR data on URB failure (Murad Masimov)
- mtd: rawnand: brcmnand: fix PM resume warning (Kamal Dasu) [Orabug: 37937292] {CVE-2025-37840}
- arm64: cputype: Add MIDR_CORTEX_A76AE (Douglas Anderson)
- xenfs/xensyms: respect hypervisor's "next" indication (Jan Beulich)
- media: siano: Fix error handling in smsdvb_module_init() (Yuan Can)
- media: venus: hfi: add check to handle incorrect queue size (Vikash Garodia) [Orabug: 37901657] {CVE-2025-23158}
- media: venus: hfi: add a check to handle OOB in sfr region (Vikash Garodia) [Orabug: 37901662] {CVE-2025-23159}
- media: i2c: adv748x: Fix test pattern selection mask (Niklas Söderlund)
- ext4: don't treat fhandle lookup of ea_inode as FS corruption (Jann Horn)
- ext4: reject casefold inode flag without casefold feature (Eric Biggers)
- bpf: support SKF_NET_OFF and SKF_LL_OFF on skb frags (Willem de Bruijn)
- bpf: Add endian modifiers to fix endian warnings (Ben Dooks)
- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (Uwe Kleine-König)
- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (Josh Poimboeuf) [Orabug: 37937329] {CVE-2025-37850}
- pwm: mediatek: Always use bus clock (Fabien Parent)
- fbdev: omapfb: Add 'plane' value check (Leonid Arapov)
- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (AngeloGioacchino Del Regno)
- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (Philip Yang)
- drm/amdkfd: clamp queue size to minimum (David Yat Sin)
- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (Andrew Wyatt)
- drm: panel-orientation-quirks: Add support for AYANEO 2S (Andrew Wyatt)
- drm: allow encoder mode_set even when connectors change for crtc (Abhinav Kumar)
- Bluetooth: hci_uart: fix race during initialization (Arseniy Krasnov)
- tracing: fix return value in __ftrace_event_enable_disable for TRACE_REG_UNREGISTER (Gabriele Paoloni)
- net: vlan: don't propagate flags on open (Stanislav Fomichev) [Orabug: 37901684] {CVE-2025-23163}
- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (Icenowy Zheng)
- scsi: st: Fix array overflow in st_setup() (Kai Mäkisara) [Orabug: 37937379] {CVE-2025-37857}
- ext4: ignore xattrs past end (Bhupesh) [Orabug: 37901692] {CVE-2025-37738}
- ext4: protect ext4_release_dquot against freezing (Ojaswin Mujoo)
- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (Daniel Kral)
- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (Niklas Cassel)
- jfs: add sanity check for agwidth in dbMount (Edward Adam Davis) [Orabug: 37901707] {CVE-2025-37740}
- jfs: Prevent copying of nlink with value 0 from disk inode (Edward Adam Davis) [Orabug: 37901716] {CVE-2025-37741}
- fs/jfs: Prevent integer overflow in AG size calculation (Rand Deeb) [Orabug: 37937387] {CVE-2025-37858}
- fs/jfs: cast inactags to s64 to prevent potential overflow (Rand Deeb)
- page_pool: avoid infinite loop to schedule delayed worker (Jason Xing) [Orabug: 37937395] {CVE-2025-37859}
- ALSA: usb-audio: Fix CME quirk for UF series keyboards (Ricard Wanderlof)
- ALSA: hda: intel: Fix Optimus when GPU has no sound (Maxim Mikityanskiy)
- HID: pidff: Fix null pointer dereference in pidff_find_fields (Tomasz Pakuła) [Orabug: 37937410] {CVE-2025-37862}
- HID: pidff: Do not send effect envelope if it's empty (Tomasz Pakuła)
- HID: pidff: Convert infinite length from Linux API to PID standard (Tomasz Pakuła)
- xen/mcelog: Add __nonstring annotations for unterminated strings (Kees Cook)
- perf: arm_pmu: Don't disable counter in armpmu_add() (Mark Rutland)
- x86/cpu: Don't clear X86_FEATURE_LAHF_LM flag in init_amd_k8() on AMD when running in a virtual machine (Max Grobecker)
- pm: cpupower: bench: Prevent NULL dereference on malloc failure (Zhongqiu Han) [Orabug: 37937297] {CVE-2025-37841}
- net: ppp: Add bound checking for skb data on ppp_sync_txmung (Arnaud Lecomte) [Orabug: 37901766] {CVE-2025-37749}
- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (Xu Wang)
- ata: sata_sx4: Drop pointless VPRINTK() calls and convert the remaining ones (Hannes Reinecke)
- tipc: fix memory leak in tipc_link_xmit (Tung Nguyen) [Orabug: 37901790] {CVE-2025-37757}
- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (Henry Martin) [Orabug: 37901796] {CVE-2025-37758}

[5.4.17-2136.345.2.el7uek]
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (Pawan Gupta) [Orabug: 37959995]
- x86/bpf: Add IBHF call at end of classic BPF (Daniel Sneddon) [Orabug: 37959995]
- x86/bpf: Call branch history clearing sequence on exit (Daniel Sneddon) [Orabug: 37959995]
- certs: Reference revocation list for all keyrings (Eric Snowberg) [Orabug: 38026794]

[5.4.17-2136.345.1.el7uek]
- RDS: use get_user_pages_fast() in rdma_pin_pages() (Stephen Brennan) [Orabug: 37973441]
- x86/bugs: Enabling Retbleed and SRSO mitigation can taint the kernel (Alexandre Chartre) [Orabug: 37959151]
- selftest/x86/bugs: Add selftests for ITS (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- x86/its: Align RETs in BHB clear sequence to avoid thunking (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- x86/its: Add "vmexit" option to skip mitigation on some CPUs (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- x86/its: Enable Indirect Target Selection mitigation (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- x86/its: Add support for ITS-safe return thunk (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- x86/its: Add support for ITS-safe indirect thunk (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- x86/its: Enumerate Indirect Target Selection (ITS) bug (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- Documentation: x86/bugs/its: Add ITS documentation (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}

ELSA-2025-11333 Important: Oracle Linux 8 tomcat security update

Oracle Linux Security Advisory ELSA-2025-11333

http://linux.oracle.com/errata/ELSA-2025-11333.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
tomcat-9.0.87-1.el8_10.4.noarch.rpm
tomcat-admin-webapps-9.0.87-1.el8_10.4.noarch.rpm
tomcat-docs-webapp-9.0.87-1.el8_10.4.noarch.rpm
tomcat-el-3.0-api-9.0.87-1.el8_10.4.noarch.rpm
tomcat-jsp-2.3-api-9.0.87-1.el8_10.4.noarch.rpm
tomcat-lib-9.0.87-1.el8_10.4.noarch.rpm
tomcat-servlet-4.0-api-9.0.87-1.el8_10.4.noarch.rpm
tomcat-webapps-9.0.87-1.el8_10.4.noarch.rpm

aarch64:
tomcat-9.0.87-1.el8_10.4.noarch.rpm
tomcat-admin-webapps-9.0.87-1.el8_10.4.noarch.rpm
tomcat-docs-webapp-9.0.87-1.el8_10.4.noarch.rpm
tomcat-el-3.0-api-9.0.87-1.el8_10.4.noarch.rpm
tomcat-jsp-2.3-api-9.0.87-1.el8_10.4.noarch.rpm
tomcat-lib-9.0.87-1.el8_10.4.noarch.rpm
tomcat-servlet-4.0-api-9.0.87-1.el8_10.4.noarch.rpm
tomcat-webapps-9.0.87-1.el8_10.4.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/tomcat-9.0.87-1.el8_10.4.src.rpm

Related CVEs:

CVE-2024-56337
CVE-2025-31650

Description of changes:

[1:9.0.87-1.el8_10.4]
- Resolves: RHEL-91761
tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame (CVE-2025-31650)
- Resolves: RHEL-71971
tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation (CVE-2024-56337)

ELSA-2025-20471 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2025-20471

http://linux.oracle.com/errata/ELSA-2025-20471.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

aarch64:
kernel-uek-5.4.17-2136.345.5.3.el8uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.345.5.3.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.345.5.3.el8uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.345.5.3.el8uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.345.5.3.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.345.5.3.el8uek.src.rpm

Related CVEs:

CVE-2021-47352
CVE-2024-26744
CVE-2024-28956
CVE-2024-36350
CVE-2024-36357
CVE-2024-50154
CVE-2025-23140
CVE-2025-23142
CVE-2025-23147
CVE-2025-23150
CVE-2025-23157
CVE-2025-23158
CVE-2025-23159
CVE-2025-23163
CVE-2025-37738
CVE-2025-37740
CVE-2025-37741
CVE-2025-37749
CVE-2025-37757
CVE-2025-37758
CVE-2025-37765
CVE-2025-37766
CVE-2025-37768
CVE-2025-37770
CVE-2025-37773
CVE-2025-37780
CVE-2025-37781
CVE-2025-37785
CVE-2025-37789
CVE-2025-37792
CVE-2025-37794
CVE-2025-37796
CVE-2025-37797
CVE-2025-37803
CVE-2025-37808
CVE-2025-37810
CVE-2025-37812
CVE-2025-37817
CVE-2025-37823
CVE-2025-37824
CVE-2025-37829
CVE-2025-37838
CVE-2025-37839
CVE-2025-37840
CVE-2025-37841
CVE-2025-37850
CVE-2025-37857
CVE-2025-37858
CVE-2025-37859
CVE-2025-37862
CVE-2025-37881
CVE-2025-37892
CVE-2025-37940
CVE-2025-37982
CVE-2025-37983
CVE-2025-37989

Description of changes:

[5.4.17-2136.345.5.3.el8uek]
- x86/bpf: Classic BPF program can fail when BHB barrier is used (Alexandre Chartre) [Orabug: 38167806]

[5.4.17-2136.345.5.2.el8uek]
- Add Zen34 clients (Borislav Petkov (AMD)) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- x86/process: Move the buffer clearing before MONITOR (Kim Phillips) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- KVM: SVM: Advertize TSA CPUID bits to guests (Borislav Petkov (AMD)) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Add a Transient Scheduler Attacks mitigation (Borislav Petkov (AMD)) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- KVM: x86: add support for CPUID leaf 0x80000021 (Paolo Bonzini) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Rename MDS machinery to something more generic (Borislav Petkov (AMD)) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- x86/CPU/AMD: Add ZenX generations flags (Borislav Petkov (AMD)) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Free X86_BUG_AMD_APIC_C1E and X86_BUG_AMD_E400 bits (Boris Ostrovsky) [Orabug: 38023241] {CVE-2024-36350} {CVE-2024-36357}

[5.4.17-2136.345.5.el8uek]
- rds: ib: Add cm_id generation scheme in order to detect new ones (Håkon Bugge) [Orabug: 37799171]

[5.4.17-2136.345.4.el8uek]
- x86/its: BPF can crash in bpf_jit_comp.c when ITS is enabled (Alexandre Chartre) [Orabug: 38043586]
- shmem: add support to ignore swap (Luis Chamberlain) [Orabug: 38034040]
- shmem: update documentation (Luis Chamberlain) [Orabug: 38034040]
- mm: hold the source mmap write lock when copying PTEs (Anthony Yznaga) [Orabug: 38029050]
- mm: do not write protect COW mappings when preserving across exec (Anthony Yznaga) [Orabug: 38029050]
- mm: differentiate copying PTEs for preservation from copying for fork (Anthony Yznaga) [Orabug: 38029050]
- mm/fork: Pass new vma pointer into copy_page_range() (Peter Xu) [Orabug: 38029050]
- xen/swiotlb: relax alignment requirements (Juergen Gross) [Orabug: 37523168]
- Reapply "xen/swiotlb: add alignment check for dma buffers" (Harshvardhan Jha) [Orabug: 37523168]

[5.4.17-2136.345.3.el8uek]
- dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" (Nathan Lynch)
- nvme: unblock ctrl state transition for firmware update (Daniel Wagner)
- memcg: always call cond_resched() after fn() (Breno Leitao)
- ACPI: PPTT: Fix processor subtable walk (Jeremy Linton)
- LTS tag: v5.4.293 (Sherry Yang)
- MIPS: cm: Fix warning if MIPS_CM is disabled (Thomas Bogendoerfer)
- crypto: atmel-sha204a - Set hwrng quality to lowest possible (Marek Behún)
- comedi: jr3_pci: Fix synchronous deletion of timer (Ian Abbott)
- md/raid1: Add check for missing source disk in process_checks() (Meir Elisha)
- scsi: pm80xx: Set phy_attached to zero when device is gone (Igor Pylypiv)
- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (Jean-Marc Eurin)
- selftests: ublk: fix test_stripe_04 (Ming Lei)
- udmabuf: fix a buf size overflow issue during udmabuf creation (Xiaogang Chen) [Orabug: 37929939] {CVE-2025-37803}
- KVM: s390: Don't use %pK through tracepoints (Thomas Weißschuh)
- sched/isolation: Make CONFIG_CPU_ISOLATION depend on CONFIG_SMP (Oleg Nesterov)
- ntb: reduce stack usage in idt_scan_mws (Arnd Bergmann)
- qibfs: fix _another_ leak (Al Viro) [Orabug: 37977084] {CVE-2025-37983}
- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (Chenyuan Yang) [Orabug: 37937504] {CVE-2025-37881}
- dmaengine: dmatest: Fix dmatest waiting less when interrupted (Vinicius Costa Gomes)
- usb: host: max3421-hcd: Add missing spi_device_id table (Alexander Stein)
- parisc: PDT: Fix missing prototype warning (Yu-Chun Lin)
- clk: check for disabled clock-provider in of_clk_get_hw_from_clkspec() (Heiko Stuebner)
- crypto: null - Use spin lock instead of mutex (Herbert Xu) [Orabug: 37929974] {CVE-2025-37808}
- MIPS: cm: Detect CM quirks from device tree (Gregory Clement)
- USB: VLI disk crashes if LPM is used (Oliver Neukum)
- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (Miao Li)
- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (Miao Li)
- usb: dwc3: gadget: check that event count does not exceed event buffer length (Frode Isaksen) [Orabug: 37929982] {CVE-2025-37810}
- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (Huacai Chen)
- usb: cdns3: Fix deadlock when using NCM gadget (Ralph Siemsen) [Orabug: 37929989] {CVE-2025-37812}
- USB: serial: simple: add OWON HDS200 series oscilloscope support (Craig Hesling)
- USB: serial: option: add Sierra Wireless EM9291 (Adam Xue)
- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (Michael Ehrenreich)
- serial: sifive: lock port in startup()/shutdown() callbacks (Ryo Takakura)
- USB: storage: quirk for ADATA Portable HDD CH94 (Oliver Neukum)
- mcb: fix a double free bug in chameleon_parse_gdd() (Haoxiang Li) [Orabug: 37930001] {CVE-2025-37817}
- virtio_console: fix missing byte order handling for cols and rows (Halil Pasic)
- net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (Cong Wang) [Orabug: 37930029] {CVE-2025-37823}
- net_sched: hfsc: Fix a UAF vulnerability in class handling (Cong Wang) [Orabug: 37908485] {CVE-2025-37797}
- tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (Tung Nguyen) [Orabug: 37930040] {CVE-2025-37824}
- net: phy: leds: fix memory leak (Qingfang Deng) [Orabug: 37977113] {CVE-2025-37989}
- cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (Henry Martin) [Orabug: 37930052] {CVE-2025-37829}
- drm/amd/pm: Prevent division by zero (Denis Arefev) [Orabug: 37901824,37901841,37901831] {CVE-2025-37766,CVE-2025-37768,CVE-2025-37770}
- misc: pci_endpoint_test: Fix displaying 'irq_type' after 'request_irq' error (Kunihiko Hayashi)
- misc: pci_endpoint_test: Use INTX instead of LEGACY (Damien Le Moal)
- PCI: Rename PCI_IRQ_LEGACY to PCI_IRQ_INTX (Bjorn Helgaas)
- iio: adc: ad7768-1: Fix conversion result sign (Sergiu Cuciurean)
- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (Jonathan Cameron)
- net: dsa: mv88e6xxx: fix VTU methods for 6320 family (Marek Behún)
- media: vim2m: print device name after registering device (Matthew Majewski)
- ext4: fix OOB read when checking dotdot dir (Jakub Acs) [Orabug: 37855335] {CVE-2025-37785}
- ext4: optimize __ext4_check_dir_entry() (Theodore Ts'O)
- ext4: don't over-report free space or inodes in statvfs (Theodore Ts'O)
- ext4: code cleanup for ext4_statfs_project() (Chengguang Xu)
- ext4: simplify checking quota limits in ext4_statfs() (Jan Kara)
- platform/x86: ISST: Correct command storage data length (Srinivas Pandruvada)
- MIPS: ds1287: Match ds1287_set_base_clock() function types (Yuli Wang)
- MIPS: cevt-ds1287: Add missing ds1287.h include (Yuli Wang)
- MIPS: dec: Declare which_prom() as static (Yuli Wang)
- virtio-net: Add validation for used length (Xie Yongji) [Orabug: 37079171] {CVE-2021-47352}
- RDMA/srpt: Support specifying the srpt_service_guid parameter (Bart Van Assche) [Orabug: 36530711] {CVE-2024-26744}
- openvswitch: fix lockup on tx to unregistering netdev with carrier (Ilya Maximets)
- net: openvswitch: fix race on port output (Felix Huettner)
- mmc: cqhci: Fix checking of CQHCI_HALT state (Seunghwan Baek)
- nvmet-fc: Remove unused functions (Yuli Wang)
- usb: dwc3: support continuous runtime PM with dual role (Martin Kepplinger)
- misc: pci_endpoint_test: Fix 'irq_type' to convey the correct type (Kunihiko Hayashi)
- misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (Kunihiko Hayashi) [Orabug: 37901587] {CVE-2025-23140}
- tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). (Kuniyuki Iwashima) [Orabug: 37264115] {CVE-2024-50154}
- powerpc/prom_init: Use -ffreestanding to avoid a reference to bcmp (Nathan Chancellor)
- kbuild: Add '-fno-builtin-wcslen' (Nathan Chancellor)
- cpufreq: Reference count policy in cpufreq_update_limits() (Rafael J. Wysocki)
- drm/sti: remove duplicate object names (Rolf Eike Beer)
- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (Chris Bainbridge) [Orabug: 37901818] {CVE-2025-37765}
- drm/repaper: fix integer overflows in repeat functions (Nikita Zhandarovich)
- module: sign with sha512 instead of sha1 by default (Thorsten Leemhuis)
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on SNR (Kan Liang)
- perf/x86/intel: Allow to update user space GPRs from PEBS records (Dapeng Mi)
- virtiofs: add filesystem context source name check (Xiangsheng Hou) [Orabug: 37901855] {CVE-2025-37773}
- riscv: Avoid fortify warning in syscall_get_arguments() (Nathan Chancellor)
- isofs: Prevent the use of too small fid (Edward Adam Davis) [Orabug: 37901890] {CVE-2025-37780}
- i2c: cros-ec-tunnel: defer probe if parent EC is not present (Thadeu Lima de Souza Cascardo) [Orabug: 37901898] {CVE-2025-37781}
- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (Vasiliy Kovalev)
- btrfs: correctly escape subvol in btrfs_show_options() (Johannes Kimmel)
- nfs: add missing selections of CONFIG_CRC32 (Eric Biggers)
- nfs: move nfs_fhandle_hash to common include file (Jeff Layton)
- NFSD: Constify @fh argument of knfsd_fh_hash() (Chuck Lever)
- asus-laptop: Fix an uninitialized variable (Denis Arefev)
- writeback: fix false warning in inode_to_wb() (Andreas Gruenbacher)
- net: b53: enable BPDU reception for management port (Jonas Gorski)
- net: openvswitch: fix nested key length validation in the set() action (Ilya Maximets) [Orabug: 37901923] {CVE-2025-37789}
- Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (Johannes Berg)
- Bluetooth: btrtl: Prevent potential NULL dereference (Dan Carpenter) [Orabug: 37901934] {CVE-2025-37792}
- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (Luiz Augusto von Dentz)
- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (Yue Haibing)
- scsi: iscsi: Fix missing scsi_host_put() in error path (Miaoqian Lin)
- wifi: wl1251: fix memory leak in wl1251_tx_work (Abdun Nihaal) [Orabug: 37977076] {CVE-2025-37982}
- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (Remi Pommarel) [Orabug: 37901940] {CVE-2025-37794}
- wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (Remi Pommarel)
- wifi: at76c50x: fix use after free access in at76_disconnect (Abdun Nihaal) [Orabug: 37901953] {CVE-2025-37796}
- HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition (Kaixin Wang) [Orabug: 37855341] {CVE-2025-37838}
- pwm: mediatek: always use bus clock for PWM on MT7622 (Daniel Golle)
- Bluetooth: hci_uart: Fix another race during initialization (Arseniy Krasnov)
- x86/e820: Fix handling of subpage regions when calculating nosave ranges in e820__register_nosave_regions() (Myrrh Periwinkle)
- PCI: Fix reference leak in pci_alloc_child_bus() (Ma Ke)
- of/irq: Fix device node refcount leakages in of_irq_init() (Zijun Hu)
- of/irq: Fix device node refcount leakage in API irq_of_parse_and_map() (Zijun Hu)
- of/irq: Fix device node refcount leakages in of_irq_count() (Zijun Hu)
- ntb: use 64-bit arithmetic for the MSI doorbell mask (Fedor Pchelkin)
- gpio: zynq: Fix wakeup source leaks on device unbind (Krzysztof Kozlowski)
- ftrace: Add cond_resched() to ftrace_graph_set_hash() (Zhoumin) [Orabug: 37976893] {CVE-2025-37940}
- dm-integrity: set ti->error on memory allocation failure (Mikulas Patocka)
- crypto: ccp - Fix check for the primary ASP device (Tom Lendacky)
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (Trevor Woerner)
- sctp: detect and prevent references to a freed transport in sendmsg (Ricardo Cañuelo Navarro) [Orabug: 37901597] {CVE-2025-23142}
- mm: add missing release barrier on PGDAT_RECLAIM_LOCKED unlock (Mathieu Desnoyers)
- sparc/mm: disable preemption in lazy mmu mode (Ryan Roberts)
- arm64: dts: mediatek: mt8173: Fix disp-pwm compatible string (Chen-Yu Tsai)
- mtd: rawnand: Add status chack in r852_ready() (Xu Wang)
- mtd: inftlcore: Add error check for inftl_read_oob() (Xu Wang) [Orabug: 37976720] {CVE-2025-37892}
- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (T Pratham)
- locking/lockdep: Decrease nr_unused_locks if lock unused in zap_class() (Boqun Feng)
- jbd2: remove wrong sb->s_sequence check (Jan Kara) [Orabug: 37937283] {CVE-2025-37839}
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (Manjunatha Venkatesh) [Orabug: 37901622] {CVE-2025-23147}
- ext4: fix off-by-one error in do_split (Artem Sadovnikov) [Orabug: 37901631] {CVE-2025-23150}
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (Gavrilov Ilia)
- net: dsa: mv88e6xxx: workaround RGMII transmit delay erratum for 6320 family (Marek Behún)
- media: venus: hfi_parser: add check to avoid out of bound access (Vikash Garodia) [Orabug: 37901653] {CVE-2025-23157}
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (Sakari Ailus)
- media: i2c: ov7251: Set enable GPIO low in probe (Sakari Ailus)
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (Karina Yankevich)
- media: streamzap: prevent processing IR data on URB failure (Murad Masimov)
- mtd: rawnand: brcmnand: fix PM resume warning (Kamal Dasu) [Orabug: 37937292] {CVE-2025-37840}
- arm64: cputype: Add MIDR_CORTEX_A76AE (Douglas Anderson)
- xenfs/xensyms: respect hypervisor's "next" indication (Jan Beulich)
- media: siano: Fix error handling in smsdvb_module_init() (Yuan Can)
- media: venus: hfi: add check to handle incorrect queue size (Vikash Garodia) [Orabug: 37901657] {CVE-2025-23158}
- media: venus: hfi: add a check to handle OOB in sfr region (Vikash Garodia) [Orabug: 37901662] {CVE-2025-23159}
- media: i2c: adv748x: Fix test pattern selection mask (Niklas Söderlund)
- ext4: don't treat fhandle lookup of ea_inode as FS corruption (Jann Horn)
- ext4: reject casefold inode flag without casefold feature (Eric Biggers)
- bpf: support SKF_NET_OFF and SKF_LL_OFF on skb frags (Willem de Bruijn)
- bpf: Add endian modifiers to fix endian warnings (Ben Dooks)
- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (Uwe Kleine-König)
- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (Josh Poimboeuf) [Orabug: 37937329] {CVE-2025-37850}
- pwm: mediatek: Always use bus clock (Fabien Parent)
- fbdev: omapfb: Add 'plane' value check (Leonid Arapov)
- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (AngeloGioacchino Del Regno)
- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (Philip Yang)
- drm/amdkfd: clamp queue size to minimum (David Yat Sin)
- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (Andrew Wyatt)
- drm: panel-orientation-quirks: Add support for AYANEO 2S (Andrew Wyatt)
- drm: allow encoder mode_set even when connectors change for crtc (Abhinav Kumar)
- Bluetooth: hci_uart: fix race during initialization (Arseniy Krasnov)
- tracing: fix return value in __ftrace_event_enable_disable for TRACE_REG_UNREGISTER (Gabriele Paoloni)
- net: vlan: don't propagate flags on open (Stanislav Fomichev) [Orabug: 37901684] {CVE-2025-23163}
- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (Icenowy Zheng)
- scsi: st: Fix array overflow in st_setup() (Kai Mäkisara) [Orabug: 37937379] {CVE-2025-37857}
- ext4: ignore xattrs past end (Bhupesh) [Orabug: 37901692] {CVE-2025-37738}
- ext4: protect ext4_release_dquot against freezing (Ojaswin Mujoo)
- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (Daniel Kral)
- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (Niklas Cassel)
- jfs: add sanity check for agwidth in dbMount (Edward Adam Davis) [Orabug: 37901707] {CVE-2025-37740}
- jfs: Prevent copying of nlink with value 0 from disk inode (Edward Adam Davis) [Orabug: 37901716] {CVE-2025-37741}
- fs/jfs: Prevent integer overflow in AG size calculation (Rand Deeb) [Orabug: 37937387] {CVE-2025-37858}
- fs/jfs: cast inactags to s64 to prevent potential overflow (Rand Deeb)
- page_pool: avoid infinite loop to schedule delayed worker (Jason Xing) [Orabug: 37937395] {CVE-2025-37859}
- ALSA: usb-audio: Fix CME quirk for UF series keyboards (Ricard Wanderlof)
- ALSA: hda: intel: Fix Optimus when GPU has no sound (Maxim Mikityanskiy)
- HID: pidff: Fix null pointer dereference in pidff_find_fields (Tomasz Pakuła) [Orabug: 37937410] {CVE-2025-37862}
- HID: pidff: Do not send effect envelope if it's empty (Tomasz Pakuła)
- HID: pidff: Convert infinite length from Linux API to PID standard (Tomasz Pakuła)
- xen/mcelog: Add __nonstring annotations for unterminated strings (Kees Cook)
- perf: arm_pmu: Don't disable counter in armpmu_add() (Mark Rutland)
- x86/cpu: Don't clear X86_FEATURE_LAHF_LM flag in init_amd_k8() on AMD when running in a virtual machine (Max Grobecker)
- pm: cpupower: bench: Prevent NULL dereference on malloc failure (Zhongqiu Han) [Orabug: 37937297] {CVE-2025-37841}
- net: ppp: Add bound checking for skb data on ppp_sync_txmung (Arnaud Lecomte) [Orabug: 37901766] {CVE-2025-37749}
- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (Xu Wang)
- ata: sata_sx4: Drop pointless VPRINTK() calls and convert the remaining ones (Hannes Reinecke)
- tipc: fix memory leak in tipc_link_xmit (Tung Nguyen) [Orabug: 37901790] {CVE-2025-37757}
- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (Henry Martin) [Orabug: 37901796] {CVE-2025-37758}

[5.4.17-2136.345.2.el8uek]
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (Pawan Gupta) [Orabug: 37959995]
- x86/bpf: Add IBHF call at end of classic BPF (Daniel Sneddon) [Orabug: 37959995]
- x86/bpf: Call branch history clearing sequence on exit (Daniel Sneddon) [Orabug: 37959995]
- certs: Reference revocation list for all keyrings (Eric Snowberg) [Orabug: 38026794]

[5.4.17-2136.345.1.el8uek]
- RDS: use get_user_pages_fast() in rdma_pin_pages() (Stephen Brennan) [Orabug: 37973441]
- x86/bugs: Enabling Retbleed and SRSO mitigation can taint the kernel (Alexandre Chartre) [Orabug: 37959151]
- selftest/x86/bugs: Add selftests for ITS (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- x86/its: Align RETs in BHB clear sequence to avoid thunking (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- x86/its: Add "vmexit" option to skip mitigation on some CPUs (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- x86/its: Enable Indirect Target Selection mitigation (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- x86/its: Add support for ITS-safe return thunk (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- x86/its: Add support for ITS-safe indirect thunk (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- x86/its: Enumerate Indirect Target Selection (ITS) bug (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}
- Documentation: x86/bugs/its: Add ITS documentation (Pawan Gupta) [Orabug: 37863727] {CVE-2024-28956}

ELSA-2025-11327 Moderate: Oracle Linux 8 glib2 security update

Oracle Linux Security Advisory ELSA-2025-11327

http://linux.oracle.com/errata/ELSA-2025-11327.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
glib2-2.56.4-166.el8_10.i686.rpm
glib2-2.56.4-166.el8_10.x86_64.rpm
glib2-devel-2.56.4-166.el8_10.i686.rpm
glib2-devel-2.56.4-166.el8_10.x86_64.rpm
glib2-doc-2.56.4-166.el8_10.noarch.rpm
glib2-fam-2.56.4-166.el8_10.x86_64.rpm
glib2-static-2.56.4-166.el8_10.i686.rpm
glib2-static-2.56.4-166.el8_10.x86_64.rpm
glib2-tests-2.56.4-166.el8_10.x86_64.rpm

aarch64:
glib2-2.56.4-166.el8_10.aarch64.rpm
glib2-devel-2.56.4-166.el8_10.aarch64.rpm
glib2-doc-2.56.4-166.el8_10.noarch.rpm
glib2-fam-2.56.4-166.el8_10.aarch64.rpm
glib2-static-2.56.4-166.el8_10.aarch64.rpm
glib2-tests-2.56.4-166.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/glib2-2.56.4-166.el8_10.src.rpm

Related CVEs:

CVE-2024-34397
CVE-2024-52533
CVE-2025-4373

Description of changes:

[2.56.4-166]
- Add patches for CVE-2024-34397, CVE-2024-52533, CVE-2025-4373
- Update GDateTime test for new tzdata
- Resolves: RHEL-67084
- Resolves: RHEL-94286
- Resolves: RHEL-94848

ELSA-2025-11298 Moderate: Oracle Linux 8 kernel security update

Oracle Linux Security Advisory ELSA-2025-11298

http://linux.oracle.com/errata/ELSA-2025-11298.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-4.18.0-553.62.1.el8_10.x86_64.rpm
kernel-4.18.0-553.62.1.el8_10.x86_64.rpm
kernel-abi-stablelists-4.18.0-553.62.1.el8_10.noarch.rpm
kernel-core-4.18.0-553.62.1.el8_10.x86_64.rpm
kernel-cross-headers-4.18.0-553.62.1.el8_10.x86_64.rpm
kernel-debug-4.18.0-553.62.1.el8_10.x86_64.rpm
kernel-debug-core-4.18.0-553.62.1.el8_10.x86_64.rpm
kernel-debug-devel-4.18.0-553.62.1.el8_10.x86_64.rpm
kernel-debug-modules-4.18.0-553.62.1.el8_10.x86_64.rpm
kernel-debug-modules-extra-4.18.0-553.62.1.el8_10.x86_64.rpm
kernel-devel-4.18.0-553.62.1.el8_10.x86_64.rpm
kernel-doc-4.18.0-553.62.1.el8_10.noarch.rpm
kernel-headers-4.18.0-553.62.1.el8_10.x86_64.rpm
kernel-modules-4.18.0-553.62.1.el8_10.x86_64.rpm
kernel-modules-extra-4.18.0-553.62.1.el8_10.x86_64.rpm
kernel-tools-4.18.0-553.62.1.el8_10.x86_64.rpm
kernel-tools-libs-4.18.0-553.62.1.el8_10.x86_64.rpm
kernel-tools-libs-devel-4.18.0-553.62.1.el8_10.x86_64.rpm
perf-4.18.0-553.62.1.el8_10.x86_64.rpm
python3-perf-4.18.0-553.62.1.el8_10.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-4.18.0-553.62.1.el8_10.src.rpm

Related CVEs:

CVE-2022-49058
CVE-2022-49788
CVE-2024-57980
CVE-2024-58002
CVE-2025-21991
CVE-2025-22004
CVE-2025-23150
CVE-2025-37738

Description of changes:

- [4.18.0-553.62.1.el8_10.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 error to userspace (Desnes Nunes) [RHEL-98760]
- media: uvcvideo: Flush the control cache when we get an event (Desnes Nunes) [RHEL-98760]
- media: uvcvideo: Annotate lock requirements for uvc_ctrl_set (Desnes Nunes) [RHEL-98760]
- media: uvcvideo: Remove dangling pointers (Desnes Nunes) [RHEL-98760] {CVE-2024-58002}
- media: uvcvideo: Remove redundant NULL assignment (Desnes Nunes) [RHEL-98760]
- media: uvcvideo: Only save async fh if success (Desnes Nunes) [RHEL-98760]
- media: uvcvideo: Refactor iterators (Desnes Nunes) [RHEL-98760]
- media: uvcvideo: Fix double free in error path (CKI Backport Bot) [RHEL-98788] {CVE-2024-57980}
- cifs: potential buffer overflow in handling symlinks (Paulo Alcantara) [RHEL-97074] {CVE-2022-49058}
- Race between reading mdstat and stopping an md device (Nigel Croxon) [RHEL-95723]
- fs/dcache: Control # of dentries in list_lru_node (Waiman Long) [RHEL-8578]
- fs/dcache: Add sysctl parameter dentry-fs-klimit to control # of dentries in filesystem (Waiman Long) [RHEL-8578]
- mm/list_lru: Make list_lru_add() return # if items in affected list_lru_node (Waiman Long) [RHEL-8578]

[4.18.0-553.61.1.el8_10]
- s390: Add z17 elf platform (Christoph Schlameuss) [RHEL-100409]
- ext4: ignore xattrs past end (CKI Backport Bot) [RHEL-100375] {CVE-2025-37738}
- ext4: fix off-by-one error in do_split (CKI Backport Bot) [RHEL-100361] {CVE-2025-23150}
- net: atm: fix use after free in lec_send() (CKI Backport Bot) [RHEL-93119] {CVE-2025-22004}
- x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (CKI Backport Bot) [RHEL-98980] {CVE-2025-21991}

ELSA-2025-10867 Important: Oracle Linux 8 java-17-openjdk security update

Oracle Linux Security Advisory ELSA-2025-10867

http://linux.oracle.com/errata/ELSA-2025-10867.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
java-17-openjdk-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-demo-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-demo-fastdebug-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-demo-slowdebug-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-devel-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-devel-fastdebug-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-devel-slowdebug-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-fastdebug-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-headless-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-headless-fastdebug-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-headless-slowdebug-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-javadoc-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-javadoc-zip-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-jmods-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-jmods-fastdebug-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-jmods-slowdebug-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-slowdebug-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-src-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-src-fastdebug-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-src-slowdebug-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-static-libs-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-static-libs-fastdebug-17.0.16.0.8-2.0.1.el8.x86_64.rpm
java-17-openjdk-static-libs-slowdebug-17.0.16.0.8-2.0.1.el8.x86_64.rpm

aarch64:
java-17-openjdk-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-demo-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-demo-fastdebug-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-demo-slowdebug-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-devel-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-devel-fastdebug-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-devel-slowdebug-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-fastdebug-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-headless-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-headless-fastdebug-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-headless-slowdebug-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-javadoc-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-javadoc-zip-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-jmods-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-jmods-fastdebug-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-jmods-slowdebug-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-slowdebug-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-src-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-src-fastdebug-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-src-slowdebug-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-static-libs-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-static-libs-fastdebug-17.0.16.0.8-2.0.1.el8.aarch64.rpm
java-17-openjdk-static-libs-slowdebug-17.0.16.0.8-2.0.1.el8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/java-17-openjdk-17.0.16.0.8-2.0.1.el8.src.rpm

Related CVEs:

CVE-2025-30749
CVE-2025-30754
CVE-2025-50059
CVE-2025-50106

Description of changes:

[1:17.0.16.0.8-2.0.1]
- Add Oracle vendor bug URL [Orabug: 34340155]

[1:17.0.16.0.8-2]
- Update to jdk-17.0.16+8
- Add to .gitignore openjdk-17.0.16+8.tar.xz
- Set updatever to 16
- Set buildver to 8
- Update sources to openjdk-17.0.16+8.tar.xz
- Resolves: RHEL-101793
- Resolves: RHEL-102273
- Require tzdata-java 2025b at runtime and for build
- Set bundled freetype provide version to 2.13.3
- Set bundled harfbuzz provide version to 10.4.0
- Set bundled lcms2 provide version to 2.17.0
- Set bundled libpng provide version to 1.6.47
- Sync java-17-openjdk-portable.specfile from openjdk-portable-rhel-8
- ** This tarball is embargoed until 2025-07-15 @ 1pm PT. **

ELBA-2025-4046 Oracle Linux 8 linux-firmware bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-4046

http://linux.oracle.com/errata/ELBA-2025-4046.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
iwl1000-firmware-39.31.5.1-999.41.el8.noarch.rpm
iwl100-firmware-39.31.5.1-999.41.el8.noarch.rpm
iwl105-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl135-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl2000-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl2030-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl3160-firmware-25.30.13.0-999.41.el8.noarch.rpm
iwl3945-firmware-15.32.2.9-999.41.el8.noarch.rpm
iwl4965-firmware-228.61.2.24-999.41.el8.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.41.el8.noarch.rpm
iwl5150-firmware-8.24.2.2-999.41.el8.noarch.rpm
iwl6000-firmware-9.221.4.1-999.41.el8.noarch.rpm
iwl6000g2a-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl6000g2b-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl6050-firmware-41.28.5.1-999.41.el8.noarch.rpm
iwl7260-firmware-25.30.13.0-999.41.el8.noarch.rpm
iwlax2xx-firmware-20250611-999.41.el8.noarch.rpm
libertas-sd8686-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
libertas-sd8787-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
libertas-usb8388-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
libertas-usb8388-olpc-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
linux-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
linux-firmware-core-20250611-999.41.git356f06bf.el8.noarch.rpm

aarch64:
iwl1000-firmware-39.31.5.1-999.41.el8.noarch.rpm
iwl100-firmware-39.31.5.1-999.41.el8.noarch.rpm
iwl105-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl135-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl2000-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl2030-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl3160-firmware-25.30.13.0-999.41.el8.noarch.rpm
iwl3945-firmware-15.32.2.9-999.41.el8.noarch.rpm
iwl4965-firmware-228.61.2.24-999.41.el8.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.41.el8.noarch.rpm
iwl5150-firmware-8.24.2.2-999.41.el8.noarch.rpm
iwl6000-firmware-9.221.4.1-999.41.el8.noarch.rpm
iwl6000g2a-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl6000g2b-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl6050-firmware-41.28.5.1-999.41.el8.noarch.rpm
iwl7260-firmware-25.30.13.0-999.41.el8.noarch.rpm
iwlax2xx-firmware-20250611-999.41.el8.noarch.rpm
libertas-sd8686-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
libertas-sd8787-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
libertas-usb8388-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
libertas-usb8388-olpc-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
linux-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
linux-firmware-core-20250611-999.41.git356f06bf.el8.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/linux-firmware-20250611-999.41.git356f06bf.el8.src.rpm

Description of changes:

[20250611-999.41.git356f06bf.el8]
- Rebase to latest upstream [Orabug: 38028345]

ELBA-2025-20473 Oracle Linux 8 linux-firmware bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20473

http://linux.oracle.com/errata/ELBA-2025-20473.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
iwl1000-firmware-39.31.5.1-999.41.el8.noarch.rpm
iwl100-firmware-39.31.5.1-999.41.el8.noarch.rpm
iwl105-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl135-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl2000-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl2030-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl3160-firmware-25.30.13.0-999.41.el8.noarch.rpm
iwl3945-firmware-15.32.2.9-999.41.el8.noarch.rpm
iwl4965-firmware-228.61.2.24-999.41.el8.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.41.el8.noarch.rpm
iwl5150-firmware-8.24.2.2-999.41.el8.noarch.rpm
iwl6000-firmware-9.221.4.1-999.41.el8.noarch.rpm
iwl6000g2a-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl6000g2b-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl6050-firmware-41.28.5.1-999.41.el8.noarch.rpm
iwl7260-firmware-25.30.13.0-999.41.el8.noarch.rpm
iwlax2xx-firmware-20250611-999.41.el8.noarch.rpm
libertas-sd8686-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
libertas-sd8787-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
libertas-usb8388-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
libertas-usb8388-olpc-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
linux-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
linux-firmware-core-20250611-999.41.git356f06bf.el8.noarch.rpm

aarch64:
iwl1000-firmware-39.31.5.1-999.41.el8.noarch.rpm
iwl100-firmware-39.31.5.1-999.41.el8.noarch.rpm
iwl105-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl135-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl2000-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl2030-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl3160-firmware-25.30.13.0-999.41.el8.noarch.rpm
iwl3945-firmware-15.32.2.9-999.41.el8.noarch.rpm
iwl4965-firmware-228.61.2.24-999.41.el8.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.41.el8.noarch.rpm
iwl5150-firmware-8.24.2.2-999.41.el8.noarch.rpm
iwl6000-firmware-9.221.4.1-999.41.el8.noarch.rpm
iwl6000g2a-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl6000g2b-firmware-18.168.6.1-999.41.el8.noarch.rpm
iwl6050-firmware-41.28.5.1-999.41.el8.noarch.rpm
iwl7260-firmware-25.30.13.0-999.41.el8.noarch.rpm
iwlax2xx-firmware-20250611-999.41.el8.noarch.rpm
libertas-sd8686-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
libertas-sd8787-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
libertas-usb8388-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
libertas-usb8388-olpc-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
linux-firmware-20250611-999.41.git356f06bf.el8.noarch.rpm
linux-firmware-core-20250611-999.41.git356f06bf.el8.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/linux-firmware-20250611-999.41.git356f06bf.el8.src.rpm

Description of changes:

[20250611-999.41.git356f06bf.el8]
- Rebase to latest upstream [Orabug: 38028345]

ELSA-2025-20470 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2025-20470

http://linux.oracle.com/errata/ELSA-2025-20470.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-5.15.0-310.184.5.2.el8uek.x86_64.rpm
kernel-uek-5.15.0-310.184.5.2.el8uek.x86_64.rpm
kernel-uek-core-5.15.0-310.184.5.2.el8uek.x86_64.rpm
kernel-uek-debug-5.15.0-310.184.5.2.el8uek.x86_64.rpm
kernel-uek-debug-core-5.15.0-310.184.5.2.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.15.0-310.184.5.2.el8uek.x86_64.rpm
kernel-uek-debug-modules-5.15.0-310.184.5.2.el8uek.x86_64.rpm
kernel-uek-debug-modules-extra-5.15.0-310.184.5.2.el8uek.x86_64.rpm
kernel-uek-devel-5.15.0-310.184.5.2.el8uek.x86_64.rpm
kernel-uek-doc-5.15.0-310.184.5.2.el8uek.noarch.rpm
kernel-uek-modules-5.15.0-310.184.5.2.el8uek.x86_64.rpm
kernel-uek-modules-extra-5.15.0-310.184.5.2.el8uek.x86_64.rpm
kernel-uek-container-5.15.0-310.184.5.2.el8uek.x86_64.rpm
kernel-uek-container-debug-5.15.0-310.184.5.2.el8uek.x86_64.rpm

aarch64:
bpftool-5.15.0-310.184.5.2.el8uek.aarch64.rpm
kernel-uek-5.15.0-310.184.5.2.el8uek.aarch64.rpm
kernel-uek-core-5.15.0-310.184.5.2.el8uek.aarch64.rpm
kernel-uek-debug-5.15.0-310.184.5.2.el8uek.aarch64.rpm
kernel-uek-debug-core-5.15.0-310.184.5.2.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.15.0-310.184.5.2.el8uek.aarch64.rpm
kernel-uek-debug-modules-5.15.0-310.184.5.2.el8uek.aarch64.rpm
kernel-uek-debug-modules-extra-5.15.0-310.184.5.2.el8uek.aarch64.rpm
kernel-uek-devel-5.15.0-310.184.5.2.el8uek.aarch64.rpm
kernel-uek-doc-5.15.0-310.184.5.2.el8uek.noarch.rpm
kernel-uek-modules-5.15.0-310.184.5.2.el8uek.aarch64.rpm
kernel-uek-modules-extra-5.15.0-310.184.5.2.el8uek.aarch64.rpm
kernel-uek-container-5.15.0-310.184.5.2.el8uek.aarch64.rpm
kernel-uek-container-debug-5.15.0-310.184.5.2.el8uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.15.0-310.184.5.2.el8uek.src.rpm

Related CVEs:

CVE-2023-52572
CVE-2023-52621
CVE-2023-52757
CVE-2024-26686
CVE-2024-26739
CVE-2024-26952
CVE-2024-27402
CVE-2024-35790
CVE-2024-35866
CVE-2024-35867
CVE-2024-35943
CVE-2024-36350
CVE-2024-36357
CVE-2024-36908
CVE-2024-38540
CVE-2024-38541
CVE-2024-42160
CVE-2024-42322
CVE-2024-44938
CVE-2024-46742
CVE-2024-46751
CVE-2024-46774
CVE-2024-46784
CVE-2024-46816
CVE-2024-49960
CVE-2024-49989
CVE-2024-50047
CVE-2024-50125
CVE-2024-50258
CVE-2024-50272
CVE-2024-50280
CVE-2024-53128
CVE-2024-53185
CVE-2024-53203
CVE-2024-54458
CVE-2024-56551
CVE-2024-56599
CVE-2024-56655
CVE-2024-56658
CVE-2024-56751
CVE-2025-21681
CVE-2025-21839
CVE-2025-21853
CVE-2025-22027
CVE-2025-22062
CVE-2025-23140
CVE-2025-23142
CVE-2025-23144
CVE-2025-23145
CVE-2025-23146
CVE-2025-23147
CVE-2025-23148
CVE-2025-23150
CVE-2025-23151
CVE-2025-23156
CVE-2025-23157
CVE-2025-23158
CVE-2025-23159
CVE-2025-23161
CVE-2025-23163
CVE-2025-37738
CVE-2025-37739
CVE-2025-37740
CVE-2025-37741
CVE-2025-37742
CVE-2025-37749
CVE-2025-37752
CVE-2025-37756
CVE-2025-37757
CVE-2025-37758
CVE-2025-37765
CVE-2025-37766
CVE-2025-37767
CVE-2025-37768
CVE-2025-37770
CVE-2025-37771
CVE-2025-37773
CVE-2025-37780
CVE-2025-37781
CVE-2025-37787
CVE-2025-37788
CVE-2025-37789
CVE-2025-37790
CVE-2025-37792
CVE-2025-37794
CVE-2025-37796
CVE-2025-37797
CVE-2025-37803
CVE-2025-37805
CVE-2025-37808
CVE-2025-37810
CVE-2025-37812
CVE-2025-37817
CVE-2025-37819
CVE-2025-37823
CVE-2025-37824
CVE-2025-37829
CVE-2025-37830
CVE-2025-37836
CVE-2025-37838
CVE-2025-37839
CVE-2025-37840
CVE-2025-37841
CVE-2025-37844
CVE-2025-37850
CVE-2025-37857
CVE-2025-37858
CVE-2025-37859
CVE-2025-37862
CVE-2025-37867
CVE-2025-37875
CVE-2025-37881
CVE-2025-37883
CVE-2025-37885
CVE-2025-37890
CVE-2025-37892
CVE-2025-37905
CVE-2025-37909
CVE-2025-37911
CVE-2025-37913
CVE-2025-37914
CVE-2025-37915
CVE-2025-37923
CVE-2025-37927
CVE-2025-37929
CVE-2025-37930
CVE-2025-37940
CVE-2025-37949
CVE-2025-37967
CVE-2025-37969
CVE-2025-37970
CVE-2025-37982
CVE-2025-37983
CVE-2025-37985
CVE-2025-37989
CVE-2025-37990
CVE-2025-37991
CVE-2025-37992
CVE-2025-37994
CVE-2025-37995
CVE-2025-37997
CVE-2025-37998
CVE-2025-38005
CVE-2025-38009
CVE-2025-38023
CVE-2025-38024
CVE-2025-38031
CVE-2025-38089

Description of changes:

[5.15.0-310.184.5.2.el8uek]
- sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (Jeff Layton) {CVE-2025-38089}
- net_sched: sch_sfq: move the limit validation (Octavian Purdila) {CVE-2025-37752}
- net_sched: sch_sfq: use a temporary work area for validating configuration (Octavian Purdila)
- net_sched: sch_sfq: don't allow 1 packet limit (Octavian Purdila)
- net_sched: sch_sfq: handle bigger packets (Eric Dumazet)
- net_sched: sch_sfq: annotate data-races around q->perturb_period (Eric Dumazet)
- block: assign bi_bdev for cloned bios in blk_rq_prep_clone (Christoph Hellwig) [Orabug: 37931495]
- fs/proc: do_task_stat: use __for_each_thread() (Oleg Nesterov) [Orabug: 38081922]

[5.15.0-310.184.5.1.el8uek]
- Add Zen34 clients (Borislav Petkov (AMD)) [Orabug: 38023240] {CVE-2024-36350} {CVE-2024-36357}
- x86/process: Move the buffer clearing before MONITOR (Kim Phillips) [Orabug: 38023240] {CVE-2024-36350} {CVE-2024-36357}
- Add normal counters (Borislav Petkov (AMD)) [Orabug: 38023240] {CVE-2024-36350} {CVE-2024-36357}
- KVM: SVM: Advertize TSA CPUID bits to guests (Borislav Petkov (AMD)) [Orabug: 38023240] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Add a Transient Scheduler Attacks mitigation (Borislav Petkov (AMD)) [Orabug: 38023240] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Rename MDS machinery to something more generic (Borislav Petkov (AMD)) [Orabug: 38023240] {CVE-2024-36350} {CVE-2024-36357}
- x86/CPU/AMD: Add ZenX generations flags (Borislav Petkov (AMD)) [Orabug: 38023240] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Free X86_BUG_AMD_APIC_C1E and X86_BUG_AMD_E400 bits (Boris Ostrovsky) [Orabug: 38023240] {CVE-2024-36350} {CVE-2024-36357}

[5.15.0-310.184.5.el8uek]
- sched/numa: skip VMA scanning on memory pinned to one NUMA node via cpuset.mems (Libo Chen) [Orabug: 38070120]
- bridge: netfilter: Fix forwarding of fragmented packets (Ido Schimmel) [Orabug: 38069363]
- Revert "net: bridge: IP defragmentation failing for jumboframes" (Venkat Venkatsubra) [Orabug: 38069363]
- vhost-scsi: Change def inline_sg_cnt and max_io_vqs for exadata (Mike Christie) [Orabug: 38053186]
- rds: ib: Add cm_id generation scheme in order to detect new ones (Håkon Bugge) [Orabug: 37799170]
- Revert "i2c: designware: Fix corrupted memory seen in the ISR" (Vijay Kumar) [Orabug: 37771338]
- ipmi:ssif: Improve detecting during probing (Corey Minyard) [Orabug: 37771338]
- ipmi: ssif: replace strlcpy with strscpy (Jason Wang) [Orabug: 37771338]
- uek-rpm: Enable CONFIG_SERIAL_RP2 as m (Samasth Norway Ananda) [Orabug: 37459981]
- serial: update the rp2 driver code (Samasth Norway Ananda) [Orabug: 37459981]

[5.15.0-310.184.4.el8uek]
- vhost-scsi: Fix log flooding with target does not exist errors (Mike Christie) [Orabug: 37424174]
- mm: do not write protect COW mappings when preserving across exec (Anthony Yznaga) [Orabug: 37734242]
- mm: hold the source mmap write lock when copying PTEs (Anthony Yznaga) [Orabug: 37734242]
- uek-rpm: Bluefield 3: Enable CONFIG_CONTIG_ALLOC (Thomas Tai) [Orabug: 38067846]
- mm: shmem: remove unnecessary warning in shmem_writepage() (Ricardo Cañuelo Navarro) [Orabug: 38091965]
- shmem: add support to ignore swap (Luis Chamberlain) [Orabug: 38091965]
- shmem: update documentation (Luis Chamberlain) [Orabug: 38091965]
- shmem: skip page split if we're not reclaiming (Luis Chamberlain) [Orabug: 38091965]
- shmem: move reclaim check early on writepages() (Luis Chamberlain) [Orabug: 38091965]
- shmem: set shmem_writepage() variables early (Luis Chamberlain) [Orabug: 38091965]
- shmem: remove check for folio lock on writepage() (Luis Chamberlain) [Orabug: 38091965]

[5.15.0-310.184.3.el8uek]
- x86/its: Fix undefined reference to cpu_wants_rethunk_at() (Pawan Gupta)
- padata: do not leak refcount in reorder_work (Dominik Grzegorzek) [Orabug: 38094844] {CVE-2025-38031}
- Revert "drm/amd: Keep display off while going into S4" (Mario Limonciello)
- memcg: always call cond_resched() after fn() (Breno Leitao)
- lib: cpu_rmap: Use allocator for rmap entries (Eli Cohen) [Orabug: 38037237]
- uek-rpm: build the fwctl mlx5 driver on UEK (Qing Huang) [Orabug: 37810637]
- fwctl: Adapt upstream code for UEK7 (Mikhael Goikhman) [Orabug: 37810637]
- mlx5: Create an auxiliary device for fwctl_mlx5 (Saeed Mahameed) [Orabug: 37810637]
- fwctl/mlx5: Support for communicating with mlx5 fw (Saeed Mahameed) [Orabug: 37810637]
- fwctl: Add documentation (Jason Gunthorpe) [Orabug: 37810637]
- fwctl: FWCTL_RPC to execute a Remote Procedure Call to device firmware (Jason Gunthorpe) [Orabug: 37810637]
- taint: Add TAINT_FWCTL (Jason Gunthorpe) [Orabug: 37810637]
- fwctl: FWCTL_INFO to return basic information about the device (Jason Gunthorpe) [Orabug: 37810637]
- fwctl: Basic ioctl dispatch for the character device (Jason Gunthorpe) [Orabug: 37810637]
- fwctl: Add basic structure for a class subsystem with a cdev (Jason Gunthorpe) [Orabug: 37810637]
- net/mlx5: Add IFC related stuff for data direct (Yishai Hadas) [Orabug: 37810637]
- Documentation: Add detailed explanation for 'N' taint flag (Benjamin Poirier) [Orabug: 37810637]
- kernel/panic: initialize taint_flags[] using a macro (Jani Nikula) [Orabug: 37810637]
- kernel/panic: return early from print_tainted() when not tainted (Jani Nikula) [Orabug: 37810637]
- tools: Add new "test" taint to kernel-chktaint (Joe Fradley) [Orabug: 37810637]
- panic: use error_report_end tracepoint on warnings (Marco Elver) [Orabug: 37810637]
- Revert "fwctl: Add basic structure for a class subsystem with a cdev" (Qing Huang) [Orabug: 37810637]
- Revert "fwctl: Basic ioctl dispatch for the character device" (Qing Huang) [Orabug: 37810637]
- Revert "fwctl: FWCTL_INFO to return basic information about the device" (Qing Huang) [Orabug: 37810637]
- Revert "fwctl: FWCTL_RPC to execute a Remote Procedure Call to device firmware" (Qing Huang) [Orabug: 37810637]
- Revert "fwctl/mlx5: Support for communicating with mlx5 fw" (Qing Huang) [Orabug: 37810637]
- Revert "mlx5: Create an auxiliary device for fwctl_mlx5" (Qing Huang) [Orabug: 37810637]
- Revert "taint: Add TAINT_FWCTL" (Qing Huang) [Orabug: 37810637]
- Revert "fwctl: Adapt code for UEK7" (Qing Huang) [Orabug: 37810637]
- Revert "fwctl/mlx5: Add INTERNAL_DEV_RES uctx capability" (Qing Huang) [Orabug: 37810637]
- Revert "fwctl: Allow up to 4k devices" (Qing Huang) [Orabug: 37810637]
- Revert "fwctl: Expand adaption of code for UEK7" (Qing Huang) [Orabug: 37810637]
- Revert "uek-rpm: build the fwctl mlx5 driver on UEK" (Qing Huang) [Orabug: 37810637]

[5.15.0-310.184.2.el8uek]
- LTS version: v5.15.184 (Vijayendra Suman)
- netfilter: nf_tables: do not defer rule destruction via call_rcu (Florian Westphal) [Orabug: 38071844] {CVE-2024-56655}
- netfilter: nf_tables: wait for rcu grace period on net_device removal (Pablo Neira Ayuso)
- netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx (Florian Westphal)
- btrfs: do not clean up repair bio if submit fails (Josef Bacik)
- btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() (Filipe Manana) [Orabug: 37074536] {CVE-2024-46751}
- sctp: add mutual exclusion in proc_sctp_do_udp_port() (Eric Dumazet) [Orabug: 37844338] {CVE-2025-22062}
- selftests/mm: compaction_test: support platform with huge mount of memory (Feng Tang)
- usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (Gong, Ruiqi)
- usb: typec: fix potential array underflow in ucsi_ccg_sync_control() (Dan Carpenter) [Orabug: 37433551] {CVE-2024-53203}
- usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group (Rd Babiera) [Orabug: 36642199] {CVE-2024-35790}
- usb: typec: ucsi: displayport: Fix deadlock (Andrei Kuchynski) [Orabug: 37977019] {CVE-2025-37967}
- clocksource/i8253: Use raw_spinlock_irqsave() in clockevent_i8253_disable() (Sebastian Andrzej Siewior)
- block: fix direct io NOWAIT flag not work (Fengnan Chang)
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (Shuai Xue)
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (Shuai Xue)
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (Yemike Abhilash Chandra)
- dmaengine: ti: k3-udma: Add missing locking (Ronald Wahl) [Orabug: 38094757] {CVE-2025-38005}
- wifi: mt76: disable napi on driver removal (Fedor Pchelkin) [Orabug: 38094771] {CVE-2025-38009}
- phy: renesas: rcar-gen3-usb2: Set timing registers only once (Claudiu Beznea)
- phy: Fix error handling in tegra_xusb_port_init (Ma Ke)
- tracing: samples: Initialize trace_array_printk() with the correct function (Steven Rostedt)
- ftrace: Fix preemption accounting for stacktrace filter command (Donglin Peng)
- ftrace: Fix preemption accounting for stacktrace trigger command (Donglin Peng)
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (Nicolas Chauvet)
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (Christian Heusel)
- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (Xu Wang)
- ACPI: PPTT: Fix processor subtable walk (Jeremy Linton)
- btrfs: fix discard worker infinite loop after disabling discard (Filipe Manana)
- dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" (Nathan Lynch)
- x86/its: FineIBT-paranoid vs ITS (Peter Zijlstra)
- x86/speculation: Remove the extra #ifdef around CALL_NOSPEC (Pawan Gupta)
- x86/speculation: Add a conditional CS prefix to CALL_NOSPEC (Pawan Gupta)
- x86/speculation: Simplify and make CALL_NOSPEC consistent (Pawan Gupta)
- x86,nospec: Simplify {JMP,CALL}_NOSPEC (Peter Zijlstra)
- NFSv4/pnfs: Reset the layout state after a layoutreturn (Trond Myklebust)
- qlcnic: fix memory leak in qlcnic_sriov_channel_cfg_cmd() (Abdun Nihaal)
- ALSA: sh: SND_AICA should depend on SH_DMA_API (Geert Uytterhoeven)
- net: dsa: sja1105: discard incoming frames in BR_STATE_LISTENING (Vladimir Oltean)
- net: cadence: macb: Fix a possible deadlock in macb_halt_tx. (Mathieu Othacehe)
- net_sched: Flush gso_skb list too during ->change() (Cong Wang) [Orabug: 37998129] {CVE-2025-37992}
- spi: loopback-test: Do not split 1024-byte hexdumps (Geert Uytterhoeven)
- nfs: handle failure of nfs_get_lock_context in unlock path (Li Lingfeng) [Orabug: 38094819] {CVE-2025-38023}
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (Zhu Yanjun) [Orabug: 38094828] {CVE-2025-38024}
- iio: chemical: sps30: use aligned_s64 for timestamp (David Lechner)
- iio: adc: ad7768-1: Fix insufficient alignment of timestamp. (Jonathan Cameron)
- tracing: probes: Fix a possible race in trace_probe_log APIs (Masami Hiramatsu)
- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (Hans de Goede)
- LTS version: v5.15.183 (Vijayendra Suman)
- Revert "net: phy: microchip: force IRQ polling mode for lan88xx" (Greg Kroah-Hartman)
- do_umount(): add missing barrier before refcount checks in sync case (Al Viro)
- drm/panel: simple: Update timings for AUO G101EVN010 (Kevin Baker)
- MIPS: Fix MAX_REG_OFFSET (Thorsten Blum)
- iio: adc: dln2: Use aligned_s64 for timestamp (Jonathan Cameron)
- types: Complement the aligned types with signed 64-bit one (Andy Shevchenko)
- usb: usbtmc: Fix erroneous generic_read ioctl return (Dave Penkler)
- usb: usbtmc: Fix erroneous wait_srq ioctl return (Dave Penkler)
- usb: usbtmc: Fix erroneous get_stb ioctl error returns (Dave Penkler)
- USB: usbtmc: use interruptible sleep in usbtmc_read (Oliver Neukum)
- usb: typec: ucsi: displayport: Fix NULL pointer access (Andrei Kuchynski) [Orabug: 38015127] {CVE-2025-37994}
- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (Rd Babiera)
- usb: host: tegra: Prevent host controller crash when OTG port is used (Jim Lin)
- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (Wayne Chang)
- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (Pawel Laszczak)
- usb: cdnsp: Fix issue with resuming from L1 (Pawel Laszczak)
- ocfs2: stop quota recovery before disabling quotas (Jan Kara)
- ocfs2: implement handshaking with ocfs2 recovery thread (Jan Kara)
- ocfs2: switch osb->disable_recovery to enum (Jan Kara)
- module: ensure that kobject_put() is safe for module type kobjects (Dmitry Antipov) [Orabug: 38015132] {CVE-2025-37995}
- xenbus: Use kref to track req lifetime (Jason Andryuk) [Orabug: 37976935] {CVE-2025-37949}
- usb: uhci-platform: Make the clock really optional (Alexey Charkov)
- drm/amd/display: Fix wrong handling for AUX_DEFER case (Wayne Lin)
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (Silvano Seva) [Orabug: 37977032] {CVE-2025-37969}
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (Silvano Seva) [Orabug: 37977038] {CVE-2025-37970}
- iio: adis16201: Correct inclinometer channel resolution (Gabriel)
- iio: adc: ad7606: fix serial register access (Angelo Dureghello)
- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (Gabriel)
- staging: axis-fifo: Remove hardware resets for user errors (Gabriel)
- staging: iio: adc: ad7816: Correct conditional logic for store mode (Gabriel)
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (Aditya Garg)
- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (Dmitry Torokhov)
- Input: synaptics - enable InterTouch on Dell Precision M3800 (Aditya Garg)
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (Aditya Garg)
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (Manuel Fombuena)
- net: dsa: b53: fix learning on VLAN unaware bridges (Jonas Gorski)
- net: dsa: b53: always rejoin default untagged VLAN on bridge leave (Jonas Gorski)
- net: dsa: b53: fix VLAN ID for untagged vlan on bridge leave (Jonas Gorski)
- net: dsa: b53: fix flushing old pvid VLAN on pvid change (Jonas Gorski)
- net: dsa: b53: fix clearing PVID of a port (Jonas Gorski)
- net: dsa: b53: allow leaky reserved multicast (Jonas Gorski)
- netfilter: ipset: fix region locking in hash types (Jozsef Kadlecsik) [Orabug: 38015142] {CVE-2025-37997}
- can: gw: fix RCU/BH usage in cgw_create_job() (Oliver Hartkopp)
- can: gw: use call_rcu() instead of costly synchronize_rcu() (Eric Dumazet)
- gre: Fix again IPv6 link-local address generation. (Guillaume Nault)
- openvswitch: Fix unsafe attribute parsing in output_userspace() (Eelco Chaudron) [Orabug: 38015149] {CVE-2025-37998}
- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (Marc Kleine-Budde)
- can: mcan: m_can_class_unregister(): fix order of unregistration calls (Marc Kleine-Budde)
- LTS version: v5.15.182 (Vijayendra Suman)
- dm: fix copying after src array boundaries (Tudor Ambarus)
- iommu/arm-smmu-v3: Fix iommu_device_probe bug due to duplicated stream ids (Nicolin Chen)
- iommu/arm-smmu-v3: Use the new rb tree helpers (Jason Gunthorpe)
- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (Suzuki K Poulose) [Orabug: 37930013] {CVE-2025-37819}
- irqchip/gic-v2m: Mark a few functions __init (Thomas Gleixner)
- irqchip/gic-v2m: Add const to of_device_id (Xiang Wangx)
- Revert "drm/meson: vclk: fix calculation of 59.94 fractional rates" (Christian Hewitt)
- net: phy: microchip: force IRQ polling mode for lan88xx (Fiona Klute)
- ARM: dts: opos6ul: add ksz8081 phy properties (Sébastien Szymanski)
- firmware: arm_scmi: Balance device refcount when destroying devices (Cristian Marussi) [Orabug: 37976753] {CVE-2025-37905}
- net: hns3: fix deadlock issue when externel_lb and reset are executed together (Yonglong Liu)
- of: module: add buffer overflow check in of_modalias() (Sergey Shtylyov) [Orabug: 36753381] {CVE-2024-38541}
- PCI: imx6: Skip controller_id generation logic for i.MX7D (Richard Zhu)
- net: hns3: defer calling ptp_clock_register() (Jian Shen)
- net: hns3: fixed debugfs tm_qset size (Hao Lan)
- net: hns3: fix an interrupt residual problem (Yonglong Liu)
- net: hns3: add support for external loopback test (Yonglong Liu)
- net: hns3: store rx VLAN tag offload state for VF (Jian Shen)
- net: fec: ERR007885 Workaround for conventional TX (Mattias Barthel)
- net: lan743x: Fix memleak issue when GSO enabled (Thangaraj Samynathan) [Orabug: 37976766] {CVE-2025-37909}
- nvme-tcp: fix premature queue removal and I/O failover (Michael Liang)
- bnxt_en: Fix ethtool -d byte order for 32-bit values (Michael Chan)
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (Shruti Parab) [Orabug: 37976774] {CVE-2025-37911}
- bnxt_en: Fix coredump logic to free allocated buffer (Shruti Parab)
- net: ipv6: fix UDPv6 GSO segmentation with NAT (Felix Fietkau)
- net: dlink: Correct endianness handling of led_mode (Simon Horman)
- net_sched: qfq: Fix double list add in class with netem as child qdisc (Victor Nogueira) [Orabug: 37976784] {CVE-2025-37913}
- net_sched: ets: Fix double list add in class with netem as child qdisc (Victor Nogueira) [Orabug: 37976789] {CVE-2025-37914}
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (Victor Nogueira) [Orabug: 37967411] {CVE-2025-37890}
- net_sched: drr: Fix double list add in class with netem as child qdisc (Victor Nogueira) [Orabug: 37976793] {CVE-2025-37915}
- net: ethernet: mtk-star-emac: rearm interrupts in rx_poll only when advised (Louis-Alexis Eyraud)
- net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (Louis-Alexis Eyraud)
- net: ethernet: mtk-star-emac: separate tx/rx handling with two NAPIs (Biao Huang)
- net/mlx5: E-switch, Fix error handling for enabling roce (Chris Mi)
- net/mlx5: E-Switch, Initialize MAC Address for Default GID (Maor Gottlieb)
- net/sched: act_mirred: don't override retval if we already lost the skb (Jakub Kicinski) [Orabug: 36530679] {CVE-2024-26739}
- KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (Sean Christopherson) [Orabug: 37685666] {CVE-2025-21839}
- tracing: Fix oob write in trace_seq_to_buffer() (Jeongjun Park) [Orabug: 37976822] {CVE-2025-37923}
- iommu/vt-d: Apply quirk_iommu_igfx for 8086:0044 (QM57/QS57) (Mingcong Bai)
- iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (Pavel Paklov) [Orabug: 37976837] {CVE-2025-37927}
- dm: always update the array size in realloc_argv on success (Benjamin Marzinski)
- dm-integrity: fix a warning on invalid table line (Mikulas Patocka)
- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (Xu Wang) [Orabug: 37977120] {CVE-2025-37990}
- mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (Ruslan Piasetskyi)
- amd-xgbe: Fix to ensure dependent features are toggled with RX checksum offload (Vishal Badole)
- parisc: Fix double SIGFPE crash (Helge Deller) [Orabug: 37977128] {CVE-2025-37991}
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (Will Deacon) [Orabug: 38071958] {CVE-2025-37929}
- i2c: imx-lpi2c: Fix clock count when probe defers (Clark Wang)
- EDAC/altera: Set DDR and SDMMC interrupt mask before registration (Niravkumar L Rabara)
- EDAC/altera: Test the correct error reg offset (Niravkumar L Rabara)
- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (Philipp Stanner) [Orabug: 37976851] {CVE-2025-37930}
- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (Joachim Priesner)
- LTS version: v5.15.181 (Vijayendra Suman)
- PCI: Release resource invalidated by coalescing (Ross Lagerwall)
- PCI: Fix dropping valid root bus resources with .end = zero (Geert Uytterhoeven)
- PCI: Fix use-after-free in pci_bus_release_domain_nr() (Rob Herring)
- nvme: fixup scan failure for non-ANA multipath controllers (Hannes Reinecke)
- MIPS: cm: Fix warning if MIPS_CM is disabled (Thomas Bogendoerfer)
- xdp: Reset bpf_redirect_info before running a xdp's BPF prog. (Sebastian Andrzej Siewior)
- drm/amd/display: fix double free issue during amdgpu module unload (Tim Huang) [Orabug: 37206238] {CVE-2024-49989}
- net: dsa: mv88e6xxx: enable .port_set_policy() for 6320 family (Marek Behún)
- net: dsa: mv88e6xxx: enable PVT for 6321 switch (Marek Behún)
- net: dsa: mv88e6xxx: fix atu_move_port_mask for 6341 family (Marek Behún)
- crypto: atmel-sha204a - Set hwrng quality to lowest possible (Marek Behún)
- comedi: jr3_pci: Fix synchronous deletion of timer (Ian Abbott)
- jfs: define xtree root and page independently (Dave Kleikamp)
- md/raid1: Add check for missing source disk in process_checks() (Meir Elisha)
- ubsan: Fix panic from test_ubsan_out_of_bounds (Mostafa Saleh)
- loop: aio inherit the ioprio of original request (Yunlong Xing)
- scsi: pm80xx: Set phy_attached to zero when device is gone (Igor Pylypiv)
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (Xingui Yang)
- ext4: make block validity check resistent to sb bh corruption (Ojaswin Mujoo)
- nvmet-fc: put ref when assoc->del_work is already scheduled (Daniel Wagner)
- nvmet-fc: take tgtport reference only once (Daniel Wagner)
- x86/bugs: Don't fill RSB on context switch with eIBRS (Josh Poimboeuf)
- x86/bugs: Don't fill RSB on VMEXIT with eIBRS+retpoline (Josh Poimboeuf)
- x86/bugs: Use SBPB in write_ibpb() if applicable (Josh Poimboeuf)
- selftests/mincore: Allow read-ahead pages to reach the end of the file (Qiuxu Zhuo)
- objtool: Stop UNRET validation on UD2 (Josh Poimboeuf)
- nvme: re-read ANA log page after ns scan completes (Hannes Reinecke)
- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (Jean-Marc Eurin)
- nvme: requeue namespace scan on missed AENs (Hannes Reinecke)
- xen: Change xen-acpi-processor dom0 dependency (Jason Andryuk)
- selftests: ublk: fix test_stripe_04 (Ming Lei)
- udmabuf: fix a buf size overflow issue during udmabuf creation (Xiaogang Chen) [Orabug: 37929938] {CVE-2025-37803}
- KVM: s390: Don't use %pK through tracepoints (Thomas Weißschuh)
- sched/isolation: Make CONFIG_CPU_ISOLATION depend on CONFIG_SMP (Oleg Nesterov)
- ntb: reduce stack usage in idt_scan_mws (Arnd Bergmann)
- qibfs: fix _another_ leak (Al Viro) [Orabug: 37977083] {CVE-2025-37983}
- objtool, ASoC: codecs: wcd934x: Remove potential undefined behavior in wcd934x_slim_irq_handler() (Josh Poimboeuf)
- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (Chenyuan Yang) [Orabug: 37937503] {CVE-2025-37881}
- usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running (Michał Pecio)
- dmaengine: dmatest: Fix dmatest waiting less when interrupted (Vinicius Costa Gomes)
- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (John Stultz) [Orabug: 37929953] {CVE-2025-37805}
- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (Andy Shevchenko)
- fs/ntfs3: Fix WARNING in ntfs_extend_initialized_size (Edward Adam Davis)
- usb: host: max3421-hcd: Add missing spi_device_id table (Alexander Stein)
- s390/tty: Fix a potential memory leak bug (Haoxiang Li)
- s390/sclp: Add check for get_zeroed_page() (Haoxiang Li) [Orabug: 37937517] {CVE-2025-37883}
- parisc: PDT: Fix missing prototype warning (Yu-Chun Lin)
- clk: check for disabled clock-provider in of_clk_get_hw_from_clkspec() (Heiko Stuebner)
- crypto: null - Use spin lock instead of mutex (Herbert Xu) [Orabug: 37929973] {CVE-2025-37808}
- MIPS: cm: Detect CM quirks from device tree (Gregory Clement)
- USB: wdm: add annotation (Oliver Neukum)
- USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (Oliver Neukum)
- USB: wdm: close race between wdm_open and wdm_wwan_port_stop (Oliver Neukum) [Orabug: 37977098] {CVE-2025-37985}
- USB: wdm: handle IO errors in wdm_wwan_port_start (Oliver Neukum)
- USB: VLI disk crashes if LPM is used (Oliver Neukum)
- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (Miao Li)
- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (Miao Li)
- usb: dwc3: gadget: check that event count does not exceed event buffer length (Frode Isaksen) [Orabug: 37929981] {CVE-2025-37810}
- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (Huacai Chen)
- usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (Fedor Pchelkin)
- usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (Fedor Pchelkin)
- usb: cdns3: Fix deadlock when using NCM gadget (Ralph Siemsen) [Orabug: 37929988] {CVE-2025-37812}
- USB: serial: simple: add OWON HDS200 series oscilloscope support (Craig Hesling)
- USB: serial: option: add Sierra Wireless EM9291 (Adam Xue)
- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (Michael Ehrenreich)
- serial: sifive: lock port in startup()/shutdown() callbacks (Ryo Takakura)
- KVM: x86: Reset IRTE to host control if *new* route isn't postable (Sean Christopherson) [Orabug: 37937535] {CVE-2025-37885}
- mei: me: add panther lake H DID (Alexander Usyskin)
- USB: storage: quirk for ADATA Portable HDD CH94 (Oliver Neukum)
- mcb: fix a double free bug in chameleon_parse_gdd() (Haoxiang Li) [Orabug: 37930000] {CVE-2025-37817}
- KVM: SVM: Allocate IR data using atomic allocation (Sean Christopherson)
- drm/amd/display: Fix gpu reset in multidisplay config (Roman Li)
- net: selftests: initialize TCP header and skb payload with zero (Oleksij Rempel)
- virtio_console: fix missing byte order handling for cols and rows (Halil Pasic)
- iommu/amd: Return an error if vCPU affinity is set for non-vCPU IRTE (Sean Christopherson)
- net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (Cong Wang) [Orabug: 37930028] {CVE-2025-37823}
- net_sched: hfsc: Fix a UAF vulnerability in class handling (Cong Wang) [Orabug: 37908484] {CVE-2025-37797}
- tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (Tung Nguyen) [Orabug: 37930039] {CVE-2025-37824}
- net: phy: leds: fix memory leak (Qingfang Deng) [Orabug: 37977112] {CVE-2025-37989}
- cpufreq: cppc: Fix invalid return value in .get() callback (Marc Zyngier)
- cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (Henry Martin) [Orabug: 37930051] {CVE-2025-37829}
- cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (Henry Martin) [Orabug: 37930056] {CVE-2025-37830}
- dma/contiguous: avoid warning about unused size_bytes (Arnd Bergmann)
- drm/msm/a6xx: Fix stale rpmh votes from GPU (Akhil P Oommen)
- drm/msm/a6xx: Avoid gx gbit halt during rpm suspend (Akhil P Oommen)
- drm/msm/a6xx: Handle GMU prepare-slumber hfi failure (Akhil P Oommen)
- drm/msm/a6xx: Improve gpu recovery sequence (Akhil P Oommen)
- string: Add load_unaligned_zeropad() code path to sized_strscpy() (Peter Collingbourne)
- kmsan: disable strscpy() optimization under KMSAN (Alexander Potapenko)
- selftests/mm: generate a temporary mountpoint for cgroup filesystem (Mark Brown)
- ksmbd: Prevent integer overflow in calculation of deadtime (Denis Arefev)
- PCI: Fix reference leak in pci_register_host_bridge() (Ma Ke) [Orabug: 37937272] {CVE-2025-37836}
- PCI: Assign PCI domain IDs by ida_alloc() (Pali Rohár)
- PCI: Coalesce host bridge contiguous apertures (Kai-Heng Feng)
- gpio: tegra186: fix resource handling in ACPI probe path (Guixin Liu)
- cifs: fix integer overflow in match_server() (Roman Smirnov)
- cifs: avoid NULL pointer dereference in dbg call (Alexandra Diupina) [Orabug: 37937310] {CVE-2025-37844}
- cifs: print TIDs as hex (Enzo Matsumiya)
- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (Herve Codina) [Orabug: 37901610] {CVE-2025-23144}
- backlight: led_bl: Convert to platform remove callback returning void (Uwe Kleine-König)
- iio: adc: ad7768-1: Fix conversion result sign (Sergiu Cuciurean)
- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (Jonathan Cameron)
- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (Chenyuan Yang) [Orabug: 37901625] {CVE-2025-23148}
- soc: samsung: exynos-chipid: Pass revision reg offsets (Sam Protsenko)
- soc: samsung: exynos-chipid: avoid soc_device_to_device() (Krzysztof Kozlowski)
- net: dsa: mv88e6xxx: fix VTU methods for 6320 family (Marek Behún)
- auxdisplay: hd44780: Fix an API misuse in hd44780.c (Haoxiang Li)
- auxdisplay: hd44780: Convert to platform remove callback returning void (Uwe Kleine-König)
- media: streamzap: fix race between device disconnection and urb callback (Murad Masimov) [Orabug: 37844171] {CVE-2025-22027}
- media: streamzap: remove unused struct members (Sean Young)
- media: streamzap: less chatter (Sean Young)
- media: streamzap: no need for usb pid/vid in device name (Sean Young)
- media: streamzap: remove unnecessary ir_raw_event_reset and handle (Sean Young)
- module: sign with sha512 instead of sha1 by default (Thorsten Leemhuis)
- Bluetooth: SCO: Fix UAF on sco_sock_timeout (Luiz Augusto von Dentz) [Orabug: 37252400] {CVE-2024-50125}
- f2fs: Add inline to f2fs_build_fault_attr() stub (Nathan Chancellor)
- pmdomain: ti: Add a null pointer check to the omap_prm_domain_init (Kunwu Chan) [Orabug: 36643315] {CVE-2024-35943}
- f2fs: check validation of fault attrs in f2fs_build_fault_attr() (Chao Yu) [Orabug: 36897956] {CVE-2024-42160}
- mm: fix apply_to_existing_page_range() (Kirill A. Shutemov)
- fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats (Oleg Nesterov) [Orabug: 36530401] {CVE-2024-26686}
- drm/i915/gt: Cleanup partial engine discovery failures (Chris Wilson)
- dm cache: fix flushing uninitialized delayed_work on cache_ctr error (Ming-Hung Tsai) [Orabug: 37298744] {CVE-2024-50280}
- jfs: Fix shift-out-of-bounds in dbDiscardAG (Pei Li) [Orabug: 36993154] {CVE-2024-44938}
- MIPS: ds1287: Match ds1287_set_base_clock() function types (Yuli Wang)
- MIPS: cevt-ds1287: Add missing ds1287.h include (Yuli Wang)
- MIPS: dec: Declare which_prom() as static (Yuli Wang)
- net: defer final 'struct net' free in netns dismantle (Eric Dumazet) [Orabug: 37434229] {CVE-2024-56658}
- scsi: ufs: bsg: Set bsg_queue to NULL after removal (Guixin Liu) [Orabug: 37649536] {CVE-2024-54458}
- openvswitch: fix lockup on tx to unregistering netdev with carrier (Ilya Maximets) [Orabug: 38071902] {CVE-2025-21681}
- net: openvswitch: fix race on port output (Felix Huettner)
- ipvs: properly dereference pe in ip_vs_add_service (Chen Hanxiao) [Orabug: 36964418] {CVE-2024-42322}
- ext4: fix timer use-after-free on failed mount (Xiaxi Shen) [Orabug: 37206114] {CVE-2024-49960}
- blk-iocost: do not WARN if iocg was already offlined (Li Nan) [Orabug: 36683303] {CVE-2024-36908}
- blk-cgroup: support to track if policy is online (Yu Kuai)
- bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers (Hou Tao) [Orabug: 37283326] {CVE-2023-52621}
- bpf: avoid holding freeze_mutex during mmap operation (Andrii Nakryiko) [Orabug: 37702062] {CVE-2025-21853}
- sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers (Qun-Wei Lin) [Orabug: 37388807] {CVE-2024-53128}
- smb: client: fix potential UAF in cifs_stats_proc_show() (Paulo Alcantara) [Orabug: 36642549] {CVE-2024-35867}
- smb: client: fix potential deadlock when releasing mids (Paulo Alcantara) [Orabug: 37283429] {CVE-2023-52757}
- smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open() (Chenxiaosong) [Orabug: 37074481] {CVE-2024-46742}
- smb: client: fix NULL ptr deref in crypto_aead_setkey() (Paulo Alcantara) [Orabug: 38071970] {CVE-2024-53185}
- smb: client: fix UAF in async decryption (Enzo Matsumiya) [Orabug: 37206489] {CVE-2024-50047}
- cifs: Fix UAF in cifs_demultiplex_thread() (Zhang Xiaoxu) [Orabug: 36983926] {CVE-2023-52572}
- smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (Paulo Alcantara)
- ksmbd: fix potencial out-of-bounds when buffer offset is invalid (Namjae Jeon) [Orabug: 36596770] {CVE-2024-26952}
- smb: client: fix potential UAF in cifs_dump_full_key() (Paulo Alcantara) [Orabug: 36642544] {CVE-2024-35866}
- nvmet-fc: Remove unused functions (Yuli Wang)
- landlock: Add the errata interface (Mickaël Salaün)
- drm/amdgpu: fix usage slab after free (Vitaly Prosyak) [Orabug: 37433728] {CVE-2024-56551}
- drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing (Srinivasan Shanmugam)
- drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' (Srinivasan Shanmugam)
- drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (Hersen Wu) [Orabug: 37116370] {CVE-2024-46816}
- wifi: ath10k: avoid NULL pointer error during sdio remove (Kang Yang) [Orabug: 37433947] {CVE-2024-56599}
- phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function (Miaoqian Lin)
- powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (Nathan Lynch) [Orabug: 37074647] {CVE-2024-46774}
- x86/pvh: Call C code via the kernel virtual mapping (Ard Biesheuvel)
- net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup (Souradeep Chakrabarti) [Orabug: 37074695] {CVE-2024-46784}
- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Michal Schmidt) [Orabug: 36753377] {CVE-2024-38540}
- phonet/pep: fix racy skb_queue_empty() use (Remi Denis-Courmont) [Orabug: 36642006] {CVE-2024-27402}
- filemap: Fix bounds checking in filemap_read() (Trond Myklebust) [Orabug: 37298710] {CVE-2024-50272}
- net: fix crash when config small gso_max_size/gso_ipv4_max_size (Wang Liang) [Orabug: 37268692] {CVE-2024-50258}
- ipv6: release nexthop on device removal (Paolo Abeni) [Orabug: 37434497] {CVE-2024-56751}
- misc: pci_endpoint_test: Fix 'irq_type' to convey the correct type (Kunihiko Hayashi)
- misc: pci_endpoint_test: Fix displaying 'irq_type' after 'request_irq' error (Kunihiko Hayashi)
- misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (Kunihiko Hayashi) [Orabug: 37901585] {CVE-2025-23140}
- mptcp: sockopt: fix getting IPV6_V6ONLY (Matthieu Baerts)
- kbuild: Add '-fno-builtin-wcslen' (Nathan Chancellor)
- cpufreq: Reference count policy in cpufreq_update_limits() (Rafael J. Wysocki)
- KVM: arm64: Eagerly switch ZCR_EL{1,2} (Mark Rutland)
- KVM: arm64: Calculate cptr_el2 traps on activating traps (Fuad Tabba)
- KVM: arm64: Remove VHE host restore of CPACR_EL1.ZEN (Mark Rutland)
- KVM: arm64: Remove host FPSIMD saving for non-protected KVM (Mark Rutland)
- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (Mark Rutland)
- arm64/fpsimd: Stop using TIF_SVE to manage register saving in KVM (Mark Brown)
- arm64/fpsimd: Have KVM explicitly say which FP registers to save (Mark Brown)
- arm64/fpsimd: Track the saved FPSIMD state type separately to TIF_SVE (Mark Brown)
- KVM: arm64: Discard any SVE state when entering KVM guests (Mark Brown)
- KVM: arm64: Always start with clearing SVE flag on load (Marc Zyngier)
- KVM: arm64: Get rid of host SVE tracking/saving (Mark Brown)
- drm/sti: remove duplicate object names (Rolf Eike Beer)
- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (Chris Bainbridge) [Orabug: 37901817] {CVE-2025-37765}
- drm/amdgpu/dma_buf: fix page_link check (Matthew Auld)
- drm/amd/pm/powerplay/hwmgr/vega20_thermal: Prevent division by zero (Denis Arefev) [Orabug: 37901823,37901827,37901830,37901840,37901847] {CVE-2025-37766,CVE-2025-37767,CVE-2025-37768,CVE-2025-37770,CVE-2025-37771}
- drm/amd/pm/swsmu/smu13/smu_v13_0: Prevent division by zero (Denis Arefev) [Orabug: 37901823,37901827,37901830,37901840,37901847] {CVE-2025-37766,CVE-2025-37767,CVE-2025-37768,CVE-2025-37770,CVE-2025-37771}
- drm/amd/pm/powerplay/hwmgr/smu7_thermal: Prevent division by zero (Denis Arefev) [Orabug: 37901823,37901827,37901830,37901840,37901847] {CVE-2025-37766,CVE-2025-37767,CVE-2025-37768,CVE-2025-37770,CVE-2025-37771}
- drm/amd/pm/powerplay: Prevent division by zero (Denis Arefev) [Orabug: 37901823,37901827,37901830,37901840,37901847] {CVE-2025-37766,CVE-2025-37767,CVE-2025-37768,CVE-2025-37770,CVE-2025-37771}
- drm/amd/pm: Prevent division by zero (Denis Arefev) [Orabug: 37901823,37901827,37901830,37901840,37901847] {CVE-2025-37766,CVE-2025-37767,CVE-2025-37768,CVE-2025-37770,CVE-2025-37771}
- drm/repaper: fix integer overflows in repeat functions (Nikita Zhandarovich)
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on SPR (Kan Liang)
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on ICX (Kan Liang)
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on SNR (Kan Liang)
- perf/x86/intel: Allow to update user space GPRs from PEBS records (Dapeng Mi)
- virtiofs: add filesystem context source name check (Xiangsheng Hou) [Orabug: 37901854] {CVE-2025-37773}
- tracing: Fix filter string testing (Steven Rostedt)
- riscv: Avoid fortify warning in syscall_get_arguments() (Nathan Chancellor)
- mm/gup: fix wrongly calculated returned value in fault_in_safe_writeable() (Baoquan He)
- loop: LOOP_SET_FD: send uevents for partitions (Thomas Weißschuh)
- loop: properly send KOBJ_CHANGED uevent for disk device (Thomas Weißschuh)
- isofs: Prevent the use of too small fid (Edward Adam Davis) [Orabug: 37901889] {CVE-2025-37780}
- i2c: cros-ec-tunnel: defer probe if parent EC is not present (Thadeu Lima de Souza Cascardo) [Orabug: 37901896] {CVE-2025-37781}
- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (Vasiliy Kovalev)
- crypto: caam/qi - Fix drv_ctx refcount bug (Herbert Xu)
- btrfs: correctly escape subvol in btrfs_show_options() (Johannes Kimmel)
- nfs: add missing selections of CONFIG_CRC32 (Eric Biggers)
- nfs: move nfs_fhandle_hash to common include file (Jeff Layton)
- asus-laptop: Fix an uninitialized variable (Denis Arefev)
- ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (Srinivas Kandagatla)
- ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (Srinivas Kandagatla)
- writeback: fix false warning in inode_to_wb() (Andreas Gruenbacher)
- riscv: KGDB: Remove ".option norvc/.option rvc" for kgdb_compiled_break (Yuli Wang)
- riscv: KGDB: Do not inline arch_kgdb_breakpoint() (Yuli Wang)
- riscv: Properly export reserved regions in /proc/iomem (Björn Töpel)
- net: dsa: avoid refcount warnings when ds->ops->tag_8021q_vlan_del() fails (Vladimir Oltean)
- net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (Vladimir Oltean) [Orabug: 37901916] {CVE-2025-37787}
- net: b53: enable BPDU reception for management port (Jonas Gorski)
- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (Abdun Nihaal) [Orabug: 37901919] {CVE-2025-37788}
- net: openvswitch: fix nested key length validation in the set() action (Ilya Maximets) [Orabug: 37901922] {CVE-2025-37789}
- net: mctp: Set SOCK_RCU_FREE (Matt Johnston) [Orabug: 37901929] {CVE-2025-37790}
- igc: cleanup PTP module if probe fails (Christopher S Hall)
- igc: handle the IGC_PTP_ENABLED flag correctly (Christopher S Hall)
- igc: move ktime snapshot into PTM retry loop (Christopher S Hall)
- igc: fix PTM cycle trigger logic (Christopher S Hall) [Orabug: 37937458] {CVE-2025-37875}
- Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (Johannes Berg)
- Bluetooth: l2cap: Check encryption key size on incoming connection (Frédéric Danis)
- Bluetooth: btrtl: Prevent potential NULL dereference (Dan Carpenter) [Orabug: 37901933] {CVE-2025-37792}
- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (Luiz Augusto von Dentz)
- RDMA/core: Silence oversized kvmalloc() warning (Shay Drory) [Orabug: 37937427] {CVE-2025-37867}
- RDMA/hns: Fix wrong maximum DMA segment size (Chengchang Tang)
- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (Yue Haibing)
- md/raid10: fix missing discard IO accounting (Yu Kuai)
- scsi: iscsi: Fix missing scsi_host_put() in error path (Miaoqian Lin)
- wifi: wl1251: fix memory leak in wl1251_tx_work (Abdun Nihaal) [Orabug: 37977075] {CVE-2025-37982}
- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (Remi Pommarel) [Orabug: 37901939] {CVE-2025-37794}
- wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (Remi Pommarel)
- wifi: at76c50x: fix use after free access in at76_disconnect (Abdun Nihaal) [Orabug: 37901952] {CVE-2025-37796}
- scsi: hisi_sas: Enable force phy when SATA disk directly connected (Xingui Yang)
- scsi: libsas: Add struct sas_tmf_task (John Garry)
- scsi: libsas: Delete lldd_clear_aca callback (John Garry)
- scsi: hisi_sas: Fix setting of hisi_sas_slot.is_internal (John Garry)
- scsi: hisi_sas: Factor out task prep and delivery code (John Garry)
- scsi: hisi_sas: Pass abort structure for internal abort (John Garry)
- scsi: hisi_sas: Start delivery hisi_sas_task_exec() directly (John Garry)
- Bluetooth: hci_uart: Fix another race during initialization (Arseniy Krasnov)
- x86/e820: Fix handling of subpage regions when calculating nosave ranges in e820__register_nosave_regions() (Myrrh Periwinkle)
- ACPI: platform-profile: Fix CFI violation when accessing sysfs files (Nathan Chancellor)
- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() lists (Douglas Anderson)
- HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition (Kaixin Wang) [Orabug: 37855340] {CVE-2025-37838}
- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (Stephan Gerhold)
- PCI: Fix reference leak in pci_alloc_child_bus() (Ma Ke)
- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (Stanimir Varbanov)
- of/irq: Fix device node refcount leakages in of_irq_init() (Zijun Hu)
- of/irq: Fix device node refcount leakage in API irq_of_parse_and_map() (Zijun Hu)
- of/irq: Fix device node refcount leakages in of_irq_count() (Zijun Hu)
- ntb: use 64-bit arithmetic for the MSI doorbell mask (Fedor Pchelkin)
- gpio: zynq: Fix wakeup source leaks on device unbind (Krzysztof Kozlowski)
- ftrace: Add cond_resched() to ftrace_graph_set_hash() (Zhoumin) [Orabug: 37976892] {CVE-2025-37940}
- dm-integrity: set ti->error on memory allocation failure (Mikulas Patocka)
- crypto: ccp - Fix check for the primary ASP device (Tom Lendacky)
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (Trevor Woerner)
- sctp: detect and prevent references to a freed transport in sendmsg (Ricardo Cañuelo Navarro) [Orabug: 37901596] {CVE-2025-23142}
- mm/hwpoison: do not send SIGBUS to processes with recovered clean pages (Shuai Xue)
- mm: add missing release barrier on PGDAT_RECLAIM_LOCKED unlock (Mathieu Desnoyers)
- sparc/mm: disable preemption in lazy mmu mode (Ryan Roberts)
- arm64: dts: mediatek: mt8173: Fix disp-pwm compatible string (Chen-Yu Tsai)
- mtd: rawnand: Add status chack in r852_ready() (Xu Wang)
- mtd: inftlcore: Add error check for inftl_read_oob() (Xu Wang) [Orabug: 37976719] {CVE-2025-37892}
- mptcp: only inc MPJoinAckHMacFailure for HMAC failures (Matthieu Baerts)
- mptcp: fix NULL pointer in can_accept_new_subflow (Gang Yan) [Orabug: 37901614] {CVE-2025-23145}
- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (T Pratham)
- locking/lockdep: Decrease nr_unused_locks if lock unused in zap_class() (Boqun Feng)
- mfd: ene-kb3930: Fix a potential NULL pointer dereference (Chenyuan Yang) [Orabug: 37901617] {CVE-2025-23146}
- jbd2: remove wrong sb->s_sequence check (Jan Kara) [Orabug: 37937282] {CVE-2025-37839}
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (Manjunatha Venkatesh) [Orabug: 37901621] {CVE-2025-23147}
- i3c: master: svc: Use readsb helper for reading MDB (Stanley Chu)
- vdpa/mlx5: Fix oversized null mkey longer than 32bit (Si-Wei Liu)
- ext4: fix off-by-one error in do_split (Artem Sadovnikov) [Orabug: 37901630] {CVE-2025-23150}
- bus: mhi: host: Fix race between unprepare and queue_buf (Jeffrey Hugo) [Orabug: 37901637] {CVE-2025-23151}
- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (Alexey Klimov)
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (Gavrilov Ilia)
- wifi: mt76: Add check for devm_kstrdup() (Haoxiang Li)
- clocksource/drivers/stm32-lptimer: Use wakeup capable instead of init wakeup (Alexandre Torgue)
- mtd: Replace kcalloc() with devm_kcalloc() (Jiasheng Jiang)
- net: dsa: mv88e6xxx: workaround RGMII transmit delay erratum for 6320 family (Marek Behún)
- mtd: Add check for devm_kcalloc() (Jiasheng Jiang)
- media: venus: hfi_parser: refactor hfi packet parsing logic (Vikash Garodia) [Orabug: 37901647] {CVE-2025-23156}
- media: venus: hfi_parser: add check to avoid out of bound access (Vikash Garodia) [Orabug: 37901652] {CVE-2025-23157}
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (Sakari Ailus)
- media: i2c: ov7251: Set enable GPIO low in probe (Sakari Ailus)
- media: i2c: ccs: Set the device's runtime PM status correctly in probe (Sakari Ailus)
- media: i2c: ccs: Set the device's runtime PM status correctly in remove (Sakari Ailus)
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (Karina Yankevich)
- media: streamzap: prevent processing IR data on URB failure (Murad Masimov)
- mtd: rawnand: brcmnand: fix PM resume warning (Kamal Dasu) [Orabug: 37937291] {CVE-2025-37840}
- spi: cadence-qspi: Fix probe on AM62A LP SK (Miquel Raynal)
- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe list (Douglas Anderson)
- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre BHB (Douglas Anderson)
- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (Douglas Anderson)
- arm64: cputype: Add MIDR_CORTEX_A76AE (Douglas Anderson)
- xenfs/xensyms: respect hypervisor's "next" indication (Jan Beulich)
- media: siano: Fix error handling in smsdvb_module_init() (Yuan Can)
- media: vim2m: print device name after registering device (Matthew Majewski)
- media: venus: hfi: add check to handle incorrect queue size (Vikash Garodia) [Orabug: 37901656] {CVE-2025-23158}
- media: venus: hfi: add a check to handle OOB in sfr region (Vikash Garodia) [Orabug: 37901661] {CVE-2025-23159}
- media: i2c: adv748x: Fix test pattern selection mask (Niklas Söderlund)
- ext4: don't treat fhandle lookup of ea_inode as FS corruption (Jann Horn)
- bpf: support SKF_NET_OFF and SKF_LL_OFF on skb frags (Willem de Bruijn)
- bpf: Add endian modifiers to fix endian warnings (Ben Dooks)
- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (Uwe Kleine-König)
- pwm: rcar: Improve register calculation (Uwe Kleine-König)
- pwm: rcar: Simplify multiplication/shift logic (Geert Uytterhoeven)
- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (Josh Poimboeuf) [Orabug: 37937328] {CVE-2025-37850}
- ktest: Fix Test Failures Due to Missing LOG_FILE Directories (Ayush Jain)
- fbdev: omapfb: Add 'plane' value check (Leonid Arapov)
- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (Ryo Takakura) [Orabug: 37901667] {CVE-2025-23161}
- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (AngeloGioacchino Del Regno)
- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (Philip Yang)
- drm/amdkfd: clamp queue size to minimum (David Yat Sin)
- drivers: base: devres: Allow to release group on device release (Lucas De Marchi)
- drm/bridge: panel: forbid initializing a panel with unknown connector type (Luca Ceresoli)
- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (Andrew Wyatt)
- drm: panel-orientation-quirks: Add support for AYANEO 2S (Andrew Wyatt)
- drm/amd/display: Update Cursor request mode to the beginning prefetch always (Zhikai Zhai)
- drm: allow encoder mode_set even when connectors change for crtc (Abhinav Kumar)
- Bluetooth: hci_uart: fix race during initialization (Arseniy Krasnov)
- tracing: fix return value in __ftrace_event_enable_disable for TRACE_REG_UNREGISTER (Gabriele Paoloni)
- net: vlan: don't propagate flags on open (Stanislav Fomichev) [Orabug: 37901683] {CVE-2025-23163}
- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (Icenowy Zheng)
- scsi: st: Fix array overflow in st_setup() (Kai Mäkisara) [Orabug: 37937378] {CVE-2025-37857}
- ext4: ignore xattrs past end (Bhupesh) [Orabug: 37901690] {CVE-2025-37738}
- ext4: protect ext4_release_dquot against freezing (Ojaswin Mujoo)
- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (Daniel Kral)
- f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks() (Chao Yu) [Orabug: 37901700] {CVE-2025-37739}
- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (Niklas Cassel)
- jfs: add sanity check for agwidth in dbMount (Edward Adam Davis) [Orabug: 37901706] {CVE-2025-37740}
- jfs: Prevent copying of nlink with value 0 from disk inode (Edward Adam Davis) [Orabug: 37901715] {CVE-2025-37741}
- fs/jfs: Prevent integer overflow in AG size calculation (Rand Deeb) [Orabug: 37937386] {CVE-2025-37858}
- fs/jfs: cast inactags to s64 to prevent potential overflow (Rand Deeb)
- jfs: Fix uninit-value access of imap allocated in the diMount() function (Zhongqiu Han) [Orabug: 37901723] {CVE-2025-37742}
- page_pool: avoid infinite loop to schedule delayed worker (Jason Xing) [Orabug: 37937394] {CVE-2025-37859}
- ALSA: usb-audio: Fix CME quirk for UF series keyboards (Ricard Wanderlof)
- ASoC: fsl_audmix: register card device depends on 'dais' property (Shengjiu Wang)
- ALSA: hda: intel: Fix Optimus when GPU has no sound (Maxim Mikityanskiy)
- HID: pidff: Fix null pointer dereference in pidff_find_fields (Tomasz Pakuła) [Orabug: 37937409] {CVE-2025-37862}
- HID: pidff: Do not send effect envelope if it's empty (Tomasz Pakuła)
- HID: pidff: Convert infinite length from Linux API to PID standard (Tomasz Pakuła)
- xen/mcelog: Add __nonstring annotations for unterminated strings (Kees Cook)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (Douglas Anderson)
- perf: arm_pmu: Don't disable counter in armpmu_add() (Mark Rutland)
- x86/cpu: Don't clear X86_FEATURE_LAHF_LM flag in init_amd_k8() on AMD when running in a virtual machine (Max Grobecker)
- pm: cpupower: bench: Prevent NULL dereference on malloc failure (Zhongqiu Han) [Orabug: 37937296] {CVE-2025-37841}
- umount: Allow superblock owners to force umount (Trond Myklebust)
- nft_set_pipapo: fix incorrect avx2 match of 5th field octet (Florian Westphal)
- net: ppp: Add bound checking for skb data on ppp_sync_txmung (Arnaud Lecomte) [Orabug: 37901765] {CVE-2025-37749}
- nvmet-fcloop: swap list_add_tail arguments (Daniel Wagner)
- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (Xu Wang)
- ata: sata_sx4: Drop pointless VPRINTK() calls and convert the remaining ones (Hannes Reinecke)
- net: ethtool: Don't call .cleanup_data when prepare_data fails (Maxime Chevallier)
- net: tls: explicitly disallow disconnect (Jakub Kicinski) [Orabug: 37901782] {CVE-2025-37756}
- tipc: fix memory leak in tipc_link_xmit (Tung Nguyen) [Orabug: 37901789] {CVE-2025-37757}
- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (Henry Martin) [Orabug: 37901795] {CVE-2025-37758}

OLAMSA-2025-0012 Moderate: Oracle Linux 8 OLAM 2.2 security fix

Oracle Linux Security Advisory OLAMSA-2025-0012

http://linux.oracle.com/errata/OLAMSA-2025-0012.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.11-galaxy-ng-4.9.1-0.0.8.el8.noarch.rpm
ol-automation-manager-2.2.0-40.el8.x86_64.rpm
ol-automation-manager-cli-2.2.0-40.el8.noarch.rpm
python311-olamkit-2.2.0-40.el8.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/python-galaxy-ng-4.9.1-0.0.8.el8.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/ol-automation-manager-2.2.0-40.el8.src.rpm

Related CVEs:

CVE-2025-27151
CVE-2024-37890
CVE-2025-47273

Description of changes:

python-galaxy-ng
[4.9.1-0.0.8]
- Update axios to 1.8.4 to mitagate CVE-2025-27152

ol-automation-manager
[2.2.0-40.el8]
- OLAM-506 Apply patch for CVE-2024-37890 ( ws 7.5.9, 8.5.10 )
- OLAM-799 Upgrade jaraco-functools==4.0.0

[2.2.0-39.el8]
- OLAM-799 Upgrade setuptools==78.1.1 to fix CVE-2025-47273

ELSA-2025-11335 Important: Oracle Linux 9 tomcat security update

Oracle Linux Security Advisory ELSA-2025-11335

http://linux.oracle.com/errata/ELSA-2025-11335.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
tomcat-9.0.87-3.el9_6.1.noarch.rpm
tomcat-admin-webapps-9.0.87-3.el9_6.1.noarch.rpm
tomcat-docs-webapp-9.0.87-3.el9_6.1.noarch.rpm
tomcat-el-3.0-api-9.0.87-3.el9_6.1.noarch.rpm
tomcat-jsp-2.3-api-9.0.87-3.el9_6.1.noarch.rpm
tomcat-lib-9.0.87-3.el9_6.1.noarch.rpm
tomcat-servlet-4.0-api-9.0.87-3.el9_6.1.noarch.rpm
tomcat-webapps-9.0.87-3.el9_6.1.noarch.rpm

aarch64:
tomcat-9.0.87-3.el9_6.1.noarch.rpm
tomcat-admin-webapps-9.0.87-3.el9_6.1.noarch.rpm
tomcat-docs-webapp-9.0.87-3.el9_6.1.noarch.rpm
tomcat-el-3.0-api-9.0.87-3.el9_6.1.noarch.rpm
tomcat-jsp-2.3-api-9.0.87-3.el9_6.1.noarch.rpm
tomcat-lib-9.0.87-3.el9_6.1.noarch.rpm
tomcat-servlet-4.0-api-9.0.87-3.el9_6.1.noarch.rpm
tomcat-webapps-9.0.87-3.el9_6.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/tomcat-9.0.87-3.el9_6.1.src.rpm

Related CVEs:

CVE-2024-56337
CVE-2025-31650

Description of changes:

[1:9.0.87-3.el9_6.1]
- Resolves: RHEL-91765
tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame (CVE-2025-31650)
- Resolves: RHEL-71981
tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation (CVE-2024-56337)

[1:9.0.87-3]
- Resolves: RHEL-82945
tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813)
- Resolves: RHEL-71723
tomcat: RCE due to TOCTOU issue in JSP compilation (CVE-2024-50379)

ELSA-2025-10867 Important: Oracle Linux 9 java-17-openjdk security update

Oracle Linux Security Advisory ELSA-2025-10867

http://linux.oracle.com/errata/ELSA-2025-10867.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
java-17-openjdk-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-demo-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-demo-fastdebug-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-demo-slowdebug-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-devel-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-devel-fastdebug-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-devel-slowdebug-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-fastdebug-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-headless-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-headless-fastdebug-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-headless-slowdebug-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-javadoc-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-javadoc-zip-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-jmods-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-jmods-fastdebug-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-jmods-slowdebug-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-slowdebug-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-src-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-src-fastdebug-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-src-slowdebug-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-static-libs-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-static-libs-fastdebug-17.0.16.0.8-2.0.1.el9.x86_64.rpm
java-17-openjdk-static-libs-slowdebug-17.0.16.0.8-2.0.1.el9.x86_64.rpm

aarch64:
java-17-openjdk-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-demo-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-demo-fastdebug-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-demo-slowdebug-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-devel-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-devel-fastdebug-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-devel-slowdebug-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-fastdebug-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-headless-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-headless-fastdebug-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-headless-slowdebug-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-javadoc-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-javadoc-zip-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-jmods-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-jmods-fastdebug-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-jmods-slowdebug-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-slowdebug-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-src-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-src-fastdebug-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-src-slowdebug-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-static-libs-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-static-libs-fastdebug-17.0.16.0.8-2.0.1.el9.aarch64.rpm
java-17-openjdk-static-libs-slowdebug-17.0.16.0.8-2.0.1.el9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/java-17-openjdk-17.0.16.0.8-2.0.1.el9.src.rpm

Related CVEs:

CVE-2025-30749
CVE-2025-30754
CVE-2025-50059
CVE-2025-50106

Description of changes:

[1:17.0.16.0.8-2.0.1]
- Add Oracle vendor bug URL [Orabug: 34340155]

[1:17.0.16.0.8-2]
- Update to jdk-17.0.16+8
- Add to .gitignore openjdk-17.0.16+8.tar.xz
- Set updatever to 16
- Set buildver to 8
- Set rpmrelease to 2
- Update sources to openjdk-17.0.16+8.tar.xz
- Resolves: RHEL-101788
- Resolves: RHEL-101795
- Resolves: RHEL-101796
- Resolves: RHEL-101797
- Resolves: RHEL-102283
- Resolves: RHEL-102286
- Resolves: RHEL-102285
- Resolves: RHEL-102284
- Require tzdata-java 2025b at runtime and for build
- Set bundled freetype provide version to 2.13.3
- Set bundled harfbuzz provide version to 10.4.0
- Set bundled lcms2 provide version to 2.17.0
- Set bundled libpng provide version to 1.6.47
- Recommend pipewire
- Related: RHEL-102667
- Resolves: RHEL-102669
- Resolves: RHEL-102670
- Resolves: RHEL-102672
- Sync java-17-openjdk-portable.specfile from openjdk-portable-rhel-8
- ** This tarball is embargoed until 2025-07-15 @ 1pm PT. **

ELSA-2025-10848 Important: Oracle Linux 9 cloud-init security update

Oracle Linux Security Advisory ELSA-2025-10848

http://linux.oracle.com/errata/ELSA-2025-10848.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
cloud-init-24.4-4.0.1.el9_6.3.noarch.rpm

aarch64:
cloud-init-24.4-4.0.1.el9_6.3.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/cloud-init-24.4-4.0.1.el9_6.3.src.rpm

Related CVEs:

CVE-2024-6174

Description of changes:

[24.4-4.0.1.el9_6.3]
- Fix Oracle Datasource network and getdata methods for OCI OL [Orabug: 35950168]
- Fix log file permission [Orabug: 35302969]
- Update detection logic for OL distros in config template [Orabug: 34845400]
- Added missing services in rhel/systemd/cloud-init.service [Orabug: 32183938]
- Added missing services in cloud-init.service.tmpl for sshd [Orabug: 32183938]
- Forward port applicable cloud-init 18.4-2.0.3 changes to cloud-init-18-5 [Orabug: 30435672]
- limit permissions [Orabug: 31352433]
- Changes to ignore all enslaved interfaces [Orabug: 30092148]
- Make Oracle datasource detect dracut based config files [Orabug: 29956753]
- add modified version of enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch:
1. Enable ec2_utils.py having a way to stop retrying to get ec2 metadata
2. Apply stop retrying to get ec2 metadata to helper/openstack.py MetadataReader
Resolves: Oracle-Bug:41660 (Bugzilla)
- added OL to list of known distros
Resolves: rhbz#1427280
Resolves: rhbz#1427280

[24.4-4.el9_6.3]
- ci-fix-Don-t-attempt-to-identify-non-x86-OpenStack-inst.patch [RHEL-100611]
- ci-fix-strict-disable-in-ds-identify-on-no-datasources-.patch [RHEL-100611]
- Resolves: RHEL-100611
(CVE-2024-6174 cloud-init: From CVEorg collector [rhel-9.6.z])

[24.4-4.el9_6.2]
- Adding missed fix 'Retain exit code in cloud-init status for recoverable errors'
- Resolves: RHEL-101693

ELBA-2025-10786 Oracle Linux 9 scap-security-guide bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2025-10786

http://linux.oracle.com/errata/ELBA-2025-10786.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

aarch64:
scap-security-guide-0.1.77-3.0.1.el9.noarch.rpm
scap-security-guide-doc-0.1.77-3.0.1.el9.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/scap-security-guide-0.1.77-3.0.1.el9.src.rpm

Description of changes:

[0.1.77-3.0.1]
- Update OL9 STIG to align with DISA STIG V1R1 [Orabug: 38182493]

[0.1.77.openela.1.0]
- Add OpenELA as derivative of RHEL

[0.1.77-3]
- fix incorrect applicability of Grub2 UEFI specific rules
- replace grub-mkconfig with grub2-mkconfig in rule descriptions

[0.1.77-2]
- Turn on SCE for this release (RHEL-94803)

[0.1.77-1]
- Rebase to scap-security-guide version 0.1.77 (RHEL-94803)
- rule networkmanager_dns_mode now checks dropin files and has more resilient regex (RHEL-62843)
- rsyslog_remote_loghost checks for Rainer Script syntax as well (RHEL-62731)
- improve checking of Grub2 superuser and password configuration (RHEL-58818)

ELBA-2025-9426 Oracle Linux 9 linux-firmware bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-9426

http://linux.oracle.com/errata/ELBA-2025-9426.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
iwl1000-firmware-39.31.5.1-999.41.el9.noarch.rpm
iwl100-firmware-39.31.5.1-999.41.el9.noarch.rpm
iwl105-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl135-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl2000-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl2030-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl3160-firmware-25.30.13.0-999.41.el9.noarch.rpm
iwl3945-firmware-15.32.2.9-999.41.el9.noarch.rpm
iwl4965-firmware-228.61.2.24-999.41.el9.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.41.el9.noarch.rpm
iwl5150-firmware-8.24.2.2-999.41.el9.noarch.rpm
iwl6000-firmware-9.221.4.1-999.41.el9.noarch.rpm
iwl6000g2a-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl6000g2b-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl6050-firmware-41.28.5.1-999.41.el9.noarch.rpm
iwl7260-firmware-25.30.13.0-999.41.el9.noarch.rpm
iwlax2xx-firmware-20250611-999.41.el9.noarch.rpm
libertas-sd8686-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
libertas-sd8787-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
libertas-usb8388-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
libertas-usb8388-olpc-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
linux-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
linux-firmware-core-20250611-999.41.git356f06bf.el9.noarch.rpm
linux-firmware-whence-20250611-999.41.git356f06bf.el9.noarch.rpm
liquidio-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
netronome-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm

aarch64:
iwl1000-firmware-39.31.5.1-999.41.el9.noarch.rpm
iwl100-firmware-39.31.5.1-999.41.el9.noarch.rpm
iwl105-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl135-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl2000-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl2030-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl3160-firmware-25.30.13.0-999.41.el9.noarch.rpm
iwl3945-firmware-15.32.2.9-999.41.el9.noarch.rpm
iwl4965-firmware-228.61.2.24-999.41.el9.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.41.el9.noarch.rpm
iwl5150-firmware-8.24.2.2-999.41.el9.noarch.rpm
iwl6000-firmware-9.221.4.1-999.41.el9.noarch.rpm
iwl6000g2a-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl6000g2b-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl6050-firmware-41.28.5.1-999.41.el9.noarch.rpm
iwl7260-firmware-25.30.13.0-999.41.el9.noarch.rpm
iwlax2xx-firmware-20250611-999.41.el9.noarch.rpm
libertas-sd8686-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
libertas-sd8787-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
libertas-usb8388-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
libertas-usb8388-olpc-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
linux-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
linux-firmware-core-20250611-999.41.git356f06bf.el9.noarch.rpm
linux-firmware-whence-20250611-999.41.git356f06bf.el9.noarch.rpm
liquidio-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
netronome-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/linux-firmware-20250611-999.41.git356f06bf.el9.src.rpm

Description of changes:

[20250611-999.41.git356f06bf.el9]
- Rebase to latest upstream and update the core list for UEK8 [Orabug: 38028345]

ELSA-2025-20470 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2025-20470

http://linux.oracle.com/errata/ELSA-2025-20470.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

aarch64:
bpftool-5.15.0-310.184.5.2.el9uek.aarch64.rpm
kernel-uek-5.15.0-310.184.5.2.el9uek.aarch64.rpm
kernel-uek-container-5.15.0-310.184.5.2.el9uek.aarch64.rpm
kernel-uek-container-debug-5.15.0-310.184.5.2.el9uek.aarch64.rpm
kernel-uek-core-5.15.0-310.184.5.2.el9uek.aarch64.rpm
kernel-uek-debug-5.15.0-310.184.5.2.el9uek.aarch64.rpm
kernel-uek-debug-core-5.15.0-310.184.5.2.el9uek.aarch64.rpm
kernel-uek-debug-devel-5.15.0-310.184.5.2.el9uek.aarch64.rpm
kernel-uek-debug-modules-5.15.0-310.184.5.2.el9uek.aarch64.rpm
kernel-uek-debug-modules-extra-5.15.0-310.184.5.2.el9uek.aarch64.rpm
kernel-uek-devel-5.15.0-310.184.5.2.el9uek.aarch64.rpm
kernel-uek-doc-5.15.0-310.184.5.2.el9uek.noarch.rpm
kernel-uek-modules-5.15.0-310.184.5.2.el9uek.aarch64.rpm
kernel-uek-modules-extra-5.15.0-310.184.5.2.el9uek.aarch64.rpm
kernel-uek64k-5.15.0-310.184.5.2.el9uek.aarch64.rpm
kernel-uek64k-core-5.15.0-310.184.5.2.el9uek.aarch64.rpm
kernel-uek64k-devel-5.15.0-310.184.5.2.el9uek.aarch64.rpm
kernel-uek64k-modules-5.15.0-310.184.5.2.el9uek.aarch64.rpm
kernel-uek64k-modules-extra-5.15.0-310.184.5.2.el9uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/kernel-uek-5.15.0-310.184.5.2.el9uek.src.rpm

Related CVEs:

CVE-2023-52572
CVE-2023-52621
CVE-2023-52757
CVE-2024-26686
CVE-2024-26739
CVE-2024-26952
CVE-2024-27402
CVE-2024-35790
CVE-2024-35866
CVE-2024-35867
CVE-2024-35943
CVE-2024-36350
CVE-2024-36357
CVE-2024-36908
CVE-2024-38540
CVE-2024-38541
CVE-2024-42160
CVE-2024-42322
CVE-2024-44938
CVE-2024-46742
CVE-2024-46751
CVE-2024-46774
CVE-2024-46784
CVE-2024-46816
CVE-2024-49960
CVE-2024-49989
CVE-2024-50047
CVE-2024-50125
CVE-2024-50258
CVE-2024-50272
CVE-2024-50280
CVE-2024-53128
CVE-2024-53185
CVE-2024-53203
CVE-2024-54458
CVE-2024-56551
CVE-2024-56599
CVE-2024-56655
CVE-2024-56658
CVE-2024-56751
CVE-2025-21681
CVE-2025-21839
CVE-2025-21853
CVE-2025-22027
CVE-2025-22062
CVE-2025-23140
CVE-2025-23142
CVE-2025-23144
CVE-2025-23145
CVE-2025-23146
CVE-2025-23147
CVE-2025-23148
CVE-2025-23150
CVE-2025-23151
CVE-2025-23156
CVE-2025-23157
CVE-2025-23158
CVE-2025-23159
CVE-2025-23161
CVE-2025-23163
CVE-2025-37738
CVE-2025-37739
CVE-2025-37740
CVE-2025-37741
CVE-2025-37742
CVE-2025-37749
CVE-2025-37752
CVE-2025-37756
CVE-2025-37757
CVE-2025-37758
CVE-2025-37765
CVE-2025-37766
CVE-2025-37767
CVE-2025-37768
CVE-2025-37770
CVE-2025-37771
CVE-2025-37773
CVE-2025-37780
CVE-2025-37781
CVE-2025-37787
CVE-2025-37788
CVE-2025-37789
CVE-2025-37790
CVE-2025-37792
CVE-2025-37794
CVE-2025-37796
CVE-2025-37797
CVE-2025-37803
CVE-2025-37805
CVE-2025-37808
CVE-2025-37810
CVE-2025-37812
CVE-2025-37817
CVE-2025-37819
CVE-2025-37823
CVE-2025-37824
CVE-2025-37829
CVE-2025-37830
CVE-2025-37836
CVE-2025-37838
CVE-2025-37839
CVE-2025-37840
CVE-2025-37841
CVE-2025-37844
CVE-2025-37850
CVE-2025-37857
CVE-2025-37858
CVE-2025-37859
CVE-2025-37862
CVE-2025-37867
CVE-2025-37875
CVE-2025-37881
CVE-2025-37883
CVE-2025-37885
CVE-2025-37890
CVE-2025-37892
CVE-2025-37905
CVE-2025-37909
CVE-2025-37911
CVE-2025-37913
CVE-2025-37914
CVE-2025-37915
CVE-2025-37923
CVE-2025-37927
CVE-2025-37929
CVE-2025-37930
CVE-2025-37940
CVE-2025-37949
CVE-2025-37967
CVE-2025-37969
CVE-2025-37970
CVE-2025-37982
CVE-2025-37983
CVE-2025-37985
CVE-2025-37989
CVE-2025-37990
CVE-2025-37991
CVE-2025-37992
CVE-2025-37994
CVE-2025-37995
CVE-2025-37997
CVE-2025-37998
CVE-2025-38005
CVE-2025-38009
CVE-2025-38023
CVE-2025-38024
CVE-2025-38031
CVE-2025-38089

Description of changes:

[5.15.0-310.184.5.2.el9uek]
- sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (Jeff Layton) {CVE-2025-38089}
- net_sched: sch_sfq: move the limit validation (Octavian Purdila) {CVE-2025-37752}
- net_sched: sch_sfq: use a temporary work area for validating configuration (Octavian Purdila)
- net_sched: sch_sfq: don't allow 1 packet limit (Octavian Purdila)
- net_sched: sch_sfq: handle bigger packets (Eric Dumazet)
- net_sched: sch_sfq: annotate data-races around q->perturb_period (Eric Dumazet)
- block: assign bi_bdev for cloned bios in blk_rq_prep_clone (Christoph Hellwig) [Orabug: 37931495]
- fs/proc: do_task_stat: use __for_each_thread() (Oleg Nesterov) [Orabug: 38081922]

[5.15.0-310.184.5.1.el9uek]
- Add Zen34 clients (Borislav Petkov (AMD)) [Orabug: 38023240] {CVE-2024-36350} {CVE-2024-36357}
- x86/process: Move the buffer clearing before MONITOR (Kim Phillips) [Orabug: 38023240] {CVE-2024-36350} {CVE-2024-36357}
- Add normal counters (Borislav Petkov (AMD)) [Orabug: 38023240] {CVE-2024-36350} {CVE-2024-36357}
- KVM: SVM: Advertize TSA CPUID bits to guests (Borislav Petkov (AMD)) [Orabug: 38023240] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Add a Transient Scheduler Attacks mitigation (Borislav Petkov (AMD)) [Orabug: 38023240] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Rename MDS machinery to something more generic (Borislav Petkov (AMD)) [Orabug: 38023240] {CVE-2024-36350} {CVE-2024-36357}
- x86/CPU/AMD: Add ZenX generations flags (Borislav Petkov (AMD)) [Orabug: 38023240] {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Free X86_BUG_AMD_APIC_C1E and X86_BUG_AMD_E400 bits (Boris Ostrovsky) [Orabug: 38023240] {CVE-2024-36350} {CVE-2024-36357}

[5.15.0-310.184.5.el9uek]
- sched/numa: skip VMA scanning on memory pinned to one NUMA node via cpuset.mems (Libo Chen) [Orabug: 38070120]
- bridge: netfilter: Fix forwarding of fragmented packets (Ido Schimmel) [Orabug: 38069363]
- Revert "net: bridge: IP defragmentation failing for jumboframes" (Venkat Venkatsubra) [Orabug: 38069363]
- vhost-scsi: Change def inline_sg_cnt and max_io_vqs for exadata (Mike Christie) [Orabug: 38053186]
- rds: ib: Add cm_id generation scheme in order to detect new ones (Håkon Bugge) [Orabug: 37799170]
- Revert "i2c: designware: Fix corrupted memory seen in the ISR" (Vijay Kumar) [Orabug: 37771338]
- ipmi:ssif: Improve detecting during probing (Corey Minyard) [Orabug: 37771338]
- ipmi: ssif: replace strlcpy with strscpy (Jason Wang) [Orabug: 37771338]
- uek-rpm: Enable CONFIG_SERIAL_RP2 as m (Samasth Norway Ananda) [Orabug: 37459981]
- serial: update the rp2 driver code (Samasth Norway Ananda) [Orabug: 37459981]

[5.15.0-310.184.4.el9uek]
- vhost-scsi: Fix log flooding with target does not exist errors (Mike Christie) [Orabug: 37424174]
- mm: do not write protect COW mappings when preserving across exec (Anthony Yznaga) [Orabug: 37734242]
- mm: hold the source mmap write lock when copying PTEs (Anthony Yznaga) [Orabug: 37734242]
- uek-rpm: Bluefield 3: Enable CONFIG_CONTIG_ALLOC (Thomas Tai) [Orabug: 38067846]
- mm: shmem: remove unnecessary warning in shmem_writepage() (Ricardo Cañuelo Navarro) [Orabug: 38091965]
- shmem: add support to ignore swap (Luis Chamberlain) [Orabug: 38091965]
- shmem: update documentation (Luis Chamberlain) [Orabug: 38091965]
- shmem: skip page split if we're not reclaiming (Luis Chamberlain) [Orabug: 38091965]
- shmem: move reclaim check early on writepages() (Luis Chamberlain) [Orabug: 38091965]
- shmem: set shmem_writepage() variables early (Luis Chamberlain) [Orabug: 38091965]
- shmem: remove check for folio lock on writepage() (Luis Chamberlain) [Orabug: 38091965]

[5.15.0-310.184.3.el9uek]
- x86/its: Fix undefined reference to cpu_wants_rethunk_at() (Pawan Gupta)
- padata: do not leak refcount in reorder_work (Dominik Grzegorzek) [Orabug: 38094844] {CVE-2025-38031}
- Revert "drm/amd: Keep display off while going into S4" (Mario Limonciello)
- memcg: always call cond_resched() after fn() (Breno Leitao)
- lib: cpu_rmap: Use allocator for rmap entries (Eli Cohen) [Orabug: 38037237]
- uek-rpm: build the fwctl mlx5 driver on UEK (Qing Huang) [Orabug: 37810637]
- fwctl: Adapt upstream code for UEK7 (Mikhael Goikhman) [Orabug: 37810637]
- mlx5: Create an auxiliary device for fwctl_mlx5 (Saeed Mahameed) [Orabug: 37810637]
- fwctl/mlx5: Support for communicating with mlx5 fw (Saeed Mahameed) [Orabug: 37810637]
- fwctl: Add documentation (Jason Gunthorpe) [Orabug: 37810637]
- fwctl: FWCTL_RPC to execute a Remote Procedure Call to device firmware (Jason Gunthorpe) [Orabug: 37810637]
- taint: Add TAINT_FWCTL (Jason Gunthorpe) [Orabug: 37810637]
- fwctl: FWCTL_INFO to return basic information about the device (Jason Gunthorpe) [Orabug: 37810637]
- fwctl: Basic ioctl dispatch for the character device (Jason Gunthorpe) [Orabug: 37810637]
- fwctl: Add basic structure for a class subsystem with a cdev (Jason Gunthorpe) [Orabug: 37810637]
- net/mlx5: Add IFC related stuff for data direct (Yishai Hadas) [Orabug: 37810637]
- Documentation: Add detailed explanation for 'N' taint flag (Benjamin Poirier) [Orabug: 37810637]
- kernel/panic: initialize taint_flags[] using a macro (Jani Nikula) [Orabug: 37810637]
- kernel/panic: return early from print_tainted() when not tainted (Jani Nikula) [Orabug: 37810637]
- tools: Add new "test" taint to kernel-chktaint (Joe Fradley) [Orabug: 37810637]
- panic: use error_report_end tracepoint on warnings (Marco Elver) [Orabug: 37810637]
- Revert "fwctl: Add basic structure for a class subsystem with a cdev" (Qing Huang) [Orabug: 37810637]
- Revert "fwctl: Basic ioctl dispatch for the character device" (Qing Huang) [Orabug: 37810637]
- Revert "fwctl: FWCTL_INFO to return basic information about the device" (Qing Huang) [Orabug: 37810637]
- Revert "fwctl: FWCTL_RPC to execute a Remote Procedure Call to device firmware" (Qing Huang) [Orabug: 37810637]
- Revert "fwctl/mlx5: Support for communicating with mlx5 fw" (Qing Huang) [Orabug: 37810637]
- Revert "mlx5: Create an auxiliary device for fwctl_mlx5" (Qing Huang) [Orabug: 37810637]
- Revert "taint: Add TAINT_FWCTL" (Qing Huang) [Orabug: 37810637]
- Revert "fwctl: Adapt code for UEK7" (Qing Huang) [Orabug: 37810637]
- Revert "fwctl/mlx5: Add INTERNAL_DEV_RES uctx capability" (Qing Huang) [Orabug: 37810637]
- Revert "fwctl: Allow up to 4k devices" (Qing Huang) [Orabug: 37810637]
- Revert "fwctl: Expand adaption of code for UEK7" (Qing Huang) [Orabug: 37810637]
- Revert "uek-rpm: build the fwctl mlx5 driver on UEK" (Qing Huang) [Orabug: 37810637]

[5.15.0-310.184.2.el9uek]
- LTS version: v5.15.184 (Vijayendra Suman)
- netfilter: nf_tables: do not defer rule destruction via call_rcu (Florian Westphal) [Orabug: 38071844] {CVE-2024-56655}
- netfilter: nf_tables: wait for rcu grace period on net_device removal (Pablo Neira Ayuso)
- netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx (Florian Westphal)
- btrfs: do not clean up repair bio if submit fails (Josef Bacik)
- btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() (Filipe Manana) [Orabug: 37074536] {CVE-2024-46751}
- sctp: add mutual exclusion in proc_sctp_do_udp_port() (Eric Dumazet) [Orabug: 37844338] {CVE-2025-22062}
- selftests/mm: compaction_test: support platform with huge mount of memory (Feng Tang)
- usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (Gong, Ruiqi)
- usb: typec: fix potential array underflow in ucsi_ccg_sync_control() (Dan Carpenter) [Orabug: 37433551] {CVE-2024-53203}
- usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group (Rd Babiera) [Orabug: 36642199] {CVE-2024-35790}
- usb: typec: ucsi: displayport: Fix deadlock (Andrei Kuchynski) [Orabug: 37977019] {CVE-2025-37967}
- clocksource/i8253: Use raw_spinlock_irqsave() in clockevent_i8253_disable() (Sebastian Andrzej Siewior)
- block: fix direct io NOWAIT flag not work (Fengnan Chang)
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (Shuai Xue)
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (Shuai Xue)
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (Yemike Abhilash Chandra)
- dmaengine: ti: k3-udma: Add missing locking (Ronald Wahl) [Orabug: 38094757] {CVE-2025-38005}
- wifi: mt76: disable napi on driver removal (Fedor Pchelkin) [Orabug: 38094771] {CVE-2025-38009}
- phy: renesas: rcar-gen3-usb2: Set timing registers only once (Claudiu Beznea)
- phy: Fix error handling in tegra_xusb_port_init (Ma Ke)
- tracing: samples: Initialize trace_array_printk() with the correct function (Steven Rostedt)
- ftrace: Fix preemption accounting for stacktrace filter command (Donglin Peng)
- ftrace: Fix preemption accounting for stacktrace trigger command (Donglin Peng)
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (Nicolas Chauvet)
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (Christian Heusel)
- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (Xu Wang)
- ACPI: PPTT: Fix processor subtable walk (Jeremy Linton)
- btrfs: fix discard worker infinite loop after disabling discard (Filipe Manana)
- dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" (Nathan Lynch)
- x86/its: FineIBT-paranoid vs ITS (Peter Zijlstra)
- x86/speculation: Remove the extra #ifdef around CALL_NOSPEC (Pawan Gupta)
- x86/speculation: Add a conditional CS prefix to CALL_NOSPEC (Pawan Gupta)
- x86/speculation: Simplify and make CALL_NOSPEC consistent (Pawan Gupta)
- x86,nospec: Simplify {JMP,CALL}_NOSPEC (Peter Zijlstra)
- NFSv4/pnfs: Reset the layout state after a layoutreturn (Trond Myklebust)
- qlcnic: fix memory leak in qlcnic_sriov_channel_cfg_cmd() (Abdun Nihaal)
- ALSA: sh: SND_AICA should depend on SH_DMA_API (Geert Uytterhoeven)
- net: dsa: sja1105: discard incoming frames in BR_STATE_LISTENING (Vladimir Oltean)
- net: cadence: macb: Fix a possible deadlock in macb_halt_tx. (Mathieu Othacehe)
- net_sched: Flush gso_skb list too during ->change() (Cong Wang) [Orabug: 37998129] {CVE-2025-37992}
- spi: loopback-test: Do not split 1024-byte hexdumps (Geert Uytterhoeven)
- nfs: handle failure of nfs_get_lock_context in unlock path (Li Lingfeng) [Orabug: 38094819] {CVE-2025-38023}
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (Zhu Yanjun) [Orabug: 38094828] {CVE-2025-38024}
- iio: chemical: sps30: use aligned_s64 for timestamp (David Lechner)
- iio: adc: ad7768-1: Fix insufficient alignment of timestamp. (Jonathan Cameron)
- tracing: probes: Fix a possible race in trace_probe_log APIs (Masami Hiramatsu)
- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (Hans de Goede)
- LTS version: v5.15.183 (Vijayendra Suman)
- Revert "net: phy: microchip: force IRQ polling mode for lan88xx" (Greg Kroah-Hartman)
- do_umount(): add missing barrier before refcount checks in sync case (Al Viro)
- drm/panel: simple: Update timings for AUO G101EVN010 (Kevin Baker)
- MIPS: Fix MAX_REG_OFFSET (Thorsten Blum)
- iio: adc: dln2: Use aligned_s64 for timestamp (Jonathan Cameron)
- types: Complement the aligned types with signed 64-bit one (Andy Shevchenko)
- usb: usbtmc: Fix erroneous generic_read ioctl return (Dave Penkler)
- usb: usbtmc: Fix erroneous wait_srq ioctl return (Dave Penkler)
- usb: usbtmc: Fix erroneous get_stb ioctl error returns (Dave Penkler)
- USB: usbtmc: use interruptible sleep in usbtmc_read (Oliver Neukum)
- usb: typec: ucsi: displayport: Fix NULL pointer access (Andrei Kuchynski) [Orabug: 38015127] {CVE-2025-37994}
- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (Rd Babiera)
- usb: host: tegra: Prevent host controller crash when OTG port is used (Jim Lin)
- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (Wayne Chang)
- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (Pawel Laszczak)
- usb: cdnsp: Fix issue with resuming from L1 (Pawel Laszczak)
- ocfs2: stop quota recovery before disabling quotas (Jan Kara)
- ocfs2: implement handshaking with ocfs2 recovery thread (Jan Kara)
- ocfs2: switch osb->disable_recovery to enum (Jan Kara)
- module: ensure that kobject_put() is safe for module type kobjects (Dmitry Antipov) [Orabug: 38015132] {CVE-2025-37995}
- xenbus: Use kref to track req lifetime (Jason Andryuk) [Orabug: 37976935] {CVE-2025-37949}
- usb: uhci-platform: Make the clock really optional (Alexey Charkov)
- drm/amd/display: Fix wrong handling for AUX_DEFER case (Wayne Lin)
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (Silvano Seva) [Orabug: 37977032] {CVE-2025-37969}
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (Silvano Seva) [Orabug: 37977038] {CVE-2025-37970}
- iio: adis16201: Correct inclinometer channel resolution (Gabriel)
- iio: adc: ad7606: fix serial register access (Angelo Dureghello)
- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (Gabriel)
- staging: axis-fifo: Remove hardware resets for user errors (Gabriel)
- staging: iio: adc: ad7816: Correct conditional logic for store mode (Gabriel)
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (Aditya Garg)
- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (Dmitry Torokhov)
- Input: synaptics - enable InterTouch on Dell Precision M3800 (Aditya Garg)
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (Aditya Garg)
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (Manuel Fombuena)
- net: dsa: b53: fix learning on VLAN unaware bridges (Jonas Gorski)
- net: dsa: b53: always rejoin default untagged VLAN on bridge leave (Jonas Gorski)
- net: dsa: b53: fix VLAN ID for untagged vlan on bridge leave (Jonas Gorski)
- net: dsa: b53: fix flushing old pvid VLAN on pvid change (Jonas Gorski)
- net: dsa: b53: fix clearing PVID of a port (Jonas Gorski)
- net: dsa: b53: allow leaky reserved multicast (Jonas Gorski)
- netfilter: ipset: fix region locking in hash types (Jozsef Kadlecsik) [Orabug: 38015142] {CVE-2025-37997}
- can: gw: fix RCU/BH usage in cgw_create_job() (Oliver Hartkopp)
- can: gw: use call_rcu() instead of costly synchronize_rcu() (Eric Dumazet)
- gre: Fix again IPv6 link-local address generation. (Guillaume Nault)
- openvswitch: Fix unsafe attribute parsing in output_userspace() (Eelco Chaudron) [Orabug: 38015149] {CVE-2025-37998}
- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (Marc Kleine-Budde)
- can: mcan: m_can_class_unregister(): fix order of unregistration calls (Marc Kleine-Budde)
- LTS version: v5.15.182 (Vijayendra Suman)
- dm: fix copying after src array boundaries (Tudor Ambarus)
- iommu/arm-smmu-v3: Fix iommu_device_probe bug due to duplicated stream ids (Nicolin Chen)
- iommu/arm-smmu-v3: Use the new rb tree helpers (Jason Gunthorpe)
- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (Suzuki K Poulose) [Orabug: 37930013] {CVE-2025-37819}
- irqchip/gic-v2m: Mark a few functions __init (Thomas Gleixner)
- irqchip/gic-v2m: Add const to of_device_id (Xiang Wangx)
- Revert "drm/meson: vclk: fix calculation of 59.94 fractional rates" (Christian Hewitt)
- net: phy: microchip: force IRQ polling mode for lan88xx (Fiona Klute)
- ARM: dts: opos6ul: add ksz8081 phy properties (Sébastien Szymanski)
- firmware: arm_scmi: Balance device refcount when destroying devices (Cristian Marussi) [Orabug: 37976753] {CVE-2025-37905}
- net: hns3: fix deadlock issue when externel_lb and reset are executed together (Yonglong Liu)
- of: module: add buffer overflow check in of_modalias() (Sergey Shtylyov) [Orabug: 36753381] {CVE-2024-38541}
- PCI: imx6: Skip controller_id generation logic for i.MX7D (Richard Zhu)
- net: hns3: defer calling ptp_clock_register() (Jian Shen)
- net: hns3: fixed debugfs tm_qset size (Hao Lan)
- net: hns3: fix an interrupt residual problem (Yonglong Liu)
- net: hns3: add support for external loopback test (Yonglong Liu)
- net: hns3: store rx VLAN tag offload state for VF (Jian Shen)
- net: fec: ERR007885 Workaround for conventional TX (Mattias Barthel)
- net: lan743x: Fix memleak issue when GSO enabled (Thangaraj Samynathan) [Orabug: 37976766] {CVE-2025-37909}
- nvme-tcp: fix premature queue removal and I/O failover (Michael Liang)
- bnxt_en: Fix ethtool -d byte order for 32-bit values (Michael Chan)
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (Shruti Parab) [Orabug: 37976774] {CVE-2025-37911}
- bnxt_en: Fix coredump logic to free allocated buffer (Shruti Parab)
- net: ipv6: fix UDPv6 GSO segmentation with NAT (Felix Fietkau)
- net: dlink: Correct endianness handling of led_mode (Simon Horman)
- net_sched: qfq: Fix double list add in class with netem as child qdisc (Victor Nogueira) [Orabug: 37976784] {CVE-2025-37913}
- net_sched: ets: Fix double list add in class with netem as child qdisc (Victor Nogueira) [Orabug: 37976789] {CVE-2025-37914}
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (Victor Nogueira) [Orabug: 37967411] {CVE-2025-37890}
- net_sched: drr: Fix double list add in class with netem as child qdisc (Victor Nogueira) [Orabug: 37976793] {CVE-2025-37915}
- net: ethernet: mtk-star-emac: rearm interrupts in rx_poll only when advised (Louis-Alexis Eyraud)
- net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (Louis-Alexis Eyraud)
- net: ethernet: mtk-star-emac: separate tx/rx handling with two NAPIs (Biao Huang)
- net/mlx5: E-switch, Fix error handling for enabling roce (Chris Mi)
- net/mlx5: E-Switch, Initialize MAC Address for Default GID (Maor Gottlieb)
- net/sched: act_mirred: don't override retval if we already lost the skb (Jakub Kicinski) [Orabug: 36530679] {CVE-2024-26739}
- KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (Sean Christopherson) [Orabug: 37685666] {CVE-2025-21839}
- tracing: Fix oob write in trace_seq_to_buffer() (Jeongjun Park) [Orabug: 37976822] {CVE-2025-37923}
- iommu/vt-d: Apply quirk_iommu_igfx for 8086:0044 (QM57/QS57) (Mingcong Bai)
- iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (Pavel Paklov) [Orabug: 37976837] {CVE-2025-37927}
- dm: always update the array size in realloc_argv on success (Benjamin Marzinski)
- dm-integrity: fix a warning on invalid table line (Mikulas Patocka)
- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (Xu Wang) [Orabug: 37977120] {CVE-2025-37990}
- mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (Ruslan Piasetskyi)
- amd-xgbe: Fix to ensure dependent features are toggled with RX checksum offload (Vishal Badole)
- parisc: Fix double SIGFPE crash (Helge Deller) [Orabug: 37977128] {CVE-2025-37991}
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (Will Deacon) [Orabug: 38071958] {CVE-2025-37929}
- i2c: imx-lpi2c: Fix clock count when probe defers (Clark Wang)
- EDAC/altera: Set DDR and SDMMC interrupt mask before registration (Niravkumar L Rabara)
- EDAC/altera: Test the correct error reg offset (Niravkumar L Rabara)
- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (Philipp Stanner) [Orabug: 37976851] {CVE-2025-37930}
- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (Joachim Priesner)
- LTS version: v5.15.181 (Vijayendra Suman)
- PCI: Release resource invalidated by coalescing (Ross Lagerwall)
- PCI: Fix dropping valid root bus resources with .end = zero (Geert Uytterhoeven)
- PCI: Fix use-after-free in pci_bus_release_domain_nr() (Rob Herring)
- nvme: fixup scan failure for non-ANA multipath controllers (Hannes Reinecke)
- MIPS: cm: Fix warning if MIPS_CM is disabled (Thomas Bogendoerfer)
- xdp: Reset bpf_redirect_info before running a xdp's BPF prog. (Sebastian Andrzej Siewior)
- drm/amd/display: fix double free issue during amdgpu module unload (Tim Huang) [Orabug: 37206238] {CVE-2024-49989}
- net: dsa: mv88e6xxx: enable .port_set_policy() for 6320 family (Marek Behún)
- net: dsa: mv88e6xxx: enable PVT for 6321 switch (Marek Behún)
- net: dsa: mv88e6xxx: fix atu_move_port_mask for 6341 family (Marek Behún)
- crypto: atmel-sha204a - Set hwrng quality to lowest possible (Marek Behún)
- comedi: jr3_pci: Fix synchronous deletion of timer (Ian Abbott)
- jfs: define xtree root and page independently (Dave Kleikamp)
- md/raid1: Add check for missing source disk in process_checks() (Meir Elisha)
- ubsan: Fix panic from test_ubsan_out_of_bounds (Mostafa Saleh)
- loop: aio inherit the ioprio of original request (Yunlong Xing)
- scsi: pm80xx: Set phy_attached to zero when device is gone (Igor Pylypiv)
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (Xingui Yang)
- ext4: make block validity check resistent to sb bh corruption (Ojaswin Mujoo)
- nvmet-fc: put ref when assoc->del_work is already scheduled (Daniel Wagner)
- nvmet-fc: take tgtport reference only once (Daniel Wagner)
- x86/bugs: Don't fill RSB on context switch with eIBRS (Josh Poimboeuf)
- x86/bugs: Don't fill RSB on VMEXIT with eIBRS+retpoline (Josh Poimboeuf)
- x86/bugs: Use SBPB in write_ibpb() if applicable (Josh Poimboeuf)
- selftests/mincore: Allow read-ahead pages to reach the end of the file (Qiuxu Zhuo)
- objtool: Stop UNRET validation on UD2 (Josh Poimboeuf)
- nvme: re-read ANA log page after ns scan completes (Hannes Reinecke)
- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (Jean-Marc Eurin)
- nvme: requeue namespace scan on missed AENs (Hannes Reinecke)
- xen: Change xen-acpi-processor dom0 dependency (Jason Andryuk)
- selftests: ublk: fix test_stripe_04 (Ming Lei)
- udmabuf: fix a buf size overflow issue during udmabuf creation (Xiaogang Chen) [Orabug: 37929938] {CVE-2025-37803}
- KVM: s390: Don't use %pK through tracepoints (Thomas Weißschuh)
- sched/isolation: Make CONFIG_CPU_ISOLATION depend on CONFIG_SMP (Oleg Nesterov)
- ntb: reduce stack usage in idt_scan_mws (Arnd Bergmann)
- qibfs: fix _another_ leak (Al Viro) [Orabug: 37977083] {CVE-2025-37983}
- objtool, ASoC: codecs: wcd934x: Remove potential undefined behavior in wcd934x_slim_irq_handler() (Josh Poimboeuf)
- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (Chenyuan Yang) [Orabug: 37937503] {CVE-2025-37881}
- usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running (Michał Pecio)
- dmaengine: dmatest: Fix dmatest waiting less when interrupted (Vinicius Costa Gomes)
- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (John Stultz) [Orabug: 37929953] {CVE-2025-37805}
- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (Andy Shevchenko)
- fs/ntfs3: Fix WARNING in ntfs_extend_initialized_size (Edward Adam Davis)
- usb: host: max3421-hcd: Add missing spi_device_id table (Alexander Stein)
- s390/tty: Fix a potential memory leak bug (Haoxiang Li)
- s390/sclp: Add check for get_zeroed_page() (Haoxiang Li) [Orabug: 37937517] {CVE-2025-37883}
- parisc: PDT: Fix missing prototype warning (Yu-Chun Lin)
- clk: check for disabled clock-provider in of_clk_get_hw_from_clkspec() (Heiko Stuebner)
- crypto: null - Use spin lock instead of mutex (Herbert Xu) [Orabug: 37929973] {CVE-2025-37808}
- MIPS: cm: Detect CM quirks from device tree (Gregory Clement)
- USB: wdm: add annotation (Oliver Neukum)
- USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (Oliver Neukum)
- USB: wdm: close race between wdm_open and wdm_wwan_port_stop (Oliver Neukum) [Orabug: 37977098] {CVE-2025-37985}
- USB: wdm: handle IO errors in wdm_wwan_port_start (Oliver Neukum)
- USB: VLI disk crashes if LPM is used (Oliver Neukum)
- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (Miao Li)
- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (Miao Li)
- usb: dwc3: gadget: check that event count does not exceed event buffer length (Frode Isaksen) [Orabug: 37929981] {CVE-2025-37810}
- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (Huacai Chen)
- usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (Fedor Pchelkin)
- usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (Fedor Pchelkin)
- usb: cdns3: Fix deadlock when using NCM gadget (Ralph Siemsen) [Orabug: 37929988] {CVE-2025-37812}
- USB: serial: simple: add OWON HDS200 series oscilloscope support (Craig Hesling)
- USB: serial: option: add Sierra Wireless EM9291 (Adam Xue)
- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (Michael Ehrenreich)
- serial: sifive: lock port in startup()/shutdown() callbacks (Ryo Takakura)
- KVM: x86: Reset IRTE to host control if *new* route isn't postable (Sean Christopherson) [Orabug: 37937535] {CVE-2025-37885}
- mei: me: add panther lake H DID (Alexander Usyskin)
- USB: storage: quirk for ADATA Portable HDD CH94 (Oliver Neukum)
- mcb: fix a double free bug in chameleon_parse_gdd() (Haoxiang Li) [Orabug: 37930000] {CVE-2025-37817}
- KVM: SVM: Allocate IR data using atomic allocation (Sean Christopherson)
- drm/amd/display: Fix gpu reset in multidisplay config (Roman Li)
- net: selftests: initialize TCP header and skb payload with zero (Oleksij Rempel)
- virtio_console: fix missing byte order handling for cols and rows (Halil Pasic)
- iommu/amd: Return an error if vCPU affinity is set for non-vCPU IRTE (Sean Christopherson)
- net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (Cong Wang) [Orabug: 37930028] {CVE-2025-37823}
- net_sched: hfsc: Fix a UAF vulnerability in class handling (Cong Wang) [Orabug: 37908484] {CVE-2025-37797}
- tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (Tung Nguyen) [Orabug: 37930039] {CVE-2025-37824}
- net: phy: leds: fix memory leak (Qingfang Deng) [Orabug: 37977112] {CVE-2025-37989}
- cpufreq: cppc: Fix invalid return value in .get() callback (Marc Zyngier)
- cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (Henry Martin) [Orabug: 37930051] {CVE-2025-37829}
- cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (Henry Martin) [Orabug: 37930056] {CVE-2025-37830}
- dma/contiguous: avoid warning about unused size_bytes (Arnd Bergmann)
- drm/msm/a6xx: Fix stale rpmh votes from GPU (Akhil P Oommen)
- drm/msm/a6xx: Avoid gx gbit halt during rpm suspend (Akhil P Oommen)
- drm/msm/a6xx: Handle GMU prepare-slumber hfi failure (Akhil P Oommen)
- drm/msm/a6xx: Improve gpu recovery sequence (Akhil P Oommen)
- string: Add load_unaligned_zeropad() code path to sized_strscpy() (Peter Collingbourne)
- kmsan: disable strscpy() optimization under KMSAN (Alexander Potapenko)
- selftests/mm: generate a temporary mountpoint for cgroup filesystem (Mark Brown)
- ksmbd: Prevent integer overflow in calculation of deadtime (Denis Arefev)
- PCI: Fix reference leak in pci_register_host_bridge() (Ma Ke) [Orabug: 37937272] {CVE-2025-37836}
- PCI: Assign PCI domain IDs by ida_alloc() (Pali Rohár)
- PCI: Coalesce host bridge contiguous apertures (Kai-Heng Feng)
- gpio: tegra186: fix resource handling in ACPI probe path (Guixin Liu)
- cifs: fix integer overflow in match_server() (Roman Smirnov)
- cifs: avoid NULL pointer dereference in dbg call (Alexandra Diupina) [Orabug: 37937310] {CVE-2025-37844}
- cifs: print TIDs as hex (Enzo Matsumiya)
- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (Herve Codina) [Orabug: 37901610] {CVE-2025-23144}
- backlight: led_bl: Convert to platform remove callback returning void (Uwe Kleine-König)
- iio: adc: ad7768-1: Fix conversion result sign (Sergiu Cuciurean)
- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (Jonathan Cameron)
- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (Chenyuan Yang) [Orabug: 37901625] {CVE-2025-23148}
- soc: samsung: exynos-chipid: Pass revision reg offsets (Sam Protsenko)
- soc: samsung: exynos-chipid: avoid soc_device_to_device() (Krzysztof Kozlowski)
- net: dsa: mv88e6xxx: fix VTU methods for 6320 family (Marek Behún)
- auxdisplay: hd44780: Fix an API misuse in hd44780.c (Haoxiang Li)
- auxdisplay: hd44780: Convert to platform remove callback returning void (Uwe Kleine-König)
- media: streamzap: fix race between device disconnection and urb callback (Murad Masimov) [Orabug: 37844171] {CVE-2025-22027}
- media: streamzap: remove unused struct members (Sean Young)
- media: streamzap: less chatter (Sean Young)
- media: streamzap: no need for usb pid/vid in device name (Sean Young)
- media: streamzap: remove unnecessary ir_raw_event_reset and handle (Sean Young)
- module: sign with sha512 instead of sha1 by default (Thorsten Leemhuis)
- Bluetooth: SCO: Fix UAF on sco_sock_timeout (Luiz Augusto von Dentz) [Orabug: 37252400] {CVE-2024-50125}
- f2fs: Add inline to f2fs_build_fault_attr() stub (Nathan Chancellor)
- pmdomain: ti: Add a null pointer check to the omap_prm_domain_init (Kunwu Chan) [Orabug: 36643315] {CVE-2024-35943}
- f2fs: check validation of fault attrs in f2fs_build_fault_attr() (Chao Yu) [Orabug: 36897956] {CVE-2024-42160}
- mm: fix apply_to_existing_page_range() (Kirill A. Shutemov)
- fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats (Oleg Nesterov) [Orabug: 36530401] {CVE-2024-26686}
- drm/i915/gt: Cleanup partial engine discovery failures (Chris Wilson)
- dm cache: fix flushing uninitialized delayed_work on cache_ctr error (Ming-Hung Tsai) [Orabug: 37298744] {CVE-2024-50280}
- jfs: Fix shift-out-of-bounds in dbDiscardAG (Pei Li) [Orabug: 36993154] {CVE-2024-44938}
- MIPS: ds1287: Match ds1287_set_base_clock() function types (Yuli Wang)
- MIPS: cevt-ds1287: Add missing ds1287.h include (Yuli Wang)
- MIPS: dec: Declare which_prom() as static (Yuli Wang)
- net: defer final 'struct net' free in netns dismantle (Eric Dumazet) [Orabug: 37434229] {CVE-2024-56658}
- scsi: ufs: bsg: Set bsg_queue to NULL after removal (Guixin Liu) [Orabug: 37649536] {CVE-2024-54458}
- openvswitch: fix lockup on tx to unregistering netdev with carrier (Ilya Maximets) [Orabug: 38071902] {CVE-2025-21681}
- net: openvswitch: fix race on port output (Felix Huettner)
- ipvs: properly dereference pe in ip_vs_add_service (Chen Hanxiao) [Orabug: 36964418] {CVE-2024-42322}
- ext4: fix timer use-after-free on failed mount (Xiaxi Shen) [Orabug: 37206114] {CVE-2024-49960}
- blk-iocost: do not WARN if iocg was already offlined (Li Nan) [Orabug: 36683303] {CVE-2024-36908}
- blk-cgroup: support to track if policy is online (Yu Kuai)
- bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers (Hou Tao) [Orabug: 37283326] {CVE-2023-52621}
- bpf: avoid holding freeze_mutex during mmap operation (Andrii Nakryiko) [Orabug: 37702062] {CVE-2025-21853}
- sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers (Qun-Wei Lin) [Orabug: 37388807] {CVE-2024-53128}
- smb: client: fix potential UAF in cifs_stats_proc_show() (Paulo Alcantara) [Orabug: 36642549] {CVE-2024-35867}
- smb: client: fix potential deadlock when releasing mids (Paulo Alcantara) [Orabug: 37283429] {CVE-2023-52757}
- smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open() (Chenxiaosong) [Orabug: 37074481] {CVE-2024-46742}
- smb: client: fix NULL ptr deref in crypto_aead_setkey() (Paulo Alcantara) [Orabug: 38071970] {CVE-2024-53185}
- smb: client: fix UAF in async decryption (Enzo Matsumiya) [Orabug: 37206489] {CVE-2024-50047}
- cifs: Fix UAF in cifs_demultiplex_thread() (Zhang Xiaoxu) [Orabug: 36983926] {CVE-2023-52572}
- smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (Paulo Alcantara)
- ksmbd: fix potencial out-of-bounds when buffer offset is invalid (Namjae Jeon) [Orabug: 36596770] {CVE-2024-26952}
- smb: client: fix potential UAF in cifs_dump_full_key() (Paulo Alcantara) [Orabug: 36642544] {CVE-2024-35866}
- nvmet-fc: Remove unused functions (Yuli Wang)
- landlock: Add the errata interface (Mickaël Salaün)
- drm/amdgpu: fix usage slab after free (Vitaly Prosyak) [Orabug: 37433728] {CVE-2024-56551}
- drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing (Srinivasan Shanmugam)
- drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' (Srinivasan Shanmugam)
- drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (Hersen Wu) [Orabug: 37116370] {CVE-2024-46816}
- wifi: ath10k: avoid NULL pointer error during sdio remove (Kang Yang) [Orabug: 37433947] {CVE-2024-56599}
- phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function (Miaoqian Lin)
- powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (Nathan Lynch) [Orabug: 37074647] {CVE-2024-46774}
- x86/pvh: Call C code via the kernel virtual mapping (Ard Biesheuvel)
- net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup (Souradeep Chakrabarti) [Orabug: 37074695] {CVE-2024-46784}
- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Michal Schmidt) [Orabug: 36753377] {CVE-2024-38540}
- phonet/pep: fix racy skb_queue_empty() use (Remi Denis-Courmont) [Orabug: 36642006] {CVE-2024-27402}
- filemap: Fix bounds checking in filemap_read() (Trond Myklebust) [Orabug: 37298710] {CVE-2024-50272}
- net: fix crash when config small gso_max_size/gso_ipv4_max_size (Wang Liang) [Orabug: 37268692] {CVE-2024-50258}
- ipv6: release nexthop on device removal (Paolo Abeni) [Orabug: 37434497] {CVE-2024-56751}
- misc: pci_endpoint_test: Fix 'irq_type' to convey the correct type (Kunihiko Hayashi)
- misc: pci_endpoint_test: Fix displaying 'irq_type' after 'request_irq' error (Kunihiko Hayashi)
- misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (Kunihiko Hayashi) [Orabug: 37901585] {CVE-2025-23140}
- mptcp: sockopt: fix getting IPV6_V6ONLY (Matthieu Baerts)
- kbuild: Add '-fno-builtin-wcslen' (Nathan Chancellor)
- cpufreq: Reference count policy in cpufreq_update_limits() (Rafael J. Wysocki)
- KVM: arm64: Eagerly switch ZCR_EL{1,2} (Mark Rutland)
- KVM: arm64: Calculate cptr_el2 traps on activating traps (Fuad Tabba)
- KVM: arm64: Remove VHE host restore of CPACR_EL1.ZEN (Mark Rutland)
- KVM: arm64: Remove host FPSIMD saving for non-protected KVM (Mark Rutland)
- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (Mark Rutland)
- arm64/fpsimd: Stop using TIF_SVE to manage register saving in KVM (Mark Brown)
- arm64/fpsimd: Have KVM explicitly say which FP registers to save (Mark Brown)
- arm64/fpsimd: Track the saved FPSIMD state type separately to TIF_SVE (Mark Brown)
- KVM: arm64: Discard any SVE state when entering KVM guests (Mark Brown)
- KVM: arm64: Always start with clearing SVE flag on load (Marc Zyngier)
- KVM: arm64: Get rid of host SVE tracking/saving (Mark Brown)
- drm/sti: remove duplicate object names (Rolf Eike Beer)
- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (Chris Bainbridge) [Orabug: 37901817] {CVE-2025-37765}
- drm/amdgpu/dma_buf: fix page_link check (Matthew Auld)
- drm/amd/pm/powerplay/hwmgr/vega20_thermal: Prevent division by zero (Denis Arefev) [Orabug: 37901823,37901827,37901830,37901840,37901847] {CVE-2025-37766,CVE-2025-37767,CVE-2025-37768,CVE-2025-37770,CVE-2025-37771}
- drm/amd/pm/swsmu/smu13/smu_v13_0: Prevent division by zero (Denis Arefev) [Orabug: 37901823,37901827,37901830,37901840,37901847] {CVE-2025-37766,CVE-2025-37767,CVE-2025-37768,CVE-2025-37770,CVE-2025-37771}
- drm/amd/pm/powerplay/hwmgr/smu7_thermal: Prevent division by zero (Denis Arefev) [Orabug: 37901823,37901827,37901830,37901840,37901847] {CVE-2025-37766,CVE-2025-37767,CVE-2025-37768,CVE-2025-37770,CVE-2025-37771}
- drm/amd/pm/powerplay: Prevent division by zero (Denis Arefev) [Orabug: 37901823,37901827,37901830,37901840,37901847] {CVE-2025-37766,CVE-2025-37767,CVE-2025-37768,CVE-2025-37770,CVE-2025-37771}
- drm/amd/pm: Prevent division by zero (Denis Arefev) [Orabug: 37901823,37901827,37901830,37901840,37901847] {CVE-2025-37766,CVE-2025-37767,CVE-2025-37768,CVE-2025-37770,CVE-2025-37771}
- drm/repaper: fix integer overflows in repeat functions (Nikita Zhandarovich)
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on SPR (Kan Liang)
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on ICX (Kan Liang)
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on SNR (Kan Liang)
- perf/x86/intel: Allow to update user space GPRs from PEBS records (Dapeng Mi)
- virtiofs: add filesystem context source name check (Xiangsheng Hou) [Orabug: 37901854] {CVE-2025-37773}
- tracing: Fix filter string testing (Steven Rostedt)
- riscv: Avoid fortify warning in syscall_get_arguments() (Nathan Chancellor)
- mm/gup: fix wrongly calculated returned value in fault_in_safe_writeable() (Baoquan He)
- loop: LOOP_SET_FD: send uevents for partitions (Thomas Weißschuh)
- loop: properly send KOBJ_CHANGED uevent for disk device (Thomas Weißschuh)
- isofs: Prevent the use of too small fid (Edward Adam Davis) [Orabug: 37901889] {CVE-2025-37780}
- i2c: cros-ec-tunnel: defer probe if parent EC is not present (Thadeu Lima de Souza Cascardo) [Orabug: 37901896] {CVE-2025-37781}
- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (Vasiliy Kovalev)
- crypto: caam/qi - Fix drv_ctx refcount bug (Herbert Xu)
- btrfs: correctly escape subvol in btrfs_show_options() (Johannes Kimmel)
- nfs: add missing selections of CONFIG_CRC32 (Eric Biggers)
- nfs: move nfs_fhandle_hash to common include file (Jeff Layton)
- asus-laptop: Fix an uninitialized variable (Denis Arefev)
- ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (Srinivas Kandagatla)
- ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (Srinivas Kandagatla)
- writeback: fix false warning in inode_to_wb() (Andreas Gruenbacher)
- riscv: KGDB: Remove ".option norvc/.option rvc" for kgdb_compiled_break (Yuli Wang)
- riscv: KGDB: Do not inline arch_kgdb_breakpoint() (Yuli Wang)
- riscv: Properly export reserved regions in /proc/iomem (Björn Töpel)
- net: dsa: avoid refcount warnings when ds->ops->tag_8021q_vlan_del() fails (Vladimir Oltean)
- net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (Vladimir Oltean) [Orabug: 37901916] {CVE-2025-37787}
- net: b53: enable BPDU reception for management port (Jonas Gorski)
- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (Abdun Nihaal) [Orabug: 37901919] {CVE-2025-37788}
- net: openvswitch: fix nested key length validation in the set() action (Ilya Maximets) [Orabug: 37901922] {CVE-2025-37789}
- net: mctp: Set SOCK_RCU_FREE (Matt Johnston) [Orabug: 37901929] {CVE-2025-37790}
- igc: cleanup PTP module if probe fails (Christopher S Hall)
- igc: handle the IGC_PTP_ENABLED flag correctly (Christopher S Hall)
- igc: move ktime snapshot into PTM retry loop (Christopher S Hall)
- igc: fix PTM cycle trigger logic (Christopher S Hall) [Orabug: 37937458] {CVE-2025-37875}
- Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (Johannes Berg)
- Bluetooth: l2cap: Check encryption key size on incoming connection (Frédéric Danis)
- Bluetooth: btrtl: Prevent potential NULL dereference (Dan Carpenter) [Orabug: 37901933] {CVE-2025-37792}
- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (Luiz Augusto von Dentz)
- RDMA/core: Silence oversized kvmalloc() warning (Shay Drory) [Orabug: 37937427] {CVE-2025-37867}
- RDMA/hns: Fix wrong maximum DMA segment size (Chengchang Tang)
- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (Yue Haibing)
- md/raid10: fix missing discard IO accounting (Yu Kuai)
- scsi: iscsi: Fix missing scsi_host_put() in error path (Miaoqian Lin)
- wifi: wl1251: fix memory leak in wl1251_tx_work (Abdun Nihaal) [Orabug: 37977075] {CVE-2025-37982}
- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (Remi Pommarel) [Orabug: 37901939] {CVE-2025-37794}
- wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (Remi Pommarel)
- wifi: at76c50x: fix use after free access in at76_disconnect (Abdun Nihaal) [Orabug: 37901952] {CVE-2025-37796}
- scsi: hisi_sas: Enable force phy when SATA disk directly connected (Xingui Yang)
- scsi: libsas: Add struct sas_tmf_task (John Garry)
- scsi: libsas: Delete lldd_clear_aca callback (John Garry)
- scsi: hisi_sas: Fix setting of hisi_sas_slot.is_internal (John Garry)
- scsi: hisi_sas: Factor out task prep and delivery code (John Garry)
- scsi: hisi_sas: Pass abort structure for internal abort (John Garry)
- scsi: hisi_sas: Start delivery hisi_sas_task_exec() directly (John Garry)
- Bluetooth: hci_uart: Fix another race during initialization (Arseniy Krasnov)
- x86/e820: Fix handling of subpage regions when calculating nosave ranges in e820__register_nosave_regions() (Myrrh Periwinkle)
- ACPI: platform-profile: Fix CFI violation when accessing sysfs files (Nathan Chancellor)
- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() lists (Douglas Anderson)
- HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition (Kaixin Wang) [Orabug: 37855340] {CVE-2025-37838}
- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (Stephan Gerhold)
- PCI: Fix reference leak in pci_alloc_child_bus() (Ma Ke)
- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (Stanimir Varbanov)
- of/irq: Fix device node refcount leakages in of_irq_init() (Zijun Hu)
- of/irq: Fix device node refcount leakage in API irq_of_parse_and_map() (Zijun Hu)
- of/irq: Fix device node refcount leakages in of_irq_count() (Zijun Hu)
- ntb: use 64-bit arithmetic for the MSI doorbell mask (Fedor Pchelkin)
- gpio: zynq: Fix wakeup source leaks on device unbind (Krzysztof Kozlowski)
- ftrace: Add cond_resched() to ftrace_graph_set_hash() (Zhoumin) [Orabug: 37976892] {CVE-2025-37940}
- dm-integrity: set ti->error on memory allocation failure (Mikulas Patocka)
- crypto: ccp - Fix check for the primary ASP device (Tom Lendacky)
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (Trevor Woerner)
- sctp: detect and prevent references to a freed transport in sendmsg (Ricardo Cañuelo Navarro) [Orabug: 37901596] {CVE-2025-23142}
- mm/hwpoison: do not send SIGBUS to processes with recovered clean pages (Shuai Xue)
- mm: add missing release barrier on PGDAT_RECLAIM_LOCKED unlock (Mathieu Desnoyers)
- sparc/mm: disable preemption in lazy mmu mode (Ryan Roberts)
- arm64: dts: mediatek: mt8173: Fix disp-pwm compatible string (Chen-Yu Tsai)
- mtd: rawnand: Add status chack in r852_ready() (Xu Wang)
- mtd: inftlcore: Add error check for inftl_read_oob() (Xu Wang) [Orabug: 37976719] {CVE-2025-37892}
- mptcp: only inc MPJoinAckHMacFailure for HMAC failures (Matthieu Baerts)
- mptcp: fix NULL pointer in can_accept_new_subflow (Gang Yan) [Orabug: 37901614] {CVE-2025-23145}
- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (T Pratham)
- locking/lockdep: Decrease nr_unused_locks if lock unused in zap_class() (Boqun Feng)
- mfd: ene-kb3930: Fix a potential NULL pointer dereference (Chenyuan Yang) [Orabug: 37901617] {CVE-2025-23146}
- jbd2: remove wrong sb->s_sequence check (Jan Kara) [Orabug: 37937282] {CVE-2025-37839}
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (Manjunatha Venkatesh) [Orabug: 37901621] {CVE-2025-23147}
- i3c: master: svc: Use readsb helper for reading MDB (Stanley Chu)
- vdpa/mlx5: Fix oversized null mkey longer than 32bit (Si-Wei Liu)
- ext4: fix off-by-one error in do_split (Artem Sadovnikov) [Orabug: 37901630] {CVE-2025-23150}
- bus: mhi: host: Fix race between unprepare and queue_buf (Jeffrey Hugo) [Orabug: 37901637] {CVE-2025-23151}
- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (Alexey Klimov)
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (Gavrilov Ilia)
- wifi: mt76: Add check for devm_kstrdup() (Haoxiang Li)
- clocksource/drivers/stm32-lptimer: Use wakeup capable instead of init wakeup (Alexandre Torgue)
- mtd: Replace kcalloc() with devm_kcalloc() (Jiasheng Jiang)
- net: dsa: mv88e6xxx: workaround RGMII transmit delay erratum for 6320 family (Marek Behún)
- mtd: Add check for devm_kcalloc() (Jiasheng Jiang)
- media: venus: hfi_parser: refactor hfi packet parsing logic (Vikash Garodia) [Orabug: 37901647] {CVE-2025-23156}
- media: venus: hfi_parser: add check to avoid out of bound access (Vikash Garodia) [Orabug: 37901652] {CVE-2025-23157}
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (Sakari Ailus)
- media: i2c: ov7251: Set enable GPIO low in probe (Sakari Ailus)
- media: i2c: ccs: Set the device's runtime PM status correctly in probe (Sakari Ailus)
- media: i2c: ccs: Set the device's runtime PM status correctly in remove (Sakari Ailus)
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (Karina Yankevich)
- media: streamzap: prevent processing IR data on URB failure (Murad Masimov)
- mtd: rawnand: brcmnand: fix PM resume warning (Kamal Dasu) [Orabug: 37937291] {CVE-2025-37840}
- spi: cadence-qspi: Fix probe on AM62A LP SK (Miquel Raynal)
- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe list (Douglas Anderson)
- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre BHB (Douglas Anderson)
- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (Douglas Anderson)
- arm64: cputype: Add MIDR_CORTEX_A76AE (Douglas Anderson)
- xenfs/xensyms: respect hypervisor's "next" indication (Jan Beulich)
- media: siano: Fix error handling in smsdvb_module_init() (Yuan Can)
- media: vim2m: print device name after registering device (Matthew Majewski)
- media: venus: hfi: add check to handle incorrect queue size (Vikash Garodia) [Orabug: 37901656] {CVE-2025-23158}
- media: venus: hfi: add a check to handle OOB in sfr region (Vikash Garodia) [Orabug: 37901661] {CVE-2025-23159}
- media: i2c: adv748x: Fix test pattern selection mask (Niklas Söderlund)
- ext4: don't treat fhandle lookup of ea_inode as FS corruption (Jann Horn)
- bpf: support SKF_NET_OFF and SKF_LL_OFF on skb frags (Willem de Bruijn)
- bpf: Add endian modifiers to fix endian warnings (Ben Dooks)
- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (Uwe Kleine-König)
- pwm: rcar: Improve register calculation (Uwe Kleine-König)
- pwm: rcar: Simplify multiplication/shift logic (Geert Uytterhoeven)
- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (Josh Poimboeuf) [Orabug: 37937328] {CVE-2025-37850}
- ktest: Fix Test Failures Due to Missing LOG_FILE Directories (Ayush Jain)
- fbdev: omapfb: Add 'plane' value check (Leonid Arapov)
- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (Ryo Takakura) [Orabug: 37901667] {CVE-2025-23161}
- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (AngeloGioacchino Del Regno)
- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (Philip Yang)
- drm/amdkfd: clamp queue size to minimum (David Yat Sin)
- drivers: base: devres: Allow to release group on device release (Lucas De Marchi)
- drm/bridge: panel: forbid initializing a panel with unknown connector type (Luca Ceresoli)
- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (Andrew Wyatt)
- drm: panel-orientation-quirks: Add support for AYANEO 2S (Andrew Wyatt)
- drm/amd/display: Update Cursor request mode to the beginning prefetch always (Zhikai Zhai)
- drm: allow encoder mode_set even when connectors change for crtc (Abhinav Kumar)
- Bluetooth: hci_uart: fix race during initialization (Arseniy Krasnov)
- tracing: fix return value in __ftrace_event_enable_disable for TRACE_REG_UNREGISTER (Gabriele Paoloni)
- net: vlan: don't propagate flags on open (Stanislav Fomichev) [Orabug: 37901683] {CVE-2025-23163}
- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (Icenowy Zheng)
- scsi: st: Fix array overflow in st_setup() (Kai Mäkisara) [Orabug: 37937378] {CVE-2025-37857}
- ext4: ignore xattrs past end (Bhupesh) [Orabug: 37901690] {CVE-2025-37738}
- ext4: protect ext4_release_dquot against freezing (Ojaswin Mujoo)
- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (Daniel Kral)
- f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks() (Chao Yu) [Orabug: 37901700] {CVE-2025-37739}
- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (Niklas Cassel)
- jfs: add sanity check for agwidth in dbMount (Edward Adam Davis) [Orabug: 37901706] {CVE-2025-37740}
- jfs: Prevent copying of nlink with value 0 from disk inode (Edward Adam Davis) [Orabug: 37901715] {CVE-2025-37741}
- fs/jfs: Prevent integer overflow in AG size calculation (Rand Deeb) [Orabug: 37937386] {CVE-2025-37858}
- fs/jfs: cast inactags to s64 to prevent potential overflow (Rand Deeb)
- jfs: Fix uninit-value access of imap allocated in the diMount() function (Zhongqiu Han) [Orabug: 37901723] {CVE-2025-37742}
- page_pool: avoid infinite loop to schedule delayed worker (Jason Xing) [Orabug: 37937394] {CVE-2025-37859}
- ALSA: usb-audio: Fix CME quirk for UF series keyboards (Ricard Wanderlof)
- ASoC: fsl_audmix: register card device depends on 'dais' property (Shengjiu Wang)
- ALSA: hda: intel: Fix Optimus when GPU has no sound (Maxim Mikityanskiy)
- HID: pidff: Fix null pointer dereference in pidff_find_fields (Tomasz Pakuła) [Orabug: 37937409] {CVE-2025-37862}
- HID: pidff: Do not send effect envelope if it's empty (Tomasz Pakuła)
- HID: pidff: Convert infinite length from Linux API to PID standard (Tomasz Pakuła)
- xen/mcelog: Add __nonstring annotations for unterminated strings (Kees Cook)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (Douglas Anderson)
- perf: arm_pmu: Don't disable counter in armpmu_add() (Mark Rutland)
- x86/cpu: Don't clear X86_FEATURE_LAHF_LM flag in init_amd_k8() on AMD when running in a virtual machine (Max Grobecker)
- pm: cpupower: bench: Prevent NULL dereference on malloc failure (Zhongqiu Han) [Orabug: 37937296] {CVE-2025-37841}
- umount: Allow superblock owners to force umount (Trond Myklebust)
- nft_set_pipapo: fix incorrect avx2 match of 5th field octet (Florian Westphal)
- net: ppp: Add bound checking for skb data on ppp_sync_txmung (Arnaud Lecomte) [Orabug: 37901765] {CVE-2025-37749}
- nvmet-fcloop: swap list_add_tail arguments (Daniel Wagner)
- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (Xu Wang)
- ata: sata_sx4: Drop pointless VPRINTK() calls and convert the remaining ones (Hannes Reinecke)
- net: ethtool: Don't call .cleanup_data when prepare_data fails (Maxime Chevallier)
- net: tls: explicitly disallow disconnect (Jakub Kicinski) [Orabug: 37901782] {CVE-2025-37756}
- tipc: fix memory leak in tipc_link_xmit (Tung Nguyen) [Orabug: 37901789] {CVE-2025-37757}
- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (Henry Martin) [Orabug: 37901795] {CVE-2025-37758}

ELBA-2025-20478 Oracle Linux 9 systemd bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20478

http://linux.oracle.com/errata/ELBA-2025-20478.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
systemd-252-51.0.3.el9_6.1.i686.rpm
systemd-252-51.0.3.el9_6.1.x86_64.rpm
systemd-devel-252-51.0.3.el9_6.1.i686.rpm
systemd-devel-252-51.0.3.el9_6.1.x86_64.rpm
systemd-libs-252-51.0.3.el9_6.1.i686.rpm
systemd-libs-252-51.0.3.el9_6.1.x86_64.rpm
systemd-resolved-252-51.0.3.el9_6.1.x86_64.rpm
systemd-boot-unsigned-252-51.0.3.el9_6.1.x86_64.rpm
rhel-net-naming-sysattrs-252-51.0.3.el9_6.1.noarch.rpm
systemd-container-252-51.0.3.el9_6.1.i686.rpm
systemd-container-252-51.0.3.el9_6.1.x86_64.rpm
systemd-oomd-252-51.0.3.el9_6.1.x86_64.rpm
systemd-pam-252-51.0.3.el9_6.1.x86_64.rpm
systemd-rpm-macros-252-51.0.3.el9_6.1.noarch.rpm
systemd-udev-252-51.0.3.el9_6.1.x86_64.rpm
systemd-journal-remote-252-51.0.3.el9_6.1.x86_64.rpm
systemd-ukify-252-51.0.3.el9_6.1.noarch.rpm

aarch64:
systemd-252-51.0.3.el9_6.1.aarch64.rpm
systemd-libs-252-51.0.3.el9_6.1.aarch64.rpm
systemd-resolved-252-51.0.3.el9_6.1.aarch64.rpm
systemd-boot-unsigned-252-51.0.3.el9_6.1.aarch64.rpm
rhel-net-naming-sysattrs-252-51.0.3.el9_6.1.noarch.rpm
systemd-container-252-51.0.3.el9_6.1.aarch64.rpm
systemd-oomd-252-51.0.3.el9_6.1.aarch64.rpm
systemd-pam-252-51.0.3.el9_6.1.aarch64.rpm
systemd-rpm-macros-252-51.0.3.el9_6.1.noarch.rpm
systemd-udev-252-51.0.3.el9_6.1.aarch64.rpm
systemd-devel-252-51.0.3.el9_6.1.aarch64.rpm
systemd-journal-remote-252-51.0.3.el9_6.1.aarch64.rpm
systemd-ukify-252-51.0.3.el9_6.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/systemd-252-51.0.3.el9_6.1.src.rpm

Description of changes:

[252-51.0.3.1]
- Drop delay when nspawn fails to reset loginuid [Orabug: 37793135]
- Rebase GetNameOwner changes on upstream [Orabug: 37410374]
- Improve logging for api bus connection and subscribers [Orabug: 38040980]
- Stash the subscriber list when disconnected from dbus [Orabug: 38040980]
- Defer processing of timeout events in sd-bus api [Orabug: 38064217]

ELBA-2025-20474 Oracle Linux 9 linux-firmware bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20474

http://linux.oracle.com/errata/ELBA-2025-20474.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
iwl1000-firmware-39.31.5.1-999.41.el9.noarch.rpm
iwl100-firmware-39.31.5.1-999.41.el9.noarch.rpm
iwl105-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl135-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl2000-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl2030-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl3160-firmware-25.30.13.0-999.41.el9.noarch.rpm
iwl3945-firmware-15.32.2.9-999.41.el9.noarch.rpm
iwl4965-firmware-228.61.2.24-999.41.el9.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.41.el9.noarch.rpm
iwl5150-firmware-8.24.2.2-999.41.el9.noarch.rpm
iwl6000-firmware-9.221.4.1-999.41.el9.noarch.rpm
iwl6000g2a-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl6000g2b-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl6050-firmware-41.28.5.1-999.41.el9.noarch.rpm
iwl7260-firmware-25.30.13.0-999.41.el9.noarch.rpm
iwlax2xx-firmware-20250611-999.41.el9.noarch.rpm
libertas-sd8686-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
libertas-sd8787-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
libertas-usb8388-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
libertas-usb8388-olpc-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
linux-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
linux-firmware-core-20250611-999.41.git356f06bf.el9.noarch.rpm
linux-firmware-whence-20250611-999.41.git356f06bf.el9.noarch.rpm
liquidio-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
netronome-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm

aarch64:
iwl1000-firmware-39.31.5.1-999.41.el9.noarch.rpm
iwl100-firmware-39.31.5.1-999.41.el9.noarch.rpm
iwl105-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl135-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl2000-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl2030-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl3160-firmware-25.30.13.0-999.41.el9.noarch.rpm
iwl3945-firmware-15.32.2.9-999.41.el9.noarch.rpm
iwl4965-firmware-228.61.2.24-999.41.el9.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.41.el9.noarch.rpm
iwl5150-firmware-8.24.2.2-999.41.el9.noarch.rpm
iwl6000-firmware-9.221.4.1-999.41.el9.noarch.rpm
iwl6000g2a-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl6000g2b-firmware-18.168.6.1-999.41.el9.noarch.rpm
iwl6050-firmware-41.28.5.1-999.41.el9.noarch.rpm
iwl7260-firmware-25.30.13.0-999.41.el9.noarch.rpm
iwlax2xx-firmware-20250611-999.41.el9.noarch.rpm
libertas-sd8686-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
libertas-sd8787-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
libertas-usb8388-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
libertas-usb8388-olpc-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
linux-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
linux-firmware-core-20250611-999.41.git356f06bf.el9.noarch.rpm
linux-firmware-whence-20250611-999.41.git356f06bf.el9.noarch.rpm
liquidio-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm
netronome-firmware-20250611-999.41.git356f06bf.el9.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/linux-firmware-20250611-999.41.git356f06bf.el9.src.rpm

Description of changes:

[20250611-999.41.git356f06bf.el9]
- Rebase to latest upstream and update the core list for UEK8 [Orabug: 38028345]

ELSA-2025-11332 Important: Oracle Linux 10 tomcat9 security update

Oracle Linux Security Advisory ELSA-2025-11332

http://linux.oracle.com/errata/ELSA-2025-11332.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
tomcat9-9.0.87-5.el10_0.1.noarch.rpm
tomcat9-admin-webapps-9.0.87-5.el10_0.1.noarch.rpm
tomcat9-docs-webapp-9.0.87-5.el10_0.1.noarch.rpm
tomcat9-el-3.0-api-9.0.87-5.el10_0.1.noarch.rpm
tomcat9-jsp-2.3-api-9.0.87-5.el10_0.1.noarch.rpm
tomcat9-lib-9.0.87-5.el10_0.1.noarch.rpm
tomcat9-servlet-4.0-api-9.0.87-5.el10_0.1.noarch.rpm
tomcat9-webapps-9.0.87-5.el10_0.1.noarch.rpm

aarch64:
tomcat9-9.0.87-5.el10_0.1.noarch.rpm
tomcat9-admin-webapps-9.0.87-5.el10_0.1.noarch.rpm
tomcat9-docs-webapp-9.0.87-5.el10_0.1.noarch.rpm
tomcat9-el-3.0-api-9.0.87-5.el10_0.1.noarch.rpm
tomcat9-jsp-2.3-api-9.0.87-5.el10_0.1.noarch.rpm
tomcat9-lib-9.0.87-5.el10_0.1.noarch.rpm
tomcat9-servlet-4.0-api-9.0.87-5.el10_0.1.noarch.rpm
tomcat9-webapps-9.0.87-5.el10_0.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/tomcat9-9.0.87-5.el10_0.1.src.rpm

Related CVEs:

CVE-2024-56337
CVE-2025-31650

Description of changes:

[1:9.0.87-5.1]
- Resolves: RHEL-91765
tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame (CVE-2025-31650)
- Resolves: RHEL-71981
tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation (CVE-2024-56337)

ELSA-2025-11066 Moderate: Oracle Linux 10 glibc security update

Oracle Linux Security Advisory ELSA-2025-11066

http://linux.oracle.com/errata/ELSA-2025-11066.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
glibc-2.39-43.0.1.el10_0.x86_64.rpm
glibc-all-langpacks-2.39-43.0.1.el10_0.x86_64.rpm
glibc-benchtests-2.39-43.0.1.el10_0.x86_64.rpm
glibc-common-2.39-43.0.1.el10_0.x86_64.rpm
glibc-devel-2.39-43.0.1.el10_0.x86_64.rpm
glibc-doc-2.39-43.0.1.el10_0.noarch.rpm
glibc-gconv-extra-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-aa-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-af-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-agr-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ak-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-am-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-an-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-anp-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ar-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-as-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ast-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ayc-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-az-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-be-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-bem-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ber-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-bg-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-bhb-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-bho-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-bi-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-bn-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-bo-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-br-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-brx-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-bs-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-byn-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ca-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ce-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-chr-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ckb-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-cmn-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-crh-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-cs-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-csb-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-cv-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-cy-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-da-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-de-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-doi-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-dsb-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-dv-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-dz-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-el-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-en-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-eo-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-es-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-et-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-eu-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-fa-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ff-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-fi-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-fil-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-fo-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-fr-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-fur-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-fy-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ga-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-gbm-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-gd-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-gez-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-gl-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-gu-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-gv-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ha-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-hak-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-he-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-hi-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-hif-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-hne-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-hr-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-hsb-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ht-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-hu-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-hy-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ia-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-id-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ig-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ik-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-is-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-it-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-iu-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ja-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ka-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-kab-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-kk-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-kl-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-km-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-kn-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ko-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-kok-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ks-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ku-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-kv-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-kw-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ky-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-lb-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-lg-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-li-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-lij-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ln-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-lo-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-lt-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-lv-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-lzh-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-mag-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-mai-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-mfe-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-mg-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-mhr-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-mi-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-miq-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-mjw-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-mk-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ml-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-mn-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-mni-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-mnw-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-mr-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ms-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-mt-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-my-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-nan-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-nb-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-nds-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ne-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-nhn-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-niu-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-nl-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-nn-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-nr-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-nso-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-oc-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-om-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-or-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-os-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-pa-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-pap-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-pl-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ps-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-pt-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-quz-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-raj-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-rif-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ro-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ru-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-rw-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-sa-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-sah-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-sat-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-sc-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-sd-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-se-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-sgs-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-shn-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-shs-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-si-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-sid-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-sk-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-sl-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-sm-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-so-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-sq-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-sr-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ss-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ssy-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-st-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-su-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-sv-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-sw-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-syr-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-szl-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ta-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-tcy-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-te-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-tg-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-th-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-the-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ti-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-tig-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-tk-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-tl-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-tn-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-to-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-tok-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-tpi-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-tr-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ts-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-tt-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ug-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-uk-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-unm-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ur-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-uz-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-ve-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-vi-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-wa-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-wae-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-wal-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-wo-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-xh-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-yi-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-yo-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-yue-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-yuw-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-zgh-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-zh-2.39-43.0.1.el10_0.x86_64.rpm
glibc-langpack-zu-2.39-43.0.1.el10_0.x86_64.rpm
glibc-locale-source-2.39-43.0.1.el10_0.x86_64.rpm
glibc-minimal-langpack-2.39-43.0.1.el10_0.x86_64.rpm
glibc-nss-devel-2.39-43.0.1.el10_0.x86_64.rpm
glibc-static-2.39-43.0.1.el10_0.x86_64.rpm
glibc-utils-2.39-43.0.1.el10_0.x86_64.rpm
libnsl-2.39-43.0.1.el10_0.x86_64.rpm
nss_db-2.39-43.0.1.el10_0.x86_64.rpm
nss_hesiod-2.39-43.0.1.el10_0.x86_64.rpm

aarch64:
glibc-2.39-43.0.1.el10_0.aarch64.rpm
glibc-all-langpacks-2.39-43.0.1.el10_0.aarch64.rpm
glibc-benchtests-2.39-43.0.1.el10_0.aarch64.rpm
glibc-common-2.39-43.0.1.el10_0.aarch64.rpm
glibc-devel-2.39-43.0.1.el10_0.aarch64.rpm
glibc-doc-2.39-43.0.1.el10_0.noarch.rpm
glibc-gconv-extra-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-aa-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-af-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-agr-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ak-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-am-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-an-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-anp-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ar-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-as-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ast-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ayc-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-az-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-be-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-bem-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-be-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ber-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-bg-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-bhb-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-bho-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-bi-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-bn-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-bo-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-br-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-brx-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-bs-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-byn-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ca-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ce-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-chr-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ckb-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-cmn-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-crh-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-cs-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-csb-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-cv-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-cy-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-da-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-de-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-doi-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-dsb-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-dv-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-dz-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-el-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-en-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-eo-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-es-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-et-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-eu-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-fa-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ff-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-fi-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-fil-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-fo-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-fr-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-fur-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-fy-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ga-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-gbm-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-gd-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-gez-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-gl-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-gu-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-gv-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ha-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-hak-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-he-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-hi-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-hif-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-hne-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-hr-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-hsb-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ht-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-hu-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-hy-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ia-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-id-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ig-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ik-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-is-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-it-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-iu-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ja-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ka-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-kab-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-kk-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-kl-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-km-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-kn-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ko-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-kok-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ks-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ku-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-kv-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-kw-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ky-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-lb-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-lg-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-li-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-lij-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ln-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-lo-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-lt-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-lv-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-lzh-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-mag-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-mai-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-mfe-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-mg-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-mhr-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-mi-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-miq-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-mjw-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-mk-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ml-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-mn-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-mni-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-mnw-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-mr-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ms-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-mt-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-my-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-nan-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-nb-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-nds-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ne-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-nhn-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-niu-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-nl-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-nn-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-nr-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-nso-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-oc-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-om-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-or-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-os-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-pa-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-pap-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-pl-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ps-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-pt-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-quz-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-raj-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-rif-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ro-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ru-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-rw-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-sa-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-sah-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-sat-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-sc-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-sd-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-se-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-sgs-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-shn-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-shs-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-si-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-sid-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-sk-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-sl-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-sm-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-so-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-sq-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-sr-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ss-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ssy-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-st-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-su-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-sv-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-sw-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-syr-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-szl-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ta-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-tcy-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-te-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-tg-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-th-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-the-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ti-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-tig-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-tk-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-tl-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-tn-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-to-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-tok-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-tpi-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-tr-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ts-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-tt-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ug-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-uk-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-unm-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ur-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-uz-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-ve-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-vi-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-wa-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-wae-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-wal-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-wo-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-xh-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-yi-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-yo-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-yue-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-yuw-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-zgh-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-zh-2.39-43.0.1.el10_0.aarch64.rpm
glibc-langpack-zu-2.39-43.0.1.el10_0.aarch64.rpm
glibc-locale-source-2.39-43.0.1.el10_0.aarch64.rpm
glibc-minimal-langpack-2.39-43.0.1.el10_0.aarch64.rpm
glibc-nss-devel-2.39-43.0.1.el10_0.aarch64.rpm
glibc-static-2.39-43.0.1.el10_0.aarch64.rpm
glibc-utils-2.39-43.0.1.el10_0.aarch64.rpm
libnsl-2.39-43.0.1.el10_0.aarch64.rpm
nss_db-2.39-43.0.1.el10_0.aarch64.rpm
nss_hesiod-2.39-43.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/glibc-2.39-43.0.1.el10_0.src.rpm

Related CVEs:

CVE-2025-5702

Description of changes:

[2.39-43.0.1]
- Forward port Oracle changes.
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]
Oracle history:
March-5-2025 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.39-37.0.1
- Forward port Oracle changes to 2.39-37.
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]
Jan-22-2025 Cupertino Miranda [cupertino.miranda@oracle.com] - 2.39-32.0.1
- Integration of relevant Oracle patches.
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]

[2.39-43]
- Rebuild due to SIGNSERVER-1997 (RHEL-102555)

[2.39-42]
- Restore _rtld_global_layout on x86-64, freeze tunables order (RHEL-101754)

[2.39-41]
- Downstream ABI adjustment for pthread_cond_t (RHEL-82285)

[2.39-40]
- Sync with upstream branch release/2.39/master (RHEL-87416)
- Upstream commit: cff1042cceec3502269947e96cf7023451af22f3
- CVE-2025-5702: Vector register overwrite bug in glibc (RHEL-95485)
- elf: Keep using minimal malloc after early DTV resize (RHEL-71923)
- libio: Fix a deadlock after fork in popen (RHEL-86433)
- Linux: Switch back to assembly syscall wrapper for prctl (RHEL-82286)
- Fix missed wakeup in POSIX thread condition variables (RHEL-82285)
- x86: Detect Intel Diamond Rapids
- x86: Handle unknown Intel processor with default tuning
- x86: Add ARL/PTL/CWF model detection support
- x86: Optimize xstate size calculation
- x86: Support and fixes for separate non-temporal tunable for memset
- x86: Fix a crash when running with XSAVEC disabled via tunables (RHEL-84837)
- x86_64: Add tanh, sinh, and atanh with FMA
- x86-64: Exclude FMA4 IFUNC functions for -mapxf
- nptl: clear the whole rseq area before registration
- math: Improve layout of exp/exp10 data
- AArch64: Add SVE memset
- math: Improve layout of expf data
- AArch64: Remove zva_128 from memset
- AArch64: Optimize memset
- AArch64: Improve generic strlen
- AArch64: Improve codegen for SVE tans and logs
- AArch64: Improve codegen in AdvSIMD logs, logf function family, and atan(2)(f)
- AArch64: Simplify rounding-multiply pattern in several AdvSIMD routines
- aarch64: Avoid redundant MOVs in AdvSIMD F32 logs
- aarch64: Fix AdvSIMD libmvec routines for big-endian

[2.39-39]
- langpacks: Use symlinks for LC_NAME, LC_NUMERIC files if possible (RHEL-97433)

[2.39-38]
- Update riscv64 handling (thanks David Abdurachmanov) (RHEL-87574)

ELSA-2025-10855 Moderate: Oracle Linux 10 glib2 security update

Oracle Linux Security Advisory ELSA-2025-10855

http://linux.oracle.com/errata/ELSA-2025-10855.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
glib2-2.80.4-4.el10_0.6.x86_64.rpm
glib2-devel-2.80.4-4.el10_0.6.x86_64.rpm
glib2-doc-2.80.4-4.el10_0.6.x86_64.rpm
glib2-static-2.80.4-4.el10_0.6.x86_64.rpm
glib2-tests-2.80.4-4.el10_0.6.x86_64.rpm

aarch64:
glib2-2.80.4-4.el10_0.6.aarch64.rpm
glib2-devel-2.80.4-4.el10_0.6.aarch64.rpm
glib2-doc-2.80.4-4.el10_0.6.aarch64.rpm
glib2-static-2.80.4-4.el10_0.6.aarch64.rpm
glib2-tests-2.80.4-4.el10_0.6.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/glib2-2.80.4-4.el10_0.6.src.rpm

Related CVEs:

CVE-2024-52533
CVE-2025-4373

Description of changes:

[2.80.4-4.el10_0.6]
- Add patches for CVE-2024-52533 and CVE-2025-4373
- Update GDateTime test for new tzdata
- Resolves: RHEL-94290
- Resolves: RHEL-102845

ELSA-2025-10854 Important: Oracle Linux 10 kernel security update

Oracle Linux Security Advisory ELSA-2025-10854

http://linux.oracle.com/errata/ELSA-2025-10854.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-abi-stablelists-6.12.0-55.21.1.0.1.el10_0.noarch.rpm
kernel-core-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-cross-headers-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-debug-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-debug-core-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-debug-devel-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-debug-devel-matched-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-debug-modules-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-debug-modules-core-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-debug-modules-extra-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-debug-uki-virt-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-devel-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-devel-matched-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-doc-6.12.0-55.21.1.0.1.el10_0.noarch.rpm
kernel-headers-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-modules-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-modules-core-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-modules-extra-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-tools-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-tools-libs-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-tools-libs-devel-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-uki-virt-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
kernel-uki-virt-addons-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
libperf-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
perf-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
python3-perf-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
rtla-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm
rv-6.12.0-55.21.1.0.1.el10_0.x86_64.rpm

aarch64:
kernel-cross-headers-6.12.0-55.21.1.0.1.el10_0.aarch64.rpm
kernel-headers-6.12.0-55.21.1.0.1.el10_0.aarch64.rpm
kernel-tools-6.12.0-55.21.1.0.1.el10_0.aarch64.rpm
kernel-tools-libs-6.12.0-55.21.1.0.1.el10_0.aarch64.rpm
kernel-tools-libs-devel-6.12.0-55.21.1.0.1.el10_0.aarch64.rpm
libperf-6.12.0-55.21.1.0.1.el10_0.aarch64.rpm
perf-6.12.0-55.21.1.0.1.el10_0.aarch64.rpm
python3-perf-6.12.0-55.21.1.0.1.el10_0.aarch64.rpm
rtla-6.12.0-55.21.1.0.1.el10_0.aarch64.rpm
rv-6.12.0-55.21.1.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/kernel-6.12.0-55.21.1.0.1.el10_0.src.rpm

Related CVEs:

CVE-2025-22036

Description of changes:

[6.12.0-55.21.1.0.1.el10_0.OL10]
- nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64

Tomcat, Kernel, Java-17-OpenJDK, Glib2, Cloud-Init updates for AlmaLinux

Gstreamer-Plugins-Good, Kubernetes, LibXML2, FFmpeg, Coreutils, Poppler, Python updates for SUSE

Kernel, Tomcat, glib2, java-17-OpenJDK, OLAM 2.2, Cloud-Init, Scap-Security-Guide updates for Oracle Linux

ELSA-2025-20471 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update

ELBA-2025-20472 Oracle Linux 7 linux-firmware bug fix update

ELSA-2025-20471 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

ELSA-2025-11333 Important: Oracle Linux 8 tomcat security update

ELSA-2025-20471 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update

ELSA-2025-11327 Moderate: Oracle Linux 8 glib2 security update

ELSA-2025-11298 Moderate: Oracle Linux 8 kernel security update

ELSA-2025-10867 Important: Oracle Linux 8 java-17-openjdk security update

ELBA-2025-4046 Oracle Linux 8 linux-firmware bug fix update

ELBA-2025-20473 Oracle Linux 8 linux-firmware bug fix update

ELSA-2025-20470 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update

OLAMSA-2025-0012 Moderate: Oracle Linux 8 OLAM 2.2 security fix

ELSA-2025-11335 Important: Oracle Linux 9 tomcat security update

ELSA-2025-10867 Important: Oracle Linux 9 java-17-openjdk security update

ELSA-2025-10848 Important: Oracle Linux 9 cloud-init security update

ELBA-2025-10786 Oracle Linux 9 scap-security-guide bug fix and enhancement update

ELBA-2025-9426 Oracle Linux 9 linux-firmware bug fix update

ELSA-2025-20470 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update

ELBA-2025-20478 Oracle Linux 9 systemd bug fix update

ELBA-2025-20474 Oracle Linux 9 linux-firmware bug fix update

ELSA-2025-11332 Important: Oracle Linux 10 tomcat9 security update

ELSA-2025-11066 Moderate: Oracle Linux 10 glibc security update

ELSA-2025-10855 Moderate: Oracle Linux 10 glib2 security update

ELSA-2025-10854 Important: Oracle Linux 10 kernel security update

Windows

Linux

macOS

Community