Keylime, LibSSH, Kernel, and more updates for Oracle Linux

Oracle Linux 6423 Published by

Oracle has released several updates for its Linux distributions, including security patches and bug fixes. For Oracle Linux 10, the available updates include keylime security patches (ELSA-2025-23201), a kernel security update (ELSA-2025-23279), libssh security patches (ELSA-2025-23484), and bug fix updates for tzdata and other packages. For Oracle Linux 9, the available updates include libssh security patches (ELSA-2025-23483) and bug fix updates for various packages including tzdata, hwloc, man-pages, squid, s-nail. Additionally, Oracle Linux 8 has received a bug fix update for 389-ds:1.4.

ELSA-2025-23201 Important: Oracle Linux 10 keylime security update
ELSA-2025-23210 Important: Oracle Linux 9 keylime security update
ELSA-2025-23484 Moderate: Oracle Linux 10 libssh security update
ELSA-2025-23279 Important: Oracle Linux 10 kernel security update
ELBA-2025-23464 Oracle Linux 10 tzdata bug fix and enhancement update
ELSA-2025-23483 Moderate: Oracle Linux 9 libssh security update
ELBA-2025-23464 Oracle Linux 9 tzdata bug fix and enhancement update
ELBA-2025-23340 Oracle Linux 9 hwloc bug fix and enhancement update
ELBA-2025-23337 Oracle Linux 9 man-pages bug fix and enhancement update
ELBA-2025-23335 Oracle Linux 9 squid bug fix and enhancement update
ELBA-2025-23321 Oracle Linux 9 s-nail bug fix and enhancement update
ELBA-2025-23230 Oracle Linux 8 389-ds:1.4 bug fix and enhancement update
ELSA-2025-21063 Moderate: Oracle Linux 7 kernel security update




ELSA-2025-23201 Important: Oracle Linux 10 keylime security update


Oracle Linux Security Advisory ELSA-2025-23201

http://linux.oracle.com/errata/ELSA-2025-23201.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
keylime-7.12.1-11.el10_1.3.x86_64.rpm
keylime-base-7.12.1-11.el10_1.3.x86_64.rpm
keylime-registrar-7.12.1-11.el10_1.3.x86_64.rpm
keylime-selinux-7.12.1-11.el10_1.3.noarch.rpm
keylime-tenant-7.12.1-11.el10_1.3.x86_64.rpm
keylime-tools-7.12.1-11.el10_1.3.x86_64.rpm
keylime-verifier-7.12.1-11.el10_1.3.x86_64.rpm
python3-keylime-7.12.1-11.el10_1.3.x86_64.rpm

aarch64:
keylime-7.12.1-11.el10_1.3.aarch64.rpm
keylime-base-7.12.1-11.el10_1.3.aarch64.rpm
keylime-registrar-7.12.1-11.el10_1.3.aarch64.rpm
keylime-selinux-7.12.1-11.el10_1.3.noarch.rpm
keylime-tenant-7.12.1-11.el10_1.3.aarch64.rpm
keylime-tools-7.12.1-11.el10_1.3.aarch64.rpm
keylime-verifier-7.12.1-11.el10_1.3.aarch64.rpm
python3-keylime-7.12.1-11.el10_1.3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/keylime-7.12.1-11.el10_1.3.src.rpm

Related CVEs:

CVE-2025-13609

Description of changes:

[7.12.1-15]
- Registrar allows identity takeover via duplicate UUID registration

[7.12.1-14]
- Properly fix malformed TPM certificates workaround

[7.12.1-13]
- Avoid opening /dev/stdout when printing

[7.12.1-12]
- Fix malformed TPM certificates workaround



ELSA-2025-23210 Important: Oracle Linux 9 keylime security update


Oracle Linux Security Advisory ELSA-2025-23210

http://linux.oracle.com/errata/ELSA-2025-23210.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
keylime-7.12.1-11.el9_7.3.x86_64.rpm
keylime-base-7.12.1-11.el9_7.3.x86_64.rpm
keylime-registrar-7.12.1-11.el9_7.3.x86_64.rpm
keylime-selinux-7.12.1-11.el9_7.3.noarch.rpm
keylime-tenant-7.12.1-11.el9_7.3.x86_64.rpm
keylime-verifier-7.12.1-11.el9_7.3.x86_64.rpm
python3-keylime-7.12.1-11.el9_7.3.x86_64.rpm

aarch64:
keylime-7.12.1-11.el9_7.3.aarch64.rpm
keylime-base-7.12.1-11.el9_7.3.aarch64.rpm
keylime-registrar-7.12.1-11.el9_7.3.aarch64.rpm
keylime-selinux-7.12.1-11.el9_7.3.noarch.rpm
keylime-tenant-7.12.1-11.el9_7.3.aarch64.rpm
keylime-verifier-7.12.1-11.el9_7.3.aarch64.rpm
python3-keylime-7.12.1-11.el9_7.3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/keylime-7.12.1-11.el9_7.3.src.rpm

Related CVEs:

CVE-2025-13609

Description of changes:

[7.12.1-11.3]
- Registrar allows identity takeover via duplicate UUID registration
Resolves: RHEL-130760

[7.12.1-11.2]
- Properly fix the malformed certificate workaround
Resolves: RHEL-111244



ELSA-2025-23484 Moderate: Oracle Linux 10 libssh security update


Oracle Linux Security Advisory ELSA-2025-23484

http://linux.oracle.com/errata/ELSA-2025-23484.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
libssh-0.11.1-5.el10_1.x86_64.rpm
libssh-config-0.11.1-5.el10_1.noarch.rpm
libssh-devel-0.11.1-5.el10_1.x86_64.rpm

aarch64:
libssh-0.11.1-5.el10_1.aarch64.rpm
libssh-config-0.11.1-5.el10_1.noarch.rpm
libssh-devel-0.11.1-5.el10_1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/libssh-0.11.1-5.el10_1.src.rpm

Related CVEs:

CVE-2025-5987

Description of changes:

[0.11.1-5]
- Fix CVE-2025-5987
Resolves: RHEL-130040



ELSA-2025-23279 Important: Oracle Linux 10 kernel security update


Oracle Linux Security Advisory ELSA-2025-23279

http://linux.oracle.com/errata/ELSA-2025-23279.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-abi-stablelists-6.12.0-124.21.1.el10_1.noarch.rpm
kernel-core-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-cross-headers-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-debug-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-debug-core-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-debug-devel-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-debug-devel-matched-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-debug-modules-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-debug-modules-core-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-debug-modules-extra-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-debug-uki-virt-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-devel-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-devel-matched-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-doc-6.12.0-124.21.1.el10_1.noarch.rpm
kernel-headers-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-modules-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-modules-core-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-modules-extra-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-modules-extra-matched-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-tools-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-tools-libs-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-tools-libs-devel-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-uki-virt-6.12.0-124.21.1.el10_1.x86_64.rpm
kernel-uki-virt-addons-6.12.0-124.21.1.el10_1.x86_64.rpm
libperf-6.12.0-124.21.1.el10_1.x86_64.rpm
perf-6.12.0-124.21.1.el10_1.x86_64.rpm
python3-perf-6.12.0-124.21.1.el10_1.x86_64.rpm
rtla-6.12.0-124.21.1.el10_1.x86_64.rpm
rv-6.12.0-124.21.1.el10_1.x86_64.rpm

aarch64:
kernel-cross-headers-6.12.0-124.21.1.el10_1.aarch64.rpm
kernel-headers-6.12.0-124.21.1.el10_1.aarch64.rpm
kernel-tools-6.12.0-124.21.1.el10_1.aarch64.rpm
kernel-tools-libs-6.12.0-124.21.1.el10_1.aarch64.rpm
kernel-tools-libs-devel-6.12.0-124.21.1.el10_1.aarch64.rpm
libperf-6.12.0-124.21.1.el10_1.aarch64.rpm
perf-6.12.0-124.21.1.el10_1.aarch64.rpm
python3-perf-6.12.0-124.21.1.el10_1.aarch64.rpm
rtla-6.12.0-124.21.1.el10_1.aarch64.rpm
rv-6.12.0-124.21.1.el10_1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/kernel-6.12.0-124.21.1.el10_1.src.rpm

Related CVEs:

CVE-2025-38499
CVE-2025-39984

Description of changes:

[6.12.0-124.21.1]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 skb after XDP process (CKI Backport Bot) [RHEL-122247] {CVE-2025-39984}



ELBA-2025-23464 Oracle Linux 10 tzdata bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2025-23464

http://linux.oracle.com/errata/ELBA-2025-23464.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
tzdata-2025c-1.el10.noarch.rpm
tzdata-java-2025c-1.el10.noarch.rpm

aarch64:
tzdata-2025c-1.el10.noarch.rpm
tzdata-java-2025c-1.el10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/tzdata-2025c-1.el10.src.rpm

Description of changes:

[2025c-1]
- Update to tzdata-2025c (RHEL-135156)
- Update leap seconds file expiration date



ELSA-2025-23483 Moderate: Oracle Linux 9 libssh security update


Oracle Linux Security Advisory ELSA-2025-23483

http://linux.oracle.com/errata/ELSA-2025-23483.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
libssh-0.10.4-17.el9_7.i686.rpm
libssh-0.10.4-17.el9_7.x86_64.rpm
libssh-config-0.10.4-17.el9_7.noarch.rpm
libssh-devel-0.10.4-17.el9_7.i686.rpm
libssh-devel-0.10.4-17.el9_7.x86_64.rpm

aarch64:
libssh-0.10.4-17.el9_7.aarch64.rpm
libssh-config-0.10.4-17.el9_7.noarch.rpm
libssh-devel-0.10.4-17.el9_7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/libssh-0.10.4-17.el9_7.src.rpm

Related CVEs:

CVE-2025-5987

Description of changes:

[0.10.4-17]
- Bump spec to resolve build tagging issues

[0.10.4-16]
- Fix CVE-2025-5987
Resolves: RHEL-130051
- Workaround sshd failure rate limiting in tests
Resolves: RHEL-135506



ELBA-2025-23464 Oracle Linux 9 tzdata bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2025-23464

http://linux.oracle.com/errata/ELBA-2025-23464.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
tzdata-2025c-1.el9.noarch.rpm
tzdata-java-2025c-1.el9.noarch.rpm

aarch64:
tzdata-2025c-1.el9.noarch.rpm
tzdata-java-2025c-1.el9.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/tzdata-2025c-1.el9.src.rpm

Description of changes:

[2025c-1]
- Update to tzdata-2025c (RHEL-135158)
- Update leap seconds file expiration date



ELBA-2025-23340 Oracle Linux 9 hwloc bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2025-23340

http://linux.oracle.com/errata/ELBA-2025-23340.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
hwloc-2.4.1-6.el9_7.x86_64.rpm
hwloc-libs-2.4.1-6.el9_7.i686.rpm
hwloc-libs-2.4.1-6.el9_7.x86_64.rpm
hwloc-devel-2.4.1-6.el9_7.i686.rpm
hwloc-devel-2.4.1-6.el9_7.x86_64.rpm
hwloc-gui-2.4.1-6.el9_7.x86_64.rpm

aarch64:
hwloc-2.4.1-6.el9_7.aarch64.rpm
hwloc-libs-2.4.1-6.el9_7.aarch64.rpm
hwloc-devel-2.4.1-6.el9_7.aarch64.rpm
hwloc-gui-2.4.1-6.el9_7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/hwloc-2.4.1-6.el9_7.src.rpm

Description of changes:

[2.4.1-6]
- linux: fix support for NUMA node0 being offline (RHEL-118677)
- Resolves: RHEL-118677



ELBA-2025-23337 Oracle Linux 9 man-pages bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2025-23337

http://linux.oracle.com/errata/ELBA-2025-23337.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
man-pages-6.04-9.el9_7.noarch.rpm

aarch64:
man-pages-6.04-9.el9_7.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/man-pages-6.04-9.el9_7.src.rpm

Description of changes:

[6.04-9]
- madvise(2): madvise can return EBUSY on MADV_SOFT_OFFLINE requests.
Resolves: RHEL-34105

[6.04-8]
- Document RWF_ATOMIC, STATX_ATTR_WRITE_ATOMIC flags (RHEL-87625)



ELBA-2025-23335 Oracle Linux 9 squid bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2025-23335

http://linux.oracle.com/errata/ELBA-2025-23335.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
squid-5.5-22.el9_7.2.x86_64.rpm

aarch64:
squid-5.5-22.el9_7.2.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/squid-5.5-22.el9_7.2.src.rpm

Description of changes:

[7:5.5-22.2]
- Resolves: RHEL-131797 - "ICAP_ERR_OTHER/408" occurs in icap.log when
downloading a file on RHEL9

[7:5.5-22.1]
- Resolves: RHEL-122492 - squid: Squid vulnerable to information disclosure via
authentication credential leakage in error handling (CVE-2025-62168)



ELBA-2025-23321 Oracle Linux 9 s-nail bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2025-23321

http://linux.oracle.com/errata/ELBA-2025-23321.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
s-nail-14.9.22-9.el9_7.x86_64.rpm

aarch64:
s-nail-14.9.22-9.el9_7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/s-nail-14.9.22-9.el9_7.src.rpm

Description of changes:

[14.9.22-9]
- Stop adding BCC lines to subject
- Resolves: RHEL-110823



ELBA-2025-23230 Oracle Linux 8 389-ds:1.4 bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2025-23230

http://linux.oracle.com/errata/ELBA-2025-23230.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
389-ds-base-1.4.3.39-19.module+el8.10.0+90726+39e21ab8.x86_64.rpm
389-ds-base-devel-1.4.3.39-19.module+el8.10.0+90726+39e21ab8.x86_64.rpm
389-ds-base-legacy-tools-1.4.3.39-19.module+el8.10.0+90726+39e21ab8.x86_64.rpm
389-ds-base-libs-1.4.3.39-19.module+el8.10.0+90726+39e21ab8.x86_64.rpm
389-ds-base-snmp-1.4.3.39-19.module+el8.10.0+90726+39e21ab8.x86_64.rpm
python3-lib389-1.4.3.39-19.module+el8.10.0+90726+39e21ab8.noarch.rpm

aarch64:
389-ds-base-1.4.3.39-19.module+el8.10.0+90726+39e21ab8.aarch64.rpm
389-ds-base-devel-1.4.3.39-19.module+el8.10.0+90726+39e21ab8.aarch64.rpm
389-ds-base-legacy-tools-1.4.3.39-19.module+el8.10.0+90726+39e21ab8.aarch64.rpm
389-ds-base-libs-1.4.3.39-19.module+el8.10.0+90726+39e21ab8.aarch64.rpm
389-ds-base-snmp-1.4.3.39-19.module+el8.10.0+90726+39e21ab8.aarch64.rpm
python3-lib389-1.4.3.39-19.module+el8.10.0+90726+39e21ab8.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/389-ds-base-1.4.3.39-19.module+el8.10.0+90726+39e21ab8.src.rpm

Description of changes:

[1.4.3.39-19]
- Resolves: RHEL-117759 - Replication online reinitialization of a large database gets stalled. [rhel-8.10.z]

[1.4.3.39-18]
- Reverts: RHEL-123241 - Attribute uniqueness is not enforced upon modrdn operation [rhel-8.10.z]

[1.4.3.39-17]
- Resolves: RHEL-80491 - Can't rename users member of automember rule [rhel-8.10.z]
- Resolves: RHEL-87191 - Some replication status data are reset upon a restart. [rhel-8.10.z]
- Resolves: RHEL-89785 - Extend log of operations statistics in access log
- Resolves: RHEL-111226 - Error showing local password policy on web UI [rhel-8.10.z]
- Resolves: RHEL-113976 - AddressSanitizer: memory leak in memberof_add_memberof_attr [rhel-8.10.z]
- Resolves: RHEL-117457 - subtree search statistics for index lookup does not report ancestorid/entryrdn lookups
- Resolves: RHEL-117752 - Crash if repl keep alive entry can not be created [rhel-8.10.z]
- Resolves: RHEL-117759 - Replication online reinitialization of a large database gets stalled. [rhel-8.10.z]
- Resolves: RHEL-117765 - Statistics about index lookup report a wrong duration [rhel-8.10.z]
- Resolves: RHEL-123228 - Improve the way to detect asynchronous operations in the access logs [rhel-8.10.z]
- Resolves: RHEL-123241 - Attribute uniqueness is not enforced upon modrdn operation [rhel-8.10.z]
- Resolves: RHEL-123254 - Typo in errors log after a Memberof fixup task. [rhel-8.10.z]
- Resolves: RHEL-123269 - LDAP high CPU usage while handling indexes with IDL scan limit at INT_MAX [rhel-8.10.z]
- Resolves: RHEL-123276 - The new ipahealthcheck test ipahealthcheck.ds.backends.BackendsCheck raises CRITICAL issue [rhel-8.10.z]
- Resolves: RHEL-123363 - When deferred memberof update is enabled after the server crashed it should not launch memberof fixup task by default [rhel-8.10.z]
- Resolves: RHEL-123365 - IPA health check up script shows time skew is over 24 hours [rhel-8.10.z]
- Resolves: RHEL-123920 - Changelog trimming - add number of scanned entries to the log [rhel-8.10.z]
- Resolves: RHEL-126512 - Created user password hash available to see in audit log [rhel-8.10.z]
- Resolves: RHEL-129578 - Fix paged result search locking [rhel-8.10.z]
- Resolves: RHEL-130900 - On RHDS 12.6 The user password policy for a user was created, but the pwdpolicysubentry attribute for this user incorrectly points to the People OU password policy instead of the specific user policy. [rhel-8.10.z]



ELSA-2025-21063 Moderate: Oracle Linux 7 kernel security update


Oracle Linux Security Advisory ELSA-2025-21063

http://linux.oracle.com/errata/ELSA-2025-21063.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-3.10.0-1160.119.1.0.14.el7.x86_64.rpm
kernel-3.10.0-1160.119.1.0.14.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-1160.119.1.0.14.el7.noarch.rpm
kernel-debug-3.10.0-1160.119.1.0.14.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.119.1.0.14.el7.x86_64.rpm
kernel-devel-3.10.0-1160.119.1.0.14.el7.x86_64.rpm
kernel-doc-3.10.0-1160.119.1.0.14.el7.noarch.rpm
kernel-headers-3.10.0-1160.119.1.0.14.el7.x86_64.rpm
kernel-tools-3.10.0-1160.119.1.0.14.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.119.1.0.14.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.119.1.0.14.el7.x86_64.rpm
perf-3.10.0-1160.119.1.0.14.el7.x86_64.rpm
python-perf-3.10.0-1160.119.1.0.14.el7.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-3.10.0-1160.119.1.0.14.el7.src.rpm

Related CVEs:

CVE-2022-48978
CVE-2023-53373
CVE-2025-22026
CVE-2025-37797
CVE-2025-38556
CVE-2025-39751

Description of changes:

[3.10.0-1160.119.1.0.14]
- HID: core: fix shift-out-of-bounds in hid_report_raw_event {CVE-2022-48978} [Orabug: 38644370]
- crypto: seqiv - Handle EBUSY correctly {CVE-2023-53373} [Orabug: 38644370]
- nfsd: don't ignore the return code of svc_proc_register() {CVE-2025-22026} [Orabug: 38644370]
- net_sched: hfsc: Fix a UAF vulnerability in class handling {CVE-2025-37797} [Orabug: 38644370]
- HID: core: Harden s32ton() against conversion to 0 bits {CVE-2025-38556} [Orabug: 38644370]
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control {CVE-2025-39751} [Orabug: 38644370]

[3.10.0-1160.119.1.0.13]
- ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() {CVE-2022-48701} [Orabug: 38493400]
- md-raid10: fix KASAN warning {CVE-2022-50211} [Orabug: 38493400]
- ALSA: bcd2000: Fix a UAF bug on the error path of probing {CVE-2022-50229} [Orabug: 38493400]
- net: usb: smsc75xx: Limit packet length to skb->len {CVE-2023-53125} [Orabug: 38493400]
- i40e: fix MMIO write access to an invalid page in i40e_clear_hw {CVE-2025-38200} [Orabug: 38493400]
- net/sched: sch_qfq: Fix race condition on qfq_aggregate {CVE-2025-38477} [Orabug: 38493400]

[3.10.0-1160.119.1.0.12]
- scsi: lpfc: Use memcpy() for BIOS version (CVE-2025-38332) [Orabug: 38414589]
- posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (CVE-2025-38352) [Orabug: 38414589]

[3.10.0-1160.119.1.0.11]
- kernel: media: uvcvideo: Fix double free in error path (CVE-2024-57980)
- kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (CVE-2025-21928)
- kernel: ext4: fix off-by-one error in do_split (CVE-2025-23150)
- kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() (CVE-2022-49788)
- kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (CVE-2025-38000)
- kernel: ext4: avoid resizing to a partial cluster size (CVE-2022-50020)
- kernel: drivers:md:fix a potential use-after-free bug (CVE-2022-50022)
- kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (CVE-2025-38177)
- kernel: net/sched: Always pass notifications when child class becomes empty (CVE-2025-38350)
- crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079)

[3.10.0-1160.119.1.0.10]
- net: atlantic: fix aq_vec index out of range error (Chia-Lin Kao) {CVE-2022-50066} [Orabug: 38201271]
- net: atm: fix use after free in lec_send() (Dan Carpenter) {CVE-2025-22004} [Orabug: 38201271]

[3.10.0-1160.119.1.0.9]
- netfilter: ipset: add missing range check in bitmap_ip_uadt (Jeongjun Park) {CVE-2024-53141} [Orabug: 37964173]
- Update OL SB certificates
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985797]

[3.10.0-1160.119.1.0.8]
- ALSA: usb-audio: Fix out of bounds reads when finding clock sources (Takashi Iwai) {CVE-2024-53150} [Orabug: 37830084]

[3.10.0-1160.119.1.0.7]
- ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (Benoît Sevens) {CVE-2024-53197} [Orabug: 37686305]
- can: bcm: Fix UAF in bcm_proc_show() (YueHaibing) {CVE-2023-52922} [Orabug: 37686305]
- HID: core: zero-initialize the report buffer (Benoît Sevens) {CVE-2024-50302} [Orabug: 37686305]

[3.10.0-1160.119.1.0.6]
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (Benoit Sevens) {CVE-2024-53104} [Orabug: 37584712]


Keylime, LibSSH, Python, OpenSSH, Container-Tools updates for Rocky Linux

Flannel, Netty, Clair, and more updates for SUSE Linux

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...