Oracle Linux has released several updates, including security patches for libssh and kernel, which can be downloaded from the Unbreakable Linux Network. The libssh update addresses CVE-2025-5372, while the kernel update resolves various issues related to networking and filesystems. Additionally, Oracle Linux has also released bug fix updates for .NET 9.0 and 10.0, as well as a leapp-repository update that includes fixes for upgrading from Oracle Linux 8 to 9. The updates are available in RPM format for both x86_64 and aarch64 architectures.

ELSA-2025-21977 Moderate: Oracle Linux 8 libssh security update
ELSA-2025-21917 Moderate: Oracle Linux 8 kernel security update
ELBA-2025-21307 Oracle Linux 8 .NET 9.0 bug fix and enhancement update
ELBA-2025-21304 Oracle Linux 8 dotnet10.0 update
ELBA-2025-28001 Oracle Linux 8 leapp-repository bug fix update

ELSA-2025-21977 Moderate: Oracle Linux 8 libssh security update

Oracle Linux Security Advisory ELSA-2025-21977

http://linux.oracle.com/errata/ELSA-2025-21977.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
libssh-0.9.6-16.el8_10.i686.rpm
libssh-0.9.6-16.el8_10.x86_64.rpm
libssh-config-0.9.6-16.el8_10.noarch.rpm
libssh-devel-0.9.6-16.el8_10.i686.rpm
libssh-devel-0.9.6-16.el8_10.x86_64.rpm

aarch64:
libssh-0.9.6-16.el8_10.aarch64.rpm
libssh-config-0.9.6-16.el8_10.noarch.rpm
libssh-devel-0.9.6-16.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/libssh-0.9.6-16.el8_10.src.rpm

Related CVEs:

CVE-2025-5372

Description of changes:

[0.9.6-16]
- Fix CVE-2025-5372
Resolves: RHEL-121232

ELSA-2025-21917 Moderate: Oracle Linux 8 kernel security update

Oracle Linux Security Advisory ELSA-2025-21917

http://linux.oracle.com/errata/ELSA-2025-21917.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-4.18.0-553.85.1.el8_10.x86_64.rpm
kernel-4.18.0-553.85.1.el8_10.x86_64.rpm
kernel-abi-stablelists-4.18.0-553.85.1.el8_10.noarch.rpm
kernel-core-4.18.0-553.85.1.el8_10.x86_64.rpm
kernel-cross-headers-4.18.0-553.85.1.el8_10.x86_64.rpm
kernel-debug-4.18.0-553.85.1.el8_10.x86_64.rpm
kernel-debug-core-4.18.0-553.85.1.el8_10.x86_64.rpm
kernel-debug-devel-4.18.0-553.85.1.el8_10.x86_64.rpm
kernel-debug-modules-4.18.0-553.85.1.el8_10.x86_64.rpm
kernel-debug-modules-extra-4.18.0-553.85.1.el8_10.x86_64.rpm
kernel-devel-4.18.0-553.85.1.el8_10.x86_64.rpm
kernel-doc-4.18.0-553.85.1.el8_10.noarch.rpm
kernel-headers-4.18.0-553.85.1.el8_10.x86_64.rpm
kernel-modules-4.18.0-553.85.1.el8_10.x86_64.rpm
kernel-modules-extra-4.18.0-553.85.1.el8_10.x86_64.rpm
kernel-tools-4.18.0-553.85.1.el8_10.x86_64.rpm
kernel-tools-libs-4.18.0-553.85.1.el8_10.x86_64.rpm
kernel-tools-libs-devel-4.18.0-553.85.1.el8_10.x86_64.rpm
perf-4.18.0-553.85.1.el8_10.x86_64.rpm
python3-perf-4.18.0-553.85.1.el8_10.x86_64.rpm

aarch64:
bpftool-4.18.0-553.85.1.el8_10.aarch64.rpm
kernel-cross-headers-4.18.0-553.85.1.el8_10.aarch64.rpm
kernel-headers-4.18.0-553.85.1.el8_10.aarch64.rpm
kernel-tools-4.18.0-553.85.1.el8_10.aarch64.rpm
kernel-tools-libs-4.18.0-553.85.1.el8_10.aarch64.rpm
kernel-tools-libs-devel-4.18.0-553.85.1.el8_10.aarch64.rpm
perf-4.18.0-553.85.1.el8_10.aarch64.rpm
python3-perf-4.18.0-553.85.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-4.18.0-553.85.1.el8_10.src.rpm

Related CVEs:

CVE-2025-39697
CVE-2025-39971

Description of changes:

[4.18.0-553.85.1]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64