There have been several updates to Oracle Linux. For version 10, important security updates were made for thunderbird and firefox (Elsa-2025-16157 and Elsa-2025-16109), while a moderate security update was made for the kernel (Elsa-2025-15782) and gnutls (Elsa-2025-16115). For version 9, important updates were made for thunderbird (Elsa-2025-16156) and gnutls (Elsa-2025-16116), while a bug fix update was made for linux-firmware (Elba-2025-12877). Additionally, Oracle Linux versions 8 and 7 received security and bug fixes.

ELSA-2025-16157 Important: Oracle Linux 10 thunderbird security update
ELSA-2025-16115 Moderate: Oracle Linux 10 gnutls security, bug fix, and enhancement update
ELSA-2025-16109 Important: Oracle Linux 10 firefox security update
ELSA-2025-15782 Moderate: Oracle Linux 10 kernel security update
ELSA-2025-16156 Important: Oracle Linux 9 thunderbird security update
ELSA-2025-16116 Moderate: Oracle Linux 9 gnutls security, bug fix, and enhancement update
ELBA-2025-12877 Oracle Linux 9 linux-firmware bug fix and enhancement update
ELBA-2025-20599 Oracle Linux 8 selinux-policy bug fix update
ELSA-2025-14987 Moderate: Oracle Linux 7 kernel security update
ELSA-2025-14748 Important: Oracle Linux 7 kernel security update

ELSA-2025-16157 Important: Oracle Linux 10 thunderbird security update

Oracle Linux Security Advisory ELSA-2025-16157

http://linux.oracle.com/errata/ELSA-2025-16157.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-140.3.0-1.0.1.el10_0.x86_64.rpm

aarch64:
thunderbird-140.3.0-1.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/thunderbird-140.3.0-1.0.1.el10_0.src.rpm

Related CVEs:

CVE-2025-10527
CVE-2025-10528
CVE-2025-10529
CVE-2025-10532
CVE-2025-10533
CVE-2025-10536
CVE-2025-10537

Description of changes:

[140.3.0-1.0.1]
- Add Oracle prefs

[140.3.0]
- Add OpenELA debranding

[140.3.0-1]
- Update to 140.3.0 ESR

ELSA-2025-16115 Moderate: Oracle Linux 10 gnutls security, bug fix, and enhancement update

Oracle Linux Security Advisory ELSA-2025-16115

http://linux.oracle.com/errata/ELSA-2025-16115.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
gnutls-3.8.9-9.el10_0.14.x86_64.rpm
gnutls-c++-3.8.9-9.el10_0.14.x86_64.rpm
gnutls-dane-3.8.9-9.el10_0.14.x86_64.rpm
gnutls-devel-3.8.9-9.el10_0.14.x86_64.rpm
gnutls-fips-3.8.9-9.el10_0.14.x86_64.rpm
gnutls-utils-3.8.9-9.el10_0.14.x86_64.rpm

aarch64:
gnutls-3.8.9-9.el10_0.14.aarch64.rpm
gnutls-c++-3.8.9-9.el10_0.14.aarch64.rpm
gnutls-dane-3.8.9-9.el10_0.14.aarch64.rpm
gnutls-devel-3.8.9-9.el10_0.14.aarch64.rpm
gnutls-fips-3.8.9-9.el10_0.14.aarch64.rpm
gnutls-utils-3.8.9-9.el10_0.14.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/gnutls-3.8.9-9.el10_0.14.src.rpm

Related CVEs:

CVE-2025-6395
CVE-2025-32988
CVE-2025-32989
CVE-2025-32990

Description of changes:

[3.8.9-9.14]
- key_update: rework the rekeying logic (RHEL-107498)
- Fix CVE-2025-6395, CVE-2025-32988, CVE-2025-32989, CVE-2025-32990

ELSA-2025-16109 Important: Oracle Linux 10 firefox security update

Oracle Linux Security Advisory ELSA-2025-16109

http://linux.oracle.com/errata/ELSA-2025-16109.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-140.3.0-1.0.1.el10_0.x86_64.rpm

aarch64:
firefox-140.3.0-1.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/firefox-140.3.0-1.0.1.el10_0.src.rpm

Related CVEs:

CVE-2025-10527
CVE-2025-10528
CVE-2025-10529
CVE-2025-10532
CVE-2025-10533
CVE-2025-10536
CVE-2025-10537

Description of changes:

[140.3.0-1.0.1]
- Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079773]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file

[140.3.0]
- Add debranding patches (Mustafa Gezen)
- Add OpenELA default preferences (Louis Abel)

[140.3.0-1]
- Update to 140.3.0

ELSA-2025-15782 Moderate: Oracle Linux 10 kernel security update

Oracle Linux Security Advisory ELSA-2025-15782

http://linux.oracle.com/errata/ELSA-2025-15782.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-abi-stablelists-6.12.0-55.33.1.0.1.el10_0.noarch.rpm
kernel-core-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-cross-headers-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-debug-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-debug-core-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-debug-devel-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-debug-devel-matched-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-debug-modules-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-debug-modules-core-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-debug-modules-extra-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-debug-uki-virt-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-devel-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-devel-matched-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-doc-6.12.0-55.33.1.0.1.el10_0.noarch.rpm
kernel-headers-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-modules-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-modules-core-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-modules-extra-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-tools-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-tools-libs-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-tools-libs-devel-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-uki-virt-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
kernel-uki-virt-addons-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
libperf-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
perf-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
python3-perf-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
rtla-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm
rv-6.12.0-55.33.1.0.1.el10_0.x86_64.rpm

aarch64:
kernel-cross-headers-6.12.0-55.33.1.0.1.el10_0.aarch64.rpm
kernel-headers-6.12.0-55.33.1.0.1.el10_0.aarch64.rpm
kernel-tools-6.12.0-55.33.1.0.1.el10_0.aarch64.rpm
kernel-tools-libs-6.12.0-55.33.1.0.1.el10_0.aarch64.rpm
kernel-tools-libs-devel-6.12.0-55.33.1.0.1.el10_0.aarch64.rpm
libperf-6.12.0-55.33.1.0.1.el10_0.aarch64.rpm
perf-6.12.0-55.33.1.0.1.el10_0.aarch64.rpm
python3-perf-6.12.0-55.33.1.0.1.el10_0.aarch64.rpm
rtla-6.12.0-55.33.1.0.1.el10_0.aarch64.rpm
rv-6.12.0-55.33.1.0.1.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/kernel-6.12.0-55.33.1.0.1.el10_0.src.rpm

Related CVEs:

CVE-2025-22068
CVE-2025-38332
CVE-2025-38392
CVE-2025-38463
CVE-2025-38498
CVE-2025-38500
CVE-2025-38550

Description of changes:

[6.12.0-55.33.1.0.1.el10_0.OL10]
- nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 idev in mld_del_delrec() - CVE-2025-38550
- redhat: selftests/bpf: Add cpuv4 variant
- i40e: report VF tx_dropped with tx_errors instead of tx_discards - CVE-2025-38200
- use uniform permission checks for all mount propagation changes - CVE-2025-38498
- do_change_type(): refuse to operate on unmounted/not ours mounts - CVE-2025-38498
- ublk: make sure ubq->canceling is set when queue is frozen - CVE-2025-22068
- net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM
- scsi: lpfc: Use memcpy() for BIOS version - CVE-2025-38332
- net: introduce per netns packet chains

ELSA-2025-16156 Important: Oracle Linux 9 thunderbird security update

Oracle Linux Security Advisory ELSA-2025-16156

http://linux.oracle.com/errata/ELSA-2025-16156.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-140.3.0-1.0.1.el9_6.x86_64.rpm

aarch64:
thunderbird-140.3.0-1.0.1.el9_6.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/thunderbird-140.3.0-1.0.1.el9_6.src.rpm

Related CVEs:

CVE-2025-10527
CVE-2025-10528
CVE-2025-10529
CVE-2025-10532
CVE-2025-10533
CVE-2025-10536
CVE-2025-10537

Description of changes:

[140.3.0-1.0.1]
- Fix prefs for new nss [Orabug: 37079813]
- Add Oracle prefs

[140.3.0]
- Add OpenELA debranding

[140.3.0-1]
- Update to 140.3.0 ESR

ELSA-2025-16116 Moderate: Oracle Linux 9 gnutls security, bug fix, and enhancement update

Oracle Linux Security Advisory ELSA-2025-16116

http://linux.oracle.com/errata/ELSA-2025-16116.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
gnutls-3.8.3-6.el9_6.2.i686.rpm
gnutls-3.8.3-6.el9_6.2.x86_64.rpm
gnutls-c++-3.8.3-6.el9_6.2.i686.rpm
gnutls-c++-3.8.3-6.el9_6.2.x86_64.rpm
gnutls-dane-3.8.3-6.el9_6.2.i686.rpm
gnutls-dane-3.8.3-6.el9_6.2.x86_64.rpm
gnutls-devel-3.8.3-6.el9_6.2.i686.rpm
gnutls-devel-3.8.3-6.el9_6.2.x86_64.rpm
gnutls-utils-3.8.3-6.el9_6.2.x86_64.rpm

aarch64:
gnutls-3.8.3-6.el9_6.2.aarch64.rpm
gnutls-c++-3.8.3-6.el9_6.2.aarch64.rpm
gnutls-dane-3.8.3-6.el9_6.2.aarch64.rpm
gnutls-devel-3.8.3-6.el9_6.2.aarch64.rpm
gnutls-utils-3.8.3-6.el9_6.2.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/gnutls-3.8.3-6.el9_6.2.src.rpm

Related CVEs:

CVE-2025-6395
CVE-2025-32988
CVE-2025-32989
CVE-2025-32990

Description of changes:

[3.8.3-6.2]
- key_update: rework the rekeying logic (RHEL-107498)

[3.8.3-6.1]
- Fix CVE-2025-32988, CVE-2025-32989, CVE-2025-32990, and CVE-2025-6395

ELBA-2025-12877 Oracle Linux 9 linux-firmware bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2025-12877

http://linux.oracle.com/errata/ELBA-2025-12877.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
iwl1000-firmware-39.31.5.1-999.44.el9.noarch.rpm
iwl100-firmware-39.31.5.1-999.44.el9.noarch.rpm
iwl105-firmware-18.168.6.1-999.44.el9.noarch.rpm
iwl135-firmware-18.168.6.1-999.44.el9.noarch.rpm
iwl2000-firmware-18.168.6.1-999.44.el9.noarch.rpm
iwl2030-firmware-18.168.6.1-999.44.el9.noarch.rpm
iwl3160-firmware-25.30.13.0-999.44.el9.noarch.rpm
iwl3945-firmware-15.32.2.9-999.44.el9.noarch.rpm
iwl4965-firmware-228.61.2.24-999.44.el9.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.44.el9.noarch.rpm
iwl5150-firmware-8.24.2.2-999.44.el9.noarch.rpm
iwl6000-firmware-9.221.4.1-999.44.el9.noarch.rpm
iwl6000g2a-firmware-18.168.6.1-999.44.el9.noarch.rpm
iwl6000g2b-firmware-18.168.6.1-999.44.el9.noarch.rpm
iwl6050-firmware-41.28.5.1-999.44.el9.noarch.rpm
iwl7260-firmware-25.30.13.0-999.44.el9.noarch.rpm
iwlax2xx-firmware-20250909-999.44.el9.noarch.rpm
libertas-sd8686-firmware-20250909-999.44.git260ff424.el9.noarch.rpm
libertas-sd8787-firmware-20250909-999.44.git260ff424.el9.noarch.rpm
libertas-usb8388-firmware-20250909-999.44.git260ff424.el9.noarch.rpm
libertas-usb8388-olpc-firmware-20250909-999.44.git260ff424.el9.noarch.rpm
linux-firmware-20250909-999.44.git260ff424.el9.noarch.rpm
linux-firmware-core-20250909-999.44.git260ff424.el9.noarch.rpm
linux-firmware-whence-20250909-999.44.git260ff424.el9.noarch.rpm
liquidio-firmware-20250909-999.44.git260ff424.el9.noarch.rpm
netronome-firmware-20250909-999.44.git260ff424.el9.noarch.rpm

aarch64:
iwl1000-firmware-39.31.5.1-999.44.el9.noarch.rpm
iwl100-firmware-39.31.5.1-999.44.el9.noarch.rpm
iwl105-firmware-18.168.6.1-999.44.el9.noarch.rpm
iwl135-firmware-18.168.6.1-999.44.el9.noarch.rpm
iwl2000-firmware-18.168.6.1-999.44.el9.noarch.rpm
iwl2030-firmware-18.168.6.1-999.44.el9.noarch.rpm
iwl3160-firmware-25.30.13.0-999.44.el9.noarch.rpm
iwl3945-firmware-15.32.2.9-999.44.el9.noarch.rpm
iwl4965-firmware-228.61.2.24-999.44.el9.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.44.el9.noarch.rpm
iwl5150-firmware-8.24.2.2-999.44.el9.noarch.rpm
iwl6000-firmware-9.221.4.1-999.44.el9.noarch.rpm
iwl6000g2a-firmware-18.168.6.1-999.44.el9.noarch.rpm
iwl6000g2b-firmware-18.168.6.1-999.44.el9.noarch.rpm
iwl6050-firmware-41.28.5.1-999.44.el9.noarch.rpm
iwl7260-firmware-25.30.13.0-999.44.el9.noarch.rpm
iwlax2xx-firmware-20250909-999.44.el9.noarch.rpm
libertas-sd8686-firmware-20250909-999.44.git260ff424.el9.noarch.rpm
libertas-sd8787-firmware-20250909-999.44.git260ff424.el9.noarch.rpm
libertas-usb8388-firmware-20250909-999.44.git260ff424.el9.noarch.rpm
libertas-usb8388-olpc-firmware-20250909-999.44.git260ff424.el9.noarch.rpm
linux-firmware-20250909-999.44.git260ff424.el9.noarch.rpm
linux-firmware-core-20250909-999.44.git260ff424.el9.noarch.rpm
linux-firmware-whence-20250909-999.44.git260ff424.el9.noarch.rpm
liquidio-firmware-20250909-999.44.git260ff424.el9.noarch.rpm
netronome-firmware-20250909-999.44.git260ff424.el9.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/linux-firmware-20250909-999.44.git260ff424.el9.src.rpm

Description of changes:

[20250909-999.44.git260ff424.el9]
- Rewrite the script to accomodate yum-based installs [Orabug: 38409589]

ELBA-2025-20599 Oracle Linux 8 selinux-policy bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20599

http://linux.oracle.com/errata/ELBA-2025-20599.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
selinux-policy-3.14.3-139.0.2.el8_10.1.noarch.rpm
selinux-policy-devel-3.14.3-139.0.2.el8_10.1.noarch.rpm
selinux-policy-doc-3.14.3-139.0.2.el8_10.1.noarch.rpm
selinux-policy-minimum-3.14.3-139.0.2.el8_10.1.noarch.rpm
selinux-policy-mls-3.14.3-139.0.2.el8_10.1.noarch.rpm
selinux-policy-sandbox-3.14.3-139.0.2.el8_10.1.noarch.rpm
selinux-policy-targeted-3.14.3-139.0.2.el8_10.1.noarch.rpm

aarch64:
selinux-policy-3.14.3-139.0.2.el8_10.1.noarch.rpm
selinux-policy-devel-3.14.3-139.0.2.el8_10.1.noarch.rpm
selinux-policy-doc-3.14.3-139.0.2.el8_10.1.noarch.rpm
selinux-policy-minimum-3.14.3-139.0.2.el8_10.1.noarch.rpm
selinux-policy-mls-3.14.3-139.0.2.el8_10.1.noarch.rpm
selinux-policy-sandbox-3.14.3-139.0.2.el8_10.1.noarch.rpm
selinux-policy-targeted-3.14.3-139.0.2.el8_10.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/selinux-policy-3.14.3-139.0.2.el8_10.1.src.rpm

Description of changes:

[3.14.3-139.0.2]
- Fixed avc for agetty checkpoint restore denied [Orabug: 37783500]

ELSA-2025-14987 Moderate: Oracle Linux 7 kernel security update

Oracle Linux Security Advisory ELSA-2025-14987

http://linux.oracle.com/errata/ELSA-2025-14987.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-1160.119.1.0.11.el7.noarch.rpm
kernel-debug-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-devel-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-doc-3.10.0-1160.119.1.0.11.el7.noarch.rpm
kernel-headers-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-tools-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
perf-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
python-perf-3.10.0-1160.119.1.0.11.el7.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-3.10.0-1160.119.1.0.11.el7.src.rpm

Related CVEs:

CVE-2025-38079

Description of changes:

[3.10.0-1160.119.1.0.11.el7.OL7]
- kernel: media: uvcvideo: Fix double free in error path (CVE-2024-57980)
- kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (CVE-2025-21928)
- kernel: ext4: fix off-by-one error in do_split (CVE-2025-23150)
- kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() (CVE-2022-49788)
- kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (CVE-2025-38000)
- kernel: ext4: avoid resizing to a partial cluster size (CVE-2022-50020)
- kernel: drivers:md:fix a potential use-after-free bug (CVE-2022-50022)
- kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (CVE-2025-38177)
- kernel: net/sched: Always pass notifications when child class becomes empty (CVE-2025-38350)
- crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079)

ELSA-2025-14748 Important: Oracle Linux 7 kernel security update

Oracle Linux Security Advisory ELSA-2025-14748

http://linux.oracle.com/errata/ELSA-2025-14748.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-1160.119.1.0.11.el7.noarch.rpm
kernel-debug-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-devel-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-doc-3.10.0-1160.119.1.0.11.el7.noarch.rpm
kernel-headers-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-tools-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
perf-3.10.0-1160.119.1.0.11.el7.x86_64.rpm
python-perf-3.10.0-1160.119.1.0.11.el7.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-3.10.0-1160.119.1.0.11.el7.src.rpm

Related CVEs:

CVE-2022-49788
CVE-2022-50020
CVE-2022-50022
CVE-2024-57980
CVE-2025-21928
CVE-2025-23150
CVE-2025-38000
CVE-2025-38177
CVE-2025-38350

Description of changes:

[3.10.0-1160.119.1.0.11.el7.OL7]
- kernel: media: uvcvideo: Fix double free in error path (CVE-2024-57980)
- kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (CVE-2025-21928)
- kernel: ext4: fix off-by-one error in do_split (CVE-2025-23150)
- kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() (CVE-2022-49788)
- kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (CVE-2025-38000)
- kernel: ext4: avoid resizing to a partial cluster size (CVE-2022-50020)
- kernel: drivers:md:fix a potential use-after-free bug (CVE-2022-50022)
- kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (CVE-2025-38177)
- kernel: net/sched: Always pass notifications when child class becomes empty (CVE-2025-38350)
- crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079)