Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2025-14009

Опубликовано: 21 авг. 2025
Источник: oracle-oval
Платформа: Oracle Linux 10

Описание

ELSA-2025-14009: kernel security update (IMPORTANT)

[6.12.0-55.28.1.0.1]

  • nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
  • Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
  • Disable UKI signing [Orabug: 36571828]
  • Update Oracle Linux certificates (Kevin Lyons)
  • Disable signing for aarch64 (Ilya Okomin)
  • Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
  • Update x509.genkey [Orabug: 24817676]
  • Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5.el9
  • Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
  • Add Oracle Linux IMA certificates
  • Update module name for cryptographic module [Orabug: 37400433]

[6.12.0-55.28.1]

  • Conflict with xdp-tools < 1.5.4
  • Bump internal version to 55.28.1
  • tls: always refresh the queue when reading sock - CVE-2025-38471
  • selftests: net: bpf_offload: add 'libbpf_global' to ignored maps
  • selftests: net: fix error message in bpf_offload
  • selftests: net: add more info to error in bpf_offload
  • net: fix udp gso skb_segment after pull from frag_list - CVE-2025-38124
  • powerpc/pseries/vas: Add close() callback in vas_vm_ops struct
  • s390/pci: Serialize device addition and removal
  • s390/pci: Allow re-add of a reserved but not yet removed device
  • s390/pci: Prevent self deletion in disable_slot()
  • s390/pci: Remove redundant bus removal and disable from zpci_release_device()
  • s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs
  • s390/pci: Fix missing check for zpci_create_device() error return
  • s390/pci: Fix potential double remove of hotplug slot
  • s390/topology: Improve topology detection
  • Bluetooth: hci_core: Fix use-after-free in vhci_flush() - CVE-2025-38250
  • selftests/bpf: Adjust data size to have ETH_HLEN - CVE-2025-21867
  • bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() - CVE-2025-21867
  • i2c/designware: Fix an initialization issue - CVE-2025-38380

Обновленные пакеты

Oracle Linux 10

Oracle Linux aarch64

kernel-headers

6.12.0-55.28.1.0.1.el10_0

perf

6.12.0-55.28.1.0.1.el10_0

python3-perf

6.12.0-55.28.1.0.1.el10_0

rtla

6.12.0-55.28.1.0.1.el10_0

rv

6.12.0-55.28.1.0.1.el10_0

kernel-tools

6.12.0-55.28.1.0.1.el10_0

kernel-tools-libs

6.12.0-55.28.1.0.1.el10_0

kernel-cross-headers

6.12.0-55.28.1.0.1.el10_0

kernel-tools-libs-devel

6.12.0-55.28.1.0.1.el10_0

libperf

6.12.0-55.28.1.0.1.el10_0

Oracle Linux x86_64

kernel-debug-devel

6.12.0-55.28.1.0.1.el10_0

kernel-debug-devel-matched

6.12.0-55.28.1.0.1.el10_0

kernel-devel

6.12.0-55.28.1.0.1.el10_0

kernel-devel-matched

6.12.0-55.28.1.0.1.el10_0

kernel-doc

6.12.0-55.28.1.0.1.el10_0

kernel-headers

6.12.0-55.28.1.0.1.el10_0

perf

6.12.0-55.28.1.0.1.el10_0

python3-perf

6.12.0-55.28.1.0.1.el10_0

rtla

6.12.0-55.28.1.0.1.el10_0

rv

6.12.0-55.28.1.0.1.el10_0

kernel

6.12.0-55.28.1.0.1.el10_0

kernel-abi-stablelists

6.12.0-55.28.1.0.1.el10_0

kernel-core

6.12.0-55.28.1.0.1.el10_0

kernel-debug

6.12.0-55.28.1.0.1.el10_0

kernel-debug-core

6.12.0-55.28.1.0.1.el10_0

kernel-debug-modules

6.12.0-55.28.1.0.1.el10_0

kernel-debug-modules-core

6.12.0-55.28.1.0.1.el10_0

kernel-debug-modules-extra

6.12.0-55.28.1.0.1.el10_0

kernel-debug-uki-virt

6.12.0-55.28.1.0.1.el10_0

kernel-modules

6.12.0-55.28.1.0.1.el10_0

kernel-modules-core

6.12.0-55.28.1.0.1.el10_0

kernel-modules-extra

6.12.0-55.28.1.0.1.el10_0

kernel-tools

6.12.0-55.28.1.0.1.el10_0

kernel-tools-libs

6.12.0-55.28.1.0.1.el10_0

kernel-uki-virt

6.12.0-55.28.1.0.1.el10_0

kernel-uki-virt-addons

6.12.0-55.28.1.0.1.el10_0

kernel-cross-headers

6.12.0-55.28.1.0.1.el10_0

kernel-tools-libs-devel

6.12.0-55.28.1.0.1.el10_0

libperf

6.12.0-55.28.1.0.1.el10_0

Связанные CVE

CVE-2025-38124
CVE-2025-21867
CVE-2025-38250
CVE-2025-38380
CVE-2025-38471

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2025-13962

oracle-oval
9 дней назад

ELSA-2025-13962: kernel security update (IMPORTANT)

ubuntu логотип

CVE-2025-38124

ubuntu
около 2 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skb_segment after pull from frag_list Commit a1e40ac5b5e9 ("net: gso: fix udp gso fraglist segmentation after pull from frag_list") detected invalid geometry in frag_list skbs and redirects them from skb_segment_list to more robust skb_segment. But some packets with modified geometry can also hit bugs in that code. We don't know how many such cases exist. Addressing each one by one also requires touching the complex skb_segment code, which risks introducing bugs for other types of skbs. Instead, linearize all these packets that fail the basic invariants on gso fraglist skbs. That is more robust. If only part of the fraglist payload is pulled into head_skb, it will always cause exception when splitting skbs by skb_segment. For detailed call stack information, see below. Valid SKB_GSO_FRAGLIST skbs - consist of two or more segments - the head_skb holds the protocol headers plus first gso_size - one or...

redhat логотип

CVE-2025-38124

CVSS3: 7
redhat
около 2 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skb_segment after pull from frag_list Commit a1e40ac5b5e9 ("net: gso: fix udp gso fraglist segmentation after pull from frag_list") detected invalid geometry in frag_list skbs and redirects them from skb_segment_list to more robust skb_segment. But some packets with modified geometry can also hit bugs in that code. We don't know how many such cases exist. Addressing each one by one also requires touching the complex skb_segment code, which risks introducing bugs for other types of skbs. Instead, linearize all these packets that fail the basic invariants on gso fraglist skbs. That is more robust. If only part of the fraglist payload is pulled into head_skb, it will always cause exception when splitting skbs by skb_segment. For detailed call stack information, see below. Valid SKB_GSO_FRAGLIST skbs - consist of two or more segments - the head_skb holds the protocol headers plus first gso_size - one or...

nvd логотип

CVE-2025-38124

nvd
около 2 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skb_segment after pull from frag_list Commit a1e40ac5b5e9 ("net: gso: fix udp gso fraglist segmentation after pull from frag_list") detected invalid geometry in frag_list skbs and redirects them from skb_segment_list to more robust skb_segment. But some packets with modified geometry can also hit bugs in that code. We don't know how many such cases exist. Addressing each one by one also requires touching the complex skb_segment code, which risks introducing bugs for other types of skbs. Instead, linearize all these packets that fail the basic invariants on gso fraglist skbs. That is more robust. If only part of the fraglist payload is pulled into head_skb, it will always cause exception when splitting skbs by skb_segment. For detailed call stack information, see below. Valid SKB_GSO_FRAGLIST skbs - consist of two or more segments - the head_skb holds the protocol headers plus first gso_size - one o

debian логотип

CVE-2025-38124

debian
около 2 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: n ...