Описание
ELSA-2025-14438: kernel security update (MODERATE)
[4.18.0-553.71.1_10.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985772]
[4.18.0-553.71.1_10]
- udp: Fix memory accounting leak. (Xin Long) [RHEL-104084] {CVE-2025-22058}
- i40e: fix MMIO write access to an invalid page in i40e_clear_hw (Dennis Chen) [RHEL-106041] {CVE-2025-38200}
- gfs2: Don't clear sb->s_fs_info in gfs2_sys_fs_add (Andrew Price) [RHEL-88072]
- gfs2: Remove unnecessary NULL check before free_percpu() (Andreas Gruenbacher) [RHEL-88072]
- gfs2: replace sd_aspace with sd_inode (Andreas Gruenbacher) [RHEL-88072]
- writeback: fix false warning in inode_to_wb() (Andreas Gruenbacher) [RHEL-88072]
- gfs2: No more self recovery (Andreas Gruenbacher) [RHEL-104232]
- gfs2: Get rid of gfs2_glock_queue_put in signal_our_withdraw (Andreas Gruenbacher) [RHEL-104232]
- gfs2: Fix withdraw race (Andreas Gruenbacher) [RHEL-104232]
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
kernel-tools-libs-devel
4.18.0-553.71.1.el8_10
bpftool
4.18.0-553.71.1.el8_10
kernel-cross-headers
4.18.0-553.71.1.el8_10
kernel-headers
4.18.0-553.71.1.el8_10
kernel-tools
4.18.0-553.71.1.el8_10
kernel-tools-libs
4.18.0-553.71.1.el8_10
perf
4.18.0-553.71.1.el8_10
python3-perf
4.18.0-553.71.1.el8_10
Oracle Linux x86_64
kernel-tools-libs-devel
4.18.0-553.71.1.el8_10
bpftool
4.18.0-553.71.1.el8_10
kernel
4.18.0-553.71.1.el8_10
kernel-abi-stablelists
4.18.0-553.71.1.el8_10
kernel-core
4.18.0-553.71.1.el8_10
kernel-cross-headers
4.18.0-553.71.1.el8_10
kernel-debug
4.18.0-553.71.1.el8_10
kernel-debug-core
4.18.0-553.71.1.el8_10
kernel-debug-devel
4.18.0-553.71.1.el8_10
kernel-debug-modules
4.18.0-553.71.1.el8_10
kernel-debug-modules-extra
4.18.0-553.71.1.el8_10
kernel-devel
4.18.0-553.71.1.el8_10
kernel-doc
4.18.0-553.71.1.el8_10
kernel-headers
4.18.0-553.71.1.el8_10
kernel-modules
4.18.0-553.71.1.el8_10
kernel-modules-extra
4.18.0-553.71.1.el8_10
kernel-tools
4.18.0-553.71.1.el8_10
kernel-tools-libs
4.18.0-553.71.1.el8_10
perf
4.18.0-553.71.1.el8_10
python3-perf
4.18.0-553.71.1.el8_10
Связанные CVE
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: udp: Fix memory accounting leak. Matt Dowling reported a weird UDP memory usage issue. Under normal operation, the UDP memory usage reported in /proc/net/sockstat remains close to zero. However, it occasionally spiked to 524,288 pages and never dropped. Moreover, the value doubled when the application was terminated. Finally, it caused intermittent packet drops. We can reproduce the issue with the script below [0]: 1. /proc/net/sockstat reports 0 pages # cat /proc/net/sockstat | grep UDP: UDP: inuse 1 mem 0 2. Run the script till the report reaches 524,288 # python3 test.py & sleep 5 # cat /proc/net/sockstat | grep UDP: UDP: inuse 3 mem 524288 <-- (INT_MAX + 1) >> PAGE_SHIFT 3. Kill the socket and confirm the number never drops # pkill python3 && sleep 5 # cat /proc/net/sockstat | grep UDP: UDP: inuse 1 mem 524288 4. (necessary since v6.0) Trigger proto_memory_pcpu_drain() # python3 test.py & sleep 1 && pkill py...
In the Linux kernel, the following vulnerability has been resolved: udp: Fix memory accounting leak. Matt Dowling reported a weird UDP memory usage issue. Under normal operation, the UDP memory usage reported in /proc/net/sockstat remains close to zero. However, it occasionally spiked to 524,288 pages and never dropped. Moreover, the value doubled when the application was terminated. Finally, it caused intermittent packet drops. We can reproduce the issue with the script below [0]: 1. /proc/net/sockstat reports 0 pages # cat /proc/net/sockstat | grep UDP: UDP: inuse 1 mem 0 2. Run the script till the report reaches 524,288 # python3 test.py & sleep 5 # cat /proc/net/sockstat | grep UDP: UDP: inuse 3 mem 524288 <-- (INT_MAX + 1) >> PAGE_SHIFT 3. Kill the socket and confirm the number never drops # pkill python3 && sleep 5 # cat /proc/net/sockstat | grep UDP: UDP: inuse 1 mem 524288 4. (necessary since v6.0) Trigger proto_memory_pcpu_drain() # python3 test.py & sleep 1 && pkill py...
In the Linux kernel, the following vulnerability has been resolved: udp: Fix memory accounting leak. Matt Dowling reported a weird UDP memory usage issue. Under normal operation, the UDP memory usage reported in /proc/net/sockstat remains close to zero. However, it occasionally spiked to 524,288 pages and never dropped. Moreover, the value doubled when the application was terminated. Finally, it caused intermittent packet drops. We can reproduce the issue with the script below [0]: 1. /proc/net/sockstat reports 0 pages # cat /proc/net/sockstat | grep UDP: UDP: inuse 1 mem 0 2. Run the script till the report reaches 524,288 # python3 test.py & sleep 5 # cat /proc/net/sockstat | grep UDP: UDP: inuse 3 mem 524288 <-- (INT_MAX + 1) >> PAGE_SHIFT 3. Kill the socket and confirm the number never drops # pkill python3 && sleep 5 # cat /proc/net/sockstat | grep UDP: UDP: inuse 1 mem 524288 4. (necessary since v6.0) Trigger proto_memory_pcpu
In the Linux kernel, the following vulnerability has been resolved: u ...