Описание
ELSA-2025-16880: kernel security update (MODERATE)
[5.14.0-570.49.1.0.1_6.OL9]
- nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985764]
[5.14.0-570.49.1_6]
- io_uring/futex: ensure io_futex_wait() cleans up properly on failure (CKI Backport Bot) [RHEL-114335] {CVE-2025-39698}
- selftests: tls: add tests for zero-length records (Sabrina Dubroca) [RHEL-114326] {CVE-2025-39682}
- tls: fix handling of zero-length records on the rx_list (Sabrina Dubroca) [RHEL-114326] {CVE-2025-39682}
[5.14.0-570.48.1_6]
- perf trace: Add missing perf_tool__init() (Michael Petlan) [RHEL-105393]
- ceph: fix client race condition where r_parent becomes stale before sending message (Alex Markuze) [RHEL-114962]
- ceph: fix client race condition validating r_parent before applying state (Alex Markuze) [RHEL-114962]
[5.14.0-570.47.1_6]
- tunnels: reset the GSO metadata before reusing the skb (Antoine Tenart) [RHEL-113916]
- sctp: linearize cloned gso packets in sctp_rcv (CKI Backport Bot) [RHEL-113333] {CVE-2025-38718}
- ice: fix max values for dpll pin phase adjust (Petr Oros) [RHEL-113039]
- ice/ptp: fix crosstimestamp reporting (Petr Oros) [RHEL-112558]
- ice: fix NULL access of tx->in_use in ice_ll_ts_intr (Petr Oros) [RHEL-112873]
- ice: fix NULL access of tx->in_use in ice_ptp_ts_irq (Petr Oros) [RHEL-112873]
- ice: Implement PTP support for E830 devices (Petr Oros) [RHEL-112558]
- ice: Refactor ice_ptp_init_tx_* (Petr Oros) [RHEL-112558]
- ice: Add unified ice_capture_crosststamp (Petr Oros) [RHEL-112558]
- ice: Process TSYN IRQ in a separate function (Petr Oros) [RHEL-112558]
- ice: Use FIELD_PREP for timestamp values (Petr Oros) [RHEL-112558]
- ice: Remove unnecessary ice_is_e8xx() functions (Petr Oros) [RHEL-112558]
- ice: Don't check device type when checking GNSS presence (Petr Oros) [RHEL-112558]
- ice: Add in/out PTP pin delays (Petr Oros) [RHEL-112558]
- ice: fix PHY timestamp extraction for ETH56G (Petr Oros) [RHEL-112558]
- ice: Add correct PHY lane assignment (Petr Oros) [RHEL-112683]
- ice: Fix ETH56G FC-FEC Rx offset value (Petr Oros) [RHEL-112683]
- ice: Fix quad registers read on E825 (Petr Oros) [RHEL-112683]
- ice: Fix E825 initialization (Petr Oros) [RHEL-112683]
- tcp: drop secpath at the same time as we currently drop dst (Sabrina Dubroca) [RHEL-82136]
- smb: client: fix use-after-free in cifs_oplock_break (CKI Backport Bot) [RHEL-111196] {CVE-2025-38527}
- i40e: When removing VF MAC filters, only check PF-set MAC (CKI Backport Bot) [RHEL-109571]
- cpufreq/cppc: Don't compare desired_perf in target() (Mark Langsdorf) [RHEL-109525]
- netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (CKI Backport Bot) [RHEL-106432] {CVE-2025-38472}
- sched/rt: Fix race in push_rt_task (Phil Auld) [RHEL-91800]
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
kernel-cross-headers
5.14.0-570.49.1.0.1.el9_6
kernel-tools-libs-devel
5.14.0-570.49.1.0.1.el9_6
libperf
5.14.0-570.49.1.0.1.el9_6
kernel-tools
5.14.0-570.49.1.0.1.el9_6
kernel-tools-libs
5.14.0-570.49.1.0.1.el9_6
python3-perf
5.14.0-570.49.1.0.1.el9_6
kernel-headers
5.14.0-570.49.1.0.1.el9_6
perf
5.14.0-570.49.1.0.1.el9_6
rtla
5.14.0-570.49.1.0.1.el9_6
rv
5.14.0-570.49.1.0.1.el9_6
Oracle Linux x86_64
kernel
5.14.0-570.49.1.0.1.el9_6
kernel-debug-core
5.14.0-570.49.1.0.1.el9_6
kernel-debug-modules
5.14.0-570.49.1.0.1.el9_6
kernel-debug-uki-virt
5.14.0-570.49.1.0.1.el9_6
kernel-modules
5.14.0-570.49.1.0.1.el9_6
kernel-tools
5.14.0-570.49.1.0.1.el9_6
kernel-tools-libs
5.14.0-570.49.1.0.1.el9_6
kernel-uki-virt
5.14.0-570.49.1.0.1.el9_6
kernel-uki-virt-addons
5.14.0-570.49.1.0.1.el9_6
kernel-debug-devel
5.14.0-570.49.1.0.1.el9_6
kernel-debug-devel-matched
5.14.0-570.49.1.0.1.el9_6
kernel-devel
5.14.0-570.49.1.0.1.el9_6
kernel-devel-matched
5.14.0-570.49.1.0.1.el9_6
kernel-doc
5.14.0-570.49.1.0.1.el9_6
kernel-headers
5.14.0-570.49.1.0.1.el9_6
perf
5.14.0-570.49.1.0.1.el9_6
rtla
5.14.0-570.49.1.0.1.el9_6
rv
5.14.0-570.49.1.0.1.el9_6
kernel-cross-headers
5.14.0-570.49.1.0.1.el9_6
kernel-tools-libs-devel
5.14.0-570.49.1.0.1.el9_6
libperf
5.14.0-570.49.1.0.1.el9_6
kernel-abi-stablelists
5.14.0-570.49.1.0.1.el9_6
kernel-core
5.14.0-570.49.1.0.1.el9_6
kernel-debug
5.14.0-570.49.1.0.1.el9_6
kernel-debug-modules-core
5.14.0-570.49.1.0.1.el9_6
kernel-debug-modules-extra
5.14.0-570.49.1.0.1.el9_6
kernel-modules-core
5.14.0-570.49.1.0.1.el9_6
kernel-modules-extra
5.14.0-570.49.1.0.1.el9_6
python3-perf
5.14.0-570.49.1.0.1.el9_6
Ссылки на источники
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: sctp: linearize cloned gso packets in sctp_rcv A cloned head skb still shares these frag skbs in fraglist with the original head skb. It's not safe to access these frag skbs. syzbot reported two use-of-uninitialized-memory bugs caused by this: BUG: KMSAN: uninit-value in sctp_inq_pop+0x15b7/0x1920 net/sctp/inqueue.c:211 sctp_inq_pop+0x15b7/0x1920 net/sctp/inqueue.c:211 sctp_assoc_bh_rcv+0x1a7/0xc50 net/sctp/associola.c:998 sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88 sctp_backlog_rcv+0x397/0xdb0 net/sctp/input.c:331 sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1122 __release_sock+0x1da/0x330 net/core/sock.c:3106 release_sock+0x6b/0x250 net/core/sock.c:3660 sctp_wait_for_connect+0x487/0x820 net/sctp/socket.c:9360 sctp_sendmsg_to_asoc+0x1ec1/0x1f00 net/sctp/socket.c:1885 sctp_sendmsg+0x32b9/0x4a80 net/sctp/socket.c:2031 inet_sendmsg+0x25a/0x280 net/ipv4/af_inet.c:851 sock_sendmsg_nosec net/socket.c:718 [inline] an...
In the Linux kernel, the following vulnerability has been resolved: sctp: linearize cloned gso packets in sctp_rcv A cloned head skb still shares these frag skbs in fraglist with the original head skb. It's not safe to access these frag skbs. syzbot reported two use-of-uninitialized-memory bugs caused by this: BUG: KMSAN: uninit-value in sctp_inq_pop+0x15b7/0x1920 net/sctp/inqueue.c:211 sctp_inq_pop+0x15b7/0x1920 net/sctp/inqueue.c:211 sctp_assoc_bh_rcv+0x1a7/0xc50 net/sctp/associola.c:998 sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88 sctp_backlog_rcv+0x397/0xdb0 net/sctp/input.c:331 sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1122 __release_sock+0x1da/0x330 net/core/sock.c:3106 release_sock+0x6b/0x250 net/core/sock.c:3660 sctp_wait_for_connect+0x487/0x820 net/sctp/socket.c:9360 sctp_sendmsg_to_asoc+0x1ec1/0x1f00 net/sctp/socket.c:1885 sctp_sendmsg+0x32b9/0x4a80 net/sctp/socket.c:2031 inet_sendmsg+0x25a/0x280 net/ipv4/af_inet.c:851 sock_sendmsg_nosec net/socket.c:718 [inline] an...
In the Linux kernel, the following vulnerability has been resolved: sctp: linearize cloned gso packets in sctp_rcv A cloned head skb still shares these frag skbs in fraglist with the original head skb. It's not safe to access these frag skbs. syzbot reported two use-of-uninitialized-memory bugs caused by this: BUG: KMSAN: uninit-value in sctp_inq_pop+0x15b7/0x1920 net/sctp/inqueue.c:211 sctp_inq_pop+0x15b7/0x1920 net/sctp/inqueue.c:211 sctp_assoc_bh_rcv+0x1a7/0xc50 net/sctp/associola.c:998 sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88 sctp_backlog_rcv+0x397/0xdb0 net/sctp/input.c:331 sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1122 __release_sock+0x1da/0x330 net/core/sock.c:3106 release_sock+0x6b/0x250 net/core/sock.c:3660 sctp_wait_for_connect+0x487/0x820 net/sctp/socket.c:9360 sctp_sendmsg_to_asoc+0x1ec1/0x1f00 net/sctp/socket.c:1885 sctp_sendmsg+0x32b9/0x4a80 net/sctp/socket.c:2031 inet_sendmsg+0x25a/0x280 net/ipv4/af_inet.c:851 sock_sen
In the Linux kernel, the following vulnerability has been resolved: s ...