Описание
ELSA-2025-18281: kernel security update (MODERATE)
[5.14.0-570.55.1.0.1]
- nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985764]
[5.14.0-570.55.1]
- scsi: lpfc: Fix buffer free/clear order in deferred receive path (CKI Backport Bot) [RHEL-119115] {CVE-2025-39841}
[5.14.0-570.54.1]
- firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails (Charles Mirabile) [RHEL-113836] {CVE-2022-50087}
- SUNRPC: call xs_sock_process_cmsg for all cmsg (Olga Kornievskaia) [RHEL-110811]
- sunrpc: fix client side handling of tls alerts (Olga Kornievskaia) [RHEL-110811] {CVE-2025-38571}
- efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare (CKI Backport Bot) [RHEL-118256] {CVE-2025-39817}
- sunrpc: fix handling of server side tls alerts (Steve Dickson) [RHEL-111070] {CVE-2025-38566}
- platform/x86/intel: power-domains: Use topology_logical_package_id() for package ID (Jay Shin) [RHEL-116679]
[5.14.0-570.53.1]
- wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (CKI Backport Bot) [RHEL-117578] {CVE-2025-39849}
- ibmvnic: Use ndo_get_stats64 to fix inaccurate SAR reporting (Mamatha Inamdar) [RHEL-114436]
- ibmvnic: Fix hardcoded NUM_RX_STATS/NUM_TX_STATS with dynamic sizeof (Mamatha Inamdar) [RHEL-114436]
- ibmvnic: Add stat for tx direct vs tx batched (Mamatha Inamdar) [RHEL-114436]
- nfsd: don't ignore the return code of svc_proc_register() (Olga Kornievskaia) [RHEL-93610] {CVE-2025-22026}
- irdma: free iwdev->rf after removing MSI-X (CKI Backport Bot) [RHEL-111485]
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
kernel-cross-headers
5.14.0-570.55.1.0.1.el9_6
kernel-tools-libs-devel
5.14.0-570.55.1.0.1.el9_6
kernel-tools
5.14.0-570.55.1.0.1.el9_6
kernel-tools-libs
5.14.0-570.55.1.0.1.el9_6
python3-perf
5.14.0-570.55.1.0.1.el9_6
kernel-headers
5.14.0-570.55.1.0.1.el9_6
perf
5.14.0-570.55.1.0.1.el9_6
rtla
5.14.0-570.55.1.0.1.el9_6
rv
5.14.0-570.55.1.0.1.el9_6
Oracle Linux x86_64
kernel
5.14.0-570.55.1.0.1.el9_6
kernel-debug-modules-extra
5.14.0-570.55.1.0.1.el9_6
kernel-debug-uki-virt
5.14.0-570.55.1.0.1.el9_6
kernel-uki-virt-addons
5.14.0-570.55.1.0.1.el9_6
kernel-debug-devel
5.14.0-570.55.1.0.1.el9_6
kernel-debug-devel-matched
5.14.0-570.55.1.0.1.el9_6
kernel-devel
5.14.0-570.55.1.0.1.el9_6
kernel-devel-matched
5.14.0-570.55.1.0.1.el9_6
kernel-doc
5.14.0-570.55.1.0.1.el9_6
kernel-headers
5.14.0-570.55.1.0.1.el9_6
perf
5.14.0-570.55.1.0.1.el9_6
rtla
5.14.0-570.55.1.0.1.el9_6
rv
5.14.0-570.55.1.0.1.el9_6
kernel-cross-headers
5.14.0-570.55.1.0.1.el9_6
kernel-tools-libs-devel
5.14.0-570.55.1.0.1.el9_6
libperf
5.14.0-570.55.1.0.1.el9_6
kernel-abi-stablelists
5.14.0-570.55.1.0.1.el9_6
kernel-core
5.14.0-570.55.1.0.1.el9_6
kernel-debug
5.14.0-570.55.1.0.1.el9_6
kernel-debug-core
5.14.0-570.55.1.0.1.el9_6
kernel-debug-modules
5.14.0-570.55.1.0.1.el9_6
kernel-debug-modules-core
5.14.0-570.55.1.0.1.el9_6
kernel-modules
5.14.0-570.55.1.0.1.el9_6
kernel-modules-core
5.14.0-570.55.1.0.1.el9_6
kernel-modules-extra
5.14.0-570.55.1.0.1.el9_6
kernel-tools
5.14.0-570.55.1.0.1.el9_6
kernel-tools-libs
5.14.0-570.55.1.0.1.el9_6
kernel-uki-virt
5.14.0-570.55.1.0.1.el9_6
python3-perf
5.14.0-570.55.1.0.1.el9_6
Ссылки на источники
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails When scpi probe fails, at any point, we need to ensure that the scpi_info is not set and will remain NULL until the probe succeeds. If it is not taken care, then it could result use-after-free as the value is exported via get_scpi_ops() and could refer to a memory allocated via devm_kzalloc() but freed when the probe fails.
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails When scpi probe fails, at any point, we need to ensure that the scpi_info is not set and will remain NULL until the probe succeeds. If it is not taken care, then it could result use-after-free as the value is exported via get_scpi_ops() and could refer to a memory allocated via devm_kzalloc() but freed when the probe fails.
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails When scpi probe fails, at any point, we need to ensure that the scpi_info is not set and will remain NULL until the probe succeeds. If it is not taken care, then it could result use-after-free as the value is exported via get_scpi_ops() and could refer to a memory allocated via devm_kzalloc() but freed when the probe fails.
In the Linux kernel, the following vulnerability has been resolved: f ...
