Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2025-19931

Опубликовано: 10 нояб. 2025
Источник: oracle-oval
Платформа: Oracle Linux 8

Описание

ELSA-2025-19931: kernel security update (MODERATE)

[4.18.0-553.83.1]

  • Update Oracle Linux certificates (Kevin Lyons)
  • Disable signing for aarch64 (Ilya Okomin)
  • Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
  • Update x509.genkey [Orabug: 24817676]
  • Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
  • Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
  • Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985772]

[4.18.0-553.83.1]

  • fs: fix UAF/GPF bug in nilfs_mdt_destroy (Abhi Das) [RHEL-116658] {CVE-2022-50367}
  • redhat/configs: Enable CONFIG_MITIGATION_VMSCAPE for x86_64 (Waiman Long) [RHEL-114285]
  • x86/vmscape: Add old Intel CPUs to affected list (Waiman Long) [RHEL-114285] {CVE-2025-40300}
  • x86/vmscape: Warn when STIBP is disabled with SMT (Waiman Long) [RHEL-114285] {CVE-2025-40300}
  • x86/bugs: Move cpu_bugs_smt_update() down (Waiman Long) [RHEL-114285] {CVE-2025-40300}
  • x86/vmscape: Enable the mitigation (Waiman Long) [RHEL-114285] {CVE-2025-40300}
  • x86/vmscape: Add conditional IBPB mitigation (Waiman Long) [RHEL-114285] {CVE-2025-40300}
  • x86/vmscape: Enumerate VMSCAPE bug (Waiman Long) [RHEL-114285] {CVE-2025-40300}
  • Documentation/hw-vuln: Add VMSCAPE documentation (Waiman Long) [RHEL-114285] {CVE-2025-40300}
  • i40e: fix Jumbo Frame support after iPXE boot (Mohammad Heib) [RHEL-121781]
  • i40e: Report MFS in decimal base instead of hex (Mohammad Heib) [RHEL-121781]
  • i40e: Fix unexpected MFS warning message (Mohammad Heib) [RHEL-121781]
  • bitfield: Add FIELD_MODIFY() helper (Mohammad Heib) [RHEL-121781]
  • bitops: Add non-atomic bitops for pointers (Mohammad Heib) [RHEL-121781]
  • qed/qede: Fix scheduling while atomic (CKI Backport Bot) [RHEL-9757]
  • fanotify: add watchdog for permission events (Miklos Szeredi) [RHEL-123215]
  • jiffies: Cast to unsigned long in secs_to_jiffies() conversion (Miklos Szeredi) [RHEL-123215]
  • jiffies: Define secs_to_jiffies() (Miklos Szeredi) [RHEL-123215]
  • s390/pci: Fix __pcilg_mio_inuser() inline assembly (Mete Durlu) [RHEL-105611]
  • mm: zswap: fix missing folio cleanup in writeback race path (Aristeu Rozanski) [RHEL-116239] {CVE-2023-53178}
  • mm: fix zswap writeback race condition (Aristeu Rozanski) [RHEL-116239] {CVE-2023-53178}

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

kernel-tools-libs-devel

4.18.0-553.83.1.el8_10

bpftool

4.18.0-553.83.1.el8_10

kernel-cross-headers

4.18.0-553.83.1.el8_10

kernel-headers

4.18.0-553.83.1.el8_10

kernel-tools

4.18.0-553.83.1.el8_10

kernel-tools-libs

4.18.0-553.83.1.el8_10

perf

4.18.0-553.83.1.el8_10

python3-perf

4.18.0-553.83.1.el8_10

Oracle Linux x86_64

kernel-tools-libs-devel

4.18.0-553.83.1.el8_10

bpftool

4.18.0-553.83.1.el8_10

kernel

4.18.0-553.83.1.el8_10

kernel-abi-stablelists

4.18.0-553.83.1.el8_10

kernel-core

4.18.0-553.83.1.el8_10

kernel-cross-headers

4.18.0-553.83.1.el8_10

kernel-debug

4.18.0-553.83.1.el8_10

kernel-debug-core

4.18.0-553.83.1.el8_10

kernel-debug-devel

4.18.0-553.83.1.el8_10

kernel-debug-modules

4.18.0-553.83.1.el8_10

kernel-debug-modules-extra

4.18.0-553.83.1.el8_10

kernel-devel

4.18.0-553.83.1.el8_10

kernel-doc

4.18.0-553.83.1.el8_10

kernel-headers

4.18.0-553.83.1.el8_10

kernel-modules

4.18.0-553.83.1.el8_10

kernel-modules-extra

4.18.0-553.83.1.el8_10

kernel-tools

4.18.0-553.83.1.el8_10

kernel-tools-libs

4.18.0-553.83.1.el8_10

perf

4.18.0-553.83.1.el8_10

python3-perf

4.18.0-553.83.1.el8_10

Связанные CVE

CVE-2025-40300
CVE-2022-50367
CVE-2023-53178

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2025-40300

ubuntu
3 месяца назад

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already protect kernel/KVM from a malicious guest. Userspace can additionally be protected by flushing the branch predictors after a VMexit. Since it is the userspace that consumes the poisoned branch predictors, conditionally issue an IBPB after a VMexit and before returning to userspace. Workloads that frequently switch between hypervisor and userspace will incur the most overhead from the new IBPB. This new IBPB is not integrated with the existing IBPB sites. For instance, a task can use the existing speculation control prctl() to get an IBPB at context switch time. With this implementation, the IBPB is doubled up: one at context switch and another before running userspace. The intent is to integrate and optimize ...

redhat логотип

CVE-2025-40300

CVSS3: 6.5
redhat
3 месяца назад

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already protect kernel/KVM from a malicious guest. Userspace can additionally be protected by flushing the branch predictors after a VMexit. Since it is the userspace that consumes the poisoned branch predictors, conditionally issue an IBPB after a VMexit and before returning to userspace. Workloads that frequently switch between hypervisor and userspace will incur the most overhead from the new IBPB. This new IBPB is not integrated with the existing IBPB sites. For instance, a task can use the existing speculation control prctl() to get an IBPB at context switch time. With this implementation, the IBPB is doubled up: one at context switch and another before running userspace. The intent is to integrate and optimize ...

nvd логотип

CVE-2025-40300

nvd
3 месяца назад

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already protect kernel/KVM from a malicious guest. Userspace can additionally be protected by flushing the branch predictors after a VMexit. Since it is the userspace that consumes the poisoned branch predictors, conditionally issue an IBPB after a VMexit and before returning to userspace. Workloads that frequently switch between hypervisor and userspace will incur the most overhead from the new IBPB. This new IBPB is not integrated with the existing IBPB sites. For instance, a task can use the existing speculation control prctl() to get an IBPB at context switch time. With this implementation, the IBPB is doubled up: one at context switch and another before running userspace. The intent is to integrate and optimiz

msrc логотип

CVE-2025-40300

CVSS3: 6.5
msrc
3 месяца назад

x86/vmscape: Add conditional IBPB mitigation

debian логотип

CVE-2025-40300

debian
3 месяца назад

In the Linux kernel, the following vulnerability has been resolved: x ...

Уязвимость ELSA-2025-19931