Описание
ELSA-2025-28066: Unbreakable Enterprise kernel security update (IMPORTANT)
[6.12.0-106.55.4.2]
- fs/proc: fix uaf in proc_readdir_de() (Wei Yang) {CVE-2025-40271}
- xfrm: delete x->tunnel as we delete x (Sabrina Dubroca) {CVE-2025-40215}
Обновленные пакеты
Oracle Linux 10
Oracle Linux aarch64
kernel-uek
6.12.0-106.55.4.2.el10uek
kernel-uek-core
6.12.0-106.55.4.2.el10uek
kernel-uek-debug
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-core
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-devel
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-modules
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-modules-core
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-modules-deprecated
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-modules-desktop
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-modules-extra
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-modules-extra-netfilter
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-modules-usb
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-modules-wireless
6.12.0-106.55.4.2.el10uek
kernel-uek-devel
6.12.0-106.55.4.2.el10uek
kernel-uek-modules
6.12.0-106.55.4.2.el10uek
kernel-uek-modules-core
6.12.0-106.55.4.2.el10uek
kernel-uek-modules-deprecated
6.12.0-106.55.4.2.el10uek
kernel-uek-modules-desktop
6.12.0-106.55.4.2.el10uek
kernel-uek-modules-extra
6.12.0-106.55.4.2.el10uek
kernel-uek-modules-extra-netfilter
6.12.0-106.55.4.2.el10uek
kernel-uek-modules-usb
6.12.0-106.55.4.2.el10uek
kernel-uek-modules-wireless
6.12.0-106.55.4.2.el10uek
kernel-uek-tools
6.12.0-106.55.4.2.el10uek
kernel-uek64k
6.12.0-106.55.4.2.el10uek
kernel-uek64k-core
6.12.0-106.55.4.2.el10uek
kernel-uek64k-devel
6.12.0-106.55.4.2.el10uek
kernel-uek64k-modules
6.12.0-106.55.4.2.el10uek
kernel-uek64k-modules-core
6.12.0-106.55.4.2.el10uek
kernel-uek64k-modules-deprecated
6.12.0-106.55.4.2.el10uek
kernel-uek64k-modules-desktop
6.12.0-106.55.4.2.el10uek
kernel-uek64k-modules-extra
6.12.0-106.55.4.2.el10uek
kernel-uek64k-modules-extra-netfilter
6.12.0-106.55.4.2.el10uek
kernel-uek64k-modules-usb
6.12.0-106.55.4.2.el10uek
kernel-uek64k-modules-wireless
6.12.0-106.55.4.2.el10uek
Oracle Linux x86_64
kernel-uek
6.12.0-106.55.4.2.el10uek
kernel-uek-core
6.12.0-106.55.4.2.el10uek
kernel-uek-debug
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-core
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-devel
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-modules
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-modules-core
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-modules-deprecated
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-modules-desktop
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-modules-extra
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-modules-extra-netfilter
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-modules-usb
6.12.0-106.55.4.2.el10uek
kernel-uek-debug-modules-wireless
6.12.0-106.55.4.2.el10uek
kernel-uek-devel
6.12.0-106.55.4.2.el10uek
kernel-uek-doc
6.12.0-106.55.4.2.el10uek
kernel-uek-modules
6.12.0-106.55.4.2.el10uek
kernel-uek-modules-core
6.12.0-106.55.4.2.el10uek
kernel-uek-modules-deprecated
6.12.0-106.55.4.2.el10uek
kernel-uek-modules-desktop
6.12.0-106.55.4.2.el10uek
kernel-uek-modules-extra
6.12.0-106.55.4.2.el10uek
kernel-uek-modules-extra-netfilter
6.12.0-106.55.4.2.el10uek
kernel-uek-modules-usb
6.12.0-106.55.4.2.el10uek
kernel-uek-modules-wireless
6.12.0-106.55.4.2.el10uek
kernel-uek-tools
6.12.0-106.55.4.2.el10uek
Oracle Linux 9
Oracle Linux aarch64
kernel-uek
6.12.0-106.55.4.2.el9uek
kernel-uek-core
6.12.0-106.55.4.2.el9uek
kernel-uek-debug
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-core
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-devel
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-modules
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-modules-core
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-modules-deprecated
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-modules-desktop
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-modules-extra
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-modules-extra-netfilter
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-modules-usb
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-modules-wireless
6.12.0-106.55.4.2.el9uek
kernel-uek-devel
6.12.0-106.55.4.2.el9uek
kernel-uek-modules
6.12.0-106.55.4.2.el9uek
kernel-uek-modules-core
6.12.0-106.55.4.2.el9uek
kernel-uek-modules-deprecated
6.12.0-106.55.4.2.el9uek
kernel-uek-modules-desktop
6.12.0-106.55.4.2.el9uek
kernel-uek-modules-extra
6.12.0-106.55.4.2.el9uek
kernel-uek-modules-extra-netfilter
6.12.0-106.55.4.2.el9uek
kernel-uek-modules-usb
6.12.0-106.55.4.2.el9uek
kernel-uek-modules-wireless
6.12.0-106.55.4.2.el9uek
kernel-uek-tools
6.12.0-106.55.4.2.el9uek
kernel-uek64k
6.12.0-106.55.4.2.el9uek
kernel-uek64k-core
6.12.0-106.55.4.2.el9uek
kernel-uek64k-devel
6.12.0-106.55.4.2.el9uek
kernel-uek64k-modules
6.12.0-106.55.4.2.el9uek
kernel-uek64k-modules-core
6.12.0-106.55.4.2.el9uek
kernel-uek64k-modules-deprecated
6.12.0-106.55.4.2.el9uek
kernel-uek64k-modules-desktop
6.12.0-106.55.4.2.el9uek
kernel-uek64k-modules-extra
6.12.0-106.55.4.2.el9uek
kernel-uek64k-modules-extra-netfilter
6.12.0-106.55.4.2.el9uek
kernel-uek64k-modules-usb
6.12.0-106.55.4.2.el9uek
kernel-uek64k-modules-wireless
6.12.0-106.55.4.2.el9uek
Oracle Linux x86_64
kernel-uek
6.12.0-106.55.4.2.el9uek
kernel-uek-core
6.12.0-106.55.4.2.el9uek
kernel-uek-debug
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-core
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-devel
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-modules
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-modules-core
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-modules-deprecated
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-modules-desktop
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-modules-extra
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-modules-extra-netfilter
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-modules-usb
6.12.0-106.55.4.2.el9uek
kernel-uek-debug-modules-wireless
6.12.0-106.55.4.2.el9uek
kernel-uek-devel
6.12.0-106.55.4.2.el9uek
kernel-uek-doc
6.12.0-106.55.4.2.el9uek
kernel-uek-modules
6.12.0-106.55.4.2.el9uek
kernel-uek-modules-core
6.12.0-106.55.4.2.el9uek
kernel-uek-modules-deprecated
6.12.0-106.55.4.2.el9uek
kernel-uek-modules-desktop
6.12.0-106.55.4.2.el9uek
kernel-uek-modules-extra
6.12.0-106.55.4.2.el9uek
kernel-uek-modules-extra-netfilter
6.12.0-106.55.4.2.el9uek
kernel-uek-modules-usb
6.12.0-106.55.4.2.el9uek
kernel-uek-modules-wireless
6.12.0-106.55.4.2.el9uek
kernel-uek-tools
6.12.0-106.55.4.2.el9uek
Связанные CVE
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: xfrm: delete x->tunnel as we delete x The ipcomp fallback tunnels currently get deleted (from the various lists and hashtables) as the last user state that needed that fallback is destroyed (not deleted). If a reference to that user state still exists, the fallback state will remain on the hashtables/lists, triggering the WARN in xfrm_state_fini. Because of those remaining references, the fix in commit f75a2804da39 ("xfrm: destroy xfrm_state synchronously on net exit path") is not complete. We recently fixed one such situation in TCP due to defered freeing of skbs (commit 9b6412e6979f ("tcp: drop secpath at the same time as we currently drop dst")). This can also happen due to IP reassembly: skbs with a secpath remain on the reassembly queue until netns destruction. If we can't guarantee that the queues are flushed by the time xfrm_state_fini runs, there may still be references to a (user) xfrm_state, preventing the...
In the Linux kernel, the following vulnerability has been resolved: xfrm: delete x->tunnel as we delete x The ipcomp fallback tunnels currently get deleted (from the various lists and hashtables) as the last user state that needed that fallback is destroyed (not deleted). If a reference to that user state still exists, the fallback state will remain on the hashtables/lists, triggering the WARN in xfrm_state_fini. Because of those remaining references, the fix in commit f75a2804da39 ("xfrm: destroy xfrm_state synchronously on net exit path") is not complete. We recently fixed one such situation in TCP due to defered freeing of skbs (commit 9b6412e6979f ("tcp: drop secpath at the same time as we currently drop dst")). This can also happen due to IP reassembly: skbs with a secpath remain on the reassembly queue until netns destruction. If we can't guarantee that the queues are flushed by the time xfrm_state_fini runs, there may still be references to a (user) xfrm_state, preventing the...
In the Linux kernel, the following vulnerability has been resolved: xfrm: delete x->tunnel as we delete x The ipcomp fallback tunnels currently get deleted (from the various lists and hashtables) as the last user state that needed that fallback is destroyed (not deleted). If a reference to that user state still exists, the fallback state will remain on the hashtables/lists, triggering the WARN in xfrm_state_fini. Because of those remaining references, the fix in commit f75a2804da39 ("xfrm: destroy xfrm_state synchronously on net exit path") is not complete. We recently fixed one such situation in TCP due to defered freeing of skbs (commit 9b6412e6979f ("tcp: drop secpath at the same time as we currently drop dst")). This can also happen due to IP reassembly: skbs with a secpath remain on the reassembly queue until netns destruction. If we can't guarantee that the queues are flushed by the time xfrm_state_fini runs, there may still be references to a (user) xfrm_state, preventing the
In the Linux kernel, the following vulnerability has been resolved: x ...