Описание
ELSA-2025-28067: Unbreakable Enterprise kernel security update (IMPORTANT)
[5.15.0-315.196.5.2]
- tipc: Fix use-after-free in tipc_mon_reinit_self(). (Kuniyuki Iwashima) [Orabug: 38786195] {CVE-2025-40280}
- fs/proc: fix uaf in proc_readdir_de() (Wei Yang) [Orabug: 38786194] {CVE-2025-40271}
- vsock: Ignore signal/timeout on connect() if already established (Michal Luczaj) [Orabug: 38786193] {CVE-2025-40248}
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
bpftool
5.15.0-315.196.5.2.el8uek
kernel-uek
5.15.0-315.196.5.2.el8uek
kernel-uek-container
5.15.0-315.196.5.2.el8uek
kernel-uek-container-debug
5.15.0-315.196.5.2.el8uek
kernel-uek-core
5.15.0-315.196.5.2.el8uek
kernel-uek-debug
5.15.0-315.196.5.2.el8uek
kernel-uek-debug-core
5.15.0-315.196.5.2.el8uek
kernel-uek-debug-devel
5.15.0-315.196.5.2.el8uek
kernel-uek-debug-modules
5.15.0-315.196.5.2.el8uek
kernel-uek-debug-modules-extra
5.15.0-315.196.5.2.el8uek
kernel-uek-devel
5.15.0-315.196.5.2.el8uek
kernel-uek-doc
5.15.0-315.196.5.2.el8uek
kernel-uek-modules
5.15.0-315.196.5.2.el8uek
kernel-uek-modules-extra
5.15.0-315.196.5.2.el8uek
Oracle Linux x86_64
bpftool
5.15.0-315.196.5.2.el8uek
kernel-uek
5.15.0-315.196.5.2.el8uek
kernel-uek-container
5.15.0-315.196.5.2.el8uek
kernel-uek-container-debug
5.15.0-315.196.5.2.el8uek
kernel-uek-core
5.15.0-315.196.5.2.el8uek
kernel-uek-debug
5.15.0-315.196.5.2.el8uek
kernel-uek-debug-core
5.15.0-315.196.5.2.el8uek
kernel-uek-debug-devel
5.15.0-315.196.5.2.el8uek
kernel-uek-debug-modules
5.15.0-315.196.5.2.el8uek
kernel-uek-debug-modules-extra
5.15.0-315.196.5.2.el8uek
kernel-uek-devel
5.15.0-315.196.5.2.el8uek
kernel-uek-doc
5.15.0-315.196.5.2.el8uek
kernel-uek-modules
5.15.0-315.196.5.2.el8uek
kernel-uek-modules-extra
5.15.0-315.196.5.2.el8uek
Oracle Linux 9
Oracle Linux aarch64
bpftool
5.15.0-315.196.5.2.el9uek
kernel-uek
5.15.0-315.196.5.2.el9uek
kernel-uek-container
5.15.0-315.196.5.2.el9uek
kernel-uek-container-debug
5.15.0-315.196.5.2.el9uek
kernel-uek-core
5.15.0-315.196.5.2.el9uek
kernel-uek-debug
5.15.0-315.196.5.2.el9uek
kernel-uek-debug-core
5.15.0-315.196.5.2.el9uek
kernel-uek-debug-devel
5.15.0-315.196.5.2.el9uek
kernel-uek-debug-modules
5.15.0-315.196.5.2.el9uek
kernel-uek-debug-modules-extra
5.15.0-315.196.5.2.el9uek
kernel-uek-devel
5.15.0-315.196.5.2.el9uek
kernel-uek-doc
5.15.0-315.196.5.2.el9uek
kernel-uek-modules
5.15.0-315.196.5.2.el9uek
kernel-uek-modules-extra
5.15.0-315.196.5.2.el9uek
kernel-uek64k
5.15.0-315.196.5.2.el9uek
kernel-uek64k-core
5.15.0-315.196.5.2.el9uek
kernel-uek64k-devel
5.15.0-315.196.5.2.el9uek
kernel-uek64k-modules
5.15.0-315.196.5.2.el9uek
kernel-uek64k-modules-extra
5.15.0-315.196.5.2.el9uek
Oracle Linux x86_64
bpftool
5.15.0-315.196.5.2.el9uek
kernel-uek
5.15.0-315.196.5.2.el9uek
kernel-uek-container
5.15.0-315.196.5.2.el9uek
kernel-uek-container-debug
5.15.0-315.196.5.2.el9uek
kernel-uek-core
5.15.0-315.196.5.2.el9uek
kernel-uek-debug
5.15.0-315.196.5.2.el9uek
kernel-uek-debug-core
5.15.0-315.196.5.2.el9uek
kernel-uek-debug-devel
5.15.0-315.196.5.2.el9uek
kernel-uek-debug-modules
5.15.0-315.196.5.2.el9uek
kernel-uek-debug-modules-extra
5.15.0-315.196.5.2.el9uek
kernel-uek-devel
5.15.0-315.196.5.2.el9uek
kernel-uek-doc
5.15.0-315.196.5.2.el9uek
kernel-uek-modules
5.15.0-315.196.5.2.el9uek
kernel-uek-modules-extra
5.15.0-315.196.5.2.el9uek
Связанные CVE
Связанные уязвимости
ELSA-2026-50007: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2026-50061: Unbreakable Enterprise kernel security update (IMPORTANT)
In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect() if already established During connect(), acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect() invoking vsock_transport_cancel_pkt() -> virtio_transport_purge_skbs() may race with sendmsg() invoking virtio_transport_get_credit(). This results in a permanently elevated `vvs->bytes_unsent`. Which, in turn, confuses the SOCK_LINGER handling. 2. connect() resetting a connected socket's state may race with socket being placed in a sockmap. A disconnected socket remaining in a sockmap breaks sockmap's assumptions. And gives rise to WARNs. 3. connect() transitioning SS_CONNECTED -> SS_UNCONNECTED allows for a transport change/drop after TCP_ESTABLISHED. Which poses a problem for any simultaneous sendmsg() or connect() and may result in a use-after-free/null-ptr-deref. Do not disconnect socket on signal/timeout. Keep the logi...
In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect() if already established During connect(), acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect() invoking vsock_transport_cancel_pkt() -> virtio_transport_purge_skbs() may race with sendmsg() invoking virtio_transport_get_credit(). This results in a permanently elevated `vvs->bytes_unsent`. Which, in turn, confuses the SOCK_LINGER handling. 2. connect() resetting a connected socket's state may race with socket being placed in a sockmap. A disconnected socket remaining in a sockmap breaks sockmap's assumptions. And gives rise to WARNs. 3. connect() transitioning SS_CONNECTED -> SS_UNCONNECTED allows for a transport change/drop after TCP_ESTABLISHED. Which poses a problem for any simultaneous sendmsg() or connect() and may result in a use-after-free/null-ptr-deref. Do not disconnect socket on si
vsock: Ignore signal/timeout on connect() if already established