Описание
ELSA-2025-3260: kernel security update (IMPORTANT)
[4.18.0-553.46.1_10.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
[4.18.0-553.46.1_10]
- s390/pci: Fix handling of isolated VFs (Mete Durlu) [RHEL-81934]
- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (Mete Durlu) [RHEL-81934]
- s390/pci: Fix SR-IOV for PFs initially in standby (Mete Durlu) [RHEL-81934]
- x86/mm: Fix VDSO and VVAR placement on 5-level paging machines (Herton R. Krzesinski) [RHEL-62832]
- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (CKI Backport Bot) [RHEL-82720] {CVE-2025-21785}
- nouveau/fence: handle cross device fences properly (Dave Airlie) [RHEL-80085]
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
kernel-tools-libs-devel
4.18.0-553.46.1.el8_10
bpftool
4.18.0-553.46.1.el8_10
kernel-cross-headers
4.18.0-553.46.1.el8_10
kernel-headers
4.18.0-553.46.1.el8_10
kernel-tools
4.18.0-553.46.1.el8_10
kernel-tools-libs
4.18.0-553.46.1.el8_10
perf
4.18.0-553.46.1.el8_10
python3-perf
4.18.0-553.46.1.el8_10
Oracle Linux x86_64
kernel-tools-libs-devel
4.18.0-553.46.1.el8_10
bpftool
4.18.0-553.46.1.el8_10
kernel
4.18.0-553.46.1.el8_10
kernel-abi-stablelists
4.18.0-553.46.1.el8_10
kernel-core
4.18.0-553.46.1.el8_10
kernel-cross-headers
4.18.0-553.46.1.el8_10
kernel-debug
4.18.0-553.46.1.el8_10
kernel-debug-core
4.18.0-553.46.1.el8_10
kernel-debug-devel
4.18.0-553.46.1.el8_10
kernel-debug-modules
4.18.0-553.46.1.el8_10
kernel-debug-modules-extra
4.18.0-553.46.1.el8_10
kernel-devel
4.18.0-553.46.1.el8_10
kernel-doc
4.18.0-553.46.1.el8_10
kernel-headers
4.18.0-553.46.1.el8_10
kernel-modules
4.18.0-553.46.1.el8_10
kernel-modules-extra
4.18.0-553.46.1.el8_10
kernel-tools
4.18.0-553.46.1.el8_10
kernel-tools-libs
4.18.0-553.46.1.el8_10
perf
4.18.0-553.46.1.el8_10
python3-perf
4.18.0-553.46.1.el8_10
Связанные CVE
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate data/instructions cache. Fix this by incrementing the index for any populated leaf (instead of any populated level).
In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate data/instructions cache. Fix this by incrementing the index for any populated leaf (instead of any populated level).
In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate data/instructions cache. Fix this by incrementing the index for any populated leaf (instead of any populated level).
In the Linux kernel, the following vulnerability has been resolved: a ...