ELSA-2025-7501

Опубликовано: 03 июл. 2025

Источник: oracle-oval

Платформа: Oracle Linux 10

Описание

ELSA-2025-7501: kernel security update (IMPORTANT)

[6.12.0-55.19.1.0.1_0.OL10]

nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
Disable UKI signing [Orabug: 36571828]
Update Oracle Linux certificates (Kevin Lyons)
Disable signing for aarch64 (Ilya Okomin)
Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
Update x509.genkey [Orabug: 24817676]
Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
Add Oracle Linux IMA certificates
Update module name for cryptographic module [Orabug: 37400433]

Обновленные пакеты

Oracle Linux 10

Oracle Linux aarch64

kernel-cross-headers

6.12.0-55.19.1.0.1.el10_0

kernel-headers

6.12.0-55.19.1.0.1.el10_0

kernel-tools

6.12.0-55.19.1.0.1.el10_0

kernel-tools-libs

6.12.0-55.19.1.0.1.el10_0

kernel-tools-libs-devel

6.12.0-55.19.1.0.1.el10_0

libperf

6.12.0-55.19.1.0.1.el10_0

perf

6.12.0-55.19.1.0.1.el10_0

python3-perf

6.12.0-55.19.1.0.1.el10_0

rtla

6.12.0-55.19.1.0.1.el10_0

Oracle Linux x86_64

kernel

6.12.0-55.19.1.0.1.el10_0

kernel-abi-stablelists

6.12.0-55.19.1.0.1.el10_0

kernel-core

6.12.0-55.19.1.0.1.el10_0

kernel-cross-headers

6.12.0-55.19.1.0.1.el10_0

kernel-debug

6.12.0-55.19.1.0.1.el10_0

kernel-debug-core

6.12.0-55.19.1.0.1.el10_0

kernel-debug-devel

6.12.0-55.19.1.0.1.el10_0

kernel-debug-devel-matched

6.12.0-55.19.1.0.1.el10_0

kernel-debug-modules

6.12.0-55.19.1.0.1.el10_0

kernel-debug-modules-core

6.12.0-55.19.1.0.1.el10_0

kernel-debug-modules-extra

6.12.0-55.19.1.0.1.el10_0

kernel-debug-uki-virt

6.12.0-55.19.1.0.1.el10_0

kernel-devel

6.12.0-55.19.1.0.1.el10_0

kernel-devel-matched

6.12.0-55.19.1.0.1.el10_0

kernel-doc

6.12.0-55.19.1.0.1.el10_0

kernel-headers

6.12.0-55.19.1.0.1.el10_0

kernel-modules

6.12.0-55.19.1.0.1.el10_0

kernel-modules-core

6.12.0-55.19.1.0.1.el10_0

kernel-modules-extra

6.12.0-55.19.1.0.1.el10_0

kernel-tools

6.12.0-55.19.1.0.1.el10_0

kernel-tools-libs

6.12.0-55.19.1.0.1.el10_0

kernel-tools-libs-devel

6.12.0-55.19.1.0.1.el10_0

kernel-uki-virt

6.12.0-55.19.1.0.1.el10_0

kernel-uki-virt-addons

6.12.0-55.19.1.0.1.el10_0

libperf

6.12.0-55.19.1.0.1.el10_0

perf

6.12.0-55.19.1.0.1.el10_0

python3-perf

6.12.0-55.19.1.0.1.el10_0

rtla

6.12.0-55.19.1.0.1.el10_0

Связанные CVE

CVE-2025-21927

Ссылки на источники

Связанные уязвимости

CVE-2025-21927

CVSS3: 7.8

ubuntu

около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() nvme_tcp_recv_pdu() doesn't check the validity of the header length. When header digests are enabled, a target might send a packet with an invalid header length (e.g. 255), causing nvme_tcp_verify_hdgst() to access memory outside the allocated area and cause memory corruptions by overwriting it with the calculated digest. Fix this by rejecting packets with an unexpected header length.