ELSA-2026-1178

Опубликовано: 26 янв. 2026

Источник: oracle-oval

Платформа: Oracle Linux 10

Описание

ELSA-2026-1178: kernel security update (MODERATE)

[6.12.0-124.29.1]

Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
Disable UKI signing [Orabug: 36571828]
Update Oracle Linux certificates (Kevin Lyons)
Disable signing for aarch64 (Ilya Okomin)
Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
Update x509.genkey [Orabug: 24817676]
Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
Add Oracle Linux IMA certificates
Update module name for cryptographic module [Orabug: 37400433]
Clean git history at setup stage

[6.12.0-124.29.1]

gitlab-ci: use rhel10.1 builder image (Michael Hofmann)
mm/vmalloc: fix data race in show_numa_info() (Waiman Long) [RHEL-137997] {CVE-2025-38383}
vmalloc: use for_each_vmap_node() in purge-vmap-area (Waiman Long) [RHEL-137997]
vmalloc: switch to for_each_vmap_node() helper (Waiman Long) [RHEL-137997]
vmalloc: add for_each_vmap_node() helper (Waiman Long) [RHEL-137997]
smb: client: fix refcount leak in smb2_set_path_attr (Paulo Alcantara) [RHEL-128581]
smb: client: fix potential UAF in smb2_close_cached_fid() (Paulo Alcantara) [RHEL-128581]
smb: client: fix potential cfid UAF in smb2_query_info_compound (Paulo Alcantara) [RHEL-128581]
smb: client: Fix refcount leak for cifs_sb_tlink (Paulo Alcantara) [RHEL-128581]
cifs: parse_dfs_referrals: prevent oob on malformed input (Paulo Alcantara) [RHEL-128581]
smb: client: remove cfids_invalidation_worker (Paulo Alcantara) [RHEL-128581]
smb client: fix bug with newly created file in cached dir (Paulo Alcantara) [RHEL-128581]
smb: client: short-circuit negative lookups when parent dir is fully cached (Paulo Alcantara) [RHEL-128581]
smb: client: short-circuit in open_cached_dir_by_dentry() if !dentry (Paulo Alcantara) [RHEL-128581]
smb: client: remove pointless cfid->has_lease check (Paulo Alcantara) [RHEL-128581]
smb: client: remove unused fid_lock (Paulo Alcantara) [RHEL-128581]
smb: client: update cfid->last_access_time in open_cached_dir_by_dentry() (Paulo Alcantara) [RHEL-128581]
smb: client: ensure open_cached_dir_by_dentry() only returns valid cfid (Paulo Alcantara) [RHEL-128581]
smb: client: account smb directory cache usage and per-tcon totals (Paulo Alcantara) [RHEL-128581]
smb: client: add drop_dir_cache module parameter to invalidate cached dirents (Paulo Alcantara) [RHEL-128581]
smb: client: show lease state as R/H/W (or NONE) in open_files (Paulo Alcantara) [RHEL-128581]
smb: client: show negotiated cipher in DebugData (Paulo Alcantara) [RHEL-128581]
smb: client: add new tracepoint to trace lease break notification (Paulo Alcantara) [RHEL-128581]
smb: client: Fix NULL pointer dereference in cifs_debug_dirs_proc_show() (Paulo Alcantara) [RHEL-128581]
coredump: Only sort VMAs when core_sort_vma sysctl is set (Herton R. Krzesinski) [RHEL-113364]

Обновленные пакеты

Oracle Linux 10

Oracle Linux aarch64

kernel-headers

6.12.0-124.29.1.el10_1

perf

6.12.0-124.29.1.el10_1

python3-perf

6.12.0-124.29.1.el10_1

rtla

6.12.0-124.29.1.el10_1

kernel-tools

6.12.0-124.29.1.el10_1

kernel-tools-libs

6.12.0-124.29.1.el10_1

kernel-cross-headers

6.12.0-124.29.1.el10_1

kernel-tools-libs-devel

6.12.0-124.29.1.el10_1

libperf

6.12.0-124.29.1.el10_1

Oracle Linux x86_64

kernel-debug-devel

6.12.0-124.29.1.el10_1

kernel-debug-devel-matched

6.12.0-124.29.1.el10_1

kernel-devel

6.12.0-124.29.1.el10_1

kernel-devel-matched

6.12.0-124.29.1.el10_1

kernel-doc

6.12.0-124.29.1.el10_1

kernel-headers

6.12.0-124.29.1.el10_1

perf

6.12.0-124.29.1.el10_1

python3-perf

6.12.0-124.29.1.el10_1

rtla

6.12.0-124.29.1.el10_1

kernel

6.12.0-124.29.1.el10_1

kernel-abi-stablelists

6.12.0-124.29.1.el10_1

kernel-core

6.12.0-124.29.1.el10_1

kernel-debug

6.12.0-124.29.1.el10_1

kernel-debug-core

6.12.0-124.29.1.el10_1

kernel-debug-modules

6.12.0-124.29.1.el10_1

kernel-debug-modules-core

6.12.0-124.29.1.el10_1

kernel-debug-modules-extra

6.12.0-124.29.1.el10_1

kernel-debug-uki-virt

6.12.0-124.29.1.el10_1

kernel-modules

6.12.0-124.29.1.el10_1

kernel-modules-core

6.12.0-124.29.1.el10_1

kernel-modules-extra

6.12.0-124.29.1.el10_1

kernel-modules-extra-matched

6.12.0-124.29.1.el10_1

kernel-tools

6.12.0-124.29.1.el10_1

kernel-tools-libs

6.12.0-124.29.1.el10_1

kernel-uki-virt

6.12.0-124.29.1.el10_1

kernel-uki-virt-addons

6.12.0-124.29.1.el10_1

kernel-cross-headers

6.12.0-124.29.1.el10_1

kernel-tools-libs-devel

6.12.0-124.29.1.el10_1

libperf

6.12.0-124.29.1.el10_1

Связанные CVE

CVE-2025-38383

Ссылки на источники

Связанные уязвимости

CVE-2025-38383

CVSS3: 4.7

ubuntu

6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix data race in show_numa_info() The following data-race was found in show_numa_info(): ================================================================== BUG: KCSAN: data-race in vmalloc_info_show / vmalloc_info_show read to 0xffff88800971fe30 of 4 bytes by task 8289 on cpu 0: show_numa_info mm/vmalloc.c:4936 [inline] vmalloc_info_show+0x5a8/0x7e0 mm/vmalloc.c:5016 seq_read_iter+0x373/0xb40 fs/seq_file.c:230 proc_reg_read_iter+0x11e/0x170 fs/proc/inode.c:299 .... write to 0xffff88800971fe30 of 4 bytes by task 8287 on cpu 1: show_numa_info mm/vmalloc.c:4934 [inline] vmalloc_info_show+0x38f/0x7e0 mm/vmalloc.c:5016 seq_read_iter+0x373/0xb40 fs/seq_file.c:230 proc_reg_read_iter+0x11e/0x170 fs/proc/inode.c:299 .... value changed: 0x0000008f -> 0x00000000 ================================================================== According to this report,there is a read/write data-race because m->private is accessibl...