ELSA-2026-2264

Опубликовано: 09 фев. 2026

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2026-2264: kernel security update (IMPORTANT)

[4.18.0-553.104.1]

Update Oracle Linux certificates (Kevin Lyons)
Disable signing for aarch64 (Ilya Okomin)
Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
Update x509.genkey [Orabug: 24817676]
Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985772]

[4.18.0-553.104.1]

Revert 'audit: Avoid excessive dput/dget in audit_context setup and reset paths' (Alexandra Hajkova) [RHEL-145856]

[4.18.0-553.103.1]

ext4: fix use-after-free in ext4_orphan_cleanup (CKI Backport Bot) [RHEL-136000] {CVE-2022-50673}
ext4: lost matching-pair of trace in ext4_truncate (CKI Backport Bot) [RHEL-136000] {CVE-2022-50673}
ALSA: usb-audio: Fix potential overflow of PCM transfer buffer (CKI Backport Bot) [RHEL-136904] {CVE-2025-40269}

[4.18.0-553.102.1]

nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec (CKI Backport Bot) [RHEL-144327] {CVE-2026-22998}
NFSv4: ensure the open stateid seqid doesn't go backwards (Scott Mayhew) [RHEL-121683]
audit: Avoid excessive dput/dget in audit_context setup and reset paths (Waiman Long) [RHEL-140776]
lockref: remove lockref_put_not_zero (Waiman Long) [RHEL-140776]
lockref: stop doing cpu_relax in the cmpxchg loop (Waiman Long) [RHEL-140776]
lockref: remove unused 'lockref_get_or_lock()' function (Waiman Long) [RHEL-140776]
lockref: Limit number of cmpxchg loop retries (Waiman Long) [RHEL-140776]
net: use dst_dev_rcu() in sk_setup_caps() (Hangbin Liu) [RHEL-129079] {CVE-2025-40170}
ipv6: use RCU in ip6_xmit() (Hangbin Liu) [RHEL-129004] {CVE-2025-40135}
ipv6: use RCU in ip6_output() (Hangbin Liu) [RHEL-128966] {CVE-2025-40158}
net: dst: introduce dst->dev_rcu (Hangbin Liu) [RHEL-128966]
net: Add locking to protect skb->dev access in ip_output (Hangbin Liu) [RHEL-128966]
net: dst: add four helpers to annotate data-races around dst->dev (Hangbin Liu) [RHEL-128966]
ipv4: use RCU protection in __ip_rt_update_pmtu() (Hangbin Liu) [RHEL-128966] {CVE-2025-21766}
net: gain ipv4 mtu when mtu is not locked (Hangbin Liu) [RHEL-128966]
ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (Hangbin Liu) [RHEL-128966]
ipv4: add RCU protection to ip4_dst_hoplimit() (Hangbin Liu) [RHEL-128966]

[4.18.0-553.101.1]

i40e: avoid redundant VF link state updates (CKI Backport Bot) [RHEL-141878]
NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (CKI Backport Bot) [RHEL-140255] {CVE-2025-68349}
vsock/vmci: Clear the vmci transport packet properly when initializing it (CKI Backport Bot) [RHEL-137692] {CVE-2025-38403}
sched: Fix stop_one_cpu_nowait() vs hotplug (Herton R. Krzesinski) [RHEL-85625]

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

kernel-tools-libs-devel

4.18.0-553.104.1.el8_10

bpftool

4.18.0-553.104.1.el8_10

kernel-cross-headers

4.18.0-553.104.1.el8_10

kernel-headers

4.18.0-553.104.1.el8_10

kernel-tools

4.18.0-553.104.1.el8_10

kernel-tools-libs

4.18.0-553.104.1.el8_10

perf

4.18.0-553.104.1.el8_10

python3-perf

4.18.0-553.104.1.el8_10

Oracle Linux x86_64

kernel-tools-libs-devel

4.18.0-553.104.1.el8_10

bpftool

4.18.0-553.104.1.el8_10

kernel

4.18.0-553.104.1.el8_10

kernel-abi-stablelists

4.18.0-553.104.1.el8_10

kernel-core

4.18.0-553.104.1.el8_10

kernel-cross-headers

4.18.0-553.104.1.el8_10

kernel-debug

4.18.0-553.104.1.el8_10

kernel-debug-core

4.18.0-553.104.1.el8_10

kernel-debug-devel

4.18.0-553.104.1.el8_10

kernel-debug-modules

4.18.0-553.104.1.el8_10

kernel-debug-modules-extra

4.18.0-553.104.1.el8_10

kernel-devel

4.18.0-553.104.1.el8_10

kernel-doc

4.18.0-553.104.1.el8_10

kernel-headers

4.18.0-553.104.1.el8_10

kernel-modules

4.18.0-553.104.1.el8_10

kernel-modules-extra

4.18.0-553.104.1.el8_10

kernel-tools

4.18.0-553.104.1.el8_10

kernel-tools-libs

4.18.0-553.104.1.el8_10

perf

4.18.0-553.104.1.el8_10

python3-perf

4.18.0-553.104.1.el8_10

Связанные CVE

Ссылки на источники

Связанные уязвимости

RLSA-2026:2264

rocky

около 1 месяца назад

Moderate: kernel security update

CVE-2022-50673

ubuntu

4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in ext4_orphan_cleanup I caught a issue as follows: ================================================================== BUG: KASAN: use-after-free in __list_add_valid+0x28/0x1a0 Read of size 8 at addr ffff88814b13f378 by task mount/710 CPU: 1 PID: 710 Comm: mount Not tainted 6.1.0-rc3-next #370 Call Trace: <TASK> dump_stack_lvl+0x73/0x9f print_report+0x25d/0x759 kasan_report+0xc0/0x120 __asan_load8+0x99/0x140 __list_add_valid+0x28/0x1a0 ext4_orphan_cleanup+0x564/0x9d0 [ext4] __ext4_fill_super+0x48e2/0x5300 [ext4] ext4_fill_super+0x19f/0x3a0 [ext4] get_tree_bdev+0x27b/0x450 ext4_get_tree+0x19/0x30 [ext4] vfs_get_tree+0x49/0x150 path_mount+0xaae/0x1350 do_mount+0xe2/0x110 __x64_sys_mount+0xf0/0x190 do_syscall_64+0x35/0x80 entry_SYSCALL_64_after_hwframe+0x63/0xcd </TASK> [...] ================================================================== Above issue may happen as follows: ------------------...

CVE-2022-50673

CVSS3: 7

redhat

4 месяца назад

CVE-2022-50673

nvd

4 месяца назад

CVE-2022-50673

debian

4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: e ...