ELSA-2026-3275

Опубликовано: 25 фев. 2026

Источник: oracle-oval

Платформа: Oracle Linux 10

Описание

ELSA-2026-3275: kernel security update (MODERATE)

[6.12.0-124.39.1]

Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
Disable UKI signing [Orabug: 36571828]
Update Oracle Linux certificates (Kevin Lyons)
Disable signing for aarch64 (Ilya Okomin)
Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
Update x509.genkey [Orabug: 24817676]
Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
Add Oracle Linux IMA certificates
Update module name for cryptographic module [Orabug: 37400433]
Clean git history at setup stage

[6.12.0-124.39.1]

exfat: fix double free in delayed_free (CKI Backport Bot) [RHEL-146406] {CVE-2025-38206}
mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (CKI Backport Bot) [RHEL-143196] {CVE-2025-68800}
drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies (Mika Penttila) [RHEL-125464] {CVE-2025-40096}
smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match(). (Mete Durlu) [RHEL-130020] {CVE-2025-40168}

Обновленные пакеты

Oracle Linux 10

Oracle Linux aarch64

kernel-headers

6.12.0-124.39.1.el10_1

perf

6.12.0-124.39.1.el10_1

python3-perf

6.12.0-124.39.1.el10_1

rtla

6.12.0-124.39.1.el10_1

kernel-tools

6.12.0-124.39.1.el10_1

kernel-tools-libs

6.12.0-124.39.1.el10_1

kernel-cross-headers

6.12.0-124.39.1.el10_1

kernel-tools-libs-devel

6.12.0-124.39.1.el10_1

libperf

6.12.0-124.39.1.el10_1

Oracle Linux x86_64

kernel-debug-devel

6.12.0-124.39.1.el10_1

kernel-debug-devel-matched

6.12.0-124.39.1.el10_1

kernel-devel

6.12.0-124.39.1.el10_1

kernel-devel-matched

6.12.0-124.39.1.el10_1

kernel-doc

6.12.0-124.39.1.el10_1

kernel-headers

6.12.0-124.39.1.el10_1

perf

6.12.0-124.39.1.el10_1

python3-perf

6.12.0-124.39.1.el10_1

rtla

6.12.0-124.39.1.el10_1

kernel

6.12.0-124.39.1.el10_1

kernel-abi-stablelists

6.12.0-124.39.1.el10_1

kernel-core

6.12.0-124.39.1.el10_1

kernel-debug

6.12.0-124.39.1.el10_1

kernel-debug-core

6.12.0-124.39.1.el10_1

kernel-debug-modules

6.12.0-124.39.1.el10_1

kernel-debug-modules-core

6.12.0-124.39.1.el10_1

kernel-debug-modules-extra

6.12.0-124.39.1.el10_1

kernel-debug-uki-virt

6.12.0-124.39.1.el10_1

kernel-modules

6.12.0-124.39.1.el10_1

kernel-modules-core

6.12.0-124.39.1.el10_1

kernel-modules-extra

6.12.0-124.39.1.el10_1

kernel-modules-extra-matched

6.12.0-124.39.1.el10_1

kernel-tools

6.12.0-124.39.1.el10_1

kernel-tools-libs

6.12.0-124.39.1.el10_1

kernel-uki-virt

6.12.0-124.39.1.el10_1

kernel-uki-virt-addons

6.12.0-124.39.1.el10_1

kernel-cross-headers

6.12.0-124.39.1.el10_1

kernel-tools-libs-devel

6.12.0-124.39.1.el10_1

libperf

6.12.0-124.39.1.el10_1

Связанные CVE

Ссылки на источники

Связанные уязвимости

CVE-2025-38206

CVSS3: 7.8

ubuntu

9 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: exfat: fix double free in delayed_free The double free could happen in the following path. exfat_create_upcase_table() exfat_create_upcase_table() : return error exfat_free_upcase_table() : free ->vol_utbl exfat_load_default_upcase_table : return error exfat_kill_sb() delayed_free() exfat_free_upcase_table() <--------- double free This patch set ->vol_util as NULL after freeing it.