Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2026-50061

Опубликовано: 19 янв. 2026
Источник: oracle-oval
Платформа: Oracle Linux 8
Платформа: Oracle Linux 7

Описание

ELSA-2026-50061: Unbreakable Enterprise kernel security update (IMPORTANT)

[5.4.17-2136.351.3.2]

  • tipc: Fix use-after-free in tipc_mon_reinit_self(). (Kuniyuki Iwashima) [Orabug: 38855323] {CVE-2025-40280}
  • tipc: simplify the finalize work queue (Xin Long) [Orabug: 38855323]
  • vsock: Ignore signal/timeout on connect() if already established (Michal Luczaj) [Orabug: 38855319] {CVE-2025-40248}
  • crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg (Herbert Xu) [Orabug: 38855313] {CVE-2025-39964}

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

kernel-uek

5.4.17-2136.351.3.2.el8uek

kernel-uek-debug

5.4.17-2136.351.3.2.el8uek

kernel-uek-debug-devel

5.4.17-2136.351.3.2.el8uek

kernel-uek-devel

5.4.17-2136.351.3.2.el8uek

kernel-uek-doc

5.4.17-2136.351.3.2.el8uek

Oracle Linux x86_64

kernel-uek

5.4.17-2136.351.3.2.el8uek

kernel-uek-container

5.4.17-2136.351.3.2.el8uek

kernel-uek-container-debug

5.4.17-2136.351.3.2.el8uek

kernel-uek-debug

5.4.17-2136.351.3.2.el8uek

kernel-uek-debug-devel

5.4.17-2136.351.3.2.el8uek

kernel-uek-devel

5.4.17-2136.351.3.2.el8uek

kernel-uek-doc

5.4.17-2136.351.3.2.el8uek

Oracle Linux 7

Oracle Linux x86_64

kernel-uek

5.4.17-2136.351.3.2.el7uek

kernel-uek-container

5.4.17-2136.351.3.2.el7uek

kernel-uek-container-debug

5.4.17-2136.351.3.2.el7uek

kernel-uek-debug

5.4.17-2136.351.3.2.el7uek

kernel-uek-debug-devel

5.4.17-2136.351.3.2.el7uek

kernel-uek-devel

5.4.17-2136.351.3.2.el7uek

kernel-uek-doc

5.4.17-2136.351.3.2.el7uek

kernel-uek-tools

5.4.17-2136.351.3.2.el7uek

Связанные CVE

CVE-2025-39964
CVE-2025-40248
CVE-2025-40280

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2025-28067

oracle-oval
около 1 месяца назад

ELSA-2025-28067: Unbreakable Enterprise kernel security update (IMPORTANT)

ubuntu логотип

CVE-2025-39964

ubuntu
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg Issuing two writes to the same af_alg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencies in the internal socket state. Disallow this by adding a new ctx->write field that indiciates exclusive ownership for writing.

nvd логотип

CVE-2025-39964

nvd
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg Issuing two writes to the same af_alg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencies in the internal socket state. Disallow this by adding a new ctx->write field that indiciates exclusive ownership for writing.

msrc логотип

CVE-2025-39964

CVSS3: 5.5
msrc
4 месяца назад

crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg

debian логотип

CVE-2025-39964

debian
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: c ...