Описание
ELSA-2026-50262: Unbreakable Enterprise kernel security update (IMPORTANT)
[5.4.17-2136.355.3.1]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen) [Orabug: 39344527] {CVE-2026-43284}
- x86/CPU/AMD: Add a fix for AMD-SB-7052 (Prathyushi Nangia) [Orabug: 39344576] {CVE-2025-54518}
[5.4.17-2136.355.3]
- crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [Orabug: 39250687,39331106] {CVE-2026-43077}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Herbert Xu) [Orabug: 39250687,39331111] {CVE-2026-43078}
- crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [Orabug: 39250687]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [Orabug: 39250687,39300911] {CVE-2026-43033}
- crypto: authenc - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687]
- crypto: algif_aead - snapshot IV for async AEAD requests (Douya Le) [Orabug: 39250687]
- crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [Orabug: 39250687,39283868,39292250] {CVE-2026-31431}
- crypto: algif_aead - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687] {CVE-2026-31431}
- crypto: scatterwalk - Backport memcpy_sglist() (Eric Biggers) [Orabug: 39250687]
- crypto: doc - fix kernel-doc notation in chacha.c and af_alg.c (Randy Dunlap) [Orabug: 39250687]
[5.4.17-2136.355.2]
- Revert 'rds: Drop rds conn in connect worker if not in down state.' (Alok Tiwari) [Orabug: 39253770]
- x86/CPU: Fix FPDSS on Zen1 (Siddh Raman Pant) [Orabug: 39241225,39273723] {CVE-2026-31628}
- SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (Joshua Rogers) [Orabug: 38852342] {CVE-2025-71120}
[5.4.17-2136.355.1]
- net/sched: Enforce that teql can only be used as root qdisc (Jamal Hadi Salim) [Orabug: 38930950] {CVE-2026-23074}
[5.4.17-2136.354.4]
- macvlan: fix possible UAF in macvlan_forward_source() (Eric Dumazet) [Orabug: 38887731] {CVE-2026-23001}
- macvlan: Use 'hash' iterators to simplify code (Christophe Jaillet) [Orabug: 38887731] {CVE-2026-23001}
- macvlan: Add nodst option to macvlan type source (Jethro Beekman) [Orabug: 38887731] {CVE-2026-23001}
- macvlan: observe an RCU grace period in macvlan_common_newlink() error path (Eric Dumazet) [Orabug: 38970510,39188399] {CVE-2026-23209,CVE-2026-23273}
- macvlan: fix error recovery in macvlan_common_newlink() (Eric Dumazet) [Orabug: 38970510] {CVE-2026-23209}
[5.4.17-2136.354.3]
- io_uring: fix filename leak in __io_openat_prep() (Prithvi Tambewagh) [Orabug: 39064937] {CVE-2025-68814}
- rds: Drop rds conn in connect worker if not in down state. (Rohit Nair) [Orabug: 39045035]
[5.4.17-2136.354.2]
- ext4/jbd2: skip sb flush when EIO happened (Wengang Wang) [Orabug: 38916908]
- jbd2: store more accurate errno in superblock (Wengang Wang) [Orabug: 38916908]
- ext4: save the error code which triggered an (Wengang Wang) [Orabug: 38916908]
[5.4.17-2136.354.1]
- genirq/cpuhotplug: Notify about affinity changes breaking the affinity mask (Imran Khan) [Orabug: 39001911]
- rds: Add state field to RDS trace logs. (Rohit Nair) [Orabug: 38870347]
[5.4.17-2136.353.3]
- xfrm: flush all states in xfrm_state_fini (Sabrina Dubroca) [Orabug: 38934000]
- xfrm: also call xfrm_state_delete_tunnel at destroy time for states that were never added (Sabrina Dubroca) [Orabug: 38934000,39004270] {CVE-2025-40256}
- Revert 'xfrm: destroy xfrm_state synchronously on net exit path' (Sabrina Dubroca) [Orabug: 38934000]
- Revert 'IB/mlx5: Implement clear counters' (Sharath Srinivasan) [Orabug: 38923520]
- Revert 'IB/core: Implement clear counters' (Sharath Srinivasan) [Orabug: 38923520]
- Revert 'ib/core: add SET_DEVICE_OP call for clear_hw_stats()' (Sharath Srinivasan) [Orabug: 38923520]
- fs: proc: inode: delay put_pid() by RCU (Stephen Brennan) [Orabug: 38766812]
[5.4.17-2136.353.2]
- Revert 'perf/x86: Always store regs->ip in perf_callchain_kernel()' (Jiri Olsa) [Orabug: 38893604]
- xfrm: delete x->tunnel as we delete x (Sabrina Dubroca) [Orabug: 38730493,39016501] {CVE-2025-40215}
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
kernel-uek-doc
5.4.17-2136.355.3.1.el8uek
kernel-uek
5.4.17-2136.355.3.1.el8uek
kernel-uek-debug
5.4.17-2136.355.3.1.el8uek
kernel-uek-debug-devel
5.4.17-2136.355.3.1.el8uek
kernel-uek-devel
5.4.17-2136.355.3.1.el8uek
Oracle Linux x86_64
kernel-uek
5.4.17-2136.355.3.1.el8uek
kernel-uek-container
5.4.17-2136.355.3.1.el8uek
kernel-uek-container-debug
5.4.17-2136.355.3.1.el8uek
kernel-uek-debug
5.4.17-2136.355.3.1.el8uek
kernel-uek-debug-devel
5.4.17-2136.355.3.1.el8uek
kernel-uek-devel
5.4.17-2136.355.3.1.el8uek
kernel-uek-doc
5.4.17-2136.355.3.1.el8uek
Oracle Linux 7
Oracle Linux x86_64
kernel-uek
5.4.17-2136.355.3.1.el7uek
kernel-uek-container
5.4.17-2136.355.3.1.el7uek
kernel-uek-container-debug
5.4.17-2136.355.3.1.el7uek
kernel-uek-debug
5.4.17-2136.355.3.1.el7uek
kernel-uek-debug-devel
5.4.17-2136.355.3.1.el7uek
kernel-uek-devel
5.4.17-2136.355.3.1.el7uek
kernel-uek-doc
5.4.17-2136.355.3.1.el7uek
kernel-uek-tools
5.4.17-2136.355.3.1.el7uek
Ссылки на источники
Связанные уязвимости
ELSA-2026-50293: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2026-50275: Unbreakable Enterprise kernel security update (IMPORTANT)
Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resulting in privilege escalation.
Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resulting in privilege escalation.
