Описание
ELSA-2026-50279: Unbreakable Enterprise kernel security update (IMPORTANT)
[6.12.0-202.76.4.3]
- ptrace: slightly saner 'get_dumpable()' logic (Linus Torvalds) [Orabug: 39391434] {CVE-2026-46333}
Обновленные пакеты
Oracle Linux 10
Oracle Linux aarch64
kernel-uek
6.12.0-202.76.4.3.el10uek
kernel-uek-core
6.12.0-202.76.4.3.el10uek
kernel-uek-debug
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-core
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-devel
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-modules
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-modules-core
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-modules-deprecated
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-modules-desktop
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-modules-extra
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-modules-extra-netfilter
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-modules-usb
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-modules-wireless
6.12.0-202.76.4.3.el10uek
kernel-uek-devel
6.12.0-202.76.4.3.el10uek
kernel-uek-doc
6.12.0-202.76.4.3.el10uek
kernel-uek-modules
6.12.0-202.76.4.3.el10uek
kernel-uek-modules-core
6.12.0-202.76.4.3.el10uek
kernel-uek-modules-deprecated
6.12.0-202.76.4.3.el10uek
kernel-uek-modules-desktop
6.12.0-202.76.4.3.el10uek
kernel-uek-modules-extra
6.12.0-202.76.4.3.el10uek
kernel-uek-modules-extra-netfilter
6.12.0-202.76.4.3.el10uek
kernel-uek-modules-usb
6.12.0-202.76.4.3.el10uek
kernel-uek-modules-wireless
6.12.0-202.76.4.3.el10uek
kernel-uek-tools
6.12.0-202.76.4.3.el10uek
kernel-uek64k
6.12.0-202.76.4.3.el10uek
kernel-uek64k-core
6.12.0-202.76.4.3.el10uek
kernel-uek64k-devel
6.12.0-202.76.4.3.el10uek
kernel-uek64k-modules
6.12.0-202.76.4.3.el10uek
kernel-uek64k-modules-core
6.12.0-202.76.4.3.el10uek
kernel-uek64k-modules-deprecated
6.12.0-202.76.4.3.el10uek
kernel-uek64k-modules-desktop
6.12.0-202.76.4.3.el10uek
kernel-uek64k-modules-extra
6.12.0-202.76.4.3.el10uek
kernel-uek64k-modules-extra-netfilter
6.12.0-202.76.4.3.el10uek
kernel-uek64k-modules-usb
6.12.0-202.76.4.3.el10uek
kernel-uek64k-modules-wireless
6.12.0-202.76.4.3.el10uek
Oracle Linux x86_64
kernel-uek
6.12.0-202.76.4.3.el10uek
kernel-uek-core
6.12.0-202.76.4.3.el10uek
kernel-uek-debug
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-core
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-devel
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-modules
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-modules-core
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-modules-deprecated
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-modules-desktop
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-modules-extra
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-modules-extra-netfilter
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-modules-usb
6.12.0-202.76.4.3.el10uek
kernel-uek-debug-modules-wireless
6.12.0-202.76.4.3.el10uek
kernel-uek-devel
6.12.0-202.76.4.3.el10uek
kernel-uek-doc
6.12.0-202.76.4.3.el10uek
kernel-uek-modules
6.12.0-202.76.4.3.el10uek
kernel-uek-modules-core
6.12.0-202.76.4.3.el10uek
kernel-uek-modules-deprecated
6.12.0-202.76.4.3.el10uek
kernel-uek-modules-desktop
6.12.0-202.76.4.3.el10uek
kernel-uek-modules-extra
6.12.0-202.76.4.3.el10uek
kernel-uek-modules-extra-netfilter
6.12.0-202.76.4.3.el10uek
kernel-uek-modules-usb
6.12.0-202.76.4.3.el10uek
kernel-uek-modules-wireless
6.12.0-202.76.4.3.el10uek
kernel-uek-tools
6.12.0-202.76.4.3.el10uek
Oracle Linux 9
Oracle Linux aarch64
kernel-uek
6.12.0-202.76.4.3.el9uek
kernel-uek-core
6.12.0-202.76.4.3.el9uek
kernel-uek-debug
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-core
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-devel
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-modules
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-modules-core
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-modules-deprecated
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-modules-desktop
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-modules-extra
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-modules-extra-netfilter
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-modules-usb
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-modules-wireless
6.12.0-202.76.4.3.el9uek
kernel-uek-devel
6.12.0-202.76.4.3.el9uek
kernel-uek-doc
6.12.0-202.76.4.3.el9uek
kernel-uek-modules
6.12.0-202.76.4.3.el9uek
kernel-uek-modules-core
6.12.0-202.76.4.3.el9uek
kernel-uek-modules-deprecated
6.12.0-202.76.4.3.el9uek
kernel-uek-modules-desktop
6.12.0-202.76.4.3.el9uek
kernel-uek-modules-extra
6.12.0-202.76.4.3.el9uek
kernel-uek-modules-extra-netfilter
6.12.0-202.76.4.3.el9uek
kernel-uek-modules-usb
6.12.0-202.76.4.3.el9uek
kernel-uek-modules-wireless
6.12.0-202.76.4.3.el9uek
kernel-uek-tools
6.12.0-202.76.4.3.el9uek
kernel-uek64k
6.12.0-202.76.4.3.el9uek
kernel-uek64k-core
6.12.0-202.76.4.3.el9uek
kernel-uek64k-devel
6.12.0-202.76.4.3.el9uek
kernel-uek64k-modules
6.12.0-202.76.4.3.el9uek
kernel-uek64k-modules-core
6.12.0-202.76.4.3.el9uek
kernel-uek64k-modules-deprecated
6.12.0-202.76.4.3.el9uek
kernel-uek64k-modules-desktop
6.12.0-202.76.4.3.el9uek
kernel-uek64k-modules-extra
6.12.0-202.76.4.3.el9uek
kernel-uek64k-modules-extra-netfilter
6.12.0-202.76.4.3.el9uek
kernel-uek64k-modules-usb
6.12.0-202.76.4.3.el9uek
kernel-uek64k-modules-wireless
6.12.0-202.76.4.3.el9uek
Oracle Linux x86_64
kernel-uek
6.12.0-202.76.4.3.el9uek
kernel-uek-core
6.12.0-202.76.4.3.el9uek
kernel-uek-debug
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-core
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-devel
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-modules
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-modules-core
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-modules-deprecated
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-modules-desktop
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-modules-extra
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-modules-extra-netfilter
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-modules-usb
6.12.0-202.76.4.3.el9uek
kernel-uek-debug-modules-wireless
6.12.0-202.76.4.3.el9uek
kernel-uek-devel
6.12.0-202.76.4.3.el9uek
kernel-uek-doc
6.12.0-202.76.4.3.el9uek
kernel-uek-modules
6.12.0-202.76.4.3.el9uek
kernel-uek-modules-core
6.12.0-202.76.4.3.el9uek
kernel-uek-modules-deprecated
6.12.0-202.76.4.3.el9uek
kernel-uek-modules-desktop
6.12.0-202.76.4.3.el9uek
kernel-uek-modules-extra
6.12.0-202.76.4.3.el9uek
kernel-uek-modules-extra-netfilter
6.12.0-202.76.4.3.el9uek
kernel-uek-modules-usb
6.12.0-202.76.4.3.el9uek
kernel-uek-modules-wireless
6.12.0-202.76.4.3.el9uek
kernel-uek-tools
6.12.0-202.76.4.3.el9uek
Связанные CVE
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional "drop capabilities" model doesn't make any difference for this all. Make it all make a *bit...
In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional "drop capabilities" model doesn't make any difference for this all. Make it all make a *bit...
In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional "drop capabilities" model doesn't make any difference for this all. Make it all make a
In the Linux kernel, the following vulnerability has been resolved: p ...