ELSA-2026-50299

ULN >
Oracle Linux Errata repository >
ELSA-2026-50299

ELSA-2026-50299 - Unbreakable Enterprise kernel security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2026-06-03

Description

[5.4.17-2136.356.4.1]
- smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada) [Orabug: 39463669]

[5.4.17-2136.356.4]
- tun: free page on build_skb failure in tun_xdp_one() (Weiming Shi) [Orabug: 39429147]
- tap: free page on error paths in tap_get_user_xdp() (Weiming Shi) [Orabug: 39429147]
- tun: free page on short-frame rejection in tun_xdp_one() (Weiming Shi) [Orabug: 39429147]

[5.4.17-2136.356.3]
- ptrace: slightly saner 'get_dumpable()' logic (Linus Torvalds) [Orabug: 39384275,39391459] {CVE-2026-46333}
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim) [Orabug: 39368828,39441326] {CVE-2026-43503,CVE-2026-46300}
- net: skbuff: preserve shared-frag marker during coalescing (William Bowling) [Orabug: 39368828] {CVE-2026-46300}

[5.4.17-2136.356.2]
- nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Jeff Layton) [Orabug: 39167617,39368718] {CVE-2026-31402}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (Maurizio Lombardi) [Orabug: 38985173,39368732] {CVE-2026-23216}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (Maurizio Lombardi) [Orabug: 38970455,39368774] {CVE-2026-23193}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen) [Orabug: 39334580,39367147] {CVE-2026-43284}
- x86/CPU/AMD: Add a fix for AMD-SB-7052 (Prathyushi Nangia) [Orabug: 39218897] {CVE-2025-54518}

[5.4.17-2136.356.1]
- arm64/kvm: Include linux/random.h in trng.c (Siddh Raman Pant) [Orabug: 39327096]
- i2c: designware: Disable TX_EMPTY irq while waiting for block length byte (Tam Nguyen) [Orabug: 39174662]
- i2c: designware: Handle invalid SMBus block data response length value (Tam Nguyen) [Orabug: 39174662]
- i2c: designware: fix __i2c_dw_disable() in case master is holding SCL low (Yann Sionneau) [Orabug: 39174662]

[5.4.17-2136.355.3]
- crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [Orabug: 39250687,39331106] {CVE-2026-43077}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Herbert Xu) [Orabug: 39250687,39331111] {CVE-2026-43078}
- crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [Orabug: 39250687]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [Orabug: 39250687,39300911] {CVE-2026-43033}
- crypto: authenc - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687]
- crypto: algif_aead - snapshot IV for async AEAD requests (Douya Le) [Orabug: 39250687,39452217] {CVE-2026-46028}
- crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [Orabug: 39250687,39283868,39292250] {CVE-2026-31431}
- crypto: algif_aead - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687] {CVE-2026-31431}
- crypto: scatterwalk - Backport memcpy_sglist() (Eric Biggers) [Orabug: 39250687]
- crypto: doc - fix kernel-doc notation in chacha.c and af_alg.c (Randy Dunlap) [Orabug: 39250687]

[5.4.17-2136.355.2]
- Revert 'rds: Drop rds conn in connect worker if not in down state.' (Alok Tiwari) [Orabug: 39253770]
- x86/CPU: Fix FPDSS on Zen1 (Siddh Raman Pant) [Orabug: 39241225,39273723] {CVE-2026-31628}
- SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (Joshua Rogers) [Orabug: 38852342] {CVE-2025-71120}

[5.4.17-2136.355.1]
- net/sched: Enforce that teql can only be used as root qdisc (Jamal Hadi Salim) [Orabug: 38930950] {CVE-2026-23074}

[5.4.17-2136.354.4]
- macvlan: fix possible UAF in macvlan_forward_source() (Eric Dumazet) [Orabug: 38887731] {CVE-2026-23001}
- macvlan: Use 'hash' iterators to simplify code (Christophe Jaillet) [Orabug: 38887731] {CVE-2026-23001}
- macvlan: Add nodst option to macvlan type source (Jethro Beekman) [Orabug: 38887731] {CVE-2026-23001}
- macvlan: observe an RCU grace period in macvlan_common_newlink() error path (Eric Dumazet) [Orabug: 38970510,39188399] {CVE-2026-23209,CVE-2026-23273}
- macvlan: fix error recovery in macvlan_common_newlink() (Eric Dumazet) [Orabug: 38970510] {CVE-2026-23209}

[5.4.17-2136.354.3]
- io_uring: fix filename leak in __io_openat_prep() (Prithvi Tambewagh) [Orabug: 39064937] {CVE-2025-68814}
- rds: Drop rds conn in connect worker if not in down state. (Rohit Nair) [Orabug: 39045035]

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (x86_64)	kernel-uek-5.4.17-2136.356.4.1.el7uek.src.rpm	58e01d313d04e053c7eabedc50ee234fb55e9bf3b4f855f48a150a392d6c96b8	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-5.4.17-2136.356.4.1.el7uek.x86_64.rpm	6dfb58537afe684f73d2797e49454ab702a2eb1fecac9f5a7e862e1a2f4404c4	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-container-5.4.17-2136.356.4.1.el7uek.x86_64.rpm	eefe0db71bc7c53715c7896569da0dc41baddc4b280e2d3a933bcb689b0a377c	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-container-debug-5.4.17-2136.356.4.1.el7uek.x86_64.rpm	a3754b843fe10e5e652a3036ff2ae80dd04fcfe461d05bdaed6ce1da5260ae4e	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-debug-5.4.17-2136.356.4.1.el7uek.x86_64.rpm	88b350ee680bde28c78e45028f231941ecc639ff909af3bd7e69fb508b3aba43	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-debug-devel-5.4.17-2136.356.4.1.el7uek.x86_64.rpm	4aab4515ed8a6b94dbbcea71771aff23df62034dcdbd518bb8baf232c349a402	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-devel-5.4.17-2136.356.4.1.el7uek.x86_64.rpm	86c450c6b8b5fa4a8411c8d1d5c68a0b057066ac3296bc1fcb333d60b5653ffd	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-doc-5.4.17-2136.356.4.1.el7uek.noarch.rpm	e38d158f2f45fb0f0b11fd6dc6401ea7895e9e67c7751ee37d4fda827bba3a93	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-tools-5.4.17-2136.356.4.1.el7uek.x86_64.rpm	e3477604f7ba8982ad5b080cab2da703f46d060a0962d85229a7454d267d9f87	-	ol7_x86_64_UEKR6_ELS

Oracle Linux 8 (aarch64)	kernel-uek-5.4.17-2136.356.4.1.el8uek.src.rpm	085699f88d500b454a5fe50eb9da2f916f17fa9c4efb606620ea786656a36748	-	ol8_aarch64_baseos_latest
	kernel-uek-5.4.17-2136.356.4.1.el8uek.src.rpm	085699f88d500b454a5fe50eb9da2f916f17fa9c4efb606620ea786656a36748	-	ol8_aarch64_u10_baseos_patch
	kernel-uek-5.4.17-2136.356.4.1.el8uek.aarch64.rpm	d2ad28497ed82dc7c7d237db2f4c2cc6a0f55c4554cc8b68b6fb1d0d64b1c570	-	ol8_aarch64_baseos_latest
	kernel-uek-5.4.17-2136.356.4.1.el8uek.aarch64.rpm	d2ad28497ed82dc7c7d237db2f4c2cc6a0f55c4554cc8b68b6fb1d0d64b1c570	-	ol8_aarch64_u10_baseos_patch
	kernel-uek-debug-5.4.17-2136.356.4.1.el8uek.aarch64.rpm	77ac5989e1b0f3f787265a28a3e997f6a7ad7fc85bb7813f6239f71b48494b25	-	ol8_aarch64_baseos_latest
	kernel-uek-debug-5.4.17-2136.356.4.1.el8uek.aarch64.rpm	77ac5989e1b0f3f787265a28a3e997f6a7ad7fc85bb7813f6239f71b48494b25	-	ol8_aarch64_u10_baseos_patch
	kernel-uek-debug-devel-5.4.17-2136.356.4.1.el8uek.aarch64.rpm	4ad4d948c9f58c08992d87c7d138131a12c2c79aa34fb42f2c570973b8f79d03	-	ol8_aarch64_baseos_latest
	kernel-uek-debug-devel-5.4.17-2136.356.4.1.el8uek.aarch64.rpm	4ad4d948c9f58c08992d87c7d138131a12c2c79aa34fb42f2c570973b8f79d03	-	ol8_aarch64_u10_baseos_patch
	kernel-uek-devel-5.4.17-2136.356.4.1.el8uek.aarch64.rpm	a392862487cc6decb7f19d147cf8ebac8337ba81d3e615068cc3ca9fd22e84da	-	ol8_aarch64_baseos_latest
	kernel-uek-devel-5.4.17-2136.356.4.1.el8uek.aarch64.rpm	a392862487cc6decb7f19d147cf8ebac8337ba81d3e615068cc3ca9fd22e84da	-	ol8_aarch64_u10_baseos_patch
	kernel-uek-doc-5.4.17-2136.356.4.1.el8uek.noarch.rpm	8ab9f50e9627fccedd1949fd37ca3cdae5031fec2a351a90894bf1c241c423b7	-	ol8_aarch64_baseos_latest
	kernel-uek-doc-5.4.17-2136.356.4.1.el8uek.noarch.rpm	8ab9f50e9627fccedd1949fd37ca3cdae5031fec2a351a90894bf1c241c423b7	-	ol8_aarch64_u10_baseos_patch

Oracle Linux 8 (x86_64)	kernel-uek-5.4.17-2136.356.4.1.el8uek.src.rpm	085699f88d500b454a5fe50eb9da2f916f17fa9c4efb606620ea786656a36748	-	ol8_x86_64_UEKR6
	kernel-uek-5.4.17-2136.356.4.1.el8uek.x86_64.rpm	c2eb5e4765f7546ea944eda401d6d37d1bad80f5c6c003170aa104c0996073a3	-	ol8_x86_64_UEKR6
	kernel-uek-container-5.4.17-2136.356.4.1.el8uek.x86_64.rpm	ed7dec8606ff4ff7f1f7a58ad3ca07b1fe653ce470de09188e3f709ff1079c49	-	ol8_x86_64_UEKR6
	kernel-uek-container-debug-5.4.17-2136.356.4.1.el8uek.x86_64.rpm	41619bf8a7184aac8b4f69f0718779790b2889a83ded3ef69fba877bb6f28284	-	ol8_x86_64_UEKR6
	kernel-uek-debug-5.4.17-2136.356.4.1.el8uek.x86_64.rpm	8900c40350cfa5731160c5c9b0cd2d0c6ec8653c48cdd9fdcd53587285e5c079	-	ol8_x86_64_UEKR6
	kernel-uek-debug-devel-5.4.17-2136.356.4.1.el8uek.x86_64.rpm	76e26f23728ef6295eccd888dcf6d9a5adb6588e36d1a0be2362faa52701273c	-	ol8_x86_64_UEKR6
	kernel-uek-devel-5.4.17-2136.356.4.1.el8uek.x86_64.rpm	06ba4aea6c227396d1808a9a33c2826879a662dcb112044f06a90140508265c1	-	ol8_x86_64_UEKR6
	kernel-uek-doc-5.4.17-2136.356.4.1.el8uek.noarch.rpm	8ab9f50e9627fccedd1949fd37ca3cdae5031fec2a351a90894bf1c241c423b7	-	ol8_x86_64_UEKR6

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691