ELSA-2025-17161
- ULN >
- Oracle Linux Errata repository >
- ELSA-2025-17161
ELSA-2025-17161 - kernel security update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2025-10-20 |
Description
[3.10.0-1160.119.1.0.13]
- ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() {CVE-2022-48701} [Orabug: 38493400]
- md-raid10: fix KASAN warning {CVE-2022-50211} [Orabug: 38493400]
- ALSA: bcd2000: Fix a UAF bug on the error path of probing {CVE-2022-50229} [Orabug: 38493400]
- net: usb: smsc75xx: Limit packet length to skb->len {CVE-2023-53125} [Orabug: 38493400]
- i40e: fix MMIO write access to an invalid page in i40e_clear_hw {CVE-2025-38200} [Orabug: 38493400]
- net/sched: sch_qfq: Fix race condition on qfq_aggregate {CVE-2025-38477} [Orabug: 38493400]
[3.10.0-1160.119.1.0.12]
- scsi: lpfc: Use memcpy() for BIOS version (CVE-2025-38332) [Orabug: 38414589]
- posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (CVE-2025-38352) [Orabug: 38414589]
[3.10.0-1160.119.1.0.11]
- kernel: media: uvcvideo: Fix double free in error path (CVE-2024-57980)
- kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (CVE-2025-21928)
- kernel: ext4: fix off-by-one error in do_split (CVE-2025-23150)
- kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() (CVE-2022-49788)
- kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (CVE-2025-38000)
- kernel: ext4: avoid resizing to a partial cluster size (CVE-2022-50020)
- kernel: drivers:md:fix a potential use-after-free bug (CVE-2022-50022)
- kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (CVE-2025-38177)
- kernel: net/sched: Always pass notifications when child class becomes empty (CVE-2025-38350)
- crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079)
[3.10.0-1160.119.1.0.10]
- net: atlantic: fix aq_vec index out of range error (Chia-Lin Kao) {CVE-2022-50066} [Orabug: 38201271]
- net: atm: fix use after free in lec_send() (Dan Carpenter) {CVE-2025-22004} [Orabug: 38201271]
[3.10.0-1160.119.1.0.9]
- netfilter: ipset: add missing range check in bitmap_ip_uadt (Jeongjun Park) {CVE-2024-53141} [Orabug: 37964173]
- Update OL SB certificates
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985797]
[3.10.0-1160.119.1.0.8]
- ALSA: usb-audio: Fix out of bounds reads when finding clock sources (Takashi Iwai) {CVE-2024-53150} [Orabug: 37830084]
[3.10.0-1160.119.1.0.7]
- ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (Benoit Sevens) {CVE-2024-53197} [Orabug: 37686305]
- can: bcm: Fix UAF in bcm_proc_show() (YueHaibing) {CVE-2023-52922} [Orabug: 37686305]
- HID: core: zero-initialize the report buffer (Benoit Sevens) {CVE-2024-50302} [Orabug: 37686305]
[3.10.0-1160.119.1.0.6]
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (Benoit Sevens) {CVE-2024-53104} [Orabug: 37584712]
Related CVEs
| CVE-2022-50229 |
| CVE-2025-38200 |
| CVE-2022-48701 |
| CVE-2025-38477 |
| CVE-2023-53125 |
| CVE-2022-50211 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 7 (x86_64) | kernel-3.10.0-1160.119.1.0.13.el7.src.rpm | 6d346650522286e9254ebb79a489ffc831bc394a270cbce5a2ee41930883d310 | - | ol7_x86_64_latest_ELS |
| bpftool-3.10.0-1160.119.1.0.13.el7.x86_64.rpm | b5c8fbc2d2d67ba1a7c5af4ed2301d21b5099ec5310ebdbbb470450093fb8b1a | - | ol7_x86_64_latest_ELS | |
| kernel-3.10.0-1160.119.1.0.13.el7.x86_64.rpm | 037a9288ed1213bcf84ab4debefde0928b7f0e67e5ba78f545da08ae93a6be75 | - | ol7_x86_64_latest_ELS | |
| kernel-abi-whitelists-3.10.0-1160.119.1.0.13.el7.noarch.rpm | f6ea885ee87415a1020ebd9c0ef5ba217ec5f9b0de4cae6ec91d9d8c902ba9b6 | - | ol7_x86_64_latest_ELS | |
| kernel-debug-3.10.0-1160.119.1.0.13.el7.x86_64.rpm | d31b12fec907f84a0fb281a7283682d1d7ec6f815b2f62ac7cdc901e4f88aacf | - | ol7_x86_64_latest_ELS | |
| kernel-debug-devel-3.10.0-1160.119.1.0.13.el7.x86_64.rpm | 71ef4aa63e1127d82baf21ccd4d4fce30fc4af354a7bfe376c274fbb77636486 | - | ol7_x86_64_latest_ELS | |
| kernel-devel-3.10.0-1160.119.1.0.13.el7.x86_64.rpm | 9609548136fc367cae244e04afa90ea119063f3fb0add9a779f1fa05825e424b | - | ol7_x86_64_latest_ELS | |
| kernel-doc-3.10.0-1160.119.1.0.13.el7.noarch.rpm | adc918a1c5ac42233501cd3b740fe493c98e87035c5518bab23731792edb41b1 | - | ol7_x86_64_latest_ELS | |
| kernel-headers-3.10.0-1160.119.1.0.13.el7.x86_64.rpm | 3babca7fe5fa8735ef7da0a6e5ee3592c482ca548138c1522ccb1b6063054a54 | - | ol7_x86_64_latest_ELS | |
| kernel-tools-3.10.0-1160.119.1.0.13.el7.x86_64.rpm | 139aaeec5dec806ce31e1b9d0ac55197befc568577096f30e3dce2a6af8d2865 | - | ol7_x86_64_latest_ELS | |
| kernel-tools-libs-3.10.0-1160.119.1.0.13.el7.x86_64.rpm | 77de202ff103919374ca6d3925f9d4c49abeade13a49169f3346d43f6e75308f | - | ol7_x86_64_latest_ELS | |
| kernel-tools-libs-devel-3.10.0-1160.119.1.0.13.el7.x86_64.rpm | 5e3bf8d9200bc3e81f64d60d2a250edccbb381c1e7ed6d92b84aa9f00daf688a | - | ol7_x86_64_latest_ELS | |
| perf-3.10.0-1160.119.1.0.13.el7.x86_64.rpm | 524ebb2d50bb6be6fb0174fa17f023f7c2c4e46d9e24aa54b3416f56f21d199f | - | ol7_x86_64_latest_ELS | |
| python-perf-3.10.0-1160.119.1.0.13.el7.x86_64.rpm | 1b9d9d8481c8d087cf287ea043aff90320438d78711d987d55b8d58e0eca7450 | - | ol7_x86_64_latest_ELS | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
