ELSA-2025-20553
- ULN >
- Oracle Linux Errata repository >
- ELSA-2025-20553
ELSA-2025-20553 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2025-09-09 |
Description
[5.4.17-2136.347.6]
- net_sched: sch_sfq: move the limit validation (Octavian Purdila) [Orabug: 38377926] {CVE-2025-37752}
- net_sched: sch_sfq: use a temporary work area for validating configuration (Octavian Purdila) [Orabug: 38377926]
- net_sched: sch_sfq: don't allow 1 packet limit (Octavian Purdila) [Orabug: 38377926] {CVE-2024-57996}
- net_sched: sch_sfq: handle bigger packets (Eric Dumazet) [Orabug: 38377926]
- net_sched: sch_sfq: annotate data-races around q->perturb_period (Eric Dumazet) [Orabug: 38377926]
[5.4.17-2136.347.5]
- squashfs: fix memory leak in squashfs_fill_super (Phillip Lougher)
- netfilter: nf_tables: adjust lockdep assertions handling (Fedor Pchelkin)
- Revert 'vgacon: Add check for vc_origin address range in vgacon_scroll()' (Helge Deller)
- ASoC: ops: dynamically allocate struct snd_ctl_elem_value (Arnd Bergmann)
[5.4.17-2136.347.4]
- KVM: x86: use array_index_nospec with indices that come from guest (Thijs Raymakers) [Orabug: 38319938]
- KVM: APIC: add helper func to remove duplicate code in kvm_pv_send_ipi (Miaohe Lin) [Orabug: 38319938]
- rds: Fix NULL ptr deref in xas_start (Hakon Bugge) [Orabug: 38169303]
[5.4.17-2136.347.3]
- mm: make page_mapped_in_vma() hugetlb walk aware (Jane Chu) [Orabug: 38146326]
- mm/rmap: Fix handling of hugetlbfs pages in page_vma_mapped_walk (Zhenwei Pi) [Orabug: 38146326]
[5.4.17-2136.347.2]
- rds: tcp: block BH in TCP callbacks (Eric Dumazet) [Orabug: 38236847]
- kexec: Improve & fix crash_exclude_mem_range() to handle overlapping ranges (Lianbo Jiang) [Orabug: 38134902]
- module: correctly exit module_kallsyms_on_each_symbol when fn() != 0 (Jon Mediero) [Orabug: 37820709]
- module: potential uninitialized return in module_kallsyms_on_each_symbol() (Dan Carpenter) [Orabug: 37820709]
- module: use RCU to synchronize find_module (Christoph Hellwig) [Orabug: 37820709]
- kallsyms: refactor {,module_}kallsyms_on_each_symbol (Christoph Hellwig) [Orabug: 37820709]
[5.4.17-2136.347.1]
- LTS tag: v5.4.295 (Alok Tiwari)
- scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (Kees Cook)
- arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth() (Tengda Wu) [Orabug: 38180596] {CVE-2025-38320}
- perf: Fix sample vs do_exit() (Peter Zijlstra) [Orabug: 38254030] {CVE-2025-38424}
- s390/pci: Fix __pcilg_mio_inuser() inline assembly (Heiko Carstens)
- rtc: test: Fix invalid format specifier. (David Gow)
- jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (Jeongjun Park) [Orabug: 38180707] {CVE-2025-38337}
- mm/huge_memory: fix dereferencing invalid pmd migration entry (Gavin Guo) [Orabug: 37976985] {CVE-2025-37958}
- rtc: Make rtc_time64_to_tm() support dates before 1970 (Alexandre Mergnat)
- rtc: Improve performance of rtc_time64_to_tm(). Add tests. (Cassio Neri)
- xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (Dan Aloni) [Orabug: 37101886] {CVE-2022-48773}
- posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (Oleg Nesterov) [Orabug: 38223087] {CVE-2025-38352}
- ARM: dts: am335x-bone-common: Increase MDIO reset deassert delay to 50ms (Geert Uytterhoeven)
- ARM: dts: am335x-bone-common: Increase MDIO reset deassert time (Colin Foster)
- ARM: dts: am335x-bone-common: Add GPIO PHY reset on revision C3 board (Shengyu Qu)
- net: atm: fix /proc/net/atm/lec handling (Eric Dumazet) [Orabug: 38158407] {CVE-2025-38180}
- net: atm: add lec_mutex (Eric Dumazet) [Orabug: 38180612] {CVE-2025-38323}
- calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). (Kuniyuki Iwashima) [Orabug: 38158413] {CVE-2025-38181}
- tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (Haixia Qu) [Orabug: 38158425] {CVE-2025-38184}
- tcp: fix tcp_packet_delayed() for tcp_is_non_sack_preventing_reopen() behavior (Neal Cardwell)
- atm: atmtcp: Free invalid length skb in atmtcp_c_send(). (Kuniyuki Iwashima) [Orabug: 38158434] {CVE-2025-38185}
- mpls: Use rcu_dereference_rtnl() in mpls_route_input_rcu(). (Kuniyuki Iwashima) [Orabug: 38180618] {CVE-2025-38324}
- wifi: carl9170: do not ping device which has failed to load firmware (Dmitry Antipov) [Orabug: 38254011] {CVE-2025-38420}
- aoe: clean device rq_list in aoedev_downdev() (Justin Sanders) [Orabug: 38180629] {CVE-2025-38326}
- hwmon: (occ) fix unaligned accesses (Arnd Bergmann)
- drm/nouveau/bl: increase buffer size to avoid truncate warning (Jacob Keller)
- erofs: remove unused trace event erofs_destroy_inode (Gao Xiang)
- ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (Jonathan Lane)
- ALSA: hda/intel: Add Thinkpad E15 to PM deny list (Takashi Iwai)
- Input: sparcspkr - avoid unannotated fall-through (Yuli Wang)
- HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (Terry Junge) [Orabug: 38152878] {CVE-2025-38103}
- atm: Revert atm_account_tx() if copy_from_iter_full() fails. (Kuniyuki Iwashima) [Orabug: 38158458] {CVE-2025-38190}
- selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len (Stephen Smalley)
- scsi: s390: zfcp: Ensure synchronous unit_add (Peter Oberparleiter)
- scsi: storvsc: Increase the timeouts to storvsc_timeout (Dexuan Cui)
- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (Fedor Pchelkin) [Orabug: 38180636] {CVE-2025-38328}
- jffs2: check that raw node were preallocated before writing summary (Artem Sadovnikov) [Orabug: 38158484] {CVE-2025-38194}
- drivers/rapidio/rio_cm.c: prevent possible heap overwrite (Andrew Morton) [Orabug: 38137454] {CVE-2025-38090}
- powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (Narayana Murty N)
- platform/x86: dell_rbu: Stop overwriting data buffer (Stuart Hayes)
- platform: Add Surface platform directory (Maximilian Luz)
- Revert 'bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first' (Alexander Sverdlin)
- tee: Prevent size calculation wraparound on 32-bit kernels (Jann Horn)
- ARM: OMAP2+: Fix l4ls clk domain handling in STANDBY (Sukrut Bellary)
- bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (Laurentiu Tudor)
- watchdog: da9052_wdt: respect TWDMIN (Marcus Folkesson)
- i40e: fix MMIO write access to an invalid page in i40e_clear_hw (Kyungwook Boo) [Orabug: 38158518] {CVE-2025-38200}
- sock: Correct error checking condition for (assign|release)_proto_idx() (Zijun Hu)
- scsi: lpfc: Use memcpy() for BIOS version (Daniel Wagner) [Orabug: 38180668] {CVE-2025-38332}
- vxlan: Do not treat dst cache initialization errors as fatal (Ido Schimmel)
- clk: rockchip: rk3036: mark ddrphy as critical (Heiko Stuebner)
- wifi: mac80211: do not offer a mesh path if forwarding is disabled (Benjamin Berg)
- net: mlx4: add SOF_TIMESTAMPING_TX_SOFTWARE flag when getting ts info (Jason Xing)
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (Gabor Juhos)
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (Gabor Juhos)
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (Gabor Juhos)
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (Gabor Juhos)
- ipv4/route: Use this_cpu_inc() for stats on PREEMPT_RT (Sebastian Andrzej Siewior)
- tcp: fix initial tp->rcvq_space.space value for passive TS enabled flows (Eric Dumazet)
- tcp: always seek for minimal rtt in tcp_rcv_rtt_update() (Eric Dumazet)
- net: dlink: add synchronization for stats update (Moon Yeounsu)
- sctp: Do not wake readers in __sctp_write_space() (Petr Malat)
- emulex/benet: correct command version selection in be_cmd_get_stats() (Alok Tiwari)
- i2c: designware: Invoke runtime suspend on quick slave re-registration (Tan En De)
- net: macb: Check return value of dma_set_mask_and_coherent() (Sergio Perez Gonzalez)
- cpufreq: Force sync policy boost with global boost on sysfs update (Viresh Kumar)
- nios2: force update_mmu_cache on spurious tlb-permission--related pagefaults (Simon Schuster)
- media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mode() (Xu Wang) [Orabug: 38175014] {CVE-2025-38237}
- media: tc358743: ignore video while HPD is low (Hans Verkuil)
- drm/amdkfd: Set SDMA_RLCx_IB_CNTL/SWITCH_INSIDE_IB (Amber Lin)
- jfs: Fix null-ptr-deref in jfs_ioc_trim (Dylan Wolff) [Orabug: 38158546] {CVE-2025-38203}
- drm/amdgpu/gfx9: fix CSIB handling (Alex Deucher)
- drm/amdgpu/gfx8: fix CSIB handling (Alex Deucher)
- jfs: fix array-index-out-of-bounds read in add_missing_indices (Aditya Dutt) [Orabug: 38158553] {CVE-2025-38204}
- drm/amdgpu/gfx7: fix CSIB handling (Alex Deucher)
- drm/amdgpu/gfx10: fix CSIB handling (Alex Deucher)
- drm/msm/a6xx: Increase HFI response timeout (Akhil P Oommen)
- drm/amd/display: Add NULL pointer checks in dm_force_atomic_commit() (Srinivasan Shanmugam)
- media: uapi: v4l: Fix V4L2_TYPE_IS_OUTPUT condition (Nas Chung)
- drm/msm/hdmi: add runtime PM calls to DDC transfer function (Dmitry Baryshkov)
- drm/bridge: analogix_dp: Add irq flag IRQF_NO_AUTOEN instead of calling disable_irq() (Damon Ding)
- sunrpc: update nextcheck time when adding new cache entries (Long Li)
- drm/amdgpu/gfx6: fix CSIB handling (Alex Deucher)
- ACPI: battery: negate current when discharging (Peter Marheine)
- PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (Charan Teja Kalla)
- power: supply: bq27xxx: Retrieve again when busy (Jerry Lv)
- ACPICA: fix acpi parse and parseext cache leaks (Seunghun Han) [Orabug: 38180748] {CVE-2025-38344}
- ACPICA: Avoid sequence overread in call to strncmp() (Ahmed Salem)
- ACPICA: fix acpi operand cache leak in dswstate.c (Seunghun Han) [Orabug: 38180756] {CVE-2025-38345}
- iio: adc: ad7606_spi: fix reg write value mask (David Lechner)
- PCI: Fix lock symmetry in pci_slot_unlock() (Ilpo Jarvinen)
- PCI: Add ACS quirk for Loongson PCIe (Huacai Chen)
- uio_hv_generic: Use correct size for interrupt and monitor pages (Long Li)
- regulator: max14577: Add error check for max14577_read_reg() (Xu Wang)
- mips: Add -std= flag specified in KBUILD_CFLAGS to vdso CFLAGS (Khem Raj)
- staging: iio: ad5933: Correct settling cycles encoding per datasheet (Gabriel)
- net: ch9200: fix uninitialised access during mii_nway_restart (Qasim Ijaz) [Orabug: 38132189] {CVE-2025-38086}
- ftrace: Fix UAF when lookup kallsym after ftrace disabled (Ye Bin) [Orabug: 38180768] {CVE-2025-38346}
- dm-mirror: fix a tiny race condition (Mikulas Patocka)
- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (Xu Wang)
- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (Xu Wang)
- mm: fix ratelimit_pages update error in dirty_ratio_handler() (Jinliang Zheng)
- ipc: fix to protect IPCS lookups using RCU (Jeongjun Park) [Orabug: 38158598] {CVE-2025-38212}
- parisc: fix building with gcc-15 (Arnd Bergmann)
- vgacon: Add check for vc_origin address range in vgacon_scroll() (Gong, Ruiqi)
- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (Murad Masimov) [Orabug: 38158615] {CVE-2025-38214}
- EDAC/altera: Use correct write width with the INTTEST register (Niravkumar L Rabara)
- NFC: nci: uart: Set tty->disc_data only in success path (Krzysztof Kozlowski) [Orabug: 38253992] {CVE-2025-38416}
- f2fs: prevent kernel warning due to negative i_nlink from corrupted image (Jaegeuk Kim) [Orabug: 38158649] {CVE-2025-38219}
- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (Dan Carpenter) [Orabug: 38254054] {CVE-2025-38428}
- ext4: fix calculation of credits for extent tree modification (Jan Kara)
- ext4: inline: fix len overflow in ext4_prepare_inline_data (Thadeu Lima de Souza Cascardo) [Orabug: 38158662] {CVE-2025-38222}
- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (Ioana Ciornei)
- ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (Tasos Sahanidis) [Orabug: 38180697] {CVE-2025-38336}
- ARM: 9447/1: arm/memremap: fix arch_memremap_can_ram_remap() (Ross Stutterheim)
- media: v4l2-dev: fix error handling in __video_register_device() (Ma Ke)
- media: gspca: Add error handling for stv06xx_read_sensor() (Xu Wang)
- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (Mingcong Bai)
- nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (Neil Brown) [Orabug: 38254062] {CVE-2025-38430}
- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (Christian Lamparter) [Orabug: 38180783] {CVE-2025-38348}
- gfs2: move msleep to sleepable context (Alexander Aring)
- configfs: Do not override creating attribute file failure in populate_attrs() (Zijun Hu)
- net: usb: aqc111: debug info before sanitation (Oliver Neukum)
- calipso: unlock rcu before returning -EAFNOSUPPORT (Eric Dumazet)
- xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (Stefano Stabellini)
- usb: Flush altsetting 0 endpoints before reinitializating them after reset. (Mathias Nyman)
- fs/filesystems: Fix potential unsigned integer underflow in fs_name() (Zijun Hu)
- net/mdiobus: Fix potential out-of-bounds read/write access (Jakub Raczynski)
- drm/amd/display: Do not add '-mhard-float' to dcn2{1,0}_resource.o for clang (Nathan Chancellor)
- drm/amd/display: Do not add '-mhard-float' to dml_ccflags for clang (Nathan Chancellor)
- MIPS: Move '-Wa,-msoft-float' check from as-option to cc-option (Nathan Chancellor)
- x86/boot/compressed: prefer cc-option for CFLAGS additions (Nick Desaulniers)
- net: mdio: C22 is now optional, EOPNOTSUPP if not provided (Andrew Lunn)
- net_sched: tbf: fix a race in tbf_change() (Eric Dumazet)
- net_sched: red: fix a race in __red_change() (Eric Dumazet) [Orabug: 38152899] {CVE-2025-38108}
- net_sched: prio: fix a race in prio_tune() (Eric Dumazet) [Orabug: 38105335] {CVE-2025-38083}
- net/mlx5: Fix return value when searching for existing flow group (Patrisious Haddad)
- net/mlx5: Wait for inactive autogroups (Paul Blakey)
- i40e: retry VFLR handling if there is ongoing VF reset (Robert Malz)
- i40e: return false from i40e_reset_vf if reset is in progress (Robert Malz)
- net_sched: sch_sfq: fix a potential crash on gso_skb handling (Eric Dumazet) [Orabug: 38152923] {CVE-2025-38115}
- scsi: iscsi: Fix incorrect error path labels for flashnode operations (Alok Tiwari)
- NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes (Chuck Lever) [Orabug: 36954169] {CVE-2022-48829}
- NFSD: Fix ia_size underflow (Chuck Lever) [Orabug: 36954164] {CVE-2022-48828}
- Input: synaptics-rmi - fix crash with unsupported versions of F34 (Dmitry Torokhov)
- Input: synaptics-rmi4 - convert to use sysfs_emit() APIs (Zhang Songyi)
- pmdomain: core: Fix error checking in genpd_dev_pm_attach_by_id() (Dan Carpenter)
- do_change_type(): refuse to operate on unmounted/not ours mounts (Al Viro) [Orabug: 38256450] {CVE-2025-38498}
- ice: create new Tx scheduler nodes for new queues only (Michal Kubiak)
- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (Luiz Augusto von Dentz)
- net/mlx4_en: Prevent potential integer overflow calculating Hz (Dan Carpenter)
- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (Nicolas Pitre)
- serial: Fix potential null-ptr-deref in mlb_usio_probe() (Henry Martin) [Orabug: 38153012] {CVE-2025-38135}
- usb: renesas_usbhs: Reorder clock handling and power management in probe (Lad Prabhakar) [Orabug: 38153017] {CVE-2025-38136}
- rtc: Fix offset calculation for .start_secs < 0 (Alexandre Mergnat)
- rtc: sh: assign correct interrupts with DT (Wolfram Sang)
- perf record: Fix incorrect --user-regs comments (Dapeng Mi)
- perf tests switch-tracking: Fix timestamp comparison (Leo Yan)
- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (Alexey Gladkov)
- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (Christophe Jaillet)
- rpmsg: qcom_smd: Fix uninitialized return variable in __qcom_smd_send() (Dan Carpenter)
- perf scripts python: exported-sql-viewer.py: Fix pattern matching with Python 3 (Adrian Hunter)
- perf ui browser hists: Set actions->thread before calling do_zoom_thread() (Arnaldo Carvalho de Melo)
- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (Sergey Shtylyov) [Orabug: 38180566] {CVE-2025-38312}
- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (Henry Martin) [Orabug: 38153060] {CVE-2025-38145}
- soc: aspeed: lpc: Fix impossible judgment condition (Su Hui)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou (Quentin Schulz)
- ARM: dts: qcom: apq8064 merge hw splinlock into corresponding syscon device (Dmitry Baryshkov)
- bus: fsl-mc: fix double-free on mc_dev (Ioana Ciornei) [Orabug: 38180573] {CVE-2025-38313}
- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (Ryusuke Konishi)
- nilfs2: add pointer check for nilfs_direct_propagate() (Xu Wang)
- Squashfs: check return result of sb_min_blocksize (Phillip Lougher) [Orabug: 38253985] {CVE-2025-38415}
- ARM: dts: at91: at91sam9263: fix NAND chip selects (Wolfram Sang)
- ARM: dts: at91: usb_a9263: fix GPIO for Dataflash chip select (Wolfram Sang)
- f2fs: fix to correct check conditions in f2fs_cross_rename (Zhiguo Niu)
- f2fs: use d_inode(dentry) cleanup dentry->d_inode (Zhiguo Niu)
- calipso: Don't call calipso functions for AF_INET sk. (Kuniyuki Iwashima) [Orabug: 38153070] {CVE-2025-38147}
- net: lan743x: rename lan743x_reset_phy to lan743x_hw_reset_phy (Thangaraj Samynathan)
- net: usb: aqc111: fix error handling of usbnet read calls (Nikita Zhandarovich) [Orabug: 38153090] {CVE-2025-38153}
- netfilter: nf_tables: nft_fib_ipv6: fix VRF ipv4/ipv6 result discrepancy (Florian Westphal)
- wifi: ath9k_htc: Abort software beacon handling if disabled (Toke Hoiland-Jorgensen) [Orabug: 38153110] {CVE-2025-38157}
- bpf: Fix WARN() in get_bpf_raw_tp_regs (Tao Chen) [Orabug: 38180489] {CVE-2025-38285}
- pinctrl: at91: Fix possible out-of-boundary access (Andy Shevchenko) [Orabug: 38180495] {CVE-2025-38286}
- ktls, sockmap: Fix missing uncharge operation (Jiayuan Chen)
- netfilter: bridge: Move specific fragmented packet to slow_path instead of dropping it (Huajian Yang)
- f2fs: clean up w/ fscrypt_is_bounce_page() (Chao Yu)
- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (Junxian Huang)
- wifi: rtw88: do not ignore hardware read error during DPK (Dmitry Antipov)
- net: ncsi: Fix GCPS 64-bit member variables (Hari Kalavakunta)
- f2fs: fix to do sanity check on sbi->total_valid_block_count (Chao Yu) [Orabug: 38153150] {CVE-2025-38163}
- drm/tegra: rgb: Fix the unbound reference count (Biju Das)
- drm/vkms: Adjust vkms_state->active_planes allocation type (Kees Cook)
- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (Biju Das)
- selftests/seccomp: fix syscall_restart test for arm compat (Neill Kapron)
- firmware: psci: Fix refcount leak in psci_dt_init (Miaoqian Lin)
- m68k: mac: Fix macintosh_config for Mac II (Finn Thain)
- drm/vmwgfx: Add seqno waiter for sync_files (Ian Forbes)
- spi: sh-msiof: Fix maximum DMA transfer size (Geert Uytterhoeven)
- ACPI: OSI: Stop advertising support for '3.0 _SCP Extensions' (Armin Wolf)
- x86/mtrr: Check if fixed-range MTRRs exist in mtrr_save_fixed_ranges() (Jiaqing Zhao)
- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (Zijun Hu)
- EDAC/skx_common: Fix general protection fault (Qiuxu Zhuo) [Orabug: 38180525] {CVE-2025-38298}
- crypto: marvell/cesa - Avoid empty transfer descriptor (Herbert Xu)
- crypto: marvell/cesa - Handle zero-length skcipher requests (Herbert Xu) [Orabug: 38153190] {CVE-2025-38173}
- x86/cpu: Sanitize CPUID(0x80000000) output (Ahmed S. Darwish)
- perf/core: Fix broken throttling when max_samples_per_tick=1 (Qing Wang)
- gfs2: gfs2_create_inode error handling fix (Andreas Gruenbacher)
- netfilter: nft_socket: fix sk refcount leaks (Florian Westphal) [Orabug: 37116555] {CVE-2024-46855}
- thunderbolt: Do not double dequeue a configuration request (Sergey Senozhatsky) [Orabug: 38158384] {CVE-2025-38174}
- usb: usbtmc: Fix timeout value in get_stb (Dave Penkler)
- usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (Hongyu Xie)
- usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (Jiayi Li)
- pinctrl: armada-37xx: set GPIO output value before setting direction (Gabor Juhos)
- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 (Gabor Juhos)
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 7 (x86_64) | kernel-uek-5.4.17-2136.347.6.el7uek.src.rpm | 5dd7c0bea1bc19d901c17401257092e46d91576bf478526ba62cd618a9b2ca16 | - | ol7_x86_64_UEKR6_ELS |
| kernel-uek-5.4.17-2136.347.6.el7uek.x86_64.rpm | 282688252a21f9784775a7806d15e88f9894318094a7204f580a0c30586ad089 | - | ol7_x86_64_UEKR6_ELS | |
| kernel-uek-container-5.4.17-2136.347.6.el7uek.x86_64.rpm | bdfe2fd1f474a50379f3a0ae8e01896aa5a86e433c4315997ad658b777702724 | - | ol7_x86_64_UEKR6_ELS | |
| kernel-uek-container-debug-5.4.17-2136.347.6.el7uek.x86_64.rpm | 2ae0e402ac8b4e56834eb3051b1753ad38b397ff27e888d51d2832f50f074393 | - | ol7_x86_64_UEKR6_ELS | |
| kernel-uek-debug-5.4.17-2136.347.6.el7uek.x86_64.rpm | 872466e69c36dd3c3365f2fa816aff9a072c143e8f3708cea0e34d73bd7e14fe | - | ol7_x86_64_UEKR6_ELS | |
| kernel-uek-debug-devel-5.4.17-2136.347.6.el7uek.x86_64.rpm | a46982e0628145617805e449611d1d14ac049b96123797dacabfb9357ec36970 | - | ol7_x86_64_UEKR6_ELS | |
| kernel-uek-devel-5.4.17-2136.347.6.el7uek.x86_64.rpm | f69e03564bfd8bbc40a0a4358313d64022117c77c76c163a56169c61d0c8f58f | - | ol7_x86_64_UEKR6_ELS | |
| kernel-uek-doc-5.4.17-2136.347.6.el7uek.noarch.rpm | 91567946014d73c6dc64c4fc4422edd684cbbc642f339d3b6be1d59224af9b5d | - | ol7_x86_64_UEKR6_ELS | |
| kernel-uek-tools-5.4.17-2136.347.6.el7uek.x86_64.rpm | f1a41225073cb51c96b0dee6c262ce52f7ce42e51036af35f91faedb98df44d6 | - | ol7_x86_64_UEKR6_ELS | |
| Oracle Linux 8 (aarch64) | kernel-uek-5.4.17-2136.347.6.el8uek.src.rpm | 20631a1c78952d0bc3fce4877a61207b61d2e7efea1cf131a3a1913cdc0154f0 | - | ol8_aarch64_baseos_latest |
| kernel-uek-5.4.17-2136.347.6.el8uek.src.rpm | 20631a1c78952d0bc3fce4877a61207b61d2e7efea1cf131a3a1913cdc0154f0 | - | ol8_aarch64_u10_baseos_patch | |
| kernel-uek-5.4.17-2136.347.6.el8uek.aarch64.rpm | 312fd4242437c2f247cc3e03487d069b73fa947393511ce21eb8b06d74b6d30e | - | ol8_aarch64_baseos_latest | |
| kernel-uek-5.4.17-2136.347.6.el8uek.aarch64.rpm | 312fd4242437c2f247cc3e03487d069b73fa947393511ce21eb8b06d74b6d30e | - | ol8_aarch64_u10_baseos_patch | |
| kernel-uek-debug-5.4.17-2136.347.6.el8uek.aarch64.rpm | c793f91c5f98fa22e5d34071d4230fc7126b48eb1c921d390b40ecd1cf13f024 | - | ol8_aarch64_baseos_latest | |
| kernel-uek-debug-5.4.17-2136.347.6.el8uek.aarch64.rpm | c793f91c5f98fa22e5d34071d4230fc7126b48eb1c921d390b40ecd1cf13f024 | - | ol8_aarch64_u10_baseos_patch | |
| kernel-uek-debug-devel-5.4.17-2136.347.6.el8uek.aarch64.rpm | b1431cddfd0b13469ab8567940fc65e3eb7745818f31e5f3ab1d170defb07aa4 | - | ol8_aarch64_baseos_latest | |
| kernel-uek-debug-devel-5.4.17-2136.347.6.el8uek.aarch64.rpm | b1431cddfd0b13469ab8567940fc65e3eb7745818f31e5f3ab1d170defb07aa4 | - | ol8_aarch64_u10_baseos_patch | |
| kernel-uek-devel-5.4.17-2136.347.6.el8uek.aarch64.rpm | f3371bec799f0a097a29653fc5de6f27a74b0c30f502f749560fa1920a60d1cb | - | ol8_aarch64_baseos_latest | |
| kernel-uek-devel-5.4.17-2136.347.6.el8uek.aarch64.rpm | f3371bec799f0a097a29653fc5de6f27a74b0c30f502f749560fa1920a60d1cb | - | ol8_aarch64_u10_baseos_patch | |
| kernel-uek-doc-5.4.17-2136.347.6.el8uek.noarch.rpm | 1cdefc452f62eaa442c09b54558c93c3b4c1270dee7eccb2efb62c5ab1e7f52f | - | ol8_aarch64_baseos_latest | |
| kernel-uek-doc-5.4.17-2136.347.6.el8uek.noarch.rpm | 1cdefc452f62eaa442c09b54558c93c3b4c1270dee7eccb2efb62c5ab1e7f52f | - | ol8_aarch64_u10_baseos_patch | |
| Oracle Linux 8 (x86_64) | kernel-uek-5.4.17-2136.347.6.el8uek.src.rpm | 20631a1c78952d0bc3fce4877a61207b61d2e7efea1cf131a3a1913cdc0154f0 | - | ol8_x86_64_UEKR6 |
| kernel-uek-5.4.17-2136.347.6.el8uek.x86_64.rpm | c60b7128984ebb999444df7ad5d492d1be8415c2fad6a5f1a2f587afc3d85940 | - | ol8_x86_64_UEKR6 | |
| kernel-uek-container-5.4.17-2136.347.6.el8uek.x86_64.rpm | c0bf9fbb3da496428ad986562925f9cf77d031095858b4726ba6f869498b12c5 | - | ol8_x86_64_UEKR6 | |
| kernel-uek-container-debug-5.4.17-2136.347.6.el8uek.x86_64.rpm | 25e4bb64103949ce22b42b64e7d8b94af20481b9fc44e7909c0fc069ac8d8fce | - | ol8_x86_64_UEKR6 | |
| kernel-uek-debug-5.4.17-2136.347.6.el8uek.x86_64.rpm | 7b5442249320fcf759acfdef1bd82fe03924389085694bfc19104ec29e63572b | - | ol8_x86_64_UEKR6 | |
| kernel-uek-debug-devel-5.4.17-2136.347.6.el8uek.x86_64.rpm | e6184d98c0a44a2e24baae1136aa44ac1bf706343909f78c1ad3e0d718fdd324 | - | ol8_x86_64_UEKR6 | |
| kernel-uek-devel-5.4.17-2136.347.6.el8uek.x86_64.rpm | 1435dbd980fb777d3fd4734feeff259d81d7b9bd123beefe4cb7d1a066e858ce | - | ol8_x86_64_UEKR6 | |
| kernel-uek-doc-5.4.17-2136.347.6.el8uek.noarch.rpm | 1cdefc452f62eaa442c09b54558c93c3b4c1270dee7eccb2efb62c5ab1e7f52f | - | ol8_x86_64_UEKR6 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
