ELSA-2025-20632

ULN >
Oracle Linux Errata repository >
ELSA-2025-20632

ELSA-2025-20632 - Unbreakable Enterprise kernel security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2025-09-24

Description

[5.4.17-2136.347.6.2]
- clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (Al Viro) [Orabug: 38453918] {CVE-2025-38499}
- vsock: Do not allow binding to VMADDR_PORT_ANY (Budimir Markovic) [Orabug: 38453914]
- HID: core: ensure the allocated report buffer can contain the reserved report ID (Benjamin Tissoires) [Orabug: 38453908]
- HID: core: do not bypass hid_hw_raw_request (Benjamin Tissoires) [Orabug: 38453904]

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (x86_64)	kernel-uek-5.4.17-2136.347.6.2.el7uek.src.rpm	40a908b795cadb5d7e221017c53bc7dd93e842341896c4e73f0fc5de4d5047d4	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-5.4.17-2136.347.6.2.el7uek.x86_64.rpm	5e1d7c39888f712fe17c0fe77376cc8266fb3e46e12f8e6fbba06e754f51f7eb	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-container-5.4.17-2136.347.6.2.el7uek.x86_64.rpm	1013ba78cbe08aaf41d25bf5bba56fcdbb810c5253b989e2bfcb7efefd413eee	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-container-debug-5.4.17-2136.347.6.2.el7uek.x86_64.rpm	b0de03e240bf0a81fcd31cf9beae9433cf46327501b5831258926de25c21aad4	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-debug-5.4.17-2136.347.6.2.el7uek.x86_64.rpm	682bd991facb1504a00408250e5623f1e2faabc07f36ce09bae8d03532941d43	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-debug-devel-5.4.17-2136.347.6.2.el7uek.x86_64.rpm	9782144762881dd4ae49f1bfdb5cb76732108285537673a6384f3f8ca486084c	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-devel-5.4.17-2136.347.6.2.el7uek.x86_64.rpm	40ebd9dfd08d29ec7a476ea30c9e35cb536dfc4d3c2782f28304373378f1b508	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-doc-5.4.17-2136.347.6.2.el7uek.noarch.rpm	3f2288eb6e0c8159e7a43db67ec2e0b8ed01cfb2ca3145a9206b3c497dc56c9f	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-tools-5.4.17-2136.347.6.2.el7uek.x86_64.rpm	f04207d086ce9bee58e9c5d7c2aae8b4bea6b4cc667c3120fea77cddd45333af	-	ol7_x86_64_UEKR6_ELS

Oracle Linux 8 (aarch64)	kernel-uek-5.4.17-2136.347.6.2.el8uek.src.rpm	973bf319edc2cd0383dbb59fca26329b71eb6e68fda2b71969bab05bf28a4d6b	-	ol8_aarch64_baseos_latest
	kernel-uek-5.4.17-2136.347.6.2.el8uek.src.rpm	973bf319edc2cd0383dbb59fca26329b71eb6e68fda2b71969bab05bf28a4d6b	-	ol8_aarch64_u10_baseos_patch
	kernel-uek-5.4.17-2136.347.6.2.el8uek.aarch64.rpm	e87ff33d62be90e4115f1335b205a92f97344fea2f2b48af6a88a44b73b895c0	-	ol8_aarch64_baseos_latest
	kernel-uek-5.4.17-2136.347.6.2.el8uek.aarch64.rpm	e87ff33d62be90e4115f1335b205a92f97344fea2f2b48af6a88a44b73b895c0	-	ol8_aarch64_u10_baseos_patch
	kernel-uek-debug-5.4.17-2136.347.6.2.el8uek.aarch64.rpm	2b7e0d51005291e3a7835da376e3673de927987aebabc540f63632f6bff9e75b	-	ol8_aarch64_baseos_latest
	kernel-uek-debug-5.4.17-2136.347.6.2.el8uek.aarch64.rpm	2b7e0d51005291e3a7835da376e3673de927987aebabc540f63632f6bff9e75b	-	ol8_aarch64_u10_baseos_patch
	kernel-uek-debug-devel-5.4.17-2136.347.6.2.el8uek.aarch64.rpm	3e20f29d97d8227851b4f5c938d9dac79af94b93091f286785222aed2744e85e	-	ol8_aarch64_baseos_latest
	kernel-uek-debug-devel-5.4.17-2136.347.6.2.el8uek.aarch64.rpm	3e20f29d97d8227851b4f5c938d9dac79af94b93091f286785222aed2744e85e	-	ol8_aarch64_u10_baseos_patch
	kernel-uek-devel-5.4.17-2136.347.6.2.el8uek.aarch64.rpm	02733403054af6e27a6dce5c36b839d5895f73c148966eaa66e5e09177ea7857	-	ol8_aarch64_baseos_latest
	kernel-uek-devel-5.4.17-2136.347.6.2.el8uek.aarch64.rpm	02733403054af6e27a6dce5c36b839d5895f73c148966eaa66e5e09177ea7857	-	ol8_aarch64_u10_baseos_patch
	kernel-uek-doc-5.4.17-2136.347.6.2.el8uek.noarch.rpm	4a8e2ef35ee8a66e5faa7c92494883888590e36e945bee5ecb390a69d8ed9973	-	ol8_aarch64_baseos_latest
	kernel-uek-doc-5.4.17-2136.347.6.2.el8uek.noarch.rpm	4a8e2ef35ee8a66e5faa7c92494883888590e36e945bee5ecb390a69d8ed9973	-	ol8_aarch64_u10_baseos_patch

Oracle Linux 8 (x86_64)	kernel-uek-5.4.17-2136.347.6.2.el8uek.src.rpm	973bf319edc2cd0383dbb59fca26329b71eb6e68fda2b71969bab05bf28a4d6b	-	ol8_x86_64_UEKR6
	kernel-uek-5.4.17-2136.347.6.2.el8uek.x86_64.rpm	91152263e81e02f23ebee94cf938c1a75f3f1e6a43f03de0df91569d37a7f413	-	ol8_x86_64_UEKR6
	kernel-uek-container-5.4.17-2136.347.6.2.el8uek.x86_64.rpm	df6a283f3bb2cfbee70a5d8002adf0fe450f11b0cf012efbda154b660fe06550	-	ol8_x86_64_UEKR6
	kernel-uek-container-debug-5.4.17-2136.347.6.2.el8uek.x86_64.rpm	b8b7d4dd82232afd36ada9ba2c186918e67552a560ff23716f6b5200e16268d5	-	ol8_x86_64_UEKR6
	kernel-uek-debug-5.4.17-2136.347.6.2.el8uek.x86_64.rpm	47004d43f9c0c1fd2704836319957a52ac954e3857d77624c28d67eb37c5711f	-	ol8_x86_64_UEKR6
	kernel-uek-debug-devel-5.4.17-2136.347.6.2.el8uek.x86_64.rpm	20ffff7b89b3cc598081a57f45c7d85828bba1738871adc4f1a18f2a3382b014	-	ol8_x86_64_UEKR6
	kernel-uek-devel-5.4.17-2136.347.6.2.el8uek.x86_64.rpm	e5ecc51e6ffca77a88bc35ddcd3da77750557e7b820dc39793dc922989a64d7c	-	ol8_x86_64_UEKR6
	kernel-uek-doc-5.4.17-2136.347.6.2.el8uek.noarch.rpm	4a8e2ef35ee8a66e5faa7c92494883888590e36e945bee5ecb390a69d8ed9973	-	ol8_x86_64_UEKR6

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691