ELSA-2026-18868

ELSA-2026-18868 - linux-sgx security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2026-06-12

Description

[2.26-7]
- Fix pccs npm security flaws

[2.26-6]
- Port to pycryptography and pyasn1 and make keyring optional

[2.26-5]
- Sync specfile changes from Fedora

[2.26-4]
- Drop sgx-mpa dep from sgx-pccs

[2.26-3]
- Add scriptlets for PCCS

[2.26-2]
- Enable pccsadmin everywhere

[2.26-1]
- Update to SGX 2.26 / DCAP 1.23, adding PCCS service

[2.25-7]
- Trigger udev to set perms on /dev/sgx_provision

[2.25-6]
- Temporarily disable automatic tier1 gating

[2.25-5]
- Adapt qgs.service for SELinux policy and sock perms

Related CVEs

CVE-2025-13465

CVE-2025-15284

CVE-2026-23745

CVE-2026-23950

CVE-2026-24842

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 9 (x86_64)	linux-sgx-2.26-7.el9.src.rpm	8eb9659a7bd029cd5f4caa12132f012ff26c60eef627f38ccf363341a4143f4a	-	ol9_x86_64_appstream
	sgx-common-2.26-7.el9.x86_64.rpm	471f76e26f7ce135d6b183e365ae0a4be7143dca577274924152039200e856d3	-	ol9_x86_64_appstream
	sgx-libs-2.26-7.el9.x86_64.rpm	0702f2e25d5b8901ece8ec43a0c629c755790de9d7d4071faf03a03951dd5317	-	ol9_x86_64_appstream
	sgx-mpa-2.26-7.el9.x86_64.rpm	43fc9c8ab8fa9f14a093faf273d7e4fe25fea0c7a6a606e95f375281a089ddfe	-	ol9_x86_64_appstream
	sgx-pccs-2.26-7.el9.x86_64.rpm	f4a0afad0d6831d518b6fff0184004b9d08713d86ad91fa8856f05ca56aef68d	-	ol9_x86_64_appstream
	sgx-pccs-admin-2.26-7.el9.x86_64.rpm	95c14ae95b43d99b70906ee766604c9883458368136dd6cb15b6fee887ca8b38	-	ol9_x86_64_appstream
	sgx-pckid-tool-2.26-7.el9.x86_64.rpm	702c0f5fedf2f2ca2ed808a1e06b856c32a777390f562b3ac469d7c9ce835f37	-	ol9_x86_64_appstream
	tdx-qgs-2.26-7.el9.x86_64.rpm	db3fc7ab6d3e97d2109202521f2eb760560a512e1f430ebdf3e8303583778027	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team