ELSA-2026-50281

ULN >
Oracle Linux Errata repository >
ELSA-2026-50281

ELSA-2026-50281 - Unbreakable Enterprise kernel security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2026-05-20

Description

[5.4.17-2136.355.3.3]
- ptrace: slightly saner 'get_dumpable()' logic (Linus Torvalds) [Orabug: 39391459] {CVE-2026-46333}

[5.4.17-2136.355.3.2]
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (Maurizio Lombardi) [Orabug: 39368774] {CVE-2026-23193}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (Maurizio Lombardi) [Orabug: 39368732] {CVE-2026-23216}
- nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Jeff Layton) [Orabug: 39368718] {CVE-2026-31402}

[5.4.17-2136.355.3.1]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen) [Orabug: 39344527] {CVE-2026-43284}
- x86/CPU/AMD: Add a fix for AMD-SB-7052 (Prathyushi Nangia) [Orabug: 39344576] {CVE-2025-54518}

[5.4.17-2136.355.3]
- crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [Orabug: 39250687,39331106] {CVE-2026-43077}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Herbert Xu) [Orabug: 39250687,39331111] {CVE-2026-43078}
- crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [Orabug: 39250687]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [Orabug: 39250687,39300911] {CVE-2026-43033}
- crypto: authenc - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687]
- crypto: algif_aead - snapshot IV for async AEAD requests (Douya Le) [Orabug: 39250687]
- crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [Orabug: 39250687,39283868,39292250] {CVE-2026-31431}
- crypto: algif_aead - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687] {CVE-2026-31431}
- crypto: scatterwalk - Backport memcpy_sglist() (Eric Biggers) [Orabug: 39250687]
- crypto: doc - fix kernel-doc notation in chacha.c and af_alg.c (Randy Dunlap) [Orabug: 39250687]

[5.4.17-2136.355.2]
- Revert 'rds: Drop rds conn in connect worker if not in down state.' (Alok Tiwari) [Orabug: 39253770]
- x86/CPU: Fix FPDSS on Zen1 (Siddh Raman Pant) [Orabug: 39241225,39273723] {CVE-2026-31628}
- SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (Joshua Rogers) [Orabug: 38852342] {CVE-2025-71120}

[5.4.17-2136.355.1]
- net/sched: Enforce that teql can only be used as root qdisc (Jamal Hadi Salim) [Orabug: 38930950] {CVE-2026-23074}

[5.4.17-2136.354.4]
- macvlan: fix possible UAF in macvlan_forward_source() (Eric Dumazet) [Orabug: 38887731] {CVE-2026-23001}
- macvlan: Use 'hash' iterators to simplify code (Christophe Jaillet) [Orabug: 38887731] {CVE-2026-23001}
- macvlan: Add nodst option to macvlan type source (Jethro Beekman) [Orabug: 38887731] {CVE-2026-23001}
- macvlan: observe an RCU grace period in macvlan_common_newlink() error path (Eric Dumazet) [Orabug: 38970510,39188399] {CVE-2026-23209,CVE-2026-23273}
- macvlan: fix error recovery in macvlan_common_newlink() (Eric Dumazet) [Orabug: 38970510] {CVE-2026-23209}

[5.4.17-2136.354.3]
- io_uring: fix filename leak in __io_openat_prep() (Prithvi Tambewagh) [Orabug: 39064937] {CVE-2025-68814}
- rds: Drop rds conn in connect worker if not in down state. (Rohit Nair) [Orabug: 39045035]

[5.4.17-2136.354.2]
- ext4/jbd2: skip sb flush when EIO happened (Wengang Wang) [Orabug: 38916908]
- jbd2: store more accurate errno in superblock (Wengang Wang) [Orabug: 38916908]
- ext4: save the error code which triggered an (Wengang Wang) [Orabug: 38916908]

[5.4.17-2136.354.1]
- genirq/cpuhotplug: Notify about affinity changes breaking the affinity mask (Imran Khan) [Orabug: 39001911]
- rds: Add state field to RDS trace logs. (Rohit Nair) [Orabug: 38870347]

Related CVEs

CVE-2026-46333

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (x86_64)	kernel-uek-5.4.17-2136.355.3.3.el7uek.src.rpm	aeb62d6c9979e8cd55a7d591c4fe141921776df05b4cbac24ce5e591226b7496	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-5.4.17-2136.355.3.3.el7uek.x86_64.rpm	5571c1cdd7910f88553e20bf30dab72fa414bf468803c69b04e5f5f2d16f7857	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-container-5.4.17-2136.355.3.3.el7uek.x86_64.rpm	548e50d1e60da2d5c07f78b86ff5257eceb590f1a3d5d7df609cf112332ce916	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-container-debug-5.4.17-2136.355.3.3.el7uek.x86_64.rpm	ae92dc4ceac4ea0d21c15c8fe6cdef2560c8e142cbfad9df1661a3cbc26dd48d	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-debug-5.4.17-2136.355.3.3.el7uek.x86_64.rpm	5f2bcb1989eca58367e83afa5a24bb7999a05298a096ab71e34a8be4a371f855	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-debug-devel-5.4.17-2136.355.3.3.el7uek.x86_64.rpm	ca41addc619b5fe0f1c086b4d2772e33c8615c379e07039b67402085ba36c8e0	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-devel-5.4.17-2136.355.3.3.el7uek.x86_64.rpm	79014aa3ec6a603fea54d4c0ed9b81c3ee860cfdd8f77f04be75e165595631e0	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-doc-5.4.17-2136.355.3.3.el7uek.noarch.rpm	8a1cbc281173dfca454cc8fb866d998b7cc98a02f8c028317be2cf56425da763	-	ol7_x86_64_UEKR6_ELS
	kernel-uek-tools-5.4.17-2136.355.3.3.el7uek.x86_64.rpm	876db2c7803495671a5ff69c5ab5b8aa1a8e6fc4bdd4102b906ab3471b549a8e	-	ol7_x86_64_UEKR6_ELS

Oracle Linux 8 (aarch64)	kernel-uek-5.4.17-2136.355.3.3.el8uek.src.rpm	e5aca9bdc773b7c47f2b745a4092e0b70b1acc4b548a79df183763aa5971a4cd	-	ol8_aarch64_baseos_latest
	kernel-uek-5.4.17-2136.355.3.3.el8uek.src.rpm	e5aca9bdc773b7c47f2b745a4092e0b70b1acc4b548a79df183763aa5971a4cd	-	ol8_aarch64_u10_baseos_patch
	kernel-uek-5.4.17-2136.355.3.3.el8uek.aarch64.rpm	a397d2c8f4832396158fbb9f99a0fd7fa2ce163936fb7b099827804e2ce1a2a2	-	ol8_aarch64_baseos_latest
	kernel-uek-5.4.17-2136.355.3.3.el8uek.aarch64.rpm	a397d2c8f4832396158fbb9f99a0fd7fa2ce163936fb7b099827804e2ce1a2a2	-	ol8_aarch64_u10_baseos_patch
	kernel-uek-debug-5.4.17-2136.355.3.3.el8uek.aarch64.rpm	5fa9ecf9507095ef3b3729cb1e7fd97a7adc4a5f2928fed3da284868220b262e	-	ol8_aarch64_baseos_latest
	kernel-uek-debug-5.4.17-2136.355.3.3.el8uek.aarch64.rpm	5fa9ecf9507095ef3b3729cb1e7fd97a7adc4a5f2928fed3da284868220b262e	-	ol8_aarch64_u10_baseos_patch
	kernel-uek-debug-devel-5.4.17-2136.355.3.3.el8uek.aarch64.rpm	54c61d89cd38f83ae34618eeed39d195f0127a60198f9a680eb06b4d4f1187a8	-	ol8_aarch64_baseos_latest
	kernel-uek-debug-devel-5.4.17-2136.355.3.3.el8uek.aarch64.rpm	54c61d89cd38f83ae34618eeed39d195f0127a60198f9a680eb06b4d4f1187a8	-	ol8_aarch64_u10_baseos_patch
	kernel-uek-devel-5.4.17-2136.355.3.3.el8uek.aarch64.rpm	ad3d7b91a42c7a7aa631818b0b74fad476bec9f908d80914a9a35d6b14cd7726	-	ol8_aarch64_baseos_latest
	kernel-uek-devel-5.4.17-2136.355.3.3.el8uek.aarch64.rpm	ad3d7b91a42c7a7aa631818b0b74fad476bec9f908d80914a9a35d6b14cd7726	-	ol8_aarch64_u10_baseos_patch
	kernel-uek-doc-5.4.17-2136.355.3.3.el8uek.noarch.rpm	ed0b9cfc26facfa6ef30d9f77106550f21998d07136eb5eb3b7df59cca759523	-	ol8_aarch64_baseos_latest
	kernel-uek-doc-5.4.17-2136.355.3.3.el8uek.noarch.rpm	ed0b9cfc26facfa6ef30d9f77106550f21998d07136eb5eb3b7df59cca759523	-	ol8_aarch64_u10_baseos_patch

Oracle Linux 8 (x86_64)	kernel-uek-5.4.17-2136.355.3.3.el8uek.src.rpm	e5aca9bdc773b7c47f2b745a4092e0b70b1acc4b548a79df183763aa5971a4cd	-	ol8_x86_64_UEKR6
	kernel-uek-5.4.17-2136.355.3.3.el8uek.x86_64.rpm	402d57ea62ecf591e4dd9b13ac109cd55857b3428c88333bb83291551fe8d39e	-	ol8_x86_64_UEKR6
	kernel-uek-container-5.4.17-2136.355.3.3.el8uek.x86_64.rpm	db9501a75bea7f401b9c516c0c9e822547a4eca7e13440d6011d8d48d037be02	-	ol8_x86_64_UEKR6
	kernel-uek-container-debug-5.4.17-2136.355.3.3.el8uek.x86_64.rpm	ff5a87cc0a164385789e3696815252f40f24346db84bee5a1bdccf44df09dd0b	-	ol8_x86_64_UEKR6
	kernel-uek-debug-5.4.17-2136.355.3.3.el8uek.x86_64.rpm	f8cc66b5869df6a48cd50c332f2617b52017853902ff53a7425fb3f52f07c9dc	-	ol8_x86_64_UEKR6
	kernel-uek-debug-devel-5.4.17-2136.355.3.3.el8uek.x86_64.rpm	635d52fcca18cf1a3822af342f7e90cfa1f9b4ad03704d7e8d4dd3dbe06c46dc	-	ol8_x86_64_UEKR6
	kernel-uek-devel-5.4.17-2136.355.3.3.el8uek.x86_64.rpm	c9596d728a55a9db729e8b2274fc31c41c42e1199a4e346797b4c919718fe8e4	-	ol8_x86_64_UEKR6
	kernel-uek-doc-5.4.17-2136.355.3.3.el8uek.noarch.rpm	ed0b9cfc26facfa6ef30d9f77106550f21998d07136eb5eb3b7df59cca759523	-	ol8_x86_64_UEKR6

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691