Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Oracle Linux 10 ELSA-2025-7524 important: xz heap-use-after-free fix

oracle
Calendar Grey June 27, 2025
Oracle Linux Logo Esm H88
Red Hat Enterprise Linux 8 has released new updates for tar, resolving a critical stack-overflow vulnerability. Immediate application of these patches is advised.
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

Summary

[1:5.6.2-4] - Fix: heap-use-after-free bug in threaded .xz decoder (CVE-2025-31115) - Resolves: RHEL-86029

SRPMs

http://oss.oracle.com/ol10/SRPMS-updates/xz-5.6.2-4.el10_0.src.rpm

x86_64

xz-5.6.2-4.el10_0.x86_64.rpm xz-devel-5.6.2-4.el10_0.x86_64.rpm xz-libs-5.6.2-4.el10_0.x86_64.rpm xz-lzma-compat-5.6.2-4.el10_0.x86_64.rpm

aarch64

xz-5.6.2-4.el10_0.aarch64.rpm xz-devel-5.6.2-4.el10_0.aarch64.rpm xz-libs-5.6.2-4.el10_0.aarch64.rpm xz-lzma-compat-5.6.2-4.el10_0.aarch64.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2025-31115

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here