Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Oracle Linux 7 ELSA-2026-50258 Important Kernel Dirty Frag Advisory

oracle
Calendar Grey May 11, 2026
Oracle Linux Logo Esm H88
Oracle Linux 7 security advisory concerning kernel dirty fragment vulnerabilities providing crucial updates for system stability.
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

Summary

[5.4.17-2136.354.4.3] - xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen) [Orabug: 39342682] {CVE-2026-43284} [5.4.17-2136.354.4.2] - crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [Orabug: 39292250] - crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Herbert Xu) [Orabug: 39292250] - crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [Orabug: 39292250] - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [Orabug: 39292250] - crypto: authenc - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39292250] - crypto: algif_aead - snapshot IV for async AEAD requests (Douya Le) [Orabug: 39292250] - crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [Orabug: 39292250] - crypto: algif_aead - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39292250] {CVE-2026-31431} - crypto: scatterwalk - Bac...

Read the Full Advisory

SRPMs

http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-5.4.17-2136.354.4.3.el7uek.src.rpm

x86_64

kernel-uek-5.4.17-2136.354.4.3.el7uek.x86_64.rpm kernel-uek-container-5.4.17-2136.354.4.3.el7uek.x86_64.rpm kernel-uek-container-debug-5.4.17-2136.354.4.3.el7uek.x86_64.rpm kernel-uek-debug-5.4.17-2136.354.4.3.el7uek.x86_64.rpm kernel-uek-debug-devel-5.4.17-2136.354.4.3.el7uek.x86_64.rpm kernel-uek-devel-5.4.17-2136.354.4.3.el7uek.x86_64.rpm kernel-uek-doc-5.4.17-2136.354.4.3.el7uek.noarch.rpm kernel-uek-tools-5.4.17-2136.354.4.3.el7uek.x86_64.rpm

aarch64

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2026-43284

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here