Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Oracle Linux 9: ELSA-2025-20928 ipa Important Privilege Escalation Risk

oracle
Calendar Grey November 27, 2025
Oracle Linux Logo Esm H88
Oracle Linux 9 updates address significant issues in IPA components to enhance overall system integrity and security.
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

[4.12.2-22.0.1.1] - Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674] - Add bind to ipa-server-common Requires [Orabug: 36518596] [4.12.2-22.1] - Resolves: RHEL-118449 ipa: Privilege escalation from host to domain admin in FreeIPA [4.12.2-22] - Resolves: RHEL-107483 ipa-ca-install fails on CA-less replica due to inadequate key usage in master certificate

SRPMs

http://oss.oracle.com/ol9/SRPMS-updates/ipa-4.12.2-22.0.1.el9_7.1.src.rpm

x86_64

ipa-client-4.12.2-22.0.1.el9_7.1.x86_64.rpm ipa-client-common-4.12.2-22.0.1.el9_7.1.noarch.rpm ipa-client-encrypted-dns-4.12.2-22.0.1.el9_7.1.x86_64.rpm ipa-client-epn-4.12.2-22.0.1.el9_7.1.x86_64.rpm ipa-client-samba-4.12.2-22.0.1.el9_7.1.x86_64.rpm ipa-common-4.12.2-22.0.1.el9_7.1.noarch.rpm ipa-selinux-4.12.2-22.0.1.el9_7.1.noarch.rpm ipa-selinux-luna-4.12.2-22.0.1.el9_7.1.noarch.rpm ipa-selinux-nfast-4.12.2-22.0.1.el9_7.1.noarch.rpm ipa-server-4.12.2-22.0.1.el9_7.1.x86_64.rpm ipa-server-common-4.12.2-22.0.1.el9_7.1.noarch.rpm ipa-server-dns-4.12.2-22.0.1.el9_7.1.noarch.rpm ipa-server-encrypted-dns-4.12.2-22.0.1.el9_7.1.x86_64.rpm ipa-server-trust-ad-4.12.2-22.0.1.el9_7.1.x86_64.rpm python3-ipaclient-4.12.2-22.0.1.el9_7.1.noarch.rpm python3-ipalib-4.12.2-22.0.1.el9_7.1.noarch.rpm python3-ipaserver-4.12.2-22.0.1.el9_7.1.noarch.rpm python3-ipatests-4.12.2-22.0.1.el9_7.1.noarch.rpm

aarch64

ipa-client-4.12.2-22.0.1.el9_7.1.aarch64.rpm ipa-client-common-4.12.2-22.0.1.el9_7.1.noarch.rpm ipa-client-encrypted-dns-4.12.2-22.0.1.el9_7.1.aarch64.rpm ipa-client-epn-4.12.2-22.0.1.el9_7.1.aarch64.rpm ipa-client-samba-4.12.2-22.0.1.el9_7.1.aarch64.rpm ipa-common-4.12.2-22.0.1.el9_7.1.noarch.rpm ipa-selinux-4.12.2-22.0.1.el9_7.1.noarch.rpm ipa-selinux-luna-4.12.2-22.0.1.el9_7.1.noarch.rpm ipa-selinux-nfast-4.12.2-22.0.1.el9_7.1.noarch.rpm ipa-server-4.12.2-22.0.1.el9_7.1.aarch64.rpm ipa-server-common-4.12.2-22.0.1.el9_7.1.noarch.rpm ipa-server-dns-4.12.2-22.0.1.el9_7.1.noarch.rpm ipa-server-encrypted-dns-4.12.2-22.0.1.el9_7.1.aarch64.rpm ipa-server-trust-ad-4.12.2-22.0.1.el9_7.1.aarch64.rpm python3-ipaclient-4.12.2-22.0.1.el9_7.1.noarch.rpm python3-ipalib-4.12.2-22.0.1.el9_7.1.noarch.rpm python3-ipaserver-4.12.2-22.0.1.el9_7.1.noarch.rpm python3-ipatests-4.12.2-22.0.1.el9_7.1.noarch.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2025-7493

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here