The following updated rpms for have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-50351 http://linux.oracle.com/errata/ELSA-2026-50351.html The following updated rpms for have been uploaded to the Unbreakable LinuxNetwork: x86_64: kernel-uek-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-core-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-devel-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-doc-6.12.0-203.76.7.6.el10uek.noarch.rpm kernel-uek-modules-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-core-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-deprecated-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-desktop-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-extra-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-usb-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-wireless-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-tools-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-core-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-devel-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-core-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-deprecated-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-desktop-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-extra-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-usb-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-wireless-6.12.0-203.76.7.6.el10uek.x86_64.rpm aarch64: kernel-uek-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-devel-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-doc-6.12.0-203.76.7.6.el10uek.noarch.rpm kernel-uek-modules-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-deprecated-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-desktop-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-extra-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-usb-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-wireless-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-tools-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-devel-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-deprecated-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-desktop-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-extra-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-usb-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-wireless-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-devel-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-deprecated-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-desktop-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-extra-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-usb-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-wireless-6.12.0-203.76.7.6.el10uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/kernel-uek-6.12.0-203.76.7.6.el10uek.src.rpm Related CVEs: CVE-2026-52943 Description of changes: [6.12.0-203.76.7.6] - net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39639984] {CVE-2026-52943} _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-50351 http://linux.oracle.com/errata/ELSA-2026-50351.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: kernel-uek-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-core-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-debug-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-debug-core-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-debug-devel-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-debug-modules-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-debug-modules-core-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-debug-modules-deprecated-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-debug-modules-desktop-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-debug-modules-usb-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-debug-modules-wireless-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-devel-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-doc-6.12.0-203.76.7.6.el9uek.noarch.rpm kernel-uek-modules-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-modules-core-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-modules-deprecated-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-modules-desktop-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-modules-extra-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-modules-extra-netfilter-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-modules-usb-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-modules-wireless-6.12.0-203.76.7.6.el9uek.x86_64.rpm kernel-uek-tools-6.12.0-203.76.7.6.el9uek.x86_64.rpm aarch64: kernel-uek-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-core-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-debug-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-debug-core-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-debug-devel-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-debug-modules-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-debug-modules-core-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-debug-modules-deprecated-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-debug-modules-desktop-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-debug-modules-usb-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-debug-modules-wireless-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-devel-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-doc-6.12.0-203.76.7.6.el9uek.noarch.rpm kernel-uek-modules-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-modules-extra-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-modules-core-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-modules-deprecated-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-modules-desktop-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-modules-extra-netfilter-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-modules-usb-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-modules-wireless-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek-tools-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek64k-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek64k-core-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek64k-devel-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek64k-modules-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek64k-modules-core-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek64k-modules-deprecated-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek64k-modules-desktop-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek64k-modules-extra-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek64k-modules-extra-netfilter-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek64k-modules-usb-6.12.0-203.76.7.6.el9uek.aarch64.rpm kernel-uek64k-modules-wireless-6.12.0-203.76.7.6.el9uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/kernel-uek-6.12.0-203.76.7.6.el9uek.src.rpm Related CVEs: CVE-2026-52943 Description of changes: [6.12.0-203.76.7.6] - net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39639984] {CVE-2026-52943} _______________________________________________ El-errata mailinglist
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-30859 http://linux.oracle.com/errata/ELSA-2026-30859.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: perl-IO-Compress-2.102-4.el9_8.1.noarch.rpm aarch64: perl-IO-Compress-2.102-4.el9_8.1.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/perl-IO-Compress-2.102-4.el9_8.1.src.rpm Related CVEs: CVE-2026-48962 Description of changes: [2.102-4.1] - Fix CVE-2026-48962: remove use of eval in File::GlobMapper - Resolves: RHEL-180418 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-30856 http://linux.oracle.com/errata/ELSA-2026-30856.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: perl-Archive-Tar-2.38-6.el9_8.1.noarch.rpm aarch64: perl-Archive-Tar-2.38-6.el9_8.1.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/perl-Archive-Tar-2.38-6.el9_8.1.src.rpm Related CVEs: CVE-2026-42496 Description of changes: [2.38-6.1] - Fix CVE-2026-42496: validate symlink and hardlink targets in secure extract mode - Resolves: RHEL-181662 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-30854 http://linux.oracle.com/errata/ELSA-2026-30854.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: git-lfs-3.7.1-4.el9_8.1.x86_64.rpm aarch64: git-lfs-3.7.1-4.el9_8.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/git-lfs-3.7.1-4.el9_8.1.src.rpm Related CVEs: CVE-2026-39821 Description of changes: [3.7.1-4.1] - Fix CVE-2026-39821: vendored golang.org/x/net/idna ToUnicode incorrectly accepting all-ASCII xn-- labels - Resolves: RHEL-183797 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-28212 http://linux.oracle.com/errata/ELSA-2026-28212.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: nginx-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.x86_64.rpm nginx-all-modules-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.noarch.rpm nginx-core-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.x86_64.rpm nginx-filesystem-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.noarch.rpm nginx-mod-devel-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.x86_64.rpm nginx-mod-http-image-filter-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.x86_64.rpm nginx-mod-http-perl-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.x86_64.rpm nginx-mod-http-xslt-filter-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.x86_64.rpm nginx-mod-mail-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.x86_64.rpm nginx-mod-stream-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.x86_64.rpm aarch64: nginx-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.aarch64.rpm nginx-all-modules-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.noarch.rpm nginx-core-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.aarch64.rpm nginx-filesystem-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.noarch.rpm nginx-mod-devel-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.aarch64.rpm nginx-mod-http-image-filter-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.aarch64.rpm nginx-mod-http-perl-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.aarch64.rpm nginx-mod-http-xslt-filter-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.aarch64.rpm nginx-mod-mail-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.aarch64.rpm nginx-mod-stream-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/nginx-1.24.0-7.0.1.module+el9.8.0+90934+bc5453bc.2.src.rpm Related CVEs: CVE-2026-9256 Description of changes: [1.24.0-7.0.1.2] - Reference oracle-indexhtml within Requires [Orabug:33802044] - Remove Red Hat references [Orabug: 29498217] [1:1.24.0-7.2] - Resolves: RHEL-178681 - nginx:1.24/nginx: code execution and denial of service (CVE-2026-9256) - Resolves: RHEL-182554 - nginx:1.24/nginx: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack [1:1.24.0-7.1] - Resolves: RHEL-176234 - nginx:1.24/nginx: NGINX: Arbitrary Code Execution Vulnerability (CVE-2026-42945) [1:1.24.0-7] - Resolves: RHEL-157889 CVE-2026-32647 nginx:1.24/nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files - Resolves: RHEL-159448 CVE-2026-27651 nginx:1.24/nginx: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled - Resolves: RHEL-159561 CVE-2026-27654 nginx:1.24/nginx: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module - Resolves: RHEL-159540 CVE-2026-27784 nginx:1.24/nginx: NGINX: Denial of Service due to memory corruption via crafted MP4 file [1:1.24.0-6] - Resolves: RHEL-146529 - CVE-2026-1642 nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections [1:1.24.0-5] - Resolves: RHEL-84480 - nginx:1.24/nginx: specially crafted MP4 file may cause denial of service (CVE-2024-7347) [1:1.24.0-4] - Resolves: RHEL-49350 - nginx worker processes memory leak _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-25217 http://linux.oracle.com/errata/ELSA-2026-25217.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: kernel-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-abi-stablelists-5.14.0-687.17.1.el9_8.noarch.rpm kernel-core-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-cross-headers-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-core-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-devel-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-devel-matched-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-modules-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-modules-core-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-modules-extra-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-uki-virt-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-devel-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-devel-matched-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-doc-5.14.0-687.17.1.el9_8.noarch.rpm kernel-headers-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-modules-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-modules-core-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-modules-extra-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-tools-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-tools-libs-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-tools-libs-devel-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-uki-virt-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-uki-virt-addons-5.14.0-687.17.1.el9_8.x86_64.rpm libperf-5.14.0-687.17.1.el9_8.x86_64.rpm perf-5.14.0-687.17.1.el9_8.x86_64.rpm python3-perf-5.14.0-687.17.1.el9_8.x86_64.rpm rtla-5.14.0-687.17.1.el9_8.x86_64.rpm rv-5.14.0-687.17.1.el9_8.x86_64.rpm aarch64: kernel-cross-headers-5.14.0-687.17.1.el9_8.aarch64.rpm kernel-headers-5.14.0-687.17.1.el9_8.aarch64.rpm kernel-tools-5.14.0-687.17.1.el9_8.aarch64.rpm kernel-tools-libs-5.14.0-687.17.1.el9_8.aarch64.rpm kernel-tools-libs-devel-5.14.0-687.17.1.el9_8.aarch64.rpm libperf-5.14.0-687.17.1.el9_8.aarch64.rpm perf-5.14.0-687.17.1.el9_8.aarch64.rpm python3-perf-5.14.0-687.17.1.el9_8.aarch64.rpm rtla-5.14.0-687.17.1.el9_8.aarch64.rpm rv-5.14.0-687.17.1.el9_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/kernel-5.14.0-687.17.1.el9_8.src.rpm RelatedCVEs: CVE-2026-23216 CVE-2026-31419 CVE-2026-31508 CVE-2026-31581 CVE-2026-43037 CVE-2026-43056 CVE-2026-43116 CVE-2026-43125 CVE-2026-43501 CVE-2026-45852 CVE-2026-46181 Description of changes: [5.14.0-687.17.1] - Disable UKI signing [Orabug: 36571828] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 cb[] in ip4ip6_err() (Guillaume Nault) [RHEL-172646] {CVE-2026-43037} - net: openvswitch: Avoid releasing netdev before teardown completes (CKI Backport Bot) [RHEL-170539] {CVE-2026-31508} [5.14.0-687.14.1] - RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() (Kamal Heib) [RHEL-179988] {CVE-2026-46181} - redhat: Remove the mlx5 symbols from kabi (Kamal Heib) [RHEL-181822] - ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (Antoine Tenart) [RHEL-178408] {CVE-2026-43501} - RDMA/rxe: Fix double free in rxe_srq_from_init (CKI Backport Bot) [RHEL-179712] {CVE-2026-45852} - netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173843] {CVE-2026-43116} - ice: fix stats array overflow when VF requests more queues (Michal Schmidt) [RHEL-177526] - ice: set max queues in alloc_etherdev_mqs() (Michal Schmidt) [RHEL-174336] - ice: use netif_get_num_default_rss_queues() (Michal Schmidt) [RHEL-174336] - ice: set default rss queues num to physical cores / 2 (Michal Schmidt) [RHEL-174336] - dlm: fix buffer overflow from negative len in dlm_search_rsb_tree (Alexander Aring) [RHEL-173993] {CVE-2026-43125} - dlm: validate length in dlm_search_rsb_tree (Alexander Aring) [RHEL-173993] {CVE-2026-43125} - dpll: zl3073x: add ref-sync pair support (Ivan Vecera) [RHEL-167273] - dpll: zl3073x: add ref sync and output clock type helpers (Ivan Vecera) [RHEL-167273] - dpll: zl3073x: use FIELD_MODIFY() for clear-and-set patterns (Ivan Vecera)[RHEL-167273] - dpll: zl3073x: clean up esync get/set and use zl3073x_out_is_ndiv() (Ivan Vecera) [RHEL-167273] - dpll: zl3073x: implement frequency monitoring (Ivan Vecera) [RHEL-167833] - dpll: add frequency monitoring callback ops (Ivan Vecera) [RHEL-167833] - dpll: add frequency monitoring to netlink spec (Ivan Vecera) [RHEL-167833] - dpll: zl3073x: drop selected and simplify connected ref getter (Ivan Vecera) [RHEL-172938] - dpll: zl3073x: add reference priority to zl3073x_chan (Ivan Vecera) [RHEL-172938] - dpll: zl3073x: add DPLL channel status fields to zl3073x_chan (Ivan Vecera) [RHEL-172938] - dpll: zl3073x: introduce zl3073x_chan for DPLL channel state (Ivan Vecera) [RHEL-172938] - dpll: zl3073x: add zl3073x_ref_state_update helper (Ivan Vecera) [RHEL-172938] - dpll: zl3073x: use struct_group to partition states (Ivan Vecera) [RHEL-172938] - dpll: zl3073x: add die temperature reporting for supported chips (Ivan Vecera) [RHEL-172938] - dpll: zl3073x: detect DPLL channel count from chip ID at runtime (Ivan Vecera) [RHEL-172938] - ALSA: 6fire: fix use-after-free on disconnect (CKI Backport Bot) [RHEL-172969] {CVE-2026-31581} - net: mana: fix use-after-free in add_adev() error path (CKI Backport Bot) [RHEL-172768] {CVE-2026-43056} - scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (CKI Backport Bot) [RHEL-165564] {CVE-2026-23216} - net: bonding: fix use-after-free in bond_xmit_broadcast() (CKI Backport Bot) [RHEL-168068] {CVE-2026-31419} - x86/kvm: Avoid freeing stack-allocated node in kvm_async_pf_queue_task (Ryosuke Yasuoka) [RHEL-158916] [5.14.0-687.13.1] - smb: client: reject userspace cifs.spnego descriptions (Paulo Alcantara) [RHEL-178944] {CVE-2026-46243} - s390/dasd: Copy detected format information to secondary device (Ramesh Chhetri) [RHEL-176472] - s390/dasd: Move quiesce state with pprc swap (Ramesh Chhetri) [RHEL-176472] - s390/dasd: Fix gendisk parent after copy pair swap (Ramesh Chhetri) [RHEL-176472] - nvme: nvme-fc: Ensure -> ioerr_work is cancelled innvme_fc_delete_ctrl() (Ewan D. Milne) [RHEL-171745] - nvme: nvme-fc: move tagset removal to nvme_fc_delete_ctrl() (Ewan D. Milne) [RHEL-171745] - Buffer overflow in drivers/xen/sys-hypervisor.c (Vitaly Kuznetsov) [RHEL-172510] {CVE-2026-31786} - crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172167] - crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172167] - smb: client: fix OOB reads parsing symlink error response (CKI Backport Bot) [RHEL-171471] {CVE-2026-31613} - mm/page_alloc: add vm.thp_thisnode_reclaim sysctl to allow THP reclaim on local node (Nico Pache) [RHEL-164778] - mm/page_alloc: simplify __alloc_pages_slowpath() flow (Nico Pache) [RHEL-164778] - mm/page_alloc: refactor the initial compaction handling (Nico Pache) [RHEL-164778] - mm/page_alloc: ignore the exact initial compaction result (Nico Pache) [RHEL-164778] - mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (Nico Pache) [RHEL-164778] - mm/page_alloc.c: avoid infinite retries caused by cpuset race (Nico Pache) [RHEL-164778] - mm: warn about illegal __GFP_NOFAIL usage in a more appropriate location and manner (Nico Pache) [RHEL-164778] - mm: document __GFP_NOFAIL must be blockable (Nico Pache) [RHEL-164778] [5.14.0-687.12.1] - dm-thin: fix metadata refcount underflow (Benjamin Marzinski) [RHEL-169626] - netfilter: xt_tcpmss: check remaining length before reading optlen (CKI Backport Bot) [RHEL-174216] {CVE-2026-43190} - wifi: brcmfmac: validate bsscfg indices in IF events (CKI Backport Bot) [RHEL-173848] {CVE-2026-43110} - Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172599] {CVE-2026-43023} - Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172572] {CVE-2026-43020} - crypto: tegra - Disable softirqs before finalizing request (CKI Backport Bot) [RHEL-170914] - proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-163343] {CVE-2025-38653} - proc: fix missing pde_set_flags()for net proc files (Abhi Das) [RHEL-163343] {CVE-2025-38653} - proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (CKI Backport Bot) [RHEL-163343] {CVE-2025-38653} - pNFS: fix a missing wake up while waiting on NFS_LAYOUT_DRAIN (Olga Kornievskaia) [RHEL-157470] [5.14.0-687.11.1] - mm/page_alloc: clear page-> private in free_pages_prepare() (Rafael Aquini) [RHEL-174750] {CVE-2026-43303} - ice: fix infinite recursion in ice_cfg_tx_topo via ice_init_dev_hw (CKI Backport Bot) [RHEL-175441] - smb: client: validate dacloffset before building DACL pointers (Paulo Alcantara) [RHEL-172821] - smb: client: use kzalloc to zero-initialize security descriptor buffer (Paulo Alcantara) [RHEL-172821] - smb: client: scope end_of_dacl to CIFS_DEBUG2 use in parse_dacl (Paulo Alcantara) [RHEL-172821] - smb: client: require a full NFS mode SID before reading mode bits (Paulo Alcantara) [RHEL-172821] - smb: client: validate the whole DACL before rewriting it in cifsacl (Paulo Alcantara) [RHEL-172821] {CVE-2026-31709} - Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (David Marlin) [RHEL-165063] {CVE-2026-31408} - xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174058] {CVE-2026-43158} - xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174058] {CVE-2026-43158} - redhat/configs: enable CONFIG_SCLP_OFB for s390x (Jan Polensky) [RHEL-172927] - HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (CKI Backport Bot) [RHEL-172740] {CVE-2026-43051} - netfilter: nf_conntrack_helper: pass helper to expect cleanup (CKI Backport Bot) [RHEL-172620] {CVE-2026-43027} - s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump (Ramesh Chhetri) [RHEL-166859] - ice: add dpll peer notification for paired SMA and U.FL pins (Petr Oros) [RHEL-171829] - ice: fix missing dpll notifications for SW pins (Petr Oros) [RHEL-171829] - dpll: export __dpll_pin_change_ntf() for use under dpll_lock (Petr Oros) [RHEL-171829] -ice: fix SMA and U.FL pin state changes affecting paired pin (Petr Oros) [RHEL-162179] - ice: fix missing SMA pin initialization in DPLL subsystem (Petr Oros) [RHEL-171832] - ice: fix NULL pointer dereference in ice_reset_all_vfs() (Petr Oros) [RHEL-172257] - dpll: zl3073x: Remove redundant cleanup in devm_dpll_init() (CKI Backport Bot) [RHEL-164442] - dpll: zl3073x: fix REF_PHASE_OFFSET_COMP register width for some chip IDs (CKI Backport Bot) [RHEL-164442] - dpll: zl3073x: Fix ref frequency setting (CKI Backport Bot) [RHEL-164442] - dpll: zl3073x: Include current frequency in supported frequencies list (CKI Backport Bot) [RHEL-164442] - dpll: zl3073x: Add output pin frequency helper (CKI Backport Bot) [RHEL-164442] - scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (Vitaly Kuznetsov) [RHEL-171378] - netfilter: ip6t_eui64: reject invalid MAC header for all packets (CKI Backport Bot) [RHEL-171155] {CVE-2026-31685} - net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171138] {CVE-2026-31684} - cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-170960] - ice: fix ice_ptp_read_tx_hwtstamp_status_eth56g (Petr Oros) [RHEL-170701] - ice: fix ready bitmap check for non-E822 devices (Petr Oros) [RHEL-170701] - ice: perform PHY soft reset for E825C ports at initialization (Petr Oros) [RHEL-170701] - ice: fix timestamp interrupt configuration for E825C (Petr Oros) [RHEL-170701] - drm/mgag200: fix mgag200_bmc_stop_scanout() (Jocelyn Falempe) [RHEL-150179] - nbd: defer config unlock in nbd_genl_connect (Jeff Moyer) [RHEL-166950] {CVE-2025-68366} - x86/mm: flush IOMMU before freeing kernel page table pages (Jerry Snitselaar) [RHEL-167100] {CVE-2025-71089} - iommu/sva: add kernel page table IOTLB flush notification (Jerry Snitselaar) [RHEL-167100] {CVE-2025-71089} - netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (CKI Backport Bot) [RHEL-166987] {CVE-2026-23455} - crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (CKIBackport Bot) [RHEL-166927] {CVE-2025-68724} - ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (Bruno Meneguele) [RHEL-169734] {CVE-2025-68183} - i2c: i801: Revert "i2c: i801: replace acpi_lock with I2C bus lock" (David Arcari) [RHEL-155312] - ice: fix PTP timestamping broken by SyncE code on E825C (Petr Oros) [RHEL-162182] - ice: fix missing TX timestamps interrupts on E825 devices (CKI Backport Bot) [RHEL-162185] - Revert "mm: pcp: increase pcp-> free_count threshold to trigger free_high" (Luiz Capitulino) [RHEL-163464] - netfilter: nf_tables: release flowtable after rcu grace period on error (CKI Backport Bot) [RHEL-160461] {CVE-2026-23392} [5.14.0-687.10.1] - net: skbuff: propagate shared-frag marker through frag-transfer helpers (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300} - net: move skb_gro_receive_list from udp to core (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300} - net: skbuff: preserve shared-frag marker during coalescing (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300} - ptrace: slightly saner 'get_dumpable()' logic (Ricardo Robaina) [RHEL-176454] {CVE-2026-46333} - md/bitmap: fix GPF in write_page caused by resize race (Nigel Croxon) [RHEL-174091] {CVE-2026-43163} - RDMA/umem: Fix double dma_buf_unpin in failure path (CKI Backport Bot) [RHEL-174020] {CVE-2026-43128} - usbip: validate number_of_packets in usbip_pack_ret_submit() (CKI Backport Bot) [RHEL-171430] {CVE-2026-31607} - can: raw: fix ro-> uniq use-after-free in raw_rcv() (CKI Backport Bot) [RHEL-170759] {CVE-2026-31532} [5.14.0-687.9.1] - xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174563] {CVE-2026-43284} _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-24381 http://linux.oracle.com/errata/ELSA-2026-24381.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: kernel-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-abi-stablelists-5.14.0-687.17.1.el9_8.noarch.rpm kernel-core-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-cross-headers-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-core-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-devel-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-devel-matched-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-modules-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-modules-core-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-modules-extra-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-uki-virt-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-devel-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-devel-matched-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-doc-5.14.0-687.17.1.el9_8.noarch.rpm kernel-headers-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-modules-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-modules-core-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-modules-extra-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-tools-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-tools-libs-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-tools-libs-devel-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-uki-virt-5.14.0-687.17.1.el9_8.x86_64.rpm kernel-uki-virt-addons-5.14.0-687.17.1.el9_8.x86_64.rpm libperf-5.14.0-687.17.1.el9_8.x86_64.rpm perf-5.14.0-687.17.1.el9_8.x86_64.rpm python3-perf-5.14.0-687.17.1.el9_8.x86_64.rpm rtla-5.14.0-687.17.1.el9_8.x86_64.rpm rv-5.14.0-687.17.1.el9_8.x86_64.rpm aarch64: kernel-cross-headers-5.14.0-687.17.1.el9_8.aarch64.rpm kernel-headers-5.14.0-687.17.1.el9_8.aarch64.rpm kernel-tools-5.14.0-687.17.1.el9_8.aarch64.rpm kernel-tools-libs-5.14.0-687.17.1.el9_8.aarch64.rpm kernel-tools-libs-devel-5.14.0-687.17.1.el9_8.aarch64.rpm libperf-5.14.0-687.17.1.el9_8.aarch64.rpm perf-5.14.0-687.17.1.el9_8.aarch64.rpm python3-perf-5.14.0-687.17.1.el9_8.aarch64.rpm rtla-5.14.0-687.17.1.el9_8.aarch64.rpm rv-5.14.0-687.17.1.el9_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/kernel-5.14.0-687.17.1.el9_8.src.rpm RelatedCVEs: CVE-2026-31613 CVE-2026-31786 CVE-2026-46243 Description of changes: [5.14.0-687.17.1] - Disable UKI signing [Orabug: 36571828] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 cb[] in ip4ip6_err() (Guillaume Nault) [RHEL-172646] {CVE-2026-43037} - net: openvswitch: Avoid releasing netdev before teardown completes (CKI Backport Bot) [RHEL-170539] {CVE-2026-31508} [5.14.0-687.14.1] - RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() (Kamal Heib) [RHEL-179988] {CVE-2026-46181} - redhat: Remove the mlx5 symbols from kabi (Kamal Heib) [RHEL-181822] - ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (Antoine Tenart) [RHEL-178408] {CVE-2026-43501} - RDMA/rxe: Fix double free in rxe_srq_from_init (CKI Backport Bot) [RHEL-179712] {CVE-2026-45852} - netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173843] {CVE-2026-43116} - ice: fix stats array overflow when VF requests more queues (Michal Schmidt) [RHEL-177526] - ice: set max queues in alloc_etherdev_mqs() (Michal Schmidt) [RHEL-174336] - ice: use netif_get_num_default_rss_queues() (Michal Schmidt) [RHEL-174336] - ice: set default rss queues num to physical cores / 2 (Michal Schmidt) [RHEL-174336] - dlm: fix buffer overflow from negative len in dlm_search_rsb_tree (Alexander Aring) [RHEL-173993] {CVE-2026-43125} - dlm: validate length in dlm_search_rsb_tree (Alexander Aring) [RHEL-173993] {CVE-2026-43125} - dpll: zl3073x: add ref-sync pair support (Ivan Vecera) [RHEL-167273] - dpll: zl3073x: add ref sync and output clock type helpers (Ivan Vecera) [RHEL-167273] - dpll: zl3073x: use FIELD_MODIFY() for clear-and-set patterns (Ivan Vecera) [RHEL-167273] - dpll: zl3073x: clean up esync get/set and use zl3073x_out_is_ndiv() (Ivan Vecera) [RHEL-167273] - dpll:zl3073x: implement frequency monitoring (Ivan Vecera) [RHEL-167833] - dpll: add frequency monitoring callback ops (Ivan Vecera) [RHEL-167833] - dpll: add frequency monitoring to netlink spec (Ivan Vecera) [RHEL-167833] - dpll: zl3073x: drop selected and simplify connected ref getter (Ivan Vecera) [RHEL-172938] - dpll: zl3073x: add reference priority to zl3073x_chan (Ivan Vecera) [RHEL-172938] - dpll: zl3073x: add DPLL channel status fields to zl3073x_chan (Ivan Vecera) [RHEL-172938] - dpll: zl3073x: introduce zl3073x_chan for DPLL channel state (Ivan Vecera) [RHEL-172938] - dpll: zl3073x: add zl3073x_ref_state_update helper (Ivan Vecera) [RHEL-172938] - dpll: zl3073x: use struct_group to partition states (Ivan Vecera) [RHEL-172938] - dpll: zl3073x: add die temperature reporting for supported chips (Ivan Vecera) [RHEL-172938] - dpll: zl3073x: detect DPLL channel count from chip ID at runtime (Ivan Vecera) [RHEL-172938] - ALSA: 6fire: fix use-after-free on disconnect (CKI Backport Bot) [RHEL-172969] {CVE-2026-31581} - net: mana: fix use-after-free in add_adev() error path (CKI Backport Bot) [RHEL-172768] {CVE-2026-43056} - scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (CKI Backport Bot) [RHEL-165564] {CVE-2026-23216} - net: bonding: fix use-after-free in bond_xmit_broadcast() (CKI Backport Bot) [RHEL-168068] {CVE-2026-31419} - x86/kvm: Avoid freeing stack-allocated node in kvm_async_pf_queue_task (Ryosuke Yasuoka) [RHEL-158916] [5.14.0-687.13.1] - smb: client: reject userspace cifs.spnego descriptions (Paulo Alcantara) [RHEL-178944] {CVE-2026-46243} - s390/dasd: Copy detected format information to secondary device (Ramesh Chhetri) [RHEL-176472] - s390/dasd: Move quiesce state with pprc swap (Ramesh Chhetri) [RHEL-176472] - s390/dasd: Fix gendisk parent after copy pair swap (Ramesh Chhetri) [RHEL-176472] - nvme: nvme-fc: Ensure -> ioerr_work is cancelled in nvme_fc_delete_ctrl() (Ewan D. Milne) [RHEL-171745] - nvme: nvme-fc: move tagset removal to nvme_fc_delete_ctrl() (Ewan D. Milne)[RHEL-171745] - Buffer overflow in drivers/xen/sys-hypervisor.c (Vitaly Kuznetsov) [RHEL-172510] {CVE-2026-31786} - crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172167] - crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172167] - smb: client: fix OOB reads parsing symlink error response (CKI Backport Bot) [RHEL-171471] {CVE-2026-31613} - mm/page_alloc: add vm.thp_thisnode_reclaim sysctl to allow THP reclaim on local node (Nico Pache) [RHEL-164778] - mm/page_alloc: simplify __alloc_pages_slowpath() flow (Nico Pache) [RHEL-164778] - mm/page_alloc: refactor the initial compaction handling (Nico Pache) [RHEL-164778] - mm/page_alloc: ignore the exact initial compaction result (Nico Pache) [RHEL-164778] - mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (Nico Pache) [RHEL-164778] - mm/page_alloc.c: avoid infinite retries caused by cpuset race (Nico Pache) [RHEL-164778] - mm: warn about illegal __GFP_NOFAIL usage in a more appropriate location and manner (Nico Pache) [RHEL-164778] - mm: document __GFP_NOFAIL must be blockable (Nico Pache) [RHEL-164778] [5.14.0-687.12.1] - dm-thin: fix metadata refcount underflow (Benjamin Marzinski) [RHEL-169626] - netfilter: xt_tcpmss: check remaining length before reading optlen (CKI Backport Bot) [RHEL-174216] {CVE-2026-43190} - wifi: brcmfmac: validate bsscfg indices in IF events (CKI Backport Bot) [RHEL-173848] {CVE-2026-43110} - Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172599] {CVE-2026-43023} - Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172572] {CVE-2026-43020} - crypto: tegra - Disable softirqs before finalizing request (CKI Backport Bot) [RHEL-170914] - proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-163343] {CVE-2025-38653} - proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-163343] {CVE-2025-38653} - proc: use the same treatment to check proc_lseek as ones forproc_read_iter et.al (CKI Backport Bot) [RHEL-163343] {CVE-2025-38653} - pNFS: fix a missing wake up while waiting on NFS_LAYOUT_DRAIN (Olga Kornievskaia) [RHEL-157470] [5.14.0-687.11.1] - mm/page_alloc: clear page-> private in free_pages_prepare() (Rafael Aquini) [RHEL-174750] {CVE-2026-43303} - ice: fix infinite recursion in ice_cfg_tx_topo via ice_init_dev_hw (CKI Backport Bot) [RHEL-175441] - smb: client: validate dacloffset before building DACL pointers (Paulo Alcantara) [RHEL-172821] - smb: client: use kzalloc to zero-initialize security descriptor buffer (Paulo Alcantara) [RHEL-172821] - smb: client: scope end_of_dacl to CIFS_DEBUG2 use in parse_dacl (Paulo Alcantara) [RHEL-172821] - smb: client: require a full NFS mode SID before reading mode bits (Paulo Alcantara) [RHEL-172821] - smb: client: validate the whole DACL before rewriting it in cifsacl (Paulo Alcantara) [RHEL-172821] {CVE-2026-31709} - Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (David Marlin) [RHEL-165063] {CVE-2026-31408} - xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174058] {CVE-2026-43158} - xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174058] {CVE-2026-43158} - redhat/configs: enable CONFIG_SCLP_OFB for s390x (Jan Polensky) [RHEL-172927] - HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (CKI Backport Bot) [RHEL-172740] {CVE-2026-43051} - netfilter: nf_conntrack_helper: pass helper to expect cleanup (CKI Backport Bot) [RHEL-172620] {CVE-2026-43027} - s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump (Ramesh Chhetri) [RHEL-166859] - ice: add dpll peer notification for paired SMA and U.FL pins (Petr Oros) [RHEL-171829] - ice: fix missing dpll notifications for SW pins (Petr Oros) [RHEL-171829] - dpll: export __dpll_pin_change_ntf() for use under dpll_lock (Petr Oros) [RHEL-171829] - ice: fix SMA and U.FL pin state changes affecting paired pin (Petr Oros) [RHEL-162179] - ice: fix missing SMA pininitialization in DPLL subsystem (Petr Oros) [RHEL-171832] - ice: fix NULL pointer dereference in ice_reset_all_vfs() (Petr Oros) [RHEL-172257] - dpll: zl3073x: Remove redundant cleanup in devm_dpll_init() (CKI Backport Bot) [RHEL-164442] - dpll: zl3073x: fix REF_PHASE_OFFSET_COMP register width for some chip IDs (CKI Backport Bot) [RHEL-164442] - dpll: zl3073x: Fix ref frequency setting (CKI Backport Bot) [RHEL-164442] - dpll: zl3073x: Include current frequency in supported frequencies list (CKI Backport Bot) [RHEL-164442] - dpll: zl3073x: Add output pin frequency helper (CKI Backport Bot) [RHEL-164442] - scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (Vitaly Kuznetsov) [RHEL-171378] - netfilter: ip6t_eui64: reject invalid MAC header for all packets (CKI Backport Bot) [RHEL-171155] {CVE-2026-31685} - net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171138] {CVE-2026-31684} - cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-170960] - ice: fix ice_ptp_read_tx_hwtstamp_status_eth56g (Petr Oros) [RHEL-170701] - ice: fix ready bitmap check for non-E822 devices (Petr Oros) [RHEL-170701] - ice: perform PHY soft reset for E825C ports at initialization (Petr Oros) [RHEL-170701] - ice: fix timestamp interrupt configuration for E825C (Petr Oros) [RHEL-170701] - drm/mgag200: fix mgag200_bmc_stop_scanout() (Jocelyn Falempe) [RHEL-150179] - nbd: defer config unlock in nbd_genl_connect (Jeff Moyer) [RHEL-166950] {CVE-2025-68366} - x86/mm: flush IOMMU before freeing kernel page table pages (Jerry Snitselaar) [RHEL-167100] {CVE-2025-71089} - iommu/sva: add kernel page table IOTLB flush notification (Jerry Snitselaar) [RHEL-167100] {CVE-2025-71089} - netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (CKI Backport Bot) [RHEL-166987] {CVE-2026-23455} - crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (CKI Backport Bot) [RHEL-166927] {CVE-2025-68724} - ima: don't clear IMA_DIGSIG flag when setting or removing non-IMAxattr (Bruno Meneguele) [RHEL-169734] {CVE-2025-68183} - i2c: i801: Revert "i2c: i801: replace acpi_lock with I2C bus lock" (David Arcari) [RHEL-155312] - ice: fix PTP timestamping broken by SyncE code on E825C (Petr Oros) [RHEL-162182] - ice: fix missing TX timestamps interrupts on E825 devices (CKI Backport Bot) [RHEL-162185] - Revert "mm: pcp: increase pcp-> free_count threshold to trigger free_high" (Luiz Capitulino) [RHEL-163464] - netfilter: nf_tables: release flowtable after rcu grace period on error (CKI Backport Bot) [RHEL-160461] {CVE-2026-23392} [5.14.0-687.10.1] - net: skbuff: propagate shared-frag marker through frag-transfer helpers (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300} - net: move skb_gro_receive_list from udp to core (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300} - net: skbuff: preserve shared-frag marker during coalescing (Sabrina Dubroca) [RHEL-176064] {CVE-2026-46300} - ptrace: slightly saner 'get_dumpable()' logic (Ricardo Robaina) [RHEL-176454] {CVE-2026-46333} - md/bitmap: fix GPF in write_page caused by resize race (Nigel Croxon) [RHEL-174091] {CVE-2026-43163} - RDMA/umem: Fix double dma_buf_unpin in failure path (CKI Backport Bot) [RHEL-174020] {CVE-2026-43128} - usbip: validate number_of_packets in usbip_pack_ret_submit() (CKI Backport Bot) [RHEL-171430] {CVE-2026-31607} - can: raw: fix ro-> uniq use-after-free in raw_rcv() (CKI Backport Bot) [RHEL-170759] {CVE-2026-31532} [5.14.0-687.9.1] - xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174563] {CVE-2026-43284} _______________________________________________ El-errata mailing list
Get the latest Linux and open source security news straight to your inbox.