[El-errata] New Ksplice updates for RHCK 10 (ELSA-2025-21931)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Mon Dec 22 09:05:33 UTC 2025 

Synopsis: ELSA-2025-21931 can now be patched using Ksplice
CVEs: CVE-2025-38498 CVE-2025-39697 CVE-2025-39702 CVE-2025-39718 CVE-2025-39730 CVE-2025-39819 CVE-2025-39825 CVE-2025-39841 CVE-2025-39881 CVE-2025-39946 CVE-2025-39955 CVE-2025-39975 CVE-2025-40186

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2025-21931.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2025-21931.html

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running RHCK 10 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2025-38498: Logic error in core filesystem layer.

* CVE-2025-39697: Use-after-free in NFS client driver.

* CVE-2025-39702: Non-constant MACs comparision time in IPv6 Segment Routing HMAC driver.

* CVE-2025-39718: Out-of-bounds memory access in Virtual Socket protocol driver.

* CVE-2025-39730: Out-of-bounds memory access in NFS client driver.

* CVE-2025-39819: Reference count leak in SMB/CIFS client driver.

* CVE-2025-39825: Concurrent open operations in SMB/CIFS client driver.

* CVE-2025-39841: Use-after-free in Emulex LightPulse Fibre Channel driver.

* CVE-2025-39881: Use-after-free in kernfs driver.

* CVE-2025-39946: Out-of-bounds memory access in Transport Layer Security driver.

* CVE-2025-39955, CVE-2025-40186: Dropped packets in TCP/IP networking driver.

* CVE-2025-39975: Out-of-bounds memory access in SMB/CIFS client driver.

* Note: Oracle has determined some CVEs are not applicable.

The kernel is not affected by the following CVEs
since the code under consideration is not compiled.

CVE-2025-39726, CVE-2025-39903


SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.

More information about the El-errata mailing list