[El-errata] ELSA-2025-20404 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update

Wed Jul 9 11:34:36 UTC 2025

Oracle Linux Security Advisory ELSA-2025-20404

http://linux.oracle.com/errata/ELSA-2025-20404.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-core-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-debug-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-debug-core-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-debug-devel-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-debug-modules-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-debug-modules-extra-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-devel-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-doc-5.15.0-309.180.4.2.el9uek.noarch.rpm
kernel-uek-modules-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-modules-extra-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-container-5.15.0-309.180.4.2.el9uek.x86_64.rpm
kernel-uek-container-debug-5.15.0-309.180.4.2.el9uek.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/kernel-uek-5.15.0-309.180.4.2.el9uek.src.rpm

Related CVEs:

CVE-2024-36350
CVE-2024-36357

Description of changes:

[5.15.0-309.180.4.2.el9uek]
- Add Zen34 clients (Borislav Petkov (AMD))  [Orabug: 38129825]  {CVE-2024-36350} {CVE-2024-36357}
- x86/process: Move the buffer clearing before MONITOR (Kim Phillips)  [Orabug: 38129825]  {CVE-2024-36350} {CVE-2024-36357}
- Add normal counters (Borislav Petkov (AMD))  [Orabug: 38129825]  {CVE-2024-36350} {CVE-2024-36357}
- KVM: SVM: Advertize TSA CPUID bits to guests (Borislav Petkov (AMD))  [Orabug: 38129825]  {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Add a Transient Scheduler Attacks mitigation (Borislav Petkov (AMD))  [Orabug: 38129825]  {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Rename MDS machinery to something more generic (Borislav Petkov (AMD))  [Orabug: 38129825]  {CVE-2024-36350} {CVE-2024-36357}
- x86/CPU/AMD: Add ZenX generations flags (Borislav Petkov (AMD))  [Orabug: 38129825]  {CVE-2024-36350} {CVE-2024-36357}
- x86/bugs: Free X86_BUG_AMD_APIC_C1E and X86_BUG_AMD_E400 bits (Boris Ostrovsky)  [Orabug: 38129825]  {CVE-2024-36350} {CVE-2024-36357}