[El-errata] New Ksplice updates for RHCK 9 (ELSA-2025-6966)
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Mon Jun 9 15:11:44 UTC 2025
Synopsis: ELSA-2025-6966 can now be patched using Ksplice
CVEs: CVE-2022-49014 CVE-2022-49501 CVE-2023-52672 CVE-2024-26886 CVE-2024-26889 CVE-2024-35963 CVE-2024-35965 CVE-2024-35966 CVE-2024-35967 CVE-2024-40914 CVE-2024-41010 CVE-2024-41035 CVE-2024-42068 CVE-2024-42106 CVE-2024-42145 CVE-2024-42265 CVE-2024-42281 CVE-2024-42285 CVE-2024-42286 CVE-2024-42287 CVE-2024-42288 CVE-2024-42289 CVE-2024-42304 CVE-2024-42305 CVE-2024-42315 CVE-2024-43828 CVE-2024-43846 CVE-2024-43853 CVE-2024-43873 CVE-2024-43880 CVE-2024-43884 CVE-2024-44934 CVE-2024-44944 CVE-2024-44983 CVE-2024-44985 CVE-2024-44986 CVE-2024-44987 CVE-2024-44989 CVE-2024-45008 CVE-2024-45016 CVE-2024-45017 CVE-2024-45019 CVE-2024-46717 CVE-2024-46719 CVE-2024-46737 CVE-2024-46745 CVE-2024-46755 CVE-2024-46783 CVE-2024-46787 CVE-2024-46800 CVE-2024-46828 CVE-2024-46830 CVE-2024-46834 CVE-2024-46857 CVE-2024-47668 CVE-2024-47674 CVE-2024-47684 CVE-2024-47685 CVE-2024-47687 CVE-2024-47692 CVE-2024-47706 CVE-2024-47707 CVE-2024-47719 CVE-2024-47739 CVE-2024-47745 CVE-2024-49860 CVE-2024-49878 CVE-2024-49882 CVE-2024-49883 CVE-2024-49884 CVE-2024-49944 CVE-2024-49948 CVE-2024-49952 CVE-2024-49983 CVE-2024-49995 CVE-2024-49996 CVE-2024-50033 CVE-2024-50035 CVE-2024-50036 CVE-2024-50039 CVE-2024-50066 CVE-2024-50126 CVE-2024-50127 CVE-2024-50151 CVE-2024-50152 CVE-2024-50158 CVE-2024-50215 CVE-2024-50220 CVE-2024-50256 CVE-2024-50261 CVE-2024-50278 CVE-2024-50279 CVE-2024-53042 CVE-2024-53057 CVE-2024-53082 CVE-2024-53103 CVE-2024-53117 CVE-2024-53118 CVE-2024-53124 CVE-2024-53139 CVE-2024-53141 CVE-2024-53146 CVE-2024-53164 CVE-2024-53166 CVE-2024-53168 CVE-2024-53173 CVE-2024-53174 CVE-2024-53209 CVE-2024-53213 CVE-2024-56590 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56605 CVE-2024-56613 CVE-2024-56637 CVE-2024-56644 CVE-2024-56664 CVE-2024-57933 CVE-2025-21669 CVE-2025-21699
Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2025-6966.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2025-6966.html
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running RHCK 9 install
these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2022-49014: Denial-of-service in Universal TUN/TAP device driver.
A logic error when using the Universal TUN/TAP device driver could lead
to a use-after-free. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2022-49501: Use-after-free in usbnet driver during device disconnect.
Certain sequences of events can lead to a use-after-free in the usbnet
device driver. An attacker could exploit this flaw to cause a
denial-of-service, or to potentially aid in another type of attack.
* CVE-2023-52672: Denial-of-service when using pipes.
A logic error when resizing pipes while reading it could lead to a
deadlock. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-26886: Denial-of-service in Bluetooth subsystem.
A race condition when using af_bluetooth could lead to a deadlock. A
local attacker could use this flaw to cause a denial-of-service.
* CVE-2024-26889: Out-of-bounds write in core Bluetooth subsystem.
When using the HCIGETDEVINFO ioctl command, a buffer overflow is
possible if the device name is bigger than expected. A remote
attacker can exploit this flaw to cause a denial-of-service or
privilege escalation.
* CVE-2024-35963, CVE-2024-35965, CVE-2024-35966, CVE-2024-35967: Denial-of-service in Bluetooth subsystem.
A missing check in several setsockopt handlers could lead
to an out-of-bounds read in the Bluetooth subsystem. A local
attacker could use this flaw to cause a denial-of-service.
* CVE-2024-40914: Denial-of-service in memory management subsystem.
A missing check when unpoisoning huge zero pages in the memory
management subsystem could lead to a kernel assertion failure.
A local attacker could use this flaw to cause a denial-of-service.
* CVE-2024-41010: Privilege escalation in Ingress/classifier-action Qdisc driver.
A race condition when using the Ingress/classifier-action Qdisc driver
could lead to a use-after-free. A local attacker could use this flaw to
gain root privileges.
* CVE-2024-41035: Denial-of-service in core USB subsystem.
A logic error when using the core USB subsystem could lead to a kernel
oops. A local attacker could use this flaw to cause a denial-of-service.
* CVE-2024-42068: Memory corruption in BPF subsystem.
A missing check when using the bpf() system call could lead to
a memmory mapping with incorrect access rights. A local attacker
could use this flaw to cause a memory corruption or as a step in
another kind of attack.
* CVE-2024-42106: Information leak in socket monitoring interface.
A missing variable initialization when using the socket monitoring
interface could lead to a use of uninitialized memory. A local
attacker could use this flaw to extract sensitive information.
* CVE-2024-42145: Remote denial-of-service in InfiniBand driver.
A logic error when using the InfiniBand driver could lead to resource
exhaustion (uncontrolled resource consumption) when userspace does not
extract MAD packets at the same rate as the attacker is sending. A
remote attacker could use this flaw to cause a denial-of-service.
* CVE-2024-42265: Information leak in file descriptor driver.
A missing check when using the file descriptor driver could lead to
speculative execution. A local attacker could use this flaw to extract
sensitive information.
* CVE-2024-42281: Denial-of-service in core net subsystem.
A logic error when using the BPF functionality could lead to a kernel
oops. A local attacker could use this flaw to cause a denial-of-service.
* CVE-2024-42285: Privilege escalation in InfiniBand driver.
A missing check when using the InfiniBand driver could lead to a use-
after-free. A local attacker could use this flaw to escalate privileges.
* CVE-2024-42286, CVE-2024-42287, CVE-2024-42289: Denial-of-service in QLogic QLA2XXX Fibre Channel driver.
A logic error when using the QLogic QLA2XXX Fibre Channel driver could
lead to a NULL pointer dereference. A local attacker could use this flaw
to cause a denial-of-service.
* CVE-2024-42288: Memory corruption in QLogic QLA2XXX Fibre Channel driver.
There is an incorrect dereference in the firmware handling code of the
QLogic QLA2XXX Fibre Channel driver. A local attacker could use this
flaw to cause memory corruption.
* CVE-2024-42304, CVE-2024-42305: Denial-of-service in ext4 filesystem.
Missing checks when using the ext4 filesystem could lead to a kernel
oops. A local attacker could use this flaw to cause a denial-of-service.
* CVE-2024-42315: Denial-of-service in exFAT filesystem driver.
A locking error when using the exFAT filesystem driver could lead to a
deadlock. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-43828: Denial-of-service in ext4 filesystem driver.
A missing variable initialization when using the ext4 filesystem driver
could lead to an integer overflow. A local attacker could use this flaw
to cause a denial-of-service.
* CVE-2024-43846: Denial-of-service in object aggregation manager.
A missing check when using the objagg driver could lead to a kernel
oops. A local attacker could use this flaw to cause a denial-of-service.
* CVE-2024-43853: Denial-of-service in Cpuset controller driver.
A locking error when using the Cpuset controller driver could lead to a
use-after-free. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-43873: Information leak in vhost driver.
A missing variable initialization when using the vhost driver could lead
to use of uninitialized memory. A local attacker could use this flaw to
extract sensitive information.
* CVE-2024-43880: Denial-of-service in Mellanox Switch ASIC driver.
A logic error when using the Mellanox Switch ASIC driver could lead to
the device becoming unresponsive. A local attacker could use this flaw
to cause a denial-of-service.
* CVE-2024-43884: Denial-of-service in Bluetooth subsystem.
A missing check when using the Bluetooth subsystem could lead to a NULL
pointer dereference. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-44934: Privilege escalation in IGMP/MLD snooping driver.
A race condition when using the IGMP/MLD snooping driver could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.
* CVE-2024-44944: Information leak in netfilter subsystem.
A logic error when using the netfilter subsystem could lead to a partial
address leak to userspace. A local attacker could use this flaw to
extract sensitive information.
* CVE-2024-44983: Remote denial-of-service in Netfilter flow table driver.
A missing check on ingress data in the Netfilter flow table driver could
lead to use of uninitialized memory. A remote attacker could use this
flaw to cause a denial-of-service.
* CVE-2024-44985: Privilege escalation in IPv6 Networking driver.
A locking error when using the IPv6 routes in the Networking driver
could lead to a use-after-free. A local attacker could use this flaw to
escalate privileges.
* CVE-2024-44986: Privilege escalation in IPv6 Networking driver.
A locking error when using the IPv6 Networking driver could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.
* CVE-2024-44987: Privilege escalation in IPv6 networking stack.
A locking error when using the IPv6 networking stack could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.
* CVE-2024-44989: Denial-of-service in Bonding driver.
A missing check when using the Bonding driver could lead to a NULL
pointer dereference. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-45008, CVE-2024-46745: Denial-of-service in user-level input subsystem.
A missing check when using the user-level input subsystem could lead to
an arbitrarily large memory allocation. A local attacker could use this
flaw to cause a denial-of-service.
* CVE-2024-45016: Privilege escalation in network emulator.
An incorrect return status when enqueuing duplicated packets in the
network emulator driver could lead to a use-after-free. A local attacker
could use this flaw to gain root privileges.
* CVE-2024-45017: Denial-of-service in Mellanox devices driver.
A logic error when IPsec creation over a slave device in the Mellanox
devices driver could lead to a deadlock. A local attacker could use this
flaw to cause a denial-of-service.
* CVE-2024-45019: Denial-of-service in Mellanox devices driver.
A locking error when using the Mellanox devices driver could lead to a
deadlock. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-46717: Memory corruption in Mellanox 5th generation network adapters (ConnectX series) Ethernet driver.
A missing check when using the Mellanox 5th generation network adapters
(ConnectX series) Ethernet driver could lead to a use-after-free. A
local attacker could use this flaw to cause memory corruption.
* CVE-2024-46719: Denial-of-service in USB Type-C Connector System Software Interface driver.
An incorrect return status when using USB Type-C UCSI could lead to a NULL pointer
dereference. A local attacker could use this flaw to cause a denial-of-service.
* CVE-2024-46737: Denial-of-service in NVMe over Fabrics TCP target driver.
Incorrect return status checks when using the NVMe over Fabrics TCP
target driver could lead to a NULL pointer dereference. A local attacker
could use this flaw to cause a denial-of-service.
* CVE-2024-46755: Denial-of-service in Marvell WiFi-Ex driver.
A missing check when using the Marvell WiFi-Ex driver could lead to a
NULL pointer dereference. A local attacker could use this flaw to cause
a denial-of-service.
* CVE-2024-46783: Denial-of-service in TCP/IP networking stack.
A logic error when using the TCP/IP networking stack could lead to a
kernel panic. A local attacker could use this flaw to cause a denial-of-
service.
* CVE-2024-46787: Denial-of-service in userfaultfd system call subsystem.
A missing check when using the userfaultfd system call subsystem could
lead to a kernel crash. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-46800: Privilege escalation in network emulator.
Missing update after a packet drop when using the network emulator
could lead to a use-after-free. A local attacker could use this
flaw to escalate privileges.
* CVE-2024-46828: Privilege escalation in Common Applications Kept Enhanced (CAKE) driver.
A logic error when using the Common Applications Kept Enhanced (CAKE)
driver could lead to an out-of-bounds memory access. A local attacker
could use this flaw to escalate privileges.
* CVE-2024-46830: Memory corruption in Kernel-based Virtual Machine (KVM) driver.
A locking error when using the Kernel-based Virtual Machine (KVM) driver
could lead to a use-after-free. A local attacker could use this flaw to
cause memory corruption.
* CVE-2024-46834: Denial-of-service in Ethtool.
Incorrect return status when using the Ethtool could lead to a kernel
crash. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-46857: Denial-of-service in Mellanox devices driver.
A missing check when using the Mellanox devices driver could lead to a
NULL pointer dereference. A local attacker could use this flaw to cause
a denial-of-service.
* CVE-2024-47668: Privilege escalation in core kernel radix tree library.
A race condition when using the core kernel radix tree library could
lead to a use-after-free. A local attacker could use this flaw to
escalate privileges.
* CVE-2024-47674: Privilege escalation in MMU-based Paged Memory Management driver.
A logic error in the MMU-based Paged Memory Management driver could lead
to use of uninitialized memory. A local attacker could use this flaw to
escalate privileges.
* CVE-2024-47684: Denial-of-service in TCP/IP networking driver.
A missing check when using the TCP/IP networking driver could lead to a
NULL pointer dereference. A local attacker could use this flaw to cause
a denial-of-service.
* CVE-2024-47685: Remote information leak in IPv6 packet rejection driver.
A missing check when using the IPv6 packet rejection driver could lead
to use of uninitialized memory. A remote attacker could use this flaw to
extract sensitive information.
* CVE-2024-47687: Denial-of-service in Mellanox VDPA driver.
A missing check when adding a device in the Mellanox VDPA driver could
lead to a NULL pointer dereference. A local attacker could use this flaw
to cause a denial-of-service.
* CVE-2024-47692: Denial-of-service in NFS server driver.
A missing check when using the NFS server driver could lead to a NULL
pointer dereference. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-47706: Privilege escalation in generic block I/O layer.
A missing check when using the generic block I/O layer could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.
* CVE-2024-47707: Denial-of-service in Linux INET6 driver.
A missing check when closing network interface in the Linux INET6 driver
could lead to a NULL pointer dereference. A local attacker could use this flaw
to cause a denial-of-service.
* CVE-2024-47719: Memory corruption in IOMMU driver.
A missing check when using the IOMMU driver could lead to an
out-of-bounds memory access. A local attacker could use this flaw to
cause memory corruption.
* CVE-2024-47739: Denial-of-service in padata subsystem.
A locking error when using the padata subsystem could lead to a deadlock.
A local attacker could use this flaw to cause a denial-of-service.
* CVE-2024-47745: Memory corruption in Memory Management subsystem.
A missing check when using the Memory Management subsystem could lead to
LSM security check bypass. A local attacker could use this flaw to cause
memory corruption.
* CVE-2024-49860: Information leak in ACPI driver.
A missing check when using the ACPI driver could lead to an
out-of-bounds memory read. A local attacker could use this flaw to
extract sensitive information.
* CVE-2024-49878: Information leak in kernel resource manager with CXL memory.
A logic error in the kernel resource manager when CXL memory is in use
could lead to accessing normally restricted part of the memory. A local
attacker could use this flaw to leak sensitive information.
* CVE-2024-49882: Code execution in ext4 filesystem.
A logic error in the ext4 filesystem could lead to a double free. A
local attacker could use this flaw to execute arbitrary code in kernel
mode.
* CVE-2024-49883: Privilege escalation in ext4 filesystem.
A logic error when using the ext4 filesystem could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.
* CVE-2024-49884: Privilege escalation in EXT4 filesystem driver.
A logic error when adding extent in the EXT4 filesystem driver could
lead to a use-after-free. A local attacker could use this flaw to
escalate privileges.
* CVE-2024-49944: Denial-of-service in SCTP Protocol driver.
A missing check when listening on a socket in the SCTP Protocol driver
could lead to a NULL pointer dereference. A local attacker could use
this flaw to cause a denial-of-service.
* CVE-2024-49948: Denial-of-service in core networking layer.
Missing checks on maliciously crafted packets from userspace could
cause an underflow leading to a NULL pointer dereference. A local
attacker could use this flaw to cause a denial-of-service.
* CVE-2024-49952: Denial-of-service in netfilter packet duplicator.
A logic error when using the netfilter packet duplicator could lead to a
kernel oops. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-49983: Privilege escalation in EXT4 filesystem driver.
A logic error when using fast commit feature of the EXT4 filesystem
driver could lead to a use-after-free. A local attacker could use this
flaw to escalate privileges.
* CVE-2024-49995: Privilege escalation in TIPC Protocol driver.
A logic error when setting TIPC bearer name in the TIPC Protocol driver
could lead to an out-of-bounds memory access. A local attacker could use
this flaw to escalate privileges.
* CVE-2024-49996: Privilege escalation in SMB3 and CIFS driver.
A missing check when parsing NFS reparse points in the SMB3 and CIFS
driver could lead to an out-of-bounds memory access. A remote attacker
could use this flaw to escalate privileges.
* CVE-2024-50033: Privilege escalation in SLHC driver.
A logic error when using the Van Jacobson TCP/IP Serial Line Header
Compression (SLHC) driver could lead to an out-of-bounds memory access.
A local attacker could use this flaw to escalate privileges.
* CVE-2024-50035: Information leak in PPP (point-to-point protocol) networking stack.
A missing check when transmitting using the PPP networking stack could
lead to use of uninitialized memory. A local attacker could use this
flaw to extract sensitive information.
* CVE-2024-50036: Privilege escalation in Networking driver.
A logic error when using the Networking driver could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.
* CVE-2024-50039: Denial-of-service in network QoS/scheduling driver.
A missing check when using the network QoS/scheduling driver could lead
to a NULL pointer dereference. A local attacker could use this flaw to
cause a denial-of-service.
* CVE-2024-50066: Privilege escalation in Memory Management subsystem.
A race condition when using the Memory Management subsystem could lead
to page directory corruption. A local attacker could use this flaw to
escalate privileges.
* CVE-2024-50126: Information leak in Time Aware Priority (taprio) Scheduler driver.
A locking error when using the Time Aware Priority (taprio) Scheduler
driver could lead to a use-after-free. A local attacker could use this
flaw to extract sensitive information.
* CVE-2024-50127: Denial-of-service in Time Aware Priority (taprio) Scheduler driver.
A race condition when using the Time Aware Priority (taprio) Scheduler
driver could lead to a use-after-free. A local attacker could use this
flaw to cause a denial-of-service.
* CVE-2024-50151: Privilege escalation in SMB3 and CIFS driver.
A missing check when using the SMB3 and CIFS driver could lead to an
out-of-bounds memory access. A local attacker could use this flaw to
escalate privileges.
* CVE-2024-50152: Memory corruption in SMB3 and CIFS filesystem driver.
A double free error when using the SMB3 and CIFS filesystem driver could
lead to a use-after-free. A local attacker could use this flaw to cause
memory corruption.
* CVE-2024-50158: Memory corruption in Broadcom Netxtreme HCA driver.
A missing check when using the Broadcom Netxtreme HCA driver could lead
to an out-of-bounds memory write. A local attacker could use this flaw
to cause memory corruption.
* CVE-2024-50215: Privilege escalation in NVMe over Fabrics In-band Authentication driver.
A logic error when using the NVMe over Fabrics In-band Authentication
driver could lead to double free. A local attacker could use this flaw
to escalate privileges.
* CVE-2024-50220: Information leak in userfaultfd driver.
A logic error when using the userfaultfd driver could lead
to an inconsistent memory access permissions. A local attacker
could use this flaw to extract sensitive information and as a step
in another kind of attacks.
* CVE-2024-50256: Denial-of-service in IPv6 packet rejection driver.
A logic error when using the IPv6 packet rejection driver could lead to
a kernel assertion failure. A local attacker could use this flaw to
cause a denial-of-service.
* CVE-2024-50261: Privilege escalation in IEEE 802.1AE MAC-level encryption (MACsec) driver.
A logic error when using the IEEE 802.1AE MAC-level encryption (MACsec)
driver could lead to a use-after-free. A local attacker could use this
flaw to escalate privileges.
* CVE-2024-50278, CVE-2024-50279: Privilege escalation in Multiple Device Cache Target driver.
Logic errors when manipulating cache in the Multiple Device Cache Target
driver could lead to an out-of-bounds memory access. A local attacker
could use this flaw to escalate privileges.
* CVE-2024-53042: Denial-of-service in IP tunneling subsystem.
A race condition when using ip tunnels could lead to a kernel oops. A local
attacker could use this flaw to cause a denial-of-service.
* CVE-2024-53057: Privilege escalation in network QoS/scheduling driver.
A logic error when using the network QoS/scheduling driver could lead to
a use-after-free. A local attacker could use this flaw to escalate
privileges.
* CVE-2024-53082: Information leak in Virtio network driver.
A missing check when using the Virtio network driver could lead to an
out-of-bounds memory access. An attacker could use this flaw to
extract sensitive information.
* CVE-2024-53103: Privilege escalation in Virtual Socket protocol driver.
A missing variable initialization when destroying socket in the Virtual
Socket protocol driver could lead to a use-after-free. A local attacker
could use this flaw to escalate privileges.
* CVE-2024-53117, CVE-2024-53118: Denial-of-service in Virtual Socket protocol driver.
Incorrect reference counting when using the Virtual Socket protocol
driver could lead to a memory leak. A local attacker could use this flaw
to cause a denial-of-service.
* CVE-2024-53124: Denial-of-service in IPv6 Networking driver.
A missing check when destroying a socket in the IPv6 Networking driver
could lead to a memory leak. A local attacker could use this flaw to
cause a denial-of-service.
* CVE-2024-53139: Privilege escalation in SCTP protocol driver.
A locking error when using the SCTP protocol driver could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.
* CVE-2024-53141: Privilege escalation in netfilter (IP set) subsystem.
A missing check when updating the bitmap for IP addresses in the
netfilter (IP set) subsystem could lead to an out-of-bounds memory
access. A local attacker could use this flaw to escalate privileges.
* CVE-2024-53146: Information leak in NFS server driver.
A logic error when using the NFS server driver could lead to an
out-of-bounds memory access. A local attacker could use this flaw to
extract sensitive information.
* CVE-2024-53164: Privilege escalation in CAKE network scheduler.
A logic error when using the Common Applications Kept Enhanced (CAKE)
network scheduler could lead to a use-after-free. A local attacker could
use this flaw to escalate privileges.
* CVE-2024-53166: Memory corruption in BFQ I/O scheduler subsystem.
A locking error when using the BFQ I/O scheduler subsystem could lead to
a use-after-free. A local attacker could use this flaw to cause memory
corruption.
* CVE-2024-53168: Memory corruption in SUNRPC networking stack.
Incorrect reference counting when using the SUNRPC networking stack
could lead to a use-after-free. A local attacker could use this flaw to
cause memory corruption.
* CVE-2024-53173: Privilege escalation in NFS client driver.
A logic error when opening multiple files concurrently in the NFS client
driver could lead to a use-after-free. A local attacker could use this
flaw to escalate privileges.
* CVE-2024-53174: Privilege escalation in SUNRPC networking stack.
A missing check when using the SUNRPC networking stack could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.
* CVE-2024-53209: Denial-of-service in Broadcom NetXtreme-C/E driver.
A logic error when using the Broadcom NetXtreme-C/E driver could lead to
an out-of-bounds memory access. A local attacker could use this flaw to
cause a denial-of-service.
* CVE-2024-53213: Privilege escalation in Microchip LAN78XX Based USB Ethernet Adapters driver.
A logic error when using the Microchip LAN78XX Based USB Ethernet
Adapters driver could lead to double free. A local attacker could use
this flaw to escalate privileges.
* CVE-2024-56590: Privilege escalation in Bluetooth subsystem driver.
A logic error when using the Bluetooth subsystem driver could lead to an
out-of-bounds memory access. A local attacker could use this flaw to
escalate privileges.
* CVE-2024-56600: Privilege escalation in Networking subsystem.
A missing variable initialization when creating a socket fails in the
Networking subsystem could lead to a use-after-free. A local attacker
could use this flaw to escalate privileges.
* CVE-2024-56601: Privilege escalation in TCP/IP networking driver.
A missing variable initialization when creating a socket fails in the
TCP/IP networking driver could lead to a use-after-free. A local
attacker could use this flaw to escalate privileges.
* CVE-2024-56602: Privilege escalation in IEEE Std 802.15.4 Low-Rate Wireless Personal Area Networks driver.
A missing variable initialization when creating a socket fails in the
IEEE Std 802.15.4 Low-Rate Wireless Personal Area Networks driver could
lead to a use-after-free. A local attacker could use this flaw to
escalate privileges.
* CVE-2024-56605: Privilege escalation in Bluetooth subsystem driver.
A missing variable initialization when creating a l2cap socket fails in
the Bluetooth subsystem driver could lead to a use-after-free. A local
attacker could use this flaw to escalate privileges.
* CVE-2024-56613: Denial-of-service in CFS scheduler.
A race condition when using the CFS scheduler could lead to a memory
leak. A local attacker could use this flaw to cause a denial-of-service.
* CVE-2024-56637: Denial-of-service in netfilter (IP set) subsystem.
A logic error when using the netfilter (IP set) subsystem could lead to
a kernel crash. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-56644: Remote denial-of-service in IPv6 networking stack.
Incorrect reference counting when using the IPv6 networking stack could
lead to a memory leak. A remote attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-56664: Privilege escalation in bpf() system call driver.
A race condition when using the bpf() system call driver could lead to
a use-after-free. A local attacker could use this flaw to escalate
privileges.
* CVE-2024-57933: Denial-of-service in Google Virtual NIC (gVNIC) driver.
A missing check when using the Google Virtual NIC (gVNIC) driver could
lead to a NULL pointer dereference. A local attacker could use this flaw
to cause a denial-of-service.
* CVE-2025-21669: Denial-of-service in Virtual Socket protocol driver.
A logic error when using the Virtual Socket protocol driver could lead
to a NULL pointer dereference. A local attacker could use this flaw to
cause a denial-of-service.
* CVE-2025-21699: Disk corruption in GFS2 filesystem.
There is a logic error in the GFS2 filesystem code's handling of the
FS_IOC_SETFLAGS ioctl call, which sets the flags for an inode and is
used by the `chattr` command. A local attacker could use this flaw to
cause disk corruption.
This update fixes the logic error so the handling is fixed and later
usage of the ioctl results in correct behaviour, but doesn't actively
attempt to fix the existing filesystem inodes.
* Note: Oracle has determined some CVEs are not applicable.
The kernel is not affected by the following CVEs
since the code under consideration is not compiled.
CVE-2021-47654, CVE-2022-34494, CVE-2022-34495, CVE-2022-3649
CVE-2022-48674, CVE-2022-48897, CVE-2022-49747, CVE-2022-49778
CVE-2022-49804, CVE-2023-3269, CVE-2023-52608, CVE-2023-52670
CVE-2023-52860, CVE-2023-6270, CVE-2024-26850, CVE-2024-26888
CVE-2024-26898, CVE-2024-27408, CVE-2024-27409, CVE-2024-34030
CVE-2024-34777, CVE-2024-35893, CVE-2024-35917, CVE-2024-35934
CVE-2024-35975, CVE-2024-38563, CVE-2024-38568, CVE-2024-38569
CVE-2024-38572, CVE-2024-38603, CVE-2024-39277, CVE-2024-40938
CVE-2024-40942, CVE-2024-40979, CVE-2024-40991, CVE-2024-41072
CVE-2024-42074, CVE-2024-42075, CVE-2024-42089, CVE-2024-42161
CVE-2024-42253, CVE-2024-42293, CVE-2024-42298, CVE-2024-42318
CVE-2024-43818, CVE-2024-43823, CVE-2024-43824, CVE-2024-43840
CVE-2024-43841, CVE-2024-43847, CVE-2024-43875, CVE-2024-43876
CVE-2024-43881, CVE-2024-43883, CVE-2024-44953, CVE-2024-45002
CVE-2024-45029, CVE-2024-46707, CVE-2024-46761, CVE-2024-46797
CVE-2024-46827, CVE-2024-46843, CVE-2024-46849, CVE-2024-47681
CVE-2024-47712, CVE-2024-47714, CVE-2024-47731, CVE-2024-49931
CVE-2024-49962, CVE-2024-49982, CVE-2024-49987, CVE-2024-50098
CVE-2024-50103, CVE-2024-50104, CVE-2024-50105, CVE-2024-50114
CVE-2024-50139, CVE-2024-50176, CVE-2024-50188, CVE-2024-50203
CVE-2024-50292, CVE-2024-53053, CVE-2024-53067, CVE-2024-53069
CVE-2024-53077, CVE-2024-53134, CVE-2024-53152, CVE-2024-53161
CVE-2024-53188, CVE-2024-53191, CVE-2024-53195, CVE-2024-53196
CVE-2024-53199, CVE-2024-53210, CVE-2024-53225, CVE-2024-53232
CVE-2024-55639, CVE-2024-56541, CVE-2024-56543, CVE-2024-56621
CVE-2024-56624, CVE-2024-56650, CVE-2024-56677, CVE-2024-56678
CVE-2024-56679, CVE-2024-56707, CVE-2024-56725, CVE-2024-56726
CVE-2024-56727, CVE-2024-56728, CVE-2024-56765, CVE-2024-57809
CVE-2024-57838, CVE-2024-57852, CVE-2024-57885, CVE-2024-57893
CVE-2024-58084, CVE-2025-21663, CVE-2025-21668, CVE-2025-21713
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the El-errata
mailing list