[El-errata] New Ksplice updates for UEKR8 6.12.0 on OL9 and OL10 (ELSA-2025-20480)

Wed Oct 1 09:29:47 UTC 2025

Synopsis: ELSA-2025-20480 can now be patched using Ksplice
CVEs: CVE-2018-3646 CVE-2025-23155 CVE-2025-37953 CVE-2025-37954 CVE-2025-37961 CVE-2025-37992 CVE-2025-38000 CVE-2025-38001 CVE-2025-38018 CVE-2025-38020 CVE-2025-38022 CVE-2025-38035 CVE-2025-38051 CVE-2025-38058 CVE-2025-38068 CVE-2025-38073 CVE-2025-38075 CVE-2025-38079 CVE-2025-38083 CVE-2025-38084 CVE-2025-38085 CVE-2025-38086 CVE-2025-38087 CVE-2025-38089 CVE-2025-38097 CVE-2025-38107 CVE-2025-38108 CVE-2025-38109 CVE-2025-38110 CVE-2025-38111 CVE-2025-38112 CVE-2025-38115 CVE-2025-38120 CVE-2025-38124 CVE-2025-38146 CVE-2025-38147 CVE-2025-38154 CVE-2025-38184 CVE-2025-38190 CVE-2025-38193 CVE-2025-38194 CVE-2025-38197 CVE-2025-38208 CVE-2025-38211 CVE-2025-38212 CVE-2025-38220 CVE-2025-38222 CVE-2025-38231 CVE-2025-38236 CVE-2025-38245 CVE-2025-38251 CVE-2025-38263 CVE-2025-38264 CVE-2025-38305 CVE-2025-38310 CVE-2025-38328 CVE-2025-38332 CVE-2025-38334 CVE-2025-38342 CVE-2025-38350 CVE-2025-38352 CVE-2025-38364 CVE-2025-38417 CVE-2025-38430 CVE-2025-38498

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2025-20480.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2025-20480.html

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR8 6.12.0 on
OL9 and OL10 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* CVE-2025-23155: Out-of-bounds memory access in STMicroelectronics Multi-Gigabit Ethernet driver.

* CVE-2025-37953: Null pointer dereference in Hierarchical Token Bucket (HTB) driver.

* CVE-2025-37954: Memory leak in SMB/CIFS client driver.

* CVE-2025-37961: Use of uninitialized memory in IP virtual server driver.

* CVE-2025-37992: Null pointer dereference in Fair Queue driver.

* CVE-2025-38000: Use-after-free in Hierarchical Fair Service Curve (HFSC) driver.

* CVE-2025-38001: Use-after-free in HFSC network scheduler.

* CVE-2025-38018: Null pointer dereference in Transport Layer Security driver.

* CVE-2025-38020: Null pointer dereference in Mellanox 5th generation network adapters (ConnectX series) Ethernet driver.

* CVE-2025-38022: Use-after-free in InfiniBand driver.

* CVE-2025-38035: Null pointer dereference in NVMe Target subsystem.

* CVE-2025-38051: Use-after-free in SMB/CIFS client driver.

* CVE-2025-38058: Reference count leak in namespace management code.

* CVE-2025-38068: Out-of-bounds memory access in LZO compression algorithm driver.

* CVE-2025-38073: Kernel crash in Zoned block device driver.

* CVE-2025-38075: Null pointer dereference in iSCSI Target Mode Stack driver.

* CVE-2025-38079: Use-after-free in hash algorithms interface layer.

* CVE-2025-38083, CVE-2025-38108: Integer underflow in multiple network schedulers.

* CVE-2025-38084, CVE-2025-38085: Race condition in Transparent Hugepage driver.

* CVE-2025-38086: Use of uninitialized memory in QingHeng CH9200 USB ethernet driver.

* CVE-2025-38087: Use-after-free in Time Aware Priority (taprio) Scheduler driver.

* CVE-2025-38089: Kernel crash in SUNRPC subsystem.

Orabug: 38178286

* CVE-2025-38097: Reference count leak in XFRM.

* CVE-2025-38107: Integer overflow in Enhanced transmission selection scheduler (ETS).

* CVE-2025-38109: Use-after-free in Mellanox Technologies MLX5 SRIOV E-Switch driver.

* CVE-2025-38110: Out-of-bounds memory access in MDIO Bus interface.

* CVE-2025-38111: Out-of-bounds memory usage in MDIO bus driver.

* CVE-2025-38112: Null pointer dereference in TCP/IP networking driver.

* CVE-2025-38115: Null-pointer dereference in Stochastic Fairness Queueing (SFQ) network scheduler.

* CVE-2025-38120: Memory disclosure in Netfilter driver.

* CVE-2025-38124: Kernel oops in TCP/IP networking driver.

* CVE-2025-38146: Soft lockup in Open vSwitch driver.

* CVE-2025-38147: Null-pointer dereference in NetLabel subsystem.

* CVE-2025-38154: Kernel panic in Networking driver.

* CVE-2025-38184: Null-pointer dereference in TIPC IP/UDP driver.

* CVE-2025-38190: Memory leak in ATM networking stack.

* CVE-2025-38193: Integer overflow in Stochastic Fairness Queueing (SFQ) driver.

* CVE-2025-38194, CVE-2025-38328: Logic error in Journalling Flash File System v2 (JFFS2) driver.

* CVE-2025-38197: Null pointer dereference in BIOS update driver for DELL systems.

* CVE-2025-38208: Null pointer dereference in SMB/CIFS client driver.

* CVE-2025-38211: Use-after-free in InfiniBand driver.

* CVE-2025-38212: Use-after-free in System V IPC driver.

* CVE-2025-38220: Null pointer dereference in ext4 filesystem driver.

* CVE-2025-38222: Integer overflow in ext4 filesystem.

* CVE-2025-38231: Null pointer dereference in NFS server driver.

* CVE-2025-38236: Out-of-bounds memory access in Unix domain sockets driver.

* CVE-2025-38245: Race condition in ATM networking stack.

* CVE-2025-38251: Kernel crash in Classical IP over ATM driver.

* CVE-2025-38263: Null pointer dereference in Block device as cache driver.

* CVE-2025-38264: Kernel crash in NVM Express over Fabrics TCP driver.

* CVE-2025-38305: Deadlock in Precision Time Protocol (PTP) driver.

* CVE-2025-38310: Out-of-bounds memory access in IPv6 Segment Routing Header encapsulation driver.

* CVE-2025-38332: Kernel panic in Emulex LightPulse Fibre Channel driver.

* CVE-2025-38334: Kernel panic in Software Guard eXtensions (SGX) driver.

* CVE-2025-38342: Out-of-bounds memory access in software node component.

* CVE-2025-38350: Use-after-free in Packet Scheduler subsystem.

Orabug: 38217337

* CVE-2025-38352: Missing check in POSIX clock/timer driver.

* CVE-2025-38364: Null pointer dereference in Maple Tree implementation.

* CVE-2025-38417: Memory leak in Switchdev driver.

* CVE-2025-38430: Remote kernel crash in NFSv4 server driver.

* CVE-2025-38498: Logic error in core filesystem layer.

* Improved fix for CVE-2018-3646: L1 Terminal Fault Reloaded.

* Information leak on x86 CPUs (VMScape).

Orabug: 38343659

* Note: Oracle has determined some CVEs are not applicable.

The kernel is not affected by the following CVEs
since the code under consideration is not compiled.

CVE-2025-22102, CVE-2025-22123, CVE-2025-37947, CVE-2025-37951,
CVE-2025-37952, CVE-2025-37956, CVE-2025-37962, CVE-2025-37969,
CVE-2025-37970, CVE-2025-37971, CVE-2025-37972, CVE-2025-37999,
CVE-2025-38005, CVE-2025-38016, CVE-2025-38019, CVE-2025-38027,
CVE-2025-38033, CVE-2025-38043, CVE-2025-38054, CVE-2025-38065,
CVE-2025-38069, CVE-2025-38082, CVE-2025-38092

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.