[El-errata] New Ksplice updates for UEKR6 5.4.17 on OL7 and OL8 (ELSA-2025-20663)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Wed Oct 22 11:54:25 UTC 2025 

Synopsis: ELSA-2025-20663 can now be patched using Ksplice
CVEs: CVE-2023-52572 CVE-2023-53259 CVE-2024-26958 CVE-2024-53237 CVE-2025-37798 CVE-2025-38102 CVE-2025-38177 CVE-2025-38193 CVE-2025-38211 CVE-2025-38245 CVE-2025-38375 CVE-2025-38387 CVE-2025-38403 CVE-2025-38445 CVE-2025-38457 CVE-2025-38464 CVE-2025-38468 CVE-2025-38473 CVE-2025-38477 CVE-2025-38569 CVE-2025-38572 CVE-2025-38608 CVE-2025-38617 CVE-2025-38639 CVE-2025-38664 CVE-2025-38708 CVE-2025-38718 CVE-2025-38729 CVE-2025-39676 CVE-2025-39691 CVE-2025-39730 CVE-2025-39756 CVE-2025-39757 CVE-2025-39782 CVE-2025-39812

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2025-20663.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2025-20663.html

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR6 5.4.17 on
OL7 and OL8 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2023-52572: Use-after-free in CIFS driver.

* CVE-2023-53259, CVE-2025-38102: Race condition in VMware VMCI driver.

* CVE-2024-26958: Denial-of-service in NFS client driver.

A race condition in NFS client driver could lead to a use-after-free. A local
attacker could use this flaw to cause a denial-of-service.


* CVE-2024-53237: Use-after-free in Bluetooth subsystem.

* CVE-2025-37798, CVE-2025-38177: Use-after-free in Fair-Queue Controlled-Delay packet scheduler.

* CVE-2025-38193: Integer overflow in Stochastic Fairness Queueing (SFQ) driver.

* CVE-2025-38211: Use-after-free in InfiniBand driver.

* CVE-2025-38245: Race condition in ATM networking stack.

* CVE-2025-38375: Out-of-bounds memory access in Virtio network driver.

* CVE-2025-38387: Null pointer dereference in Mellanox MLX5 InfiniBand driver.

* CVE-2025-38403: Use of uninitialized memory in Virtual Socket protocol driver.

* CVE-2025-38445: Kernel panic in RAID-1 (mirroring) mode driver.

* CVE-2025-38457: Null pointer dereference in QoS and/or fair queueing driver.

* CVE-2025-38464: Use-after-free in TIPC Protocol driver.

* CVE-2025-38468: Kernel oops in Hierarchical Token Bucket network scheduler.

* CVE-2025-38473: Null pointer dereference in Bluetooth subsystem.

* CVE-2025-38477: Use-after-free in Quick Fair Queueing scheduler (QFQ) driver.

* CVE-2025-38569: Kernel oops in BladeEngine NIC driver.

* CVE-2025-38572: Out-of-bounds memory access in IPv6 networking stack.

* CVE-2025-38608: Use of uninitialized memory in Transport Layer Security driver.

* CVE-2025-38617: Racing in raw-packet protocol stack.

* CVE-2025-38639: Out-of-bounds memory access in Netfilter driver.

* CVE-2025-38664: Null pointer dereference in Intel(R) Ethernet Connection E800 Series driver.

* CVE-2025-38708: Remote use-after-free in Distributed Replicated Block Device driver.

* CVE-2025-38718: Use of uninitialized memory in SCTP Protocol driver.

* CVE-2025-38729, CVE-2025-39757: Out-of-bounds memory access in USB Audio/MIDI driver.

* CVE-2025-39676: Invalid pointer dereference in QLogic ISP4XXX and ISP82XX host adapter family driver.

* CVE-2025-39691: Use-after-free in core filesystem layer.

* CVE-2025-39730: Out-of-bounds memory access in NFS client driver.

* CVE-2025-39756: Kernel assertion failure in core filesystem layer.

* CVE-2025-39782: Soft lockup in JBD2 filesystem.

* CVE-2025-39812: Use of uninitialized memory in IPv6 networking stack.

* Out-of-bounds memory access in HID bus driver.

* Unnecessary lock contention in HugeTLB filesystem.

Orabug: 38459576


* Note: Oracle has determined some CVEs are not applicable.

The kernel is not affected by the following CVEs
since the code under consideration is not compiled.

CVE-2025-38226, CVE-2025-38230, CVE-2025-38262, CVE-2025-38347,
CVE-2025-38371, CVE-2025-38377, CVE-2025-38401, CVE-2025-38478,
CVE-2025-38480, CVE-2025-38481, CVE-2025-38482, CVE-2025-38483,
CVE-2025-38487, CVE-2025-38514, CVE-2025-38529, CVE-2025-38530,
CVE-2025-38538, CVE-2025-38542, CVE-2025-38577, CVE-2025-38578,
CVE-2025-38581, CVE-2025-38630, CVE-2025-38635, CVE-2025-38650,
CVE-2025-38652, CVE-2025-38663, CVE-2025-38666, CVE-2025-38677,
CVE-2025-38687, CVE-2025-38696, CVE-2025-38697, CVE-2025-38698,
CVE-2025-38712, CVE-2025-38713, CVE-2025-38714, CVE-2025-38715,
CVE-2025-39709, CVE-2025-39710, CVE-2025-39736, CVE-2025-39737,
CVE-2025-39743, CVE-2025-39752, CVE-2025-39766, CVE-2025-39783,
CVE-2025-39794


SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://oss.oracle.com/pipermail/el-errata/attachments/20251022/79804235/attachment.sig>

More information about the El-errata mailing list