[El-errata] ELSA-2025-15011 Important: Oracle Linux 9 kernel security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Sep 4 08:35:50 UTC 2025 

Oracle Linux Security Advisory ELSA-2025-15011

http://linux.oracle.com/errata/ELSA-2025-15011.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-abi-stablelists-5.14.0-570.39.1.0.1.el9_6.noarch.rpm
kernel-core-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-cross-headers-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-debug-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-debug-core-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-debug-devel-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-debug-devel-matched-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-debug-modules-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-debug-modules-core-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-debug-modules-extra-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-debug-uki-virt-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-devel-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-devel-matched-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-doc-5.14.0-570.39.1.0.1.el9_6.noarch.rpm
kernel-headers-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-modules-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-modules-core-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-modules-extra-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-tools-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-tools-libs-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-tools-libs-devel-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-uki-virt-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
kernel-uki-virt-addons-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
libperf-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
perf-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
python3-perf-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
rtla-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm
rv-5.14.0-570.39.1.0.1.el9_6.x86_64.rpm

aarch64:
kernel-cross-headers-5.14.0-570.39.1.0.1.el9_6.aarch64.rpm
kernel-headers-5.14.0-570.39.1.0.1.el9_6.aarch64.rpm
kernel-tools-5.14.0-570.39.1.0.1.el9_6.aarch64.rpm
kernel-tools-libs-5.14.0-570.39.1.0.1.el9_6.aarch64.rpm
kernel-tools-libs-devel-5.14.0-570.39.1.0.1.el9_6.aarch64.rpm
libperf-5.14.0-570.39.1.0.1.el9_6.aarch64.rpm
perf-5.14.0-570.39.1.0.1.el9_6.aarch64.rpm
python3-perf-5.14.0-570.39.1.0.1.el9_6.aarch64.rpm
rtla-5.14.0-570.39.1.0.1.el9_6.aarch64.rpm
rv-5.14.0-570.39.1.0.1.el9_6.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/kernel-5.14.0-570.39.1.0.1.el9_6.src.rpm

Related CVEs:

CVE-2025-37823
CVE-2025-38200
CVE-2025-38211
CVE-2025-38350
CVE-2025-38461
CVE-2025-38464
CVE-2025-38500




Description of changes:

[5.14.0-570.39.1.0.1.el9_6.OL9]
- nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985764]

[5.14.0-570.39.1.el9_6]
- xfrm: interface: fix use-after-free after changing collect_md xfrm interface (CKI Backport Bot) [RHEL-109529] {CVE-2025-38500}
- Merge: net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response [rhel-9.6.z] (Maxim Levitsky) [RHEL-58904]
- s390/pci: Serialize device addition and removal (Mete Durlu) [RHEL-102036]
- s390/pci: Allow re-add of a reserved but not yet removed device (Mete Durlu) [RHEL-102036]
- s390/pci: Prevent self deletion in disable_slot() (Mete Durlu) [RHEL-102036]
- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (Mete Durlu) [RHEL-102036]
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (Thomas Huth) [RHEL-102036] {CVE-2025-37946}
- s390/pci: Fix missing check for zpci_create_device() error return (Mete Durlu) [RHEL-102036] {CVE-2025-37974}
- s390/pci: Fix potential double remove of hotplug slot (Thomas Huth) [RHEL-102036] {CVE-2024-56699}
- s390/pci: remove hotplug slot when releasing the device (Thomas Huth) [RHEL-102036]
- s390/pci: introduce lock to synchronize state of zpci_dev's (Thomas Huth) [RHEL-102036]
- s390/pci: rename lock member in struct zpci_dev (Thomas Huth) [RHEL-102036]
- net/sched: Abort __tc_modify_qdisc if parent class does not exist (CKI Backport Bot) [RHEL-107895]
- i40e: report VF tx_dropped with tx_errors instead of tx_discards (Dennis Chen) [RHEL-105137]
- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (Mete Durlu) [RHEL-94815]
- s390/pci: Fix handling of isolated VFs (CKI Backport Bot) [RHEL-85387]
- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (CKI Backport Bot) [RHEL-85387]
- s390/pci: Fix SR-IOV for PFs initially in standby (CKI Backport Bot) [RHEL-85387]
- tipc: Fix use-after-free in tipc_conn_close(). (CKI Backport Bot) [RHEL-106651] {CVE-2025-38464}
- Revert "smb: client: fix TCP timers deadlock after rmmod" (Paulo Alcantara) [RHEL-106415] {CVE-2025-22077}
- Revert "smb: client: Fix netns refcount imbalance causing leaks and use-after-free" (Paulo Alcantara) [RHEL-106415]
- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (Paulo Alcantara) [RHEL-106415]
- watchdog/perf: properly initialize the turbo mode timestamp and rearm counter (David Arcari) [RHEL-103555]

[5.14.0-570.38.1.el9_6]
- net/sched: ets: use old 'nbands' while purging unused classes (CKI Backport Bot) [RHEL-107537] {CVE-2025-38350}
- net/sched: Always pass notifications when child class becomes empty (Ivan Vecera) [RHEL-93387] {CVE-2025-38350}
- net_sched: ets: fix a race in ets_qdisc_change() (Ivan Vecera) [RHEL-107537] {CVE-2025-38107}
- sch_htb: make htb_deactivate() idempotent (Ivan Vecera) [RHEL-93387] {CVE-2025-37953}
- codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (Ivan Vecera) [RHEL-93387] {CVE-2025-37798}
- sch_qfq: make qfq_qlen_notify() idempotent (Ivan Vecera) [RHEL-93387] {CVE-2025-38350}
- sch_drr: make drr_qlen_notify() idempotent (Ivan Vecera) [RHEL-93387] {CVE-2025-38350}
- sch_htb: make htb_qlen_notify() idempotent (Ivan Vecera) [RHEL-93387] {CVE-2025-37932}
- net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (CKI Backport Bot) [RHEL-107630] {CVE-2025-37823}
- i40e: fix MMIO write access to an invalid page in i40e_clear_hw (CKI Backport Bot) [RHEL-106046] {CVE-2025-38200}
- vsock: Fix transport_* TOCTOU (CKI Backport Bot) [RHEL-106003] {CVE-2025-38461}
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (CKI Backport Bot) [RHEL-104273] {CVE-2025-38211}

More information about the El-errata mailing list