[El-errata] ELSA-2025-20632 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Sep 26 08:28:48 UTC 2025


Oracle Linux Security Advisory ELSA-2025-20632

http://linux.oracle.com/errata/ELSA-2025-20632.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.347.6.2.el7uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.347.6.2.el7uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.347.6.2.el7uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.347.6.2.el7uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.347.6.2.el7uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.347.6.2.el7uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.347.6.2.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2136.347.6.2.el7uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-5.4.17-2136.347.6.2.el7uek.src.rpm

Related CVEs:

CVE-2025-38494
CVE-2025-38495
CVE-2025-38499
CVE-2025-38618




Description of changes:

[5.4.17-2136.347.6.2.el7uek]
- clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (Al Viro)  [Orabug: 38453918]  {CVE-2025-38499}
- vsock: Do not allow binding to VMADDR_PORT_ANY (Budimir Markovic)  [Orabug: 38453914]
- HID: core: ensure the allocated report buffer can contain the reserved report ID (Benjamin Tissoires)  [Orabug: 38453908]
- HID: core: do not bypass hid_hw_raw_request (Benjamin Tissoires)  [Orabug: 38453904]




More information about the El-errata mailing list