[El-errata] ELSA-2026-50299 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Jun 4 09:55:35 UTC 2026
Oracle Linux Security Advisory ELSA-2026-50299
http://linux.oracle.com/errata/ELSA-2026-50299.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
kernel-uek-5.4.17-2136.356.4.1.el8uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.356.4.1.el8uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.356.4.1.el8uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.356.4.1.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.356.4.1.el8uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.356.4.1.el8uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.356.4.1.el8uek.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.356.4.1.el8uek.src.rpm
Related CVEs:
CVE-2025-54518
CVE-2026-23193
CVE-2026-23216
CVE-2026-31402
CVE-2026-43284
CVE-2026-43503
CVE-2026-46300
CVE-2026-46333
Description of changes:
[5.4.17-2136.356.4.1]
- smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada) [Orabug: 39463669]
[5.4.17-2136.356.4]
- tun: free page on build_skb failure in tun_xdp_one() (Weiming Shi) [Orabug: 39429147]
- tap: free page on error paths in tap_get_user_xdp() (Weiming Shi) [Orabug: 39429147]
- tun: free page on short-frame rejection in tun_xdp_one() (Weiming Shi) [Orabug: 39429147]
[5.4.17-2136.356.3]
- ptrace: slightly saner 'get_dumpable()' logic (Linus Torvalds) [Orabug: 39384275,39391459] {CVE-2026-46333}
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim) [Orabug: 39368828,39441326] {CVE-2026-43503,CVE-2026-46300}
- net: skbuff: preserve shared-frag marker during coalescing (William Bowling) [Orabug: 39368828] {CVE-2026-46300}
[5.4.17-2136.356.2]
- nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Jeff Layton) [Orabug: 39167617,39368718] {CVE-2026-31402}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (Maurizio Lombardi) [Orabug: 38985173,39368732] {CVE-2026-23216}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (Maurizio Lombardi) [Orabug: 38970455,39368774] {CVE-2026-23193}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen) [Orabug: 39334580,39367147] {CVE-2026-43284}
- x86/CPU/AMD: Add a fix for AMD-SB-7052 (Prathyushi Nangia) [Orabug: 39218897] {CVE-2025-54518}
[5.4.17-2136.356.1]
- arm64/kvm: Include linux/random.h in trng.c (Siddh Raman Pant) [Orabug: 39327096]
- i2c: designware: Disable TX_EMPTY irq while waiting for block length byte (Tam Nguyen) [Orabug: 39174662]
- i2c: designware: Handle invalid SMBus block data response length value (Tam Nguyen) [Orabug: 39174662]
- i2c: designware: fix __i2c_dw_disable() in case master is holding SCL low (Yann Sionneau) [Orabug: 39174662]
More information about the El-errata
mailing list