[El-errata] ELSA-2026-50294 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update

Thu Jun 4 09:55:41 UTC 2026

Oracle Linux Security Advisory ELSA-2026-50294

http://linux.oracle.com/errata/ELSA-2026-50294.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-5.15.0-321.202.5.el8uek.x86_64.rpm
kernel-uek-5.15.0-321.202.5.el8uek.x86_64.rpm
kernel-uek-core-5.15.0-321.202.5.el8uek.x86_64.rpm
kernel-uek-debug-5.15.0-321.202.5.el8uek.x86_64.rpm
kernel-uek-debug-core-5.15.0-321.202.5.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.15.0-321.202.5.el8uek.x86_64.rpm
kernel-uek-debug-modules-5.15.0-321.202.5.el8uek.x86_64.rpm
kernel-uek-debug-modules-extra-5.15.0-321.202.5.el8uek.x86_64.rpm
kernel-uek-devel-5.15.0-321.202.5.el8uek.x86_64.rpm
kernel-uek-doc-5.15.0-321.202.5.el8uek.noarch.rpm
kernel-uek-modules-5.15.0-321.202.5.el8uek.x86_64.rpm
kernel-uek-modules-extra-5.15.0-321.202.5.el8uek.x86_64.rpm
kernel-uek-container-5.15.0-321.202.5.el8uek.x86_64.rpm
kernel-uek-container-debug-5.15.0-321.202.5.el8uek.x86_64.rpm

aarch64:
bpftool-5.15.0-321.202.5.el8uek.aarch64.rpm
kernel-uek-5.15.0-321.202.5.el8uek.aarch64.rpm
kernel-uek-core-5.15.0-321.202.5.el8uek.aarch64.rpm
kernel-uek-debug-5.15.0-321.202.5.el8uek.aarch64.rpm
kernel-uek-debug-core-5.15.0-321.202.5.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.15.0-321.202.5.el8uek.aarch64.rpm
kernel-uek-debug-modules-5.15.0-321.202.5.el8uek.aarch64.rpm
kernel-uek-debug-modules-extra-5.15.0-321.202.5.el8uek.aarch64.rpm
kernel-uek-devel-5.15.0-321.202.5.el8uek.aarch64.rpm
kernel-uek-doc-5.15.0-321.202.5.el8uek.noarch.rpm
kernel-uek-modules-5.15.0-321.202.5.el8uek.aarch64.rpm
kernel-uek-modules-extra-5.15.0-321.202.5.el8uek.aarch64.rpm
kernel-uek-container-5.15.0-321.202.5.el8uek.aarch64.rpm
kernel-uek-container-debug-5.15.0-321.202.5.el8uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.15.0-321.202.5.el8uek.src.rpm

Related CVEs:

CVE-2025-38085
CVE-2025-54518
CVE-2026-23270
CVE-2026-31402
CVE-2026-43284
CVE-2026-46300
CVE-2026-46333

Description of changes:

[5.15.0-321.202.5]
- Revert "ip6_tunnel: Fix usage of skb_vlan_inet_prepare()" (Harshit Mogalapalli)  [Orabug: 39476647]
- smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada)  [Orabug: 39463672]

[5.15.0-321.202.4]
- tun: free page on build_skb failure in tun_xdp_one() (Weiming Shi)  [Orabug: 39429143]
- tap: free page on error paths in tap_get_user_xdp() (Weiming Shi)  [Orabug: 39429143]
- tun: free page on short-frame rejection in tun_xdp_one() (Weiming Shi)  [Orabug: 39429143]

[5.15.0-321.202.3]
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim)  [Orabug: 39368827]  {CVE-2026-46300}
- net: skbuff: preserve shared-frag marker during coalescing (William Bowling)  [Orabug: 39368827]
- ptrace: slightly saner 'get_dumpable()' logic (Linus Torvalds)  [Orabug: 39384274]  {CVE-2026-46333}
- mm/hugetlb: fix excessive IPI broadcasts when unsharing PMD tables using mmu_gather (David Hildenbrand (Red Hat))  [Orabug: 38474901]
- Revert "mm/hugetlb: add option to allows disabling CVE-2025-38085 mitigation" (Samasth Norway Ananda)  [Orabug: 38474901]
- mm/rmap: fix two comments related to huge_pmd_unshare() (David Hildenbrand (Red Hat))  [Orabug: 38474901]
- mm/hugetlb: fix two comments related to huge_pmd_unshare() (David Hildenbrand (Red Hat))  [Orabug: 38474901]
- mm/hugetlb: fix hugetlb_pmd_shared() (David Hildenbrand (Red Hat))  [Orabug: 38474901]

[5.15.0-321.202.2]
- dpaa2-switch: Fix interrupt storm after receiving bad if_id in IRQ handler (Guenter Roeck)
- Revert "arm64: dts: qcom: sdm845-oneplus: Mark l14a regulator as boot-on" (Sasha Levin)
- ip6_tunnel: Fix usage of skb_vlan_inet_prepare() (Ben Hutchings)
- hwmon: (max16065) Use READ/WRITE_ONCE to avoid compiler optimization induced race (Gui-Dong Han)
- wifi: wlcore: Return -ENOMEM instead of -EAGAIN if there is not enough headroom (Guenter Roeck)
- sched: idle: Make skipping governor callbacks more consistent (Rafael J. Wysocki)
- nvmet-tcp: fix use-before-check of sg in bounds validation (Cengiz Can)
- remoteproc: mediatek: Unprepare SCP clock during system suspend (Tzung-Bi Shih)
- net: openvswitch: Avoid releasing netdev before teardown completes (Toke Høiland-Jørgensen)
- ACPI: processor: Fix previous acpi_processor_errata_piix4() fix (Rafael J. Wysocki)
- net: hsr: fix VLAN add unwind on slave errors (Luka Gejak)
- x86/CPU/AMD: Add a fix for AMD-SB-7052 (Prathyushi Nangia)  [Orabug: 39327141]  {CVE-2025-54518}
- xfrm: esp: ipv4: fix up flags setting (Greg Kroah-Hartman)  [Orabug: 39342679]  {CVE-2026-43284}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen)  [Orabug: 39342679]  {CVE-2026-43284}
- KVM: x86: disable preemption around the call to kvm_arch_vcpu_{un|}blocking (Maxim Levitsky)  [Orabug: 39334996]
- KVM: Don't block+unblock when halt-polling is successful (Sean Christopherson)  [Orabug: 39334996]
- nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Jeff Layton)  [Orabug: 39167616]  {CVE-2026-31402}
- net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks (Victor Nogueira)  [Orabug: 39103230]  {CVE-2026-23270}
- exadata: tools: perf: update column to comm_nodigit (Stephen Brennan)  [Orabug: 39327019]
- perf report: Add comm_nodigit sort key (Stephen Brennan)  [Orabug: 39327019]
- Revert "tools: perf: add comm_ignore_digit column" (Stephen Brennan)  [Orabug: 39327019]

[5.15.0-321.202.1]
- virtio-net: add cond_resched() to the command waiting loop (Jason Wang) [Orabug: 39291988]
- virtio-net: convert rx mode setting to use workqueue (Jason Wang) [Orabug: 39291988]
- x86: KVM: Add common feature flag for AMD's PSFD (Sean Christopherson) [Orabug: 35586248]
- KVM: x86: Insert "AMD" in KVM_X86_FEATURE_PSFD (Jim Mattson) [Orabug: 35586248]
- KVM: x86: Expose Predictive Store Forwarding Disable (Babu Moger) [Orabug: 35586248]
- i2c: designware: fix __i2c_dw_disable() in case master is holding SCL low (Yann Sionneau) [Orabug: 39174661]