[El-errata] ELBA-2026-13577-1 Oracle Linux 8 kernel bug fix update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu May 7 17:04:52 UTC 2026
Oracle Linux Bug Fix Advisory ELBA-2026-13577-1
http://linux.oracle.com/errata/ELBA-2026-13577-1.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
bpftool-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm
kernel-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm
kernel-abi-stablelists-4.18.0-553.123.1.0.1.el8_10.noarch.rpm
kernel-core-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm
kernel-cross-headers-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm
kernel-debug-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm
kernel-debug-core-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm
kernel-debug-devel-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm
kernel-debug-modules-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm
kernel-debug-modules-extra-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm
kernel-devel-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm
kernel-doc-4.18.0-553.123.1.0.1.el8_10.noarch.rpm
kernel-headers-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm
kernel-modules-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm
kernel-modules-extra-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm
kernel-tools-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm
kernel-tools-libs-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm
kernel-tools-libs-devel-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm
perf-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm
python3-perf-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-4.18.0-553.123.1.0.1.el8_10.src.rpm
Description of changes:
[4.18.0-553.123.1.0.1]
- scsi: core: Restrict legal sdev_state transitions via sysfs (Uday Shankar) [Orabug: 37778230]
[4.18.0-553.123.1]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985772]
[4.18.0-553.123.1]
- crypto: algif_aead - snapshot IV for async AEAD requests (Herbert Xu) [RHEL-172187]
- crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [RHEL-172187]
- crypto: authencesn - reject short ahash digests during instance creation (Herbert Xu) [RHEL-172187]
- crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [RHEL-172187]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [RHEL-172187] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Herbert Xu) [RHEL-172187] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Herbert Xu) [RHEL-172187]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Herbert Xu) [RHEL-172187] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [RHEL-172187] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Herbert Xu) [RHEL-172187]
- KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE (Paolo Bonzini) [RHEL-153727] {CVE-2026-23401}
[4.18.0-553.122.1]
- nvme: avoid double free special payload (Maurizio Lombardi) [RHEL-51303] {CVE-2024-41073}
- crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (CKI Backport Bot) [RHEL-166921] {CVE-2025-68724}
- net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (Jay Shin) [RHEL-166155] {CVE-2025-40252}
- kernel.h: Move ARRAY_SIZE() to a separate header (Jay Shin) [RHEL-166155] {CVE-2025-40252}
[4.18.0-553.121.1]
- nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Scott Mayhew) [RHEL-167011] {CVE-2026-31402}
More information about the El-errata
mailing list