Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50288)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50288 advisory. - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39420568 CVE-2026-46300 Tenable has extracted the preceding...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50281)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50281 advisory. - ptrace: slightly saner 'getdumpable' logic Linus Torvalds Orabug: 39391459 CVE-2026-46333 - scsi: target: iscsi: Fix use-after-free in...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50258)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50258 advisory. 5.4.17-2136.354.4.3 - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39342682 CVE-2026-43284 Tenable has extracted the...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50259)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50259 advisory. - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present Hyunwoo Kim Orabug: 39342689 CVE-2026-43500 Tenable has extracted the...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50257)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50257 advisory. - xfrm: esp: ipv4: fix up flags setting Greg Kroah-Hartman Orabug: 39342679 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Tin...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50144)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50144 advisory. - mm/pagealloc: prevent pcp corruption with SMP=n Vlastimil Babka Orabug: 38914772 CVE-2026-23025 - phy: rockchip: inno-usb2: Fix a double free b...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50071)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50071 advisory. 5.4.17-2136.351.3.3 - crypto: afalg - Fix incorrect boolean values in afalgctx Eric Biggers Orabug: 38884602 CVE-2025-40022 Tenable has extracted the...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-28067)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-28067 advisory. - tipc: Fix use-after-free in tipcmonreinitself. Kuniyuki Iwashima Orabug: 38786195 CVE-2025-40280 - fs/proc: fix uaf in procreaddirde Wei Yang...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-28066)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-28066 advisory. - fs/proc: fix uaf in procreaddirde Wei Yang CVE-2025-40271 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20558)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20558 advisory. 6.12.0-103.40.4.2.el10uek - x86/vmscape: Warn when STIBP is disabled with SMT Pawan Gupta Orabug: 38343659 - x86/bugs: Move cpubugssmtupdate down Pawan...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20721)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20721 advisory. - nfsd: handle getclientlocked failure in nfsd4setclientidconfirm Jeff Layton Orabug: 38575798 CVE-2025-38724 Tenable has extracted the preceding...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20719)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20719 advisory. - iouring/futex: ensure iofutexwait cleans up properly on failure Jens Axboe Orabug: 38572958 CVE-2025-39698 - fs: writeback: fix use-after-free ...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20530)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20530 advisory. - sunrpc: handle SVCGARBAGE during svc auth processing as auth error Jeff Layton Orabug: 38137447 CVE-2025-38089 - Add Zen34 clients Borislav...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2025-20521)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20521 advisory. - perf: Fix perfeventvalidatesize lockdep splat Mark Rutland Orabug: 36261486 CVE-2023-6931 - perf: Fix perfeventvalidatesize Peter Zijlstra Orabu...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20520)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20520 advisory. - perf: Fix perfeventvalidatesize lockdep splat Mark Rutland Orabug: 36261485 CVE-2023-6931 - perf: Fix perfeventvalidatesize Peter Zijlstra Orabu...

CVE-2023-22024

In the Unbreakable Enterprise Kernel UEK, the RDS module in UEK has two setsockopt2 options, RDSCONNRESET and RDS6CONNRESET, that are not re-entrant. A malicious local user with CAPNETADMIN can use this to crash the kernel. CVSS 3.1 Base Score 5.5 Availability impacts. CVSS Vector:...

Unbreakable Enterprise kernel security update

4.1.12-124.74.2 - kvm: initialize all of the kvmdebugregs structure before sending it to userspace Greg Kroah-Hartman Orabug: 35250098 CVE-2023-1513 - staging: rtl8712: fix use after free bugs Dan Carpenter Orabug: 35212876 CVE-2022-4095 - staging: rtl8712: rtl8712cmd.c: fixed comparison to null...

Vulnerabilities fixed in Oracle Linux

Oracle has fixed multiple vulnerabilities in the Unbreakable Enterprise kernel for Oracle Enterprise Linux. The vulnerabilities potentially enable a local, authenticated malicious agent to execute attacks that result in the following categories of damage: Denial-of-Service DoS Remote code executi...

Vulnerabilities fixed in Oracle Unbreakable Enterprise kernel

Oracle has fixed vulnerabilities in the Unbreakable Enterprise kernel. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Access to system data Increased user privileges -= Oracl...

Vulnerabilities fixed in Oracle Unbreakable Enterprise Kernel

Oracle has fixed several vulnerabilities in the Unbreakable Enterprise Kernel. A malicious party could potentially exploit them to cause a denial-of-service or to obtain elevated privileges on the vulnerable system. -= Oracle =- Oracle has made updates available for Oracle Linux 6. You can instal...