Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20018)

high Nessus Plugin ID 213998

Synopsis

The remote Oracle Linux host is missing one or more security updates.

Description

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20018 advisory.

[5.15.0-304.171.4]
- Revert 'unicode: Don't special case ignorable code points' (Linus Torvalds)
- Revert 'mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K' (Aurelien Jarno)
- tcp: Fix use-after-free of nreq in reqsk_timer_handler(). (Kuniyuki Iwashima)
- lib/buildid: Fix build ID parsing logic (Jiri Olsa)
- powerpc/vdso: Flag VDSO64 entry points as functions (Christophe Leroy)
- mm: krealloc: Fix MTE false alarm in __do_krealloc (Qun-Wei Lin)
- Revert 'ALSA: hda/conexant: Mute speakers at suspend / shutdown' (Jaroslaw Janik)
- usb: dwc3: fix fault at system suspend if device was already runtime suspended (Roger Quadros)
- ACPI: PRM: Clean up guid type in struct prm_handler_info (Dan Carpenter)
- RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (Junxian Huang)
- mm: revert 'mm: shmem: fix data-race in shmem_getattr()' (Andrew Morton)
- ACPI: CPPC: Fix _CPC register setting issue (Lifeng Zheng)
- scsi: qla2xxx: Fix abort in bsg timeout (Quinn Tran)
- drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported (Antonio Quartulli)
- RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (Kashyap Desai)
- vhost_scsi: log write descriptors (Dongli Zhang) [Orabug: 37393531]
- vhost-scsi: protect vq->log_base with vq->mutex (Dongli Zhang) [Orabug: 37393531]

[5.15.0-304.171.3]
- build: populate modules_thick.builtin for dirs containing only modules (Nick Alcock) [Orabug: 37381702]
- mtd: fix use-after-free in mtd release (Alexander Usyskin) [Orabug: 37371929]
- mtd: Clean refcounting with MTD_PARTITIONED_MASTER (Miquel Raynal) [Orabug: 37371929]
- mtd: call external _get and _put in right order (Alexander Usyskin) [Orabug: 37371929]
- nvmem: core: Check input parameter for NULL in nvmem_unregister() (Andy Shevchenko) [Orabug: 37371929]
- Revert 'ocfs2: fix the la space leak when unmounting an ocfs2 volume' (Sherry Yang) [Orabug: 37364544]
- x86/pkeys: Ensure updated PKRU value is XRSTOR'd (Aruna Ramakrishna) [Orabug: 37361290]
- x86/pkeys: Change caller of update_pkru_in_sigframe() (Aruna Ramakrishna) [Orabug: 37361290]
- cgroup: cgroup-v1: do not exclude cgrp_dfl_root (Vishal Verma) [Orabug: 37347419]
- mm/memcontrol: Fix memcg stat calculation (Aruna Ramakrishna) [Orabug: 37306542]

[5.15.0-304.171.2]
- uek-rpm: Add mstflint_access module to the core list (Thomas Tai) [Orabug: 37345530]
- uek-rpm/ol8/config-aarch64-emb3: Enable CONFIG_ARM_SDE_INTERFACE (Thomas Tai) [Orabug: 37345530]
- sunrpc: fix a NULL deref in svc_process() when ->sv_stats doesn't exist (Calum Mackay) [Orabug:
37329531]
- Partial revert 'rds: Add inc/frag cache statistics' (Hans Westgaard Ry) [Orabug: 37232315]

[5.15.0-304.171.1]
- kpcimgr: assign CPU to handle PCIE transactions during kexec (Joe Dobosenski) [Orabug: 37295980]
- kexec: update start address for LPI table data (Joe Dobosenski) [Orabug: 37295980]
- kpcimgr: fix flush_icache_range arguments (Joe Dobosenski) [Orabug: 37295980]
- embedded2: Enable CONFIG_SQUASHFS_ZSTD to support zstd compression (Joe Dobosenski) [Orabug: 37295980]
- embedded2: Support booting an encrypted root filesystem (Joe Dobosenski) [Orabug: 37295980]
- Update embedded2 config for UEK7 (Joe Dobosenski) [Orabug: 37295980]
- Pensando: kernel config changes for kdump (Rob Gardner) [Orabug: 34091165] [Orabug: 37295980]
- arm64: Reserve elfcorehdr before scanning reserved memory from device tree (Joe Dobosenski) [Orabug:
37295980]
- arm64: kexec: add support for kexec with spin-table (Henry Willard) [Orabug: 32549965] [Orabug:
37295980]
- drivers/soc/pensando/cap_mem.c: Support DM region mapping. (David Clear) [Orabug: 37295980]
- drivers/edac: elba: Support multiple DDR bypass ranges. (David Clear) [Orabug: 37295980]
- mmc: sdhci-cadence: Enable host driver defined bounce buffer (Brad Larson) [Orabug: 37295980]
- Fix NULL pointer dereference in cn_filter() (Anjali Kulkarni) [Orabug: 37280567]
- selftests: connector: Fix input argument error paths to skip (Shuah Khan) [Orabug: 37280567]
- connector/cn_proc: Selftest for proc connector (Anjali Kulkarni) [Orabug: 37280567]
- connector/cn_proc: Allow non-root users access (Anjali Kulkarni) [Orabug: 37280567]
- connector/cn_proc: Performance improvements (Anjali Kulkarni) [Orabug: 37280567]
- connector/cn_proc: Add filtering to fix some bugs (Anjali Kulkarni) [Orabug: 37280567]
- netlink: Add new netlink_release function (Anjali Kulkarni) [Orabug: 37280567]
- ice: Add netif_device_attach/detach into PF reset flow (Dawid Osuchowski) [Orabug: 37214589] {CVE-2024-46770}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://linux.oracle.com/errata/ELSA-2025-20018.html

Plugin Details

Severity: High

ID: 213998

File Name: oraclelinux_ELSA-2025-20018.nasl

Version: 1.3

Type: local

Agent: unix

Published: 1/13/2025

Updated: 1/16/2025

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-53206

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:kernel-uek-container, cpe:/o:oracle:linux:8, p-cpe:/a:oracle:linux:kernel-uek-doc, p-cpe:/a:oracle:linux:kernel-uek-modules-extra, p-cpe:/a:oracle:linux:kernel-uek-modules, p-cpe:/a:oracle:linux:kernel-uek-debug, p-cpe:/a:oracle:linux:kernel-uek, cpe:/o:oracle:linux:9, p-cpe:/a:oracle:linux:kernel-uek-debug-devel, p-cpe:/a:oracle:linux:kernel-uek-devel, p-cpe:/a:oracle:linux:bpftool, p-cpe:/a:oracle:linux:kernel-uek-debug-core, p-cpe:/a:oracle:linux:kernel-uek-debug-modules, cpe:/o:oracle:linux:9:5:baseos_patch, cpe:/a:oracle:linux:9::uekr7, p-cpe:/a:oracle:linux:kernel-uek-container-debug, cpe:/a:oracle:linux:8::uekr7, p-cpe:/a:oracle:linux:kernel-uek-debug-modules-extra, cpe:/o:oracle:linux:9::baseos_latest, p-cpe:/a:oracle:linux:kernel-uek-core

Required KB Items: Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list, Host/local_checks_enabled

Exploit Ease: No known exploits are available

Patch Publication Date: 1/11/2025

Vulnerability Publication Date: 9/18/2024

Reference Information

CVE: CVE-2024-46770, CVE-2024-53060, CVE-2024-53070, CVE-2024-53097, CVE-2024-53206, CVE-2024-53226