Oracle Linux 10 ELSA-2025-20095-0: / kernel (ELSA-2025-200950)
medium Nessus Plugin ID 277130
語言:
概要
遠端 Oracle Linux 主機缺少一個或多個安全性更新。說明
遠端 Oracle Linux 10 主機中安裝的套件受到 ELSA-2025-200950 公告中提及的多個弱點影響。- selfteststls新增零長度記錄的測試 (CKI 反向移植機器人) [RHEL-114328] {CVE-2025-39682}
- tls修正 rx_list 上零長度記錄的處理 (CKI Backport Bot) [RHEL-114328] {CVE-2025-39682}
- sctp:線性化 sctp_rcv 中的複制 gso 封包 (CKI Backport Bot) [RHEL-113338] {CVE-2025-38718}
- ipv6拒絕 ipv6_gso_segment() 中的惡意封包 (CKI Backport Bot) [RHEL-113251] {CVE-2025-38572}
- wifiath12k處理 RX 對等片段設定錯誤時遞減 TID (CKI 反向移植機器人) [RHEL-114710] {CVE-2025-39761}
- xfrm介面修正變更 collect_md xfrm 介面後的釋放後使用 (CKI Backport Bot) [RHEL-109531] {CVE-2025-38500}
- ipv6mcast在 mld_del_delrec() 中延遲放置 pmc->idev (Hangbin Liu) [RHEL-111156] {CVE-2025-38550}
- tcp更正 skb 剩餘空間計算中的正負號 (Florian Westphal) [RHEL-107843] {CVE-2025-38463}
- io_uring/futex確保 io_futex_wait() 在失敗時正確清理 (CKI Backport Bot) [RHEL-114338] {CVE-2025-39698}
- net/schedhtb_lookup_leaf 遇到空 rbtree 時傳回 NULL (CKI 反向移植機器人) [RHEL-106587] {CVE-2025-38468}
- dmaengineidxd使用前檢查 idxd wq 驅動程式配置的工作佇列可用性 (Audra Mitchell) [RHEL-106609] {CVE-2025-38369}
- HID核心強化 s32ton() 防止轉換為 0 位元 (Benjamin Tissoires) [RHEL-111038] {CVE-2025-38556}
- fs匯出 anon_inode_make_secure_inode() 並修正 secretmem LSM 繞過 (Audra Mitchell) [RHEL-106613] {CVE-2025-38396}
- s390/sclp修正 SCCB 存在檢查 (CKI 反向移植機器人) [RHEL-113560] {CVE-2025-39694}
- idpf:將控制佇列 mutex 轉換為 spinlock (CKI Backport Bot) [RHEL-106059] {CVE-2025-38392}
- x86/處理程序在 MONITOR 之前移動緩衝區清除 (Waiman Long) [RHEL-83893 RHEL-83903] {CVE-2024-36357 CVE-2024-36350}
- x86/microcode/AMD新增 TSA 微碼 SHA (Waiman Long) [RHEL-83893 RHEL-83903] {CVE-2024-36357 CVE-2024-36350}
- KVMSVM將 TSA CPUID 位元公告給來賓 (Waiman Long) [RHEL-83893 RHEL-83903] {CVE-2024-36357 CVE-2024-36350}
- x86/錯誤新增暫時性排程器攻擊緩解 (Waiman Long) [RHEL-83893 RHEL-83903] {CVE-2024-36357 CVE-2024-36350}
- x86/錯誤將 MDS 機器重新命名為更通用的名稱 (Waiman Long) [RHEL-83893 RHEL-83903] {CVE-2024-36357 CVE-2024-36350}
- x86/microcode/AMD修正 __apply_microcode_amd() 的傳回值 (Waiman Long) [RHEL-83893] {CVE-2025-22047}
- posix-cpu-timers修正 handle_posix_cpu_timers() 和 posix_cpu_timer_del() 之間的爭用 (CKI Backport Bot) [RHEL-112787] {CVE-2025-38352}
- netfilter: nf_conntrack修正因移除未初始化項目而導致的當機 (Florian Westphal) [RHEL-106441] {CVE-2025-38472}
- sunrpc修正伺服器端 tls 警示的處理 (Olga Kornievskaia) [RHEL-111072] {CVE-2025-38566}
- sunrpc修正 tls 警示的用戶端處理 (Olga Kornievskaia) [RHEL-110814] {CVE-2025-38571}
- tipc:修復 tipc_conn_close() 中的釋放後使用弱點。(CKI Backport Bot) [RHEL-106663] {CVE-2025-38464}
Tenable 已直接從 Oracle Linux 安全公告擷取前置描述區塊。
請注意,Nessus 並未測試這些問題,而是僅依據應用程式自我報告的版本號碼作出判斷。
解決方案
更新受影響的套件。另請參閱
Plugin 詳細資訊
嚴重性: Medium
ID: 277130
檔案名稱: oraclelinux_ELSA-2025-200950.nasl
版本: 1.1
類型: local
代理程式: unix
已發布: 2025/12/3
已更新: 2025/12/3
支援的感應器: Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus
風險資訊
VPR
風險因素: High
分數: 7.4
CVSS v2
風險因素: Medium
基本分數: 6.8
時間性分數: 5
媒介: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS 評分資料來源: CVE-2025-38369
CVSS v3
風險因素: High
基本分數: 7.8
時間性分數: 6.8
媒介: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
時間媒介: CVSS:3.0/E:U/RL:O/RC:C
CVSS v4
風險因素: Medium
Base Score: 5.7
Threat Score: 1.9
Threat Vector: CVSS:4.0/E:U
Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
CVSS 評分資料來源: CVE-2024-28956
弱點資訊
CPE: p-cpe:/a:oracle:linux:kernel, p-cpe:/a:oracle:linux:kernel-debug, p-cpe:/a:oracle:linux:kernel-debug-devel, p-cpe:/a:oracle:linux:kernel-devel, p-cpe:/a:oracle:linux:kernel-headers, p-cpe:/a:oracle:linux:kernel-tools, p-cpe:/a:oracle:linux:kernel-tools-libs, p-cpe:/a:oracle:linux:kernel-tools-libs-devel, p-cpe:/a:oracle:linux:perf, p-cpe:/a:oracle:linux:kernel-core, p-cpe:/a:oracle:linux:kernel-cross-headers, p-cpe:/a:oracle:linux:kernel-debug-core, p-cpe:/a:oracle:linux:kernel-debug-modules, p-cpe:/a:oracle:linux:kernel-debug-modules-extra, p-cpe:/a:oracle:linux:kernel-modules, p-cpe:/a:oracle:linux:kernel-modules-extra, p-cpe:/a:oracle:linux:python3-perf, p-cpe:/a:oracle:linux:kernel-abi-stablelists, p-cpe:/a:oracle:linux:kernel-debug-devel-matched, p-cpe:/a:oracle:linux:kernel-devel-matched, p-cpe:/a:oracle:linux:kernel-debug-modules-core, p-cpe:/a:oracle:linux:kernel-debug-uki-virt, p-cpe:/a:oracle:linux:kernel-modules-core, p-cpe:/a:oracle:linux:kernel-uki-virt, p-cpe:/a:oracle:linux:rtla, p-cpe:/a:oracle:linux:libperf, p-cpe:/a:oracle:linux:rv, p-cpe:/a:oracle:linux:kernel-uki-virt-addons, cpe:/o:oracle:linux:10, cpe:/o:oracle:linux:10:1:baseos_base, p-cpe:/a:oracle:linux:kernel-modules-extra-matched
必要的 KB 項目: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/OracleLinux
可輕鬆利用: No known exploits are available
修補程式發佈日期: 2025/11/25
弱點發布日期: 2023/12/12
參考資訊
CVE: CVE-2024-28956, CVE-2024-36350, CVE-2024-36357, CVE-2024-49570, CVE-2024-52332, CVE-2024-53147, CVE-2024-53216, CVE-2024-53222, CVE-2024-53241, CVE-2024-54456, CVE-2024-56662, CVE-2024-56675, CVE-2024-56690, CVE-2024-57901, CVE-2024-57902, CVE-2024-57941, CVE-2024-57942, CVE-2024-57977, CVE-2024-57981, CVE-2024-57984, CVE-2024-57986, CVE-2024-57987, CVE-2024-57988, CVE-2024-57989, CVE-2024-57995, CVE-2024-58004, CVE-2024-58005, CVE-2024-58006, CVE-2024-58012, CVE-2024-58013, CVE-2024-58014, CVE-2024-58015, CVE-2024-58020, CVE-2024-58057, CVE-2024-58061, CVE-2024-58069, CVE-2024-58072, CVE-2024-58075, CVE-2024-58077, CVE-2024-58088, CVE-2025-21647, CVE-2025-21652, CVE-2025-21655, CVE-2025-21671, CVE-2025-21680, CVE-2025-21691, CVE-2025-21693, CVE-2025-21696, CVE-2025-21702, CVE-2025-21726, CVE-2025-21732, CVE-2025-21738, CVE-2025-21741, CVE-2025-21742, CVE-2025-21743, CVE-2025-21750, CVE-2025-21761, CVE-2025-21765, CVE-2025-21771, CVE-2025-21777, CVE-2025-21785, CVE-2025-21786, CVE-2025-21790, CVE-2025-21791, CVE-2025-21795, CVE-2025-21796, CVE-2025-21826, CVE-2025-21828, CVE-2025-21844, CVE-2025-21846, CVE-2025-21847, CVE-2025-21851, CVE-2025-21853, CVE-2025-21855, CVE-2025-21857, CVE-2025-21861, CVE-2025-21863, CVE-2025-21864, CVE-2025-21976, CVE-2025-22056, CVE-2025-37749, CVE-2025-37994, CVE-2025-38116, CVE-2025-38369, CVE-2025-38412, CVE-2025-38468
IAVB: 2024-B-0200