Oracle Linux 10 ELSA-2025-20095-0: / kernel (ELSA-2025-200950)
medium Nessus 插件 ID 277130
语言:
简介
远程 Oracle Linux 主机缺少一个或多个安全更新。描述
远程 Oracle Linux 10 主机上安装的多个程序包受到 ELSA-2025-200950 公告中提及的多个漏洞影响。- selfteststls添加零长度记录的测试 (CKI Backport Bot) [RHEL-114328] {CVE-2025-39682}
- tls修复 rx_list 上零长度记录的处理 (CKI Backport Bot) [RHEL-114328] {CVE-2025-39682}
- sctp:线性化 sctp_rcv 中的克隆 gso 数据包 (CKI Backport Bot) [RHEL-113338] {CVE-2025-38718}
- ipv6拒绝 ipv6_gso_segment() 中的恶意数据包 (CKI Backport Bot) [RHEL-113251] {CVE-2025-38572}
- wifiath12k减少 RX 对等机 frag 设置错误处理中的 TID (CKI Backport Bot) [RHEL-114710] {CVE-2025-39761}
- xfrminterface修复更改 collect_md xfrm 接口之后的释放后使用(CKI Backport Bot) [RHEL-109531] {CVE-2025-38500}
- ipv6mcast延迟在 mld_del_delrec() 中放置 pmc->idev (Hangbin Liu) [RHEL-111156] {CVE-2025-38550}
- tcp修正 skb 剩余空间计算中的符号 (Florian Westphal) [RHEL-107843] {CVE-2025-38463}
- io_uring/futex确保 io_futex_wait() 在失败时正确清理 (CKI Backport Bot) [RHEL-114338] {CVE-2025-39698}
- net/schedhtb_lookup_leaf 遇到空 rbtree 时返回 NULL (CKI Backport Bot) [RHEL-106587] {CVE-2025-38468}
- dmaengineidxd检查使用 之前由 idxd wq 驱动程序分配的工作队列的可用性 (Audra Mitchell) [RHEL-106609] {CVE-2025-38369}
- HIDcore强化 s32ton()以防转换为 0 位 (Benjamin Tissoires) [RHEL-111038] {CVE-2025-38556}
- fs导出 anon_inode_make_secure_inode() 并修复 secretmem LSM 绕过 (Audra Mitchell) [RHEL-106613] {CVE-2025-38396}
- s390/sclp修复 SCCB 存在检查 (CKI Backport Bot) [RHEL-113560] {CVE-2025-39694}
- idpf:将控制队列互斥锁转换为自旋锁 (CKI Backport Bot) [RHEL-106059] {CVE-2025-38392}
- x86/process在 MONITOR 之前移动缓冲区清理 (Waiman Long) [RHEL-83893 RHEL-83903] {CVE-2024-36357 CVE-2024-36350}
- x86/微代码/AMD添加 TSA 微代码 SHA (Waiman Long) [RHEL-83893 RHEL-83903] {CVE-2024-36357 CVE-2024-36350}
- KVMSVM将 TSA CPUID 位公告给客户机 (Waiman Long) [RHEL-83893 RHEL-83903] {CVE-2024-36357 CVE-2024-36350}
- x86/bugs添加瞬态计划程序攻击缓解 (Waiman Long) [RHEL-83893 RHEL-83903] {CVE-2024-36357 CVE-2024-36350}
- x86/缺陷将 MDS 机械重命名为更通用的名称 (Waiman Long) [RHEL-83893 RHEL-83903] {CVE-2024-36357 CVE-2024-36350}
- x86/microcode/AMD修复 __apply_microcode_amd() 的返回值 (Waiman Long) [RHEL-83893] {CVE-2025-22047}
- posix-cpu-timers修复 handle_posix_cpu_timers() 和 posix_cpu_timer_del() 之间的争用 (CKI Backport Bot) [RHEL-112787] {CVE-2025-38352}
- netfilter: nf_conntrack修复因删除未初始化的条目而导致的崩溃 (Florian Westphal) [RHEL-106441] {CVE-2025-38472}
- sunrpc修复服务器端 tls 警报的处理 (Olga Kornievskaia) [RHEL-111072] {CVE-2025-38566}
- sunrpc修复 tls 警报的客户端处理 (Olga Kornievskaia) [RHEL-110814] {CVE-2025-38571}
- tipc:修复 tipc_conn_close() 中的释放后使用。(CKI Backport Bot) [RHEL-106663] {CVE-2025-38464}
Tenable 已直接从 Oracle Linux 安全公告中提取上述描述块。
请注意,Nessus 尚未测试这些问题,而是只依据应用程序自我报告的版本号进行判断。
解决方案
更新受影响的程序包。另见
插件详情
严重性: Medium
ID: 277130
文件名: oraclelinux_ELSA-2025-200950.nasl
版本: 1.1
类型: local
代理: unix
发布时间: 2025/12/3
最近更新时间: 2025/12/3
支持的传感器: Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus
风险信息
VPR
风险因素: High
分数: 7.4
CVSS v2
风险因素: Medium
基本分数: 6.8
时间分数: 5
矢量: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS 分数来源: CVE-2025-38369
CVSS v3
风险因素: High
基本分数: 7.8
时间分数: 6.8
矢量: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
时间矢量: CVSS:3.0/E:U/RL:O/RC:C
CVSS v4
风险因素: Medium
Base Score: 5.7
Threat Score: 1.9
Threat Vector: CVSS:4.0/E:U
Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
CVSS 分数来源: CVE-2024-28956
漏洞信息
CPE: p-cpe:/a:oracle:linux:kernel-modules-extra-matched, p-cpe:/a:oracle:linux:kernel-tools-libs-devel, p-cpe:/a:oracle:linux:kernel-devel, p-cpe:/a:oracle:linux:kernel-cross-headers, p-cpe:/a:oracle:linux:kernel-debug-modules, p-cpe:/a:oracle:linux:rtla, p-cpe:/a:oracle:linux:kernel-tools, p-cpe:/a:oracle:linux:rv, p-cpe:/a:oracle:linux:kernel-debug-devel, p-cpe:/a:oracle:linux:kernel-headers, p-cpe:/a:oracle:linux:kernel-debug-uki-virt, p-cpe:/a:oracle:linux:kernel-debug-modules-core, p-cpe:/a:oracle:linux:kernel-modules, p-cpe:/a:oracle:linux:kernel-debug-devel-matched, p-cpe:/a:oracle:linux:kernel-abi-stablelists, p-cpe:/a:oracle:linux:kernel-devel-matched, p-cpe:/a:oracle:linux:kernel-debug, p-cpe:/a:oracle:linux:kernel-modules-core, p-cpe:/a:oracle:linux:kernel-core, p-cpe:/a:oracle:linux:kernel-uki-virt, p-cpe:/a:oracle:linux:libperf, p-cpe:/a:oracle:linux:kernel-debug-modules-extra, p-cpe:/a:oracle:linux:python3-perf, p-cpe:/a:oracle:linux:kernel-debug-core, p-cpe:/a:oracle:linux:kernel-uki-virt-addons, cpe:/o:oracle:linux:10:1:baseos_base, cpe:/o:oracle:linux:10, p-cpe:/a:oracle:linux:perf, p-cpe:/a:oracle:linux:kernel-modules-extra, p-cpe:/a:oracle:linux:kernel-tools-libs, p-cpe:/a:oracle:linux:kernel
必需的 KB 项: Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list, Host/local_checks_enabled
易利用性: No known exploits are available
补丁发布日期: 2025/11/25
漏洞发布日期: 2023/12/12
参考资料信息
CVE: CVE-2024-28956, CVE-2024-36350, CVE-2024-36357, CVE-2024-49570, CVE-2024-52332, CVE-2024-53147, CVE-2024-53216, CVE-2024-53222, CVE-2024-53241, CVE-2024-54456, CVE-2024-56662, CVE-2024-56675, CVE-2024-56690, CVE-2024-57901, CVE-2024-57902, CVE-2024-57941, CVE-2024-57942, CVE-2024-57977, CVE-2024-57981, CVE-2024-57984, CVE-2024-57986, CVE-2024-57987, CVE-2024-57988, CVE-2024-57989, CVE-2024-57995, CVE-2024-58004, CVE-2024-58005, CVE-2024-58006, CVE-2024-58012, CVE-2024-58013, CVE-2024-58014, CVE-2024-58015, CVE-2024-58020, CVE-2024-58057, CVE-2024-58061, CVE-2024-58069, CVE-2024-58072, CVE-2024-58075, CVE-2024-58077, CVE-2024-58088, CVE-2025-21647, CVE-2025-21652, CVE-2025-21655, CVE-2025-21671, CVE-2025-21680, CVE-2025-21691, CVE-2025-21693, CVE-2025-21696, CVE-2025-21702, CVE-2025-21726, CVE-2025-21732, CVE-2025-21738, CVE-2025-21741, CVE-2025-21742, CVE-2025-21743, CVE-2025-21750, CVE-2025-21761, CVE-2025-21765, CVE-2025-21771, CVE-2025-21777, CVE-2025-21785, CVE-2025-21786, CVE-2025-21790, CVE-2025-21791, CVE-2025-21795, CVE-2025-21796, CVE-2025-21826, CVE-2025-21828, CVE-2025-21844, CVE-2025-21846, CVE-2025-21847, CVE-2025-21851, CVE-2025-21853, CVE-2025-21855, CVE-2025-21857, CVE-2025-21861, CVE-2025-21863, CVE-2025-21864, CVE-2025-21976, CVE-2025-22056, CVE-2025-37749, CVE-2025-37994, CVE-2025-38116, CVE-2025-38369, CVE-2025-38412, CVE-2025-38468
IAVB: 2024-B-0200