Oracle Linux 10 has recently received critical updates that enhance security for both the kernel and Tomcat 9. The updates include two significant security patches: ELSA-2025-14009, which focuses on kernel vulnerabilities, and ELSA-2025-14178, which introduces security enhancements for Tomcat 9.
- The updated kernel version is 6.12.0-55.28.1.0.1 and is essential for addressing multiple vulnerabilities. The updated RPMs for the x86_64 and aarch64 architectures include various kernel components, such as core, headers, modules, and debugging tools.
2. Tomcat 9 Security Update (ELSA-2025-14178):
- Although details about Tomcat's specific updates weren't provided, the advisory indicates that improvements have been made to bolster the security of the Tomcat 9 application server.
- A comprehensive list of updated RPM packages is available, including kernel core, headers, modules, tools, and debugging components. Each package is crucial for maintaining the kernel's functionality and security.
- For aarch64 architecture:
- Similar updates have been made available for the aarch64 architecture, including kernel tools and performance-related packages.
- CVE-2025-21867
- CVE-2025-38124
- CVE-2025-38250
- CVE-2025-38380
- CVE-2025-38471
- Adjustments to NVMe driver handling.
- Introduction of new Oracle Linux Driver Signing certificates.
- Modifications related to UKI (Unified Kernel Image) signing.
- Updates to Oracle Linux certificates and trusted keys.
For further details on the updates, users can refer to the official Oracle Linux security advisories linked above
Key Updates
1. Kernel Security Update (ELSA-2025-14009):- The updated kernel version is 6.12.0-55.28.1.0.1 and is essential for addressing multiple vulnerabilities. The updated RPMs for the x86_64 and aarch64 architectures include various kernel components, such as core, headers, modules, and debugging tools.
2. Tomcat 9 Security Update (ELSA-2025-14178):
- Although details about Tomcat's specific updates weren't provided, the advisory indicates that improvements have been made to bolster the security of the Tomcat 9 application server.
RPM Packages Available
- For x86_64 architecture:- A comprehensive list of updated RPM packages is available, including kernel core, headers, modules, tools, and debugging components. Each package is crucial for maintaining the kernel's functionality and security.
- For aarch64 architecture:
- Similar updates have been made available for the aarch64 architecture, including kernel tools and performance-related packages.
Related CVEs
The kernel update addresses several CVEs (Common Vulnerabilities and Exposures), including:- CVE-2025-21867
- CVE-2025-38124
- CVE-2025-38250
- CVE-2025-38380
- CVE-2025-38471
Description of Changes
The update includes various changes such as:- Adjustments to NVMe driver handling.
- Introduction of new Oracle Linux Driver Signing certificates.
- Modifications related to UKI (Unified Kernel Image) signing.
- Updates to Oracle Linux certificates and trusted keys.
Conclusion
These updates are crucial for Oracle Linux 10 users, ensuring their systems remain secure against known vulnerabilities. Users are encouraged to apply these updates promptly through the Unbreakable Linux Network to safeguard their environments. Regular maintenance and updates are vital for maintaining the integrity and security of any operating system, especially in enterprise settings.For further details on the updates, users can refer to the official Oracle Linux security advisories linked above
Kernel and Tomcat 9 updates for Oracle Linux
Oracle Linux 10 has been updated with two security patches: ELSA-2025-14009, which addresses Kernel vulnerabilities, and ELSA-2025-14178, which pertains to Tomcat 9 security enhancements.
ELSA-2025-14009 Important: Oracle Linux 10 kernel security update
ELSA-2025-14178 Important: Oracle Linux 10 tomcat9 security updateKernel and Tomcat 9 updates for Oracle Linux @ Linux Compatible
