Back

Oracle Linux Kernel Updates Address CVE-2025-10263 Vulnerability

Severity: High (Score: 60.6)

Sources: Linuxsecurity

Published: 2026-06-10 · Updated: 2026-06-11

Keywords: arm64, errata, mark, rutland, cve-2025-10263, oracle, linux

Severity indicators: rat, CVE:CVE-2025-10263

Summary

On June 10, 2026, Oracle released important kernel updates for multiple versions of Oracle Linux, addressing CVE-2025-10263, a vulnerability affecting various Arm CPUs. The updates include mitigations for TLBI errata and are applicable to Oracle Linux 7, 8, and 9. The vulnerability was published on June 9, 2026, and affects systems running kernel versions 5.4, 5.15, and 6.12. The updates were confirmed by Mark Rutland and Saeed Mirzamohammadi, who contributed to the patches. Users are urged to apply these updates promptly to mitigate potential risks. The updates include various kernel packages and modules, ensuring comprehensive coverage for affected systems. The scope of impact includes critical systems relying on Oracle Linux for operations. Key Points: • Oracle released kernel updates for Linux 7, 8, and 9 to mitigate CVE-2025-10263. • The vulnerability affects Arm CPUs and was published on June 9, 2026. • Users are advised to apply the updates immediately to secure their systems.

Detailed Analysis

**Impact** Oracle Linux users across versions 7, 8, and 9 are affected by the CVE-2025-10263 vulnerability, impacting systems running on ARM64 architecture. This includes enterprises relying on Oracle Linux kernels 5.4, 5.15, and 6.12 series, potentially spanning multiple sectors and geographies where Oracle Linux is deployed. The vulnerability relates to ARM CPU errata affecting system stability and security, with possible operational disruptions if exploited. No specific data breach or sector-targeted impact details are provided. **Technical Details** The vulnerability CVE-2025-10263 involves ARM64 Translation Lookaside Buffer Invalidation (TLBI) errata on various ARM CPUs, requiring mitigation through kernel updates. The patch introduces the ARM64_WORKAROUND_REPEAT_TLBI_SYNC and allows XZR arguments to TLBI operations, addressing the errata at the kernel level. The issue affects multiple Oracle Linux kernel versions including UEK 5.4.17, 5.15.0, and 6.12.0. No attack vectors, malware, or exploitation infrastructure details are provided, nor are there IOCs or kill chain stages described. **Recommended Response** Apply the latest Oracle Linux kernel updates corresponding to your version: UEK 6.12.0-203.76.7.3 for Oracle Linux 9 and 10, UEK 5.15.0-321.202.5.1 for Oracle Linux 8 and 9, and UEK 5.4.17-2136.356.4.2 for Oracle Linux 7 and 8. Prioritize patching ARM64 systems to mitigate the TLBI errata. Monitor for unusual kernel or CPU behavior but no specific detection signatures or IOCs are available. Maintain updated system inventories to ensure all affected kernels are remediated.

Source articles (7)

  • Oracle Linux 9 ELSA-2026-50305 Kernel Important Update CVE-2025 — Linuxsecurity · 2026-06-10
    [5.15.0-321.202.5.1] - arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39017590] {CVE-2025-10263} - arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [Or…
  • Oracle Linux 8 kernel Important Mitigation CVE-2025-10263 ELSA-2026 — Linuxsecurity · 2026-06-10
    [5.15.0-321.202.5.1] - arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39017590] {CVE-2025-10263} - arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [Or…
  • Oracle Linux 8 Kernel Important Update ELSA-2026-50306 CVE-2025 — Linuxsecurity · 2026-06-10
    [5.4.17-2136.356.4.2] - arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39017592] {CVE-2025-10263} - arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [O…
  • Oracle8: ELSA-2026-50306: kernel Important — Linuxsecurity · 2026-06-10
    [5.4.17-2136.356.4.2] - arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39017592] {CVE-2025-10263} - arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [O…
  • Oracle Linux 7 Kernel Important Security Fix ELSA-2026 — Linuxsecurity · 2026-06-10
    [5.4.17-2136.356.4.2] - arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39017592] {CVE-2025-10263} - arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [O…
  • Oracle Linux Important Kernel Update ELSA-2026-50304 CVE-2025 — Linuxsecurity · 2026-06-10
    [6.12.0-203.76.7.3] - arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39017589] {CVE-2025-10263} - arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [Ora…
  • Oracle Linux 9 ELSA-2026 — Linuxsecurity · 2026-06-10
    [6.12.0-203.76.7.3] - arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39017589] {CVE-2025-10263} - arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [Ora…

Timeline

  • 2026-06-09 — CVE-2025-10263 published: Oracle disclosed a vulnerability affecting Arm CPUs in various Oracle Linux kernel versions.
  • 2026-06-10 — Oracle releases kernel updates: Oracle released important updates for Oracle Linux 7, 8, and 9 to mitigate CVE-2025-10263.
  • 2026-06-10 — Mitigations confirmed by developers: Mark Rutland and Saeed Mirzamohammadi confirmed the updates include mitigations for TLBI errata.

CVEs

  • CVE-2025-10263

Related entities

  • 203.76.7.2 (Ipv4)
  • 203.76.7.3 (Ipv4)
  • Linux (Platform)
  • Oracle Linux (Platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed