Oracle Linux Kernel Vulnerabilities Addressed in Recent Updates

Oracle Linux Kernel Vulnerabilities Addressed in Recent Updates

First seen 22 May 2026, 13:58 UTC Linuxsecurity 95% similarity 70.5

Article Content

Browse articles
ThreatCluster

Oracle has released important kernel updates for both Oracle Linux 7 and 8, addressing multiple vulnerabilities including CVE-2026-46333, a ptrace vulnerability. This flaw could allow attackers to manipulate process memory, potentially leading to privilege escalation. Other vulnerabilities fixed include heap overflows and use-after-free issues affecting SCSI and NFS services. The updates are critical for users of Oracle Linux 7 and 8, as they could be exploited by attackers if not patched. The vulnerabilities were disclosed between February and May 2026, with some having public proof-of-concept (PoC) code available. System administrators are urged to apply the patches immediately to mitigate risks. The updates are available for various architectures, including x86_64 and aarch64.

Key Points: • Oracle Linux 7 and 8 received critical kernel updates addressing multiple vulnerabilities. • CVE-2026-46333 allows for potential privilege escalation through ptrace manipulation. • System administrators must apply patches urgently to prevent exploitation.

ThreatCluster AI

Timeline

2026-02-14
CVE-2026-23193 published
A use-after-free vulnerability in SCSI target iscsi affecting Oracle Linux systems was disclosed.
Linuxsecurity
2026-02-18
CVE-2026-23216 published
Another use-after-free vulnerability in SCSI target iscsi was published, impacting Oracle Linux.
Linuxsecurity
2026-04-03
CVE-2026-31402 published
Heap overflow vulnerability in NFSv4.0 LOCK replay cache was disclosed, affecting Oracle Linux.
Linuxsecurity
2026-05-06
CVE-2026-43077 published
A vulnerability in the crypto subsystem was published, requiring urgent attention from Oracle Linux users.
Linuxsecurity
2026-05-08
CVE-2026-43284 published
A vulnerability in the xfrm subsystem was disclosed, with public PoC available, increasing risk of exploitation.
Linuxsecurity
2026-05-15
CVE-2026-46333 published
The ptrace vulnerability was disclosed, with a PoC made public shortly after, raising concerns about privilege escalation.
Linuxsecurity
2026-05-15
CVE-2025-54518 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-05-22
Oracle releases kernel updates
Oracle released important kernel updates for both Oracle Linux 7 and 8 to address multiple vulnerabilities, including CVE-2026-46333.
Linuxsecurity

Community

Browse all →