Oracle Linux 9 : kernel (ELSA-2026-30848)

high Nessus Plugin ID 325729

Synopsis

The remote Oracle Linux host is missing one or more security updates.

Description

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-30848 advisory.

- RDMA/mlx5: Fix error path fall-through in mlx5_ib_dev_res_srq_init() (CKI Backport Bot) [RHEL-179994] {CVE-2026-46176}
- RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path (CKI Backport Bot) [RHEL-179955] {CVE-2026-46189}
- selinux: RHEL-only hotfix for execmem regression (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- selinux: fix overlayfs mmap() and mprotect() access checks (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- lsm: add backing_file LSM hooks (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- fs: prepare for adding LSM blob to backing_file (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- ovl: remove unneeded non-const conversion (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- fs: constify file ptr in backing_file accessor helpers (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- ovl: Fix nested backing file paths (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- lsm: add helper for blob allocations (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- fs: factor out backing_file_mmap() helper (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- fs: factor out backing_file_splice_{read,write}() helpers (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- fs: factor out backing_file_{read,write}_iter() helpers (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- fs: prepare for stackable filesystems backing file helpers (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- fs: store real path instead of fake path in backing file f_path (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- fs: create helper file_user_path() for user displayed mapped file path (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- fs: get mnt_writers count for an open backing file's real path (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- fs: rename __mnt_{want,drop}_write*() helpers (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- fs: Fix kernel-doc warnings (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- cachefiles: use kiocb_{start,end}_write() helpers (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- lsm: constify the 'file' parameter in security_binder_transfer_file() (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- ovl: enable fsnotify events on underlying real files (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- fs: use backing_file container for internal files with 'fake' f_path (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- fs: move kmem_cache_zalloc() into alloc_empty_file*() helpers (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- fs: use a helper for opening kernel internal files (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- locks: fix TOCTOU race when granting write lease (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- binder: use cred instead of task for selinux checks (Ondrej Mosnacek) [RHEL-179444] {CVE-2026-46054}
- RDMA/iwcm: Fix workqueue list corruption by removing work_list (CKI Backport Bot) [RHEL-179664] {CVE-2026-45898}
- ALSA: aloop: Fix peer runtime UAF during format-change stop (CKI Backport Bot) [RHEL-179310] {CVE-2026-46090}
- ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() (Guillaume Nault) [RHEL-172670] {CVE-2026-43038}
- drm/amd/display: Do not skip unrelated mode changes in DSC validation (CKI Backport Bot) [RHEL-178836] {CVE-2026-31488}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://linux.oracle.com/errata/ELSA-2026-30848.html

Plugin Details

Severity: High

ID: 325729

File Name: oraclelinux_ELSA-2026-30848.nasl

Version: 1.1

Type: Local

Agent: unix

Published: 7/9/2026

Updated: 7/9/2026

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.9

Percentile: 58.03

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2026-46189

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:kernel, p-cpe:/a:oracle:linux:kernel-debug, p-cpe:/a:oracle:linux:kernel-debug-devel, p-cpe:/a:oracle:linux:kernel-devel, p-cpe:/a:oracle:linux:kernel-headers, p-cpe:/a:oracle:linux:kernel-tools, p-cpe:/a:oracle:linux:kernel-tools-libs, p-cpe:/a:oracle:linux:kernel-tools-libs-devel, p-cpe:/a:oracle:linux:perf, p-cpe:/a:oracle:linux:kernel-core, p-cpe:/a:oracle:linux:kernel-cross-headers, p-cpe:/a:oracle:linux:kernel-debug-core, p-cpe:/a:oracle:linux:kernel-debug-modules, p-cpe:/a:oracle:linux:kernel-debug-modules-extra, p-cpe:/a:oracle:linux:kernel-modules, p-cpe:/a:oracle:linux:kernel-modules-extra, p-cpe:/a:oracle:linux:python3-perf, p-cpe:/a:oracle:linux:kernel-abi-stablelists, cpe:/o:oracle:linux:9, p-cpe:/a:oracle:linux:kernel-debug-devel-matched, p-cpe:/a:oracle:linux:kernel-devel-matched, p-cpe:/a:oracle:linux:kernel-debug-modules-core, p-cpe:/a:oracle:linux:kernel-debug-uki-virt, p-cpe:/a:oracle:linux:kernel-modules-core, p-cpe:/a:oracle:linux:kernel-uki-virt, p-cpe:/a:oracle:linux:rtla, p-cpe:/a:oracle:linux:libperf, p-cpe:/a:oracle:linux:rv, p-cpe:/a:oracle:linux:kernel-uki-virt-addons, cpe:/o:oracle:linux:9:8:baseos_patch

Required KB Items: Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list, Host/local_checks_enabled

Exploit Ease: No known exploits are available

Patch Publication Date: 7/7/2026

Vulnerability Publication Date: 4/7/2026

Reference Information

CVE: CVE-2026-31488, CVE-2026-43038, CVE-2026-43329, CVE-2026-45898, CVE-2026-46054, CVE-2026-46090, CVE-2026-46176, CVE-2026-46189