Oracle Linux has been updated with multiple security enhancements, which include a bug fix for NetworkManager, an update for Thunderbird, a security update for the Unbreakable Enterprise kernel, and a bug fix update for linux-firmware.

ELSA-2025-0288 Moderate: Oracle Linux 8 Bug fix of NetworkManager
ELSA-2025-0281 Important: Oracle Linux 8 thunderbird security update
ELSA-2025-20019 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2025-0059 Important: Oracle Linux 9 kernel security update
ELSA-2025-20018 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
ELBA-2025-20017 Oracle Linux 9 linux-firmware bug fix update

ELSA-2025-0288 Moderate: Oracle Linux 8 Bug fix of NetworkManager

Oracle Linux Security Advisory ELSA-2025-0288

http://linux.oracle.com/errata/ELSA-2025-0288.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
NetworkManager-1.40.16-18.0.1.el8_10.x86_64.rpm
NetworkManager-adsl-1.40.16-18.0.1.el8_10.x86_64.rpm
NetworkManager-bluetooth-1.40.16-18.0.1.el8_10.x86_64.rpm
NetworkManager-cloud-setup-1.40.16-18.0.1.el8_10.x86_64.rpm
NetworkManager-config-connectivity-oracle-1.40.16-18.0.1.el8_10.noarch.rpm
NetworkManager-config-server-1.40.16-18.0.1.el8_10.noarch.rpm
NetworkManager-dispatcher-routing-rules-1.40.16-18.0.1.el8_10.noarch.rpm
NetworkManager-initscripts-updown-1.40.16-18.0.1.el8_10.noarch.rpm
NetworkManager-libnm-1.40.16-18.0.1.el8_10.i686.rpm
NetworkManager-libnm-1.40.16-18.0.1.el8_10.x86_64.rpm
NetworkManager-ovs-1.40.16-18.0.1.el8_10.x86_64.rpm
NetworkManager-ppp-1.40.16-18.0.1.el8_10.x86_64.rpm
NetworkManager-team-1.40.16-18.0.1.el8_10.x86_64.rpm
NetworkManager-tui-1.40.16-18.0.1.el8_10.x86_64.rpm
NetworkManager-wifi-1.40.16-18.0.1.el8_10.x86_64.rpm
NetworkManager-wwan-1.40.16-18.0.1.el8_10.x86_64.rpm
NetworkManager-libnm-devel-1.40.16-18.0.1.el8_10.i686.rpm
NetworkManager-libnm-devel-1.40.16-18.0.1.el8_10.x86_64.rpm

aarch64:
NetworkManager-1.40.16-18.0.1.el8_10.aarch64.rpm
NetworkManager-adsl-1.40.16-18.0.1.el8_10.aarch64.rpm
NetworkManager-bluetooth-1.40.16-18.0.1.el8_10.aarch64.rpm
NetworkManager-cloud-setup-1.40.16-18.0.1.el8_10.aarch64.rpm
NetworkManager-config-connectivity-oracle-1.40.16-18.0.1.el8_10.noarch.rpm
NetworkManager-config-server-1.40.16-18.0.1.el8_10.noarch.rpm
NetworkManager-dispatcher-routing-rules-1.40.16-18.0.1.el8_10.noarch.rpm
NetworkManager-initscripts-updown-1.40.16-18.0.1.el8_10.noarch.rpm
NetworkManager-libnm-1.40.16-18.0.1.el8_10.aarch64.rpm
NetworkManager-ovs-1.40.16-18.0.1.el8_10.aarch64.rpm
NetworkManager-ppp-1.40.16-18.0.1.el8_10.aarch64.rpm
NetworkManager-team-1.40.16-18.0.1.el8_10.aarch64.rpm
NetworkManager-tui-1.40.16-18.0.1.el8_10.aarch64.rpm
NetworkManager-wifi-1.40.16-18.0.1.el8_10.aarch64.rpm
NetworkManager-wwan-1.40.16-18.0.1.el8_10.aarch64.rpm
NetworkManager-libnm-devel-1.40.16-18.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//NetworkManager-1.40.16-18.0.1.el8_10.src.rpm

Related CVEs:

CVE-2024-3661

Description of changes:

[1:1.40.16-18.0.1]
- disable MPTCP handling by default [Orabug: 35081472]
- Fix ignore-carrier logic [Orabug: 34956744]
- Disable regeneration of the documentation [Orabug: 34712048]
- add connectivity check via Oracle servers [Orabug: 32051972]
- Disable the build of NetworkManager-config-connectivity-* subpackage for 8.3
- Revert "infiniband: avoid normalizing the p-key when reading from ifcfg"

[1:1.40.16-18]
- vpn: fix routing rules support in vpn conenctions (RHEL-73052)
- vpn: Place gateway route to table defined in ipvx.route-table (RHEL-73051)

[1:1.40.16-17]
- Rebuild to use the right tag

[1:1.40.16-16]
- Use /etc/hosts for hostname resolution (RHEL-53200)

ELSA-2025-0281 Important: Oracle Linux 8 thunderbird security update

Oracle Linux Security Advisory ELSA-2025-0281

http://linux.oracle.com/errata/ELSA-2025-0281.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-128.6.0-3.0.1.el8_10.x86_64.rpm

aarch64:
thunderbird-128.6.0-3.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//thunderbird-128.6.0-3.0.1.el8_10.src.rpm

Related CVEs:

CVE-2025-0242
CVE-2025-0243

Description of changes:

[128.6.0-3.0.1]
- Fix prefs for new nss [Orabug: 37079820]
- Add Oracle prefs file

[128.6.0]
- Add OpenELA debranding

[128.6.0-3]
- Update to 128.6.0 build3

[128.6.0-1]
- Update to 128.6.0 build1

ELSA-2025-20019 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2025-20019

http://linux.oracle.com/errata/ELSA-2025-20019.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

aarch64:
kernel-uek-5.4.17-2136.339.5.el8uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.339.5.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.339.5.el8uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.339.5.el8uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.339.5.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.339.5.el8uek.src.rpm

Related CVEs:

CVE-2022-29901
CVE-2024-56644

Description of changes:

[5.4.17-2136.339.5.el8uek]
- tracing/kprobes: Skip symbol counting logic for module symbols in create_local_trace_kprobe() (Nikolay Kuratov)
- vhost_scsi: log write descriptors (Dongli Zhang) [Orabug: 37393533]
- vhost-scsi: protect vq->log_base with vq->mutex (Dongli Zhang) [Orabug: 37393533]

[5.4.17-2136.339.4.el8uek]
- RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (Kashyap Desai)
- Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" (Aurelien Jarno)
- mm: revert "mm: shmem: fix data-race in shmem_getattr()" (Andrew Morton)
- net/ipv6: release expired exception dst cached in socket (Jiri Wiesner)
- Revert "unicode: Don't special case ignorable code points" (Linus Torvalds)
- powerpc/vdso: Flag VDSO64 entry points as functions (Christophe Leroy)
- Revert "usb: gadget: composite: fix OS descriptors w_value logic" (Michal Vrastil)

[5.4.17-2136.339.3.el8uek]
- Revert "ocfs2: fix the la space leak when unmounting an ocfs2 volume" (Sherry Yang) [Orabug: 37364531]
- rds: recv_payload_bad_checksum was not 0 after running rds-stress on UEK6 (William Kucharski) [Orabug: 37265127]
- rds: If RDS Checksums are enabled for RDMA RDS operations, the extension headers will overflow causing incorrect operation (William Kucharski) [Orabug: 37265125]
- rds: rds_message_alloc() needlessly zeroes m_used_sgs (William Kucharski) [Orabug: 37265123]
- rds: tracepoint in rds_receive_csum_err() prints pointless information (William Kucharski) [Orabug: 37265121]
- rds: rds_inc_init() should initialize the inc->i_conn_path field (William Kucharski) [Orabug: 37265117]
- rds: Race condition in adding RDS payload checksum extension header may result in RDS header corruption (William Kucharski) [Orabug: 37265115]
- md/raid10: fix task hung in raid10d (Li Nan) [Orabug: 37126683]
- md/raid10: factor out code from wait_barrier() to stop_waiting_barrier() (Yu Kuai) [Orabug: 37126683]
- md/raid10: avoid deadlock on recovery. (Vitaly Mayatskikh) [Orabug: 37126683]

[5.4.17-2136.339.2.el8uek]
- arm64/cpu_errata: Spectre-BHB mitigation for AMPERE1 expects a loop of 11 iterations. (Miguel Luis) [Orabug: 37027863]

[5.4.17-2136.339.1.el8uek]
- net/rds: report pending-messages count in RDS_INQ response (Devesh Sharma) [Orabug: 35596047] [Orabug: 35316633]
- net/rds: Introduce RDS-INQ feature to RDS protocol (Devesh Sharma) [Orabug: 35316632] [Orabug: 37109336]
- net/rds: Supporting SIOCOUTQ to read pending sends (Devesh Sharma) [Orabug: 34460809] [Orabug: 37072814]
- mm/memory-failure: pass the folio and the page to collect_procs() (Matthew Wilcox (Oracle)) [Orabug: 37270264]
- KVM: x86: Stop compiling vmenter.S with OBJECT_FILES_NON_STANDARD (Sean Christopherson) [Orabug: 37273706]
- KVM: SVM: Create a stack frame in __svm_vcpu_run() for unwinding (Sean Christopherson) [Orabug: 37273706]
- objtool: Default ignore INT3 for unreachable (Peter Zijlstra) [Orabug: 37273706] {CVE-2022-29901}
- x86/spec_ctrl: AMD AutoIBRS cannot be dynamically enabled or disabled (Alexandre Chartre) [Orabug: 37310552]
- x86/msr: Add functions to set/clear the bit of an MSR on all cpus (Alexandre Chartre) [Orabug: 37310552]

ELSA-2025-0059 Important: Oracle Linux 9 kernel security update

Oracle Linux Security Advisory ELSA-2025-0059

http://linux.oracle.com/errata/ELSA-2025-0059.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-7.4.0-503.21.1.el9_5.x86_64.rpm
kernel-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-abi-stablelists-5.14.0-503.21.1.el9_5.noarch.rpm
kernel-core-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-debug-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-debug-core-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-debug-devel-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-debug-devel-matched-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-debug-modules-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-debug-modules-core-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-debug-modules-extra-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-debug-uki-virt-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-devel-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-devel-matched-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-doc-5.14.0-503.21.1.el9_5.noarch.rpm
kernel-headers-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-modules-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-modules-core-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-modules-extra-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-tools-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-tools-libs-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-uki-virt-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-uki-virt-addons-5.14.0-503.21.1.el9_5.x86_64.rpm
perf-5.14.0-503.21.1.el9_5.x86_64.rpm
python3-perf-5.14.0-503.21.1.el9_5.x86_64.rpm
rtla-5.14.0-503.21.1.el9_5.x86_64.rpm
rv-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-cross-headers-5.14.0-503.21.1.el9_5.x86_64.rpm
kernel-tools-libs-devel-5.14.0-503.21.1.el9_5.x86_64.rpm
libperf-5.14.0-503.21.1.el9_5.x86_64.rpm

aarch64:
bpftool-7.4.0-503.21.1.el9_5.aarch64.rpm
kernel-cross-headers-5.14.0-503.21.1.el9_5.aarch64.rpm
kernel-headers-5.14.0-503.21.1.el9_5.aarch64.rpm
kernel-tools-5.14.0-503.21.1.el9_5.aarch64.rpm
kernel-tools-libs-5.14.0-503.21.1.el9_5.aarch64.rpm
kernel-tools-libs-devel-5.14.0-503.21.1.el9_5.aarch64.rpm
perf-5.14.0-503.21.1.el9_5.aarch64.rpm
python3-perf-5.14.0-503.21.1.el9_5.aarch64.rpm
rtla-5.14.0-503.21.1.el9_5.aarch64.rpm
rv-5.14.0-503.21.1.el9_5.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-503.21.1.el9_5.src.rpm

Related CVEs:

CVE-2024-46713
CVE-2024-50208
CVE-2024-50252
CVE-2024-53122

Description of changes:

[5.14.0-503.21.1.el9_5.OL9]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 DEFER}_DELETE (Andreas Gruenbacher) [RHEL-62105 RHEL-60945]
- gfs2: Faster gfs2_upgrade_iopen_glock wakeups (Andreas Gruenbacher) [RHEL-62105 RHEL-60945]
- gfs2: Fix unlinked inode cleanup (Andreas Gruenbacher) [RHEL-62105 RHEL-60945]
- gfs2: Allow immediate GLF_VERIFY_DELETE work (Andreas Gruenbacher) [RHEL-62105 RHEL-60945]
- gfs2: Initialize gl_no_formal_ino earlier (Andreas Gruenbacher) [RHEL-62105 RHEL-60945]
- gfs2: Rename GLF_VERIFY_EVICT to GLF_VERIFY_DELETE (Andreas Gruenbacher) [RHEL-62105 RHEL-60945]
- gfs2: make timeout values more explicit (Wolfram Sang) [RHEL-62105 RHEL-60945]
- gfs2: Simplify function gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-62105 RHEL-60945]
- gfs2: Rename SDF_DEACTIVATING to SDF_KILL (Andreas Gruenbacher) [RHEL-62105 RHEL-60945]
- smb: client: fix use-after-free of signing key (Jay Shin) [RHEL-69306 RHEL-66206]
- net/iucv: fix use after free in iucv_sock_close() (Mete Durlu) [RHEL-60300 RHEL-53992]
- KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (CKI Backport Bot) [RHEL-70294]

[5.14.0-503.20.1.el9_5]
- bnxt_en: Add support for user configured RSS key (Michal Schmidt) [RHEL-68699 RHEL-54645]
- bnxt_en: Add function to calculate Toeplitz hash (Michal Schmidt) [RHEL-68699 RHEL-54645]
- kvm: Note an RCU quiescent state on guest exit (Leonardo Bras) [RHEL-65734 RHEL-20288]
- rcu: Add rcutree.nohz_full_patience_delay to reduce nohz_full OS jitter (Leonardo Bras) [RHEL-65734 RHEL-20288]
- context_tracking: Fix KCSAN noinstr violation (Leonardo Bras) [RHEL-65734 RHEL-20288]
- perf/aux: Fix AUX buffer serialization (Michael Petlan) [RHEL-67495] {CVE-2024-46713}
- RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (Mohammad Heib) [RHEL-66669 RHEL-52759] {CVE-2024-50208}

ELSA-2025-20018 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2025-20018

http://linux.oracle.com/errata/ELSA-2025-20018.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

aarch64:
bpftool-5.15.0-304.171.4.el9uek.aarch64.rpm
kernel-uek-5.15.0-304.171.4.el9uek.aarch64.rpm
kernel-uek-container-5.15.0-304.171.4.el9uek.aarch64.rpm
kernel-uek-container-debug-5.15.0-304.171.4.el9uek.aarch64.rpm
kernel-uek-core-5.15.0-304.171.4.el9uek.aarch64.rpm
kernel-uek-debug-5.15.0-304.171.4.el9uek.aarch64.rpm
kernel-uek-debug-core-5.15.0-304.171.4.el9uek.aarch64.rpm
kernel-uek-debug-devel-5.15.0-304.171.4.el9uek.aarch64.rpm
kernel-uek-debug-modules-5.15.0-304.171.4.el9uek.aarch64.rpm
kernel-uek-debug-modules-extra-5.15.0-304.171.4.el9uek.aarch64.rpm
kernel-uek-devel-5.15.0-304.171.4.el9uek.aarch64.rpm
kernel-uek-doc-5.15.0-304.171.4.el9uek.noarch.rpm
kernel-uek-modules-5.15.0-304.171.4.el9uek.aarch64.rpm
kernel-uek-modules-extra-5.15.0-304.171.4.el9uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-5.15.0-304.171.4.el9uek.src.rpm

Related CVEs:

CVE-2024-46770
CVE-2024-53060
CVE-2024-53070
CVE-2024-53097
CVE-2024-53206
CVE-2024-53226

Description of changes:

[5.15.0-304.171.4.el9uek]
- Revert "unicode: Don't special case ignorable code points" (Linus Torvalds)
- Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" (Aurelien Jarno)
- tcp: Fix use-after-free of nreq in reqsk_timer_handler(). (Kuniyuki Iwashima)
- lib/buildid: Fix build ID parsing logic (Jiri Olsa)
- powerpc/vdso: Flag VDSO64 entry points as functions (Christophe Leroy)
- mm: krealloc: Fix MTE false alarm in __do_krealloc (Qun-Wei Lin)
- Revert "ALSA: hda/conexant: Mute speakers at suspend / shutdown" (Jarosław Janik)
- usb: dwc3: fix fault at system suspend if device was already runtime suspended (Roger Quadros)
- ACPI: PRM: Clean up guid type in struct prm_handler_info (Dan Carpenter)
- RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (Junxian Huang)
- mm: revert "mm: shmem: fix data-race in shmem_getattr()" (Andrew Morton)
- ACPI: CPPC: Fix _CPC register setting issue (Lifeng Zheng)
- scsi: qla2xxx: Fix abort in bsg timeout (Quinn Tran)
- drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported (Antonio Quartulli)
- RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (Kashyap Desai)
- vhost_scsi: log write descriptors (Dongli Zhang) [Orabug: 37393531]
- vhost-scsi: protect vq->log_base with vq->mutex (Dongli Zhang) [Orabug: 37393531]

[5.15.0-304.171.3.el9uek]
- build: populate modules_thick.builtin for dirs containing only modules (Nick Alcock) [Orabug: 37381702]
- mtd: fix use-after-free in mtd release (Alexander Usyskin) [Orabug: 37371929]
- mtd: Clean refcounting with MTD_PARTITIONED_MASTER (Miquel Raynal) [Orabug: 37371929]
- mtd: call external _get and _put in right order (Alexander Usyskin) [Orabug: 37371929]
- nvmem: core: Check input parameter for NULL in nvmem_unregister() (Andy Shevchenko) [Orabug: 37371929]
- Revert "ocfs2: fix the la space leak when unmounting an ocfs2 volume" (Sherry Yang) [Orabug: 37364544]
- x86/pkeys: Ensure updated PKRU value is XRSTOR'd (Aruna Ramakrishna) [Orabug: 37361290]
- x86/pkeys: Change caller of update_pkru_in_sigframe() (Aruna Ramakrishna) [Orabug: 37361290]
- cgroup: cgroup-v1: do not exclude cgrp_dfl_root (Vishal Verma) [Orabug: 37347419]
- mm/memcontrol: Fix memcg stat calculation (Aruna Ramakrishna) [Orabug: 37306542]

[5.15.0-304.171.2.el9uek]
- uek-rpm: Add mstflint_access module to the core list (Thomas Tai) [Orabug: 37345530]
- uek-rpm/ol8/config-aarch64-emb3: Enable CONFIG_ARM_SDE_INTERFACE (Thomas Tai) [Orabug: 37345530]
- sunrpc: fix a NULL deref in svc_process() when ->sv_stats doesn't exist (Calum Mackay) [Orabug: 37329531]
- Partial revert "rds: Add inc/frag cache statistics" (Hans Westgaard Ry) [Orabug: 37232315]

[5.15.0-304.171.1.el9uek]
- kpcimgr: assign CPU to handle PCIE transactions during kexec (Joe Dobosenski) [Orabug: 37295980]
- kexec: update start address for LPI table data (Joe Dobosenski) [Orabug: 37295980]
- kpcimgr: fix flush_icache_range arguments (Joe Dobosenski) [Orabug: 37295980]
- embedded2: Enable CONFIG_SQUASHFS_ZSTD to support zstd compression (Joe Dobosenski) [Orabug: 37295980]
- embedded2: Support booting an encrypted root filesystem (Joe Dobosenski) [Orabug: 37295980]
- Update embedded2 config for UEK7 (Joe Dobosenski) [Orabug: 37295980]
- Pensando: kernel config changes for kdump (Rob Gardner) [Orabug: 34091165] [Orabug: 37295980]
- arm64: Reserve elfcorehdr before scanning reserved memory from device tree (Joe Dobosenski) [Orabug: 37295980]
- arm64: kexec: add support for kexec with spin-table (Henry Willard) [Orabug: 32549965] [Orabug: 37295980]
- drivers/soc/pensando/cap_mem.c: Support DM region mapping. (David Clear) [Orabug: 37295980]
- drivers/edac: elba: Support multiple DDR bypass ranges. (David Clear) [Orabug: 37295980]
- mmc: sdhci-cadence: Enable host driver defined bounce buffer (Brad Larson) [Orabug: 37295980]
- Fix NULL pointer dereference in cn_filter() (Anjali Kulkarni) [Orabug: 37280567]
- selftests: connector: Fix input argument error paths to skip (Shuah Khan) [Orabug: 37280567]
- connector/cn_proc: Selftest for proc connector (Anjali Kulkarni) [Orabug: 37280567]
- connector/cn_proc: Allow non-root users access (Anjali Kulkarni) [Orabug: 37280567]
- connector/cn_proc: Performance improvements (Anjali Kulkarni) [Orabug: 37280567]
- connector/cn_proc: Add filtering to fix some bugs (Anjali Kulkarni) [Orabug: 37280567]
- netlink: Add new netlink_release function (Anjali Kulkarni) [Orabug: 37280567]
- ice: Add netif_device_attach/detach into PF reset flow (Dawid Osuchowski) [Orabug: 37214589] {CVE-2024-46770}

ELBA-2025-20017 Oracle Linux 9 linux-firmware bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20017

http://linux.oracle.com/errata/ELBA-2025-20017.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
iwl1000-firmware-39.31.5.1-999.36.el9.noarch.rpm
iwl100-firmware-39.31.5.1-999.36.el9.noarch.rpm
iwl105-firmware-18.168.6.1-999.36.el9.noarch.rpm
iwl135-firmware-18.168.6.1-999.36.el9.noarch.rpm
iwl2000-firmware-18.168.6.1-999.36.el9.noarch.rpm
iwl2030-firmware-18.168.6.1-999.36.el9.noarch.rpm
iwl3160-firmware-25.30.13.0-999.36.el9.noarch.rpm
iwl3945-firmware-15.32.2.9-999.36.el9.noarch.rpm
iwl4965-firmware-228.61.2.24-999.36.el9.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.36.el9.noarch.rpm
iwl5150-firmware-8.24.2.2-999.36.el9.noarch.rpm
iwl6000-firmware-9.221.4.1-999.36.el9.noarch.rpm
iwl6000g2a-firmware-18.168.6.1-999.36.el9.noarch.rpm
iwl6000g2b-firmware-18.168.6.1-999.36.el9.noarch.rpm
iwl6050-firmware-41.28.5.1-999.36.el9.noarch.rpm
iwl7260-firmware-25.30.13.0-999.36.el9.noarch.rpm
iwlax2xx-firmware-20241213-999.36.el9.noarch.rpm
libertas-sd8686-firmware-20241213-999.36.git2cdfe09e.el9.noarch.rpm
libertas-sd8787-firmware-20241213-999.36.git2cdfe09e.el9.noarch.rpm
libertas-usb8388-firmware-20241213-999.36.git2cdfe09e.el9.noarch.rpm
libertas-usb8388-olpc-firmware-20241213-999.36.git2cdfe09e.el9.noarch.rpm
linux-firmware-20241213-999.36.git2cdfe09e.el9.noarch.rpm
linux-firmware-core-20241213-999.36.git2cdfe09e.el9.noarch.rpm
linux-firmware-whence-20241213-999.36.git2cdfe09e.el9.noarch.rpm
liquidio-firmware-20241213-999.36.git2cdfe09e.el9.noarch.rpm
netronome-firmware-20241213-999.36.git2cdfe09e.el9.noarch.rpm

aarch64:
iwl1000-firmware-39.31.5.1-999.36.el9.noarch.rpm
iwl100-firmware-39.31.5.1-999.36.el9.noarch.rpm
iwl105-firmware-18.168.6.1-999.36.el9.noarch.rpm
iwl135-firmware-18.168.6.1-999.36.el9.noarch.rpm
iwl2000-firmware-18.168.6.1-999.36.el9.noarch.rpm
iwl2030-firmware-18.168.6.1-999.36.el9.noarch.rpm
iwl3160-firmware-25.30.13.0-999.36.el9.noarch.rpm
iwl3945-firmware-15.32.2.9-999.36.el9.noarch.rpm
iwl4965-firmware-228.61.2.24-999.36.el9.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.36.el9.noarch.rpm
iwl5150-firmware-8.24.2.2-999.36.el9.noarch.rpm
iwl6000-firmware-9.221.4.1-999.36.el9.noarch.rpm
iwl6000g2a-firmware-18.168.6.1-999.36.el9.noarch.rpm
iwl6000g2b-firmware-18.168.6.1-999.36.el9.noarch.rpm
iwl6050-firmware-41.28.5.1-999.36.el9.noarch.rpm
iwl7260-firmware-25.30.13.0-999.36.el9.noarch.rpm
iwlax2xx-firmware-20241213-999.36.el9.noarch.rpm
libertas-sd8686-firmware-20241213-999.36.git2cdfe09e.el9.noarch.rpm
libertas-sd8787-firmware-20241213-999.36.git2cdfe09e.el9.noarch.rpm
libertas-usb8388-firmware-20241213-999.36.git2cdfe09e.el9.noarch.rpm
libertas-usb8388-olpc-firmware-20241213-999.36.git2cdfe09e.el9.noarch.rpm
linux-firmware-20241213-999.36.git2cdfe09e.el9.noarch.rpm
linux-firmware-core-20241213-999.36.git2cdfe09e.el9.noarch.rpm
linux-firmware-whence-20241213-999.36.git2cdfe09e.el9.noarch.rpm
liquidio-firmware-20241213-999.36.git2cdfe09e.el9.noarch.rpm
netronome-firmware-20241213-999.36.git2cdfe09e.el9.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//linux-firmware-20241213-999.36.git2cdfe09e.el9.src.rpm

Description of changes:

[20241213-999.36.git2cdfe09e.el9]
- Rebase to latest upstream [Orabug: 37405529]