Oracle Linux Bulletin - April 2025

 

Description

The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin. Oracle Linux Bulletins are published on the same day as Oracle Critical Patch Updates are released. These bulletins will also be updated for the following two months after their release (i.e., the two months between the normal quarterly Critical Patch Update publication dates) to cover all CVEs that had been resolved in those two months following the bulletin's publication. In addition, Oracle Linux Bulletins may also be updated for vulnerability issues deemed too critical to wait for the next scheduled bulletin publication date.

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Oracle Linux Bulletin security patches as soon as possible.

 

Patch Availability

Please see ULN Advisory https://linux.oracle.com/ol-pad-bulletin

 

Oracle Linux Bulletin Schedule

Oracle Linux Bulletins are released on the third Tuesday of January, April, July, and October. The next four dates are:

  • 15 July 2025
  • 21 October 2025
  • 20 January 2026
  • 21 April 2026

References

 

Modification History

Date Note
2025-May-21 Rev 2. New CVEs added
2025-April-15 Rev 1. Initial Release

Oracle Linux Executive Summary

This Oracle Linux Bulletin contains 92 new security patches for Oracle Linux.

Oracle Linux Risk Matrix

Revision: 2 Published on 2025-05-21

CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 3.1 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base
Score		 Attack
Vector		 Attack
Complex		 Privs
Req'd		 User
Interact		 Scope Confid-
entiality		 Inte-
grity		 Avail-
ability
CVE-2025-32911 Oracle Linux libsoup Yes 9.0 Network High None None Changed High High High 8
CVE-2025-4093 Oracle Linux firefox Yes 8.8 Network Low None Required Unchanged High High High 8,9
CVE-2025-3030 Oracle Linux thunderbird Yes 8.8 Network Low None Required Unchanged High High High 8,9
CVE-2025-4093 Oracle Linux thunderbird Yes 8.8 Network Low None Required Unchanged High High High 8,9
CVE-2024-44192 Oracle Linux webkit2gtk3 Yes 8.8 Network Low None Required Unchanged High High High 8
CVE-2025-24209 Oracle Linux webkit2gtk3 Yes 8.8 Network Low None Required Unchanged High High High 8
CVE-2025-24216 Oracle Linux webkit2gtk3 Yes 8.8 Network Low None Required Unchanged High High High 8
CVE-2025-30427 Oracle Linux webkit2gtk3 Yes 8.8 Network Low None Required Unchanged High High High 8
CVE-2025-2817 Oracle Linux firefox No 8.5 Network High Low None Changed High High High 8,9
CVE-2025-2817 Oracle Linux thunderbird No 8.5 Network High Low None Changed High High High 8,9
CVE-2025-4083 Oracle Linux firefox Yes 8.3 Network Low None Required Unchanged High High Low 8,9
CVE-2025-4083 Oracle Linux thunderbird Yes 8.3 Network Low None Required Unchanged High High Low 8,9
CVE-2025-21927 Oracle Linux kernel Yes 8.1 Network High None None Unchanged High High High 9
CVE-2020-13790 Oracle Linux libjpeg-turbo Yes 8.1 Network Low None Required Unchanged High None High 8
CVE-2025-26646 Oracle Linux .NET 8.0 No 8.0 Network Low Low Required Unchanged High High High 8
CVE-2025-26646 Oracle Linux .NET 9.0 No 8.0 Network Low Low Required Unchanged High High High 8
CVE-2024-53920 Oracle Linux emacs No 7.8 Local Low None Required Unchanged High High High 9
CVE-2024-46951 Oracle Linux ghostscript No 7.8 Local Low None Required Unchanged High High High 8
CVE-2024-46952 Oracle Linux ghostscript No 7.8 Local Low None Required Unchanged High High High 8
CVE-2024-46953 Oracle Linux ghostscript No 7.8 Local Low None Required Unchanged High High High 8
CVE-2024-46954 Oracle Linux ghostscript No 7.8 Local Low None Required Unchanged High High High 8
CVE-2024-46956 Oracle Linux ghostscript No 7.8 Local Low None Required Unchanged High High High 8
CVE-2024-55549 Oracle Linux libxslt No 7.8 Local High None None Changed None High High 9
CVE-2025-4087 Oracle Linux firefox Yes 7.6 Network Low None Required Unchanged Low Low High 8,9
CVE-2025-3028 Oracle Linux thunderbird Yes 7.6 Network Low None Required Unchanged Low Low High 8,9
CVE-2025-4087 Oracle Linux thunderbird Yes 7.6 Network Low None Required Unchanged Low Low High 8,9
CVE-2024-8176 Oracle Linux expat Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2025-4091 Oracle Linux firefox Yes 7.5 Network High None Required Unchanged High High High 8,9
CVE-2023-46751 Oracle Linux ghostscript Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2025-32906 Oracle Linux libsoup Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2025-32913 Oracle Linux libsoup Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2017-17095 Oracle Linux libtiff Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2025-31492 Oracle Linux mod_auth_openidc:2.3 Yes 7.5 Network Low None None Unchanged High None None 8
CVE-2025-30204 Oracle Linux osbuild-composer Yes 7.5 Network Low None None Unchanged None None High 9
CVE-2025-21605 Oracle Linux redis:6 Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2019-19012 Oracle Linux ruby:2.5 Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2025-4091 Oracle Linux thunderbird Yes 7.5 Network High None Required Unchanged High High High 8,9
CVE-2024-8176 Oracle Linux xmlrpc-c Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2025-21587 Oracle Linux java-1.8.0-openjdk Yes 7.4 Network High None None Unchanged High High None 8,9
CVE-2025-21587 Oracle Linux java-17-openjdk Yes 7.4 Network High None None Unchanged High High None 8,9
CVE-2025-21587 Oracle Linux java-21-openjdk Yes 7.4 Network High None None Unchanged High High None 8,9
CVE-2025-3522 Oracle Linux thunderbird Yes 7.4 Network Low None Required Changed High None None 8,9
CVE-2025-3155 Oracle Linux yelp and yelp-xsl Yes 7.4 Network Low None Required Changed High None None 8
CVE-2025-3277 Oracle Linux nodejs:22 Yes 7.3 Network Low None None Unchanged Low Low Low 8
CVE-2022-2255 Oracle Linux python39:3.9 Yes 7.3 Network Low None None Unchanged Low Low Low 8
CVE-2021-43809 Oracle Linux ruby:2.5 No 7.3 Local Low Low Required Unchanged High High High 8
CVE-2023-27349 Oracle Linux bluez No 7.1 Adjacent_Network High None Required Unchanged High High High 8
CVE-2020-27792 Oracle Linux ghostscript No 7.1 Local Low None Required Unchanged None High High 8
CVE-2022-49011 Oracle Linux kernel No 7.1 Local Low Low None Unchanged High None High 8
CVE-2024-53150 Oracle Linux kernel No 7.1 Local Low Low None Unchanged High None High 8,9
CVE-2024-25742 Oracle Linux Unbreakable Enterprise kernel No 7.1 Local Low Low None Unchanged High High None 9
CVE-2024-25743 Oracle Linux Unbreakable Enterprise kernel No 7.1 Local Low Low None Unchanged High High None 9
CVE-2024-53141 Oracle Linux kernel No 7.0 Local High Low None Unchanged High High High 8
CVE-2025-31498 Oracle Linux nodejs:20 Yes 7.0 Network High None None Unchanged Low Low High 8
CVE-2025-31498 Oracle Linux nodejs:22 Yes 7.0 Network High None None Unchanged Low Low High 8
CVE-2025-46421 Oracle Linux libsoup Yes 6.8 Network High None Required Unchanged High High None 8
CVE-2025-32052 Oracle Linux libsoup Yes 6.5 Network Low None None Unchanged Low None Low 8
CVE-2025-32053 Oracle Linux libsoup Yes 6.5 Network Low None None Unchanged Low None Low 8
CVE-2025-46420 Oracle Linux libsoup Yes 6.5 Network Low None Required Unchanged None None High 8
CVE-2025-25186 Oracle Linux ruby:3.3 Yes 6.5 Network Low None Required Unchanged None None High 9
CVE-2024-54467 Oracle Linux webkit2gtk3 Yes 6.5 Network Low None Required Unchanged High None None 8
CVE-2024-54551 Oracle Linux webkit2gtk3 Yes 6.5 Network Low None Required Unchanged None None High 8
CVE-2025-3523 Oracle Linux thunderbird Yes 6.4 Network High None Required Unchanged Low High Low 8,9
CVE-2024-42292 Oracle Linux kernel No 6.1 Local Low Low None Unchanged Low None High 9
CVE-2025-2830 Oracle Linux thunderbird Yes 6.1 Network High None Required Changed High None None 8,9
CVE-2025-24208 Oracle Linux webkit2gtk3 Yes 6.1 Network Low None Required Changed Low Low None 8
CVE-2023-52532 Oracle Linux Unbreakable Enterprise kernel No 6.0 Local Low High None Unchanged High None High 8
CVE-2025-32050 Oracle Linux libsoup Yes 5.9 Network High None None Unchanged None None High 8
CVE-2024-43398 Oracle Linux ruby:3.1 Yes 5.9 Network High None None Unchanged None None High 8,9
CVE-2024-8929 Oracle Linux php:8.1 No 5.8 Adjacent_Network High Low None Changed High None None 9
CVE-2024-53241 Oracle Linux kernel No 5.7 Adjacent_Network Low Low None Unchanged High None None 8
CVE-2025-30698 Oracle Linux java-1.8.0-openjdk Yes 5.6 Network High None None Unchanged Low Low Low 8,9
CVE-2025-30698 Oracle Linux java-17-openjdk Yes 5.6 Network High None None Unchanged Low Low Low 8,9
CVE-2025-30698 Oracle Linux java-21-openjdk Yes 5.6 Network High None None Unchanged Low Low Low 8,9
CVE-2024-25744 Oracle Linux Unbreakable Enterprise kernel No 5.6 Local High Low None Changed None None High 9
CVE-2024-28956 Oracle Linux Unbreakable Enterprise kernel No 5.6 Local High Low None Changed High None None 9
CVE-2025-0395 Oracle Linux glibc No 5.5 Local High Low Required Unchanged Low Low High 9
CVE-2024-42322 Oracle Linux kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2024-44990 Oracle Linux kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2024-3567 Oracle Linux qemu-kvm No 5.5 Local Low Low None Unchanged None None High 9
CVE-2024-36929 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 8
CVE-2024-56583 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2023-51589 Oracle Linux bluez No 5.4 Adjacent_Network High None Required Unchanged High None Low 8
CVE-2025-3029 Oracle Linux thunderbird Yes 5.4 Network Low None Required Unchanged Low Low None 8,9
CVE-2024-12243 Oracle Linux gnutls Yes 5.3 Network Low None None Unchanged None None Low 8
CVE-2024-12133 Oracle Linux libtasn1 Yes 5.3 Network Low None None Unchanged None None Low 8
CVE-2025-3891 Oracle Linux mod_auth_openidc:2.3 Yes 5.3 Network Low None None Unchanged None None Low 8
CVE-2025-1861 Oracle Linux php:8.1 Yes 5.3 Network Low None None Unchanged Low None None 9
CVE-2025-27219 Oracle Linux ruby Yes 5.3 Network Low None None Unchanged None None Low 9
CVE-2025-27220 Oracle Linux ruby Yes 5.3 Network Low None None Unchanged None None Low 9
CVE-2024-41123 Oracle Linux ruby:3.1 Yes 5.3 Network Low None None Unchanged None None Low 8,9
CVE-2025-27219 Oracle Linux ruby:3.1 Yes 5.3 Network Low None None Unchanged None None Low 8,9
CVE-2025-27220 Oracle Linux ruby:3.1 Yes 5.3 Network Low None None Unchanged None None Low 8,9
CVE-2025-27219 Oracle Linux ruby:3.3 Yes 5.3 Network Low None None Unchanged None None Low 9
CVE-2025-2487 Oracle Linux 389-ds-base No 4.9 Network Low High None Unchanged None None High 9
CVE-2023-6693 Oracle Linux qemu-kvm No 4.9 Local High None None Unchanged Low Low Low 9
CVE-2025-30691 Oracle Linux java-1.8.0-openjdk Yes 4.8 Network High None None Unchanged Low Low None 8,9
CVE-2025-30691 Oracle Linux java-17-openjdk Yes 4.8 Network High None None Unchanged Low Low None 8,9
CVE-2025-30691 Oracle Linux java-21-openjdk Yes 4.8 Network High None None Unchanged Low Low None 8,9
CVE-2024-11233 Oracle Linux php:8.1 Yes 4.8 Network High None None Unchanged Low None Low 9
CVE-2024-11234 Oracle Linux php:8.1 Yes 4.8 Network High None None Unchanged Low Low None 9
CVE-2024-46826 Oracle Linux kernel No 4.4 Local Low High None Unchanged None None High 9
CVE-2024-39908 Oracle Linux ruby:3.1 Yes 4.3 Network Low None Required Unchanged None None Low 8,9
CVE-2025-1217 Oracle Linux php:8.1 Yes 3.7 Network High None None Unchanged Low None None 9
CVE-2025-1219 Oracle Linux php:8.1 Yes 3.7 Network High None None Unchanged Low None None 9
CVE-2025-1734 Oracle Linux php:8.1 Yes 3.7 Network High None None Unchanged Low None None 9
CVE-2025-1736 Oracle Linux php:8.1 Yes 3.7 Network High None None Unchanged Low None None 9
CVE-2024-41946 Oracle Linux ruby:3.1 No 3.3 Local Low None Required Unchanged None None Low 8,9
CVE-2025-27221 Oracle Linux ruby:3.1 No 3.2 Local High None None Changed Low None None 8,9
CVE-2025-27221 Oracle Linux ruby:3.3 No 3.2 Local High None None Changed Low None None 9

Revision: 1 Published on 2025-04-15

CVE# Product Component Remote Exploit without Auth.? CVSS VERSION 3.1 RISK (see Risk Matrix Definitions) Supported Versions Affected
Base
Score		 Attack
Vector		 Attack
Complex		 Privs
Req'd		 User
Interact		 Scope Confid-
entiality		 Inte-
grity		 Avail-
ability
CVE-2025-3030 Oracle Linux firefox Yes 8.8 Network Low None Required Unchanged High High High 8,9
CVE-2024-44192 Oracle Linux webkit2gtk3 Yes 8.8 Network Low None Required Unchanged High High High 9
CVE-2025-24209 Oracle Linux webkit2gtk3 Yes 8.8 Network Low None Required Unchanged High High High 9
CVE-2025-24216 Oracle Linux webkit2gtk3 Yes 8.8 Network Low None Required Unchanged High High High 9
CVE-2025-30427 Oracle Linux webkit2gtk3 Yes 8.8 Network Low None Required Unchanged High High High 9
CVE-2025-24813 Oracle Linux tomcat Yes 8.6 Network Low None None Unchanged High Low Low 8,9
CVE-2025-27363 Oracle Linux freetype Yes 8.1 Network High None None Unchanged High High High 8,9
CVE-2025-1094 Oracle Linux postgresql:12 Yes 8.1 Network High None None Unchanged High High High 8
CVE-2024-50379 Oracle Linux tomcat Yes 8.1 Network High None None Unchanged High High High 8,9
CVE-2023-44441 Oracle Linux gimp No 7.8 Local Low None Required Unchanged High High High 9
CVE-2023-44442 Oracle Linux gimp No 7.8 Local Low None Required Unchanged High High High 9
CVE-2023-44443 Oracle Linux gimp No 7.8 Local Low None Required Unchanged High High High 9
CVE-2023-44444 Oracle Linux gimp No 7.8 Local Low None Required Unchanged High High High 9
CVE-2023-52922 Oracle Linux kernel No 7.8 Local Low Low None Unchanged High High High 8
CVE-2024-55549 Oracle Linux libxslt No 7.8 Local High None None Changed None High High 8
CVE-2025-24855 Oracle Linux libxslt No 7.8 Local High None None Changed None High High 8,9
CVE-2024-57892 Oracle Linux Unbreakable Enterprise kernel No 7.8 Local Low Low None Unchanged High High High 8
CVE-2025-3028 Oracle Linux firefox Yes 7.6 Network Low None Required Unchanged Low Low High 8,9
CVE-2025-0624 Oracle Linux grub2 No 7.6 Adjacent_Network High High None Changed High High High 8
CVE-2025-1080 Oracle Linux libreoffice No 7.6 Local High None Required Changed Low High High 8,9
CVE-2025-22869 Oracle Linux container-tools:ol8 Yes 7.5 Network Low None None Unchanged None None High 8
CVE-2024-34156 Oracle Linux delve and golang Yes 7.5 Network Low None None Unchanged None None High 9
CVE-2024-8176 Oracle Linux expat Yes 7.5 Network Low None None Unchanged None None High 9
CVE-2025-30204 Oracle Linux grafana Yes 7.5 Network Low None None Unchanged None None High 9
CVE-2025-22869 Oracle Linux gvisor-tap-vsock Yes 7.5 Network Low None None Unchanged None None High 9
CVE-2025-22869 Oracle Linux podman Yes 7.5 Network Low None None Unchanged None None High 9
CVE-2025-27516 Oracle Linux python-jinja2 No 7.3 Local Low Low Required Unchanged High High High 8,9
CVE-2025-27516 Oracle Linux fence-agents No 7.3 Local Low Low Required Unchanged High High High 9
CVE-2025-21785 Oracle Linux kernel No 7.0 Local High Low None Unchanged High High High 8,9
CVE-2024-50155 Oracle Linux Unbreakable Enterprise kernel No 6.7 Local Low High None Unchanged High High High 9
CVE-2024-50215 Oracle Linux Unbreakable Enterprise kernel No 6.7 Local Low High None Unchanged High High High 9
CVE-2024-54467 Oracle Linux webkit2gtk3 Yes 6.5 Network Low None Required Unchanged High None None 9
CVE-2024-54551 Oracle Linux webkit2gtk3 Yes 6.5 Network Low None Required Unchanged None None High 9
CVE-2025-24208 Oracle Linux webkit2gtk3 Yes 6.1 Network Low None Required Changed Low Low None 9
CVE-2024-45336 Oracle Linux go-toolset:ol8 Yes 5.9 Network High None None Unchanged High None None 8
CVE-2024-35972 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2024-39494 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 8,8
CVE-2024-41079 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged High None None 9
CVE-2024-44984 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2024-46842 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2024-53209 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2024-53213 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2024-56656 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2024-56660 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2024-56760 Oracle Linux Unbreakable Enterprise kernel No 5.5 Local Low Low None Unchanged None None High 9
CVE-2025-3029 Oracle Linux firefox Yes 5.4 Network Low None Required Unchanged Low Low None 8,9
CVE-2024-7592 Oracle Linux python3.11 No 4.8 Network High Low Required Unchanged None None High 9
CVE-2024-7592 Oracle Linux python3.12 No 4.8 Network High Low Required Unchanged None None High 9
CVE-2024-7347 Oracle Linux nginx:1.22 No 4.7 Local High Low None Unchanged None None High 9
CVE-2024-7347 Oracle Linux nginx:1.24 No 4.7 Local High Low None Unchanged None None High 9
CVE-2024-43855 Oracle Linux kernel No 4.4 Local Low High None Unchanged None None High 9
CVE-2024-40919 Oracle Linux Unbreakable Enterprise kernel No 4.4 Local Low High None Unchanged None None High 9
CVE-2024-45341 Oracle Linux go-toolset:ol8 No 4.2 Network High Low None Unchanged Low Low None 8