==========================================================================
Ubuntu Security Notice USN-8073-1
March 04, 2026
qemu vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in QEMU.
Software Description:
- qemu: Machine emulator and virtualizer
Details:
It was discovered that the UHCI controller implementation of QEMU could be
brought into an invalid state. An attacker inside the guest could possibly
use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2024-8354)
It was discovered that QEMU incorrectly handled memory during certain VNC
operations. An remote attacker could possibly use this issue to cause QEMU
to crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2025-11234)
It was discovered that the e1000 network device implementation of QEMU
could be made to write out of bounds. An attacker inside the guest could
possibly use this issue to cause QEMU to crash, resulting in a denial of
service, or possibly execute arbitrary code. This issue only affected
Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2025-12464)
It was discovered that the virtio-crypto device implementation of QEMU did
not limit the length of a certain path input. An attacker inside the guest
could possibly use this issue to cause QEMU to consume large amount of
memory, resulting in a denial of service. This issue only affected Ubuntu
24.04 LTS and Ubuntu 25.10. (CVE-2025-14876)
It was discovered that the KVM Xen guest support of QEMU could be made to
read out of bounds. An attacker inside the guest could possibly use this
issue to cause QEMU to crash, resulting in a denial of service. This issue
only affected Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2026-0665)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
qemu-system 1:10.1.0+ds-5ubuntu2.4
qemu-system-arm 1:10.1.0+ds-5ubuntu2.4
qemu-system-common 1:10.1.0+ds-5ubuntu2.4
qemu-system-data 1:10.1.0+ds-5ubuntu2.4
qemu-system-gui 1:10.1.0+ds-5ubuntu2.4
qemu-system-mips 1:10.1.0+ds-5ubuntu2.4
qemu-system-misc 1:10.1.0+ds-5ubuntu2.4
qemu-system-modules-opengl 1:10.1.0+ds-5ubuntu2.4
qemu-system-modules-spice 1:10.1.0+ds-5ubuntu2.4
qemu-system-ppc 1:10.1.0+ds-5ubuntu2.4
qemu-system-riscv 1:10.1.0+ds-5ubuntu2.4
qemu-system-s390x 1:10.1.0+ds-5ubuntu2.4
qemu-system-sparc 1:10.1.0+ds-5ubuntu2.4
qemu-system-x86 1:10.1.0+ds-5ubuntu2.4
qemu-system-x86-xen 1:10.1.0+ds-5ubuntu2.4
qemu-system-xen 1:10.1.0+ds-5ubuntu2.4
Ubuntu 24.04 LTS
qemu-system 1:8.2.2+ds-0ubuntu1.13
qemu-system-arm 1:8.2.2+ds-0ubuntu1.13
qemu-system-common 1:8.2.2+ds-0ubuntu1.13
qemu-system-data 1:8.2.2+ds-0ubuntu1.13
qemu-system-gui 1:8.2.2+ds-0ubuntu1.13
qemu-system-mips 1:8.2.2+ds-0ubuntu1.13
qemu-system-misc 1:8.2.2+ds-0ubuntu1.13
qemu-system-modules-opengl 1:8.2.2+ds-0ubuntu1.13
qemu-system-modules-spice 1:8.2.2+ds-0ubuntu1.13
qemu-system-ppc 1:8.2.2+ds-0ubuntu1.13
qemu-system-s390x 1:8.2.2+ds-0ubuntu1.13
qemu-system-sparc 1:8.2.2+ds-0ubuntu1.13
qemu-system-x86 1:8.2.2+ds-0ubuntu1.13
qemu-system-x86-xen 1:8.2.2+ds-0ubuntu1.13
qemu-system-xen 1:8.2.2+ds-0ubuntu1.13
Ubuntu 22.04 LTS
qemu 1:6.2+dfsg-2ubuntu6.28
qemu-system 1:6.2+dfsg-2ubuntu6.28
qemu-system-arm 1:6.2+dfsg-2ubuntu6.28
qemu-system-common 1:6.2+dfsg-2ubuntu6.28
qemu-system-data 1:6.2+dfsg-2ubuntu6.28
qemu-system-gui 1:6.2+dfsg-2ubuntu6.28
qemu-system-mips 1:6.2+dfsg-2ubuntu6.28
qemu-system-misc 1:6.2+dfsg-2ubuntu6.28
qemu-system-ppc 1:6.2+dfsg-2ubuntu6.28
qemu-system-s390x 1:6.2+dfsg-2ubuntu6.28
qemu-system-sparc 1:6.2+dfsg-2ubuntu6.28
qemu-system-x86 1:6.2+dfsg-2ubuntu6.28
qemu-system-x86-microvm 1:6.2+dfsg-2ubuntu6.28
qemu-system-x86-xen 1:6.2+dfsg-2ubuntu6.28
After a standard system update you need to restart all QEMU virtual
machines to make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8073-1
CVE-2024-8354, CVE-2025-11234, CVE-2025-12464, CVE-2025-14876,
CVE-2026-0665
Package Information:
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu2.4
https://launchpad.net/ubuntu/+source/qemu/1:8.2.2+ds-0ubuntu1.13
https://launchpad.net/ubuntu/+source/qemu/1:6.2+dfsg-2ubuntu6.28
Wednesday, March 4, 2026
[USN-8075-1] GIMP vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8075-1
March 04, 2026
gimp vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in GIMP.
Software Description:
- gimp: GNU Image Manipulation Program
Details:
Michael Randrianantenaina discovered that calculating the linear size of a
DDS file could overflow on 32-bit systems. An attacker could possibly use
this issue to cause a denial of service or execute arbitrary code. This
issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04
LTS. (CVE-2025-2760)
Michael Randrianantenaina discovered that GIMP did not perform any bounds
checking when calculating an offset into XWD Colormaps. An attacker could
possibly use this issue to cause a denial of service or execute arbitrary
code. (CVE-2025-10934)
It was discovered that GIMP's PNM loader did not sufficiently check that
the image could fit within the allocated memory, which could cause GIMP to
read or write out-of-bounds. An attacker could possibly use this issue to
cause a denial of service or execute arbitrary code. (CVE-2025-14422)
It was discovered that maliciously-crafted TGA files could cause memory
corruption and leave GIMP in an inconsistent state. An attacker could
possibly use this issue to cause a denial of service or execute arbitrary
code. (CVE-2025-48797)
It was discovered that a maliciously-crafted XCF file could cause GIMP to
free the same memory region twice, or access an already freed address. An
attacker could possibly use this issue to cause a denial of service or
execute arbitrary code. (CVE-2025-48798)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
gimp 2.10.36-3ubuntu0.24.04.1+esm2
Available with Ubuntu Pro
libgimp2.0t64 2.10.36-3ubuntu0.24.04.1+esm2
Available with Ubuntu Pro
Ubuntu 22.04 LTS
gimp 2.10.30-1ubuntu0.1+esm2
Available with Ubuntu Pro
libgimp2.0 2.10.30-1ubuntu0.1+esm2
Available with Ubuntu Pro
Ubuntu 20.04 LTS
gimp 2.10.18-1ubuntu0.1+esm2
Available with Ubuntu Pro
libgimp2.0 2.10.18-1ubuntu0.1+esm2
Available with Ubuntu Pro
Ubuntu 18.04 LTS
gimp 2.8.22-1ubuntu0.1~esm2
Available with Ubuntu Pro
libgimp2.0 2.8.22-1ubuntu0.1~esm2
Available with Ubuntu Pro
Ubuntu 16.04 LTS
gimp 2.8.16-1ubuntu1.1+esm2
Available with Ubuntu Pro
libgimp2.0 2.8.16-1ubuntu1.1+esm2
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8075-1
CVE-2025-10934, CVE-2025-14422, CVE-2025-2760, CVE-2025-48797,
CVE-2025-48798
Ubuntu Security Notice USN-8075-1
March 04, 2026
gimp vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in GIMP.
Software Description:
- gimp: GNU Image Manipulation Program
Details:
Michael Randrianantenaina discovered that calculating the linear size of a
DDS file could overflow on 32-bit systems. An attacker could possibly use
this issue to cause a denial of service or execute arbitrary code. This
issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04
LTS. (CVE-2025-2760)
Michael Randrianantenaina discovered that GIMP did not perform any bounds
checking when calculating an offset into XWD Colormaps. An attacker could
possibly use this issue to cause a denial of service or execute arbitrary
code. (CVE-2025-10934)
It was discovered that GIMP's PNM loader did not sufficiently check that
the image could fit within the allocated memory, which could cause GIMP to
read or write out-of-bounds. An attacker could possibly use this issue to
cause a denial of service or execute arbitrary code. (CVE-2025-14422)
It was discovered that maliciously-crafted TGA files could cause memory
corruption and leave GIMP in an inconsistent state. An attacker could
possibly use this issue to cause a denial of service or execute arbitrary
code. (CVE-2025-48797)
It was discovered that a maliciously-crafted XCF file could cause GIMP to
free the same memory region twice, or access an already freed address. An
attacker could possibly use this issue to cause a denial of service or
execute arbitrary code. (CVE-2025-48798)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
gimp 2.10.36-3ubuntu0.24.04.1+esm2
Available with Ubuntu Pro
libgimp2.0t64 2.10.36-3ubuntu0.24.04.1+esm2
Available with Ubuntu Pro
Ubuntu 22.04 LTS
gimp 2.10.30-1ubuntu0.1+esm2
Available with Ubuntu Pro
libgimp2.0 2.10.30-1ubuntu0.1+esm2
Available with Ubuntu Pro
Ubuntu 20.04 LTS
gimp 2.10.18-1ubuntu0.1+esm2
Available with Ubuntu Pro
libgimp2.0 2.10.18-1ubuntu0.1+esm2
Available with Ubuntu Pro
Ubuntu 18.04 LTS
gimp 2.8.22-1ubuntu0.1~esm2
Available with Ubuntu Pro
libgimp2.0 2.8.22-1ubuntu0.1~esm2
Available with Ubuntu Pro
Ubuntu 16.04 LTS
gimp 2.8.16-1ubuntu1.1+esm2
Available with Ubuntu Pro
libgimp2.0 2.8.16-1ubuntu1.1+esm2
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8075-1
CVE-2025-10934, CVE-2025-14422, CVE-2025-2760, CVE-2025-48797,
CVE-2025-48798
F45 Change Proposal: Update_xmlsec_to_1_3 [SelfContained]
Wiki: https://fedoraproject.org/wiki/Changes/Update_xmlsec_to_1_3
Discussion Thread: https://discussion.fedoraproject.org/t/182444
**This is a proposed Change for Fedora Linux.**
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.
== Summary ==
This change brings xmlsec 1.3.x into Fedora. Version 1.3 is not backward compatible with 1.2.
== Owner ==
* Name: [[User:thalman| Tomas Halman]]
* Email: thalman@redhat.com
== Detailed Description ==
Update of xmlsec to 1.3.9 brings new and actively developed version into the Fedora. This version changes some interfaces and it is not backward compatible.
This change requires rebuild and/or update of depending packages:
* aqbanking
* lasso
* libdigidocpp
* libpskc
* libreoffice
* mod_auth_mellon
* nordugrid-arc
* open-vm-tools
* openscap
== Feedback ==
== Benefit to Fedora ==
Version 1.3 is actively developed and receives new features like new cyphers. Old version is just maintained.
== Scope ==
* Proposal owners:
* Other developers:
* Release engineering: [https://forge.fedoraproject.org/releng/tickets/issues #Releng issue number]
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with the Fedora Strategy:
== Upgrade/compatibility impact ==
No manual configuration changes are needed or expected.
== Early Testing (Optional) ==
Do you require 'QA Blueprint' support? No
== How To Test ==
* No special hardware needed
* Packages will be tested by their owners
* We will use a copr repository for building and testing depended packages
* All applications work the same as before change.
== User Experience ==
Users should obtain new cypher suites, but this is not typically noticed by users. But application may move defaults to more modern and safe ciphers.
== Dependencies ==
Here is list of packages depending on xmlsec1
* aqbanking
* lasso
* libdigidocpp
* libpskc
* libreoffice-core
* mod_auth_mellon
* nordugrid-arc
* open-vm-tools
* openscap
== Contingency Plan ==
* Contingency mechanism: If we found a blocker in depended component, we will create new package (xmlsec12) with the 1.2 version and component not possible to update will compile against old version for now. That might be a bit more work and we might postpone the change for next version of Fedora.
* Contingency deadline: N/A (not a System Wide Change)
* Blocks release? N/A (not a System Wide Change), Yes/No
== Documentation ==
N/A (not a System Wide Change)
== Release Notes ==
\n
Discussion Thread: https://discussion.fedoraproject.org/t/182444
**This is a proposed Change for Fedora Linux.**
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.
== Summary ==
This change brings xmlsec 1.3.x into Fedora. Version 1.3 is not backward compatible with 1.2.
== Owner ==
* Name: [[User:thalman| Tomas Halman]]
* Email: thalman@redhat.com
== Detailed Description ==
Update of xmlsec to 1.3.9 brings new and actively developed version into the Fedora. This version changes some interfaces and it is not backward compatible.
This change requires rebuild and/or update of depending packages:
* aqbanking
* lasso
* libdigidocpp
* libpskc
* libreoffice
* mod_auth_mellon
* nordugrid-arc
* open-vm-tools
* openscap
== Feedback ==
== Benefit to Fedora ==
Version 1.3 is actively developed and receives new features like new cyphers. Old version is just maintained.
== Scope ==
* Proposal owners:
* Other developers:
* Release engineering: [https://forge.fedoraproject.org/releng/tickets/issues #Releng issue number]
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with the Fedora Strategy:
== Upgrade/compatibility impact ==
No manual configuration changes are needed or expected.
== Early Testing (Optional) ==
Do you require 'QA Blueprint' support? No
== How To Test ==
* No special hardware needed
* Packages will be tested by their owners
* We will use a copr repository for building and testing depended packages
* All applications work the same as before change.
== User Experience ==
Users should obtain new cypher suites, but this is not typically noticed by users. But application may move defaults to more modern and safe ciphers.
== Dependencies ==
Here is list of packages depending on xmlsec1
* aqbanking
* lasso
* libdigidocpp
* libpskc
* libreoffice-core
* mod_auth_mellon
* nordugrid-arc
* open-vm-tools
* openscap
== Contingency Plan ==
* Contingency mechanism: If we found a blocker in depended component, we will create new package (xmlsec12) with the 1.2 version and component not possible to update will compile against old version for now. That might be a bit more work and we might postpone the change for next version of Fedora.
* Contingency deadline: N/A (not a System Wide Change)
* Blocks release? N/A (not a System Wide Change), Yes/No
== Documentation ==
N/A (not a System Wide Change)
== Release Notes ==
\n
F45 Change Proposal: IPv6-Mostly_Support_In_NetworkManager [SelfContained]
Wiki: https://fedoraproject.org/wiki/Changes/IPv6-Mostly_Support_In_NetworkManager
Discussion Thread: https://discussion.fedoraproject.org/t/182443
**This is a proposed Change for Fedora Linux.**
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.
== Summary ==
Enable by default support for IPv6-mostly networks in NetworkManager.
== Owner ==
* Name: [[User:bengal| Beniamino Galvani]], [[User:Sfaye| Stanislas Faye]]
* Email: <bgalvani@redhat.com>, <sfaye@redhat.com>
== Detailed Description ==
Dual-stack networks, where IPv4 and IPv6 run in parallel, are currently the most common transition mechanism to IPv6. However, they don't solve the problem of the IPv4 address exhaustion; furthermore, the availability of IPv4 on every host masks problems with IPv6 and provides very little incentive to fully move to IPv6.
A new architecture is emerging as an alternative to dual stack: IPv6-mostly. RFC 8925 describes an IPv6-mostly network as:
*A network that provides NAT64 (possibly with DNS64) service as well as IPv4 connectivity and allows the coexistence of IPv6-only, dual-stack, and IPv4-only hosts on the same segment. Such a deployment scenario allows operators to incrementally turn off IPv4 on end hosts, while still providing IPv4 to devices that require IPv4 to operate. But IPv6-only-capable devices need not be assigned IPv4 addresses.*
The key components of a IPv6-mostly network are:
* **DHCPv4 option 108 (IPv6-only preferred - RFC 8925)**. An IPv6-mostly network advertises this option. If the client supports and receives this option, it will go IPv6-only, disabling IPv4 configuration. This option serves as the signal for supporting clients to transition to IPv6-only mode.
* **464XLAT (RFC 6877)**. This architecture provides IPv4 connectivity to hosts in a IPv6-only network. It works by implementing a double translation: on the client a CLAT (Customer-side translator) converts IPv4 packets to IPv6; on the network side a PLAT (Provider-side translator) uses NAT64 to convert those packets back to IPv4 before they are delivered to the v4 Internet.
* **PREF64 option (RFC8781)**. The network includes this option in Router Advertisement messages to communicate the prefix used by the NAT64 gateway available in the network.
With this change, NetworkManager will enable automatically the
handling of option 108, CLAT and PREF64. As a result, when operating
in a IPv6-mostly network, it will behave as a IPv6-only host without
getting a DHCPv4 lease. Applications that need to reach the v4 Internet will still continue to work because of DNS64 and/or NAT64.
On networks not advertising option 108 NetworkManager will continue to configure native IPv4 addressing.
== Feedback ==
N/A
== Benefit to Fedora ==
By enabling option 108 and CLAT, Fedora's networking stack will be
compliant with modern Internet standards. This puts Fedora on par with
other major operating systems that already support and enable these
technologies such as Android, macOS and (recently) Windows.
Option 108 allows network administrators to conserve scarce IPv4
address pools, without the need of creating separate segments for IPv4
and IPv6 clients.
CLAT ensures that applications relying on AF_INET sockets or hardcoded
IPv4 literals continue to function transparently even when the host
only has IPv6 connectivity.
== Scope ==
* Proposal owners: Set the default value for option `ipv4.clat` to `auto`, either at build time or via a configuration snippet in /usr. This enables the automatism that starts CLAT based on PREF64, and also enables the handling of option 108.
* Other developers: N/A
* Release engineering: N/A
* Policies and guidelines: N/A
* Trademark approval: N/A (not needed for this Change)
== Upgrade/compatibility impact ==
There is no manual configuration or data migration needed. The change will be transparent to users.
== Early Testing (Optional) ==
N/A
== How To Test ==
This change can only be tested on an IPv6-mostly network with DHCPv4 option 108, NAT64 and PREF64. Such a network can be set up using equipment that supports those technologies, but also by configuring a Linux router with radvd, dhcpd, and a NAT64 implementation such as jool or tayga.
This feature is tested as part of the [https://gitlab.freedesktop.org/NetworkManager/NetworkManager-ci/-/blob/main/features/scenarios/clat.feature NetworkManager-ci] project using network namespaces with radvd, dhcpd and tayga.
== User Experience ==
When connected to a IPv6-mostly network (with option 108, NAT64 and PREF64), the host will get a public IPv6 and a private CLAT IPv4 address in the 192.0.0.0-192.0.0.7 range.
Native IPv6 connectivity will be used for most of the traffic. If there are applications connecting by name to an IPv4-only server, the DNS64 server will return a synthetic AAAA entry that directs the communication to the NAT64 gateway. The CLAT instance started by NetworkManager will be used to convert the remaining IPv4 traffic to IPv6, for example traffic generated by applications using IPv4 literals.
All of this will be transparent to the user.
== Dependencies ==
None
== Contingency Plan ==
* Contingency mechanism: Revert the configuration and disable CLAT and option 108
* Contingency deadline: Beta freeze
* Blocks release? No
== Documentation ==
The configuration options involved are described in the upstream documentation:
* ipv4.clat: https://networkmanager.pages.freedesktop.org/NetworkManager/NetworkManager/nm-settings-nmcli.html#nm-settings-nmcli.property.ipv4.clat
* ipv4.dhcp-ipv6-only-preferred: https://networkmanager.pages.freedesktop.org/NetworkManager/NetworkManager/nm-settings-nmcli.html#nm-settings-nmcli.property.ipv4.dhcp-ipv6-only-preferred
== Release Notes ==
This change should be mentioned in the Releases Notes.
Discussion Thread: https://discussion.fedoraproject.org/t/182443
**This is a proposed Change for Fedora Linux.**
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.
== Summary ==
Enable by default support for IPv6-mostly networks in NetworkManager.
== Owner ==
* Name: [[User:bengal| Beniamino Galvani]], [[User:Sfaye| Stanislas Faye]]
* Email: <bgalvani@redhat.com>, <sfaye@redhat.com>
== Detailed Description ==
Dual-stack networks, where IPv4 and IPv6 run in parallel, are currently the most common transition mechanism to IPv6. However, they don't solve the problem of the IPv4 address exhaustion; furthermore, the availability of IPv4 on every host masks problems with IPv6 and provides very little incentive to fully move to IPv6.
A new architecture is emerging as an alternative to dual stack: IPv6-mostly. RFC 8925 describes an IPv6-mostly network as:
*A network that provides NAT64 (possibly with DNS64) service as well as IPv4 connectivity and allows the coexistence of IPv6-only, dual-stack, and IPv4-only hosts on the same segment. Such a deployment scenario allows operators to incrementally turn off IPv4 on end hosts, while still providing IPv4 to devices that require IPv4 to operate. But IPv6-only-capable devices need not be assigned IPv4 addresses.*
The key components of a IPv6-mostly network are:
* **DHCPv4 option 108 (IPv6-only preferred - RFC 8925)**. An IPv6-mostly network advertises this option. If the client supports and receives this option, it will go IPv6-only, disabling IPv4 configuration. This option serves as the signal for supporting clients to transition to IPv6-only mode.
* **464XLAT (RFC 6877)**. This architecture provides IPv4 connectivity to hosts in a IPv6-only network. It works by implementing a double translation: on the client a CLAT (Customer-side translator) converts IPv4 packets to IPv6; on the network side a PLAT (Provider-side translator) uses NAT64 to convert those packets back to IPv4 before they are delivered to the v4 Internet.
* **PREF64 option (RFC8781)**. The network includes this option in Router Advertisement messages to communicate the prefix used by the NAT64 gateway available in the network.
With this change, NetworkManager will enable automatically the
handling of option 108, CLAT and PREF64. As a result, when operating
in a IPv6-mostly network, it will behave as a IPv6-only host without
getting a DHCPv4 lease. Applications that need to reach the v4 Internet will still continue to work because of DNS64 and/or NAT64.
On networks not advertising option 108 NetworkManager will continue to configure native IPv4 addressing.
== Feedback ==
N/A
== Benefit to Fedora ==
By enabling option 108 and CLAT, Fedora's networking stack will be
compliant with modern Internet standards. This puts Fedora on par with
other major operating systems that already support and enable these
technologies such as Android, macOS and (recently) Windows.
Option 108 allows network administrators to conserve scarce IPv4
address pools, without the need of creating separate segments for IPv4
and IPv6 clients.
CLAT ensures that applications relying on AF_INET sockets or hardcoded
IPv4 literals continue to function transparently even when the host
only has IPv6 connectivity.
== Scope ==
* Proposal owners: Set the default value for option `ipv4.clat` to `auto`, either at build time or via a configuration snippet in /usr. This enables the automatism that starts CLAT based on PREF64, and also enables the handling of option 108.
* Other developers: N/A
* Release engineering: N/A
* Policies and guidelines: N/A
* Trademark approval: N/A (not needed for this Change)
== Upgrade/compatibility impact ==
There is no manual configuration or data migration needed. The change will be transparent to users.
== Early Testing (Optional) ==
N/A
== How To Test ==
This change can only be tested on an IPv6-mostly network with DHCPv4 option 108, NAT64 and PREF64. Such a network can be set up using equipment that supports those technologies, but also by configuring a Linux router with radvd, dhcpd, and a NAT64 implementation such as jool or tayga.
This feature is tested as part of the [https://gitlab.freedesktop.org/NetworkManager/NetworkManager-ci/-/blob/main/features/scenarios/clat.feature NetworkManager-ci] project using network namespaces with radvd, dhcpd and tayga.
== User Experience ==
When connected to a IPv6-mostly network (with option 108, NAT64 and PREF64), the host will get a public IPv6 and a private CLAT IPv4 address in the 192.0.0.0-192.0.0.7 range.
Native IPv6 connectivity will be used for most of the traffic. If there are applications connecting by name to an IPv4-only server, the DNS64 server will return a synthetic AAAA entry that directs the communication to the NAT64 gateway. The CLAT instance started by NetworkManager will be used to convert the remaining IPv4 traffic to IPv6, for example traffic generated by applications using IPv4 literals.
All of this will be transparent to the user.
== Dependencies ==
None
== Contingency Plan ==
* Contingency mechanism: Revert the configuration and disable CLAT and option 108
* Contingency deadline: Beta freeze
* Blocks release? No
== Documentation ==
The configuration options involved are described in the upstream documentation:
* ipv4.clat: https://networkmanager.pages.freedesktop.org/NetworkManager/NetworkManager/nm-settings-nmcli.html#nm-settings-nmcli.property.ipv4.clat
* ipv4.dhcp-ipv6-only-preferred: https://networkmanager.pages.freedesktop.org/NetworkManager/NetworkManager/nm-settings-nmcli.html#nm-settings-nmcli.property.ipv4.dhcp-ipv6-only-preferred
== Release Notes ==
This change should be mentioned in the Releases Notes.
OpenBSD Errata: March 4, 2026 (pledgepaths unveil_mount)
Errata patches for pledge tmppath and unveil unmount in kernel have
been released for OpenBSD 7.7 and 7.8. You may have to update some
ports or packages before using that kernel.
Binary updates for the amd64, arm64 and i386 platform are available
via the syspatch utility. Source code patches can be found on the
respective errata page:
https://www.openbsd.org/errata77.html
https://www.openbsd.org/errata78.html
been released for OpenBSD 7.7 and 7.8. You may have to update some
ports or packages before using that kernel.
Binary updates for the amd64, arm64 and i386 platform are available
via the syspatch utility. Source code patches can be found on the
respective errata page:
https://www.openbsd.org/errata77.html
https://www.openbsd.org/errata78.html
[USN-8074-2] Linux kernel (Azure FIPS) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8074-2
March 04, 2026
linux-azure-fips vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-azure-fips: Linux kernel for Microsoft Azure Cloud systems with FIPS
Details:
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- MIPS architecture;
- PA-RISC architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- ATM drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- DRBD Distributed Replicated Block Device drivers;
- Network block device driver;
- Ublk userspace block driver;
- Bluetooth drivers;
- Bus devices;
- Character device driver;
- TPM device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- Device frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- ARM SCMI message protocol;
- FPGA Framework;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- Input Device (Miscellaneous) drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- MCB driver;
- Multiple devices driver;
- Media drivers;
- Multifunction device drivers;
- Microchip PCI driver;
- Intel Management Engine Interface driver;
- PCI Endpoint Test driver;
- TI TPS6594 PFSM driver;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Mellanox network drivers;
- STMicroelectronics network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- PCI subsystem;
- Amlogic Meson DDR PMU;
- PHY drivers;
- Pin controllers subsystem;
- x86 platform drivers;
- Power supply drivers;
- Powercap sysfs driver;
- PTP clock framework;
- PWM drivers;
- RapidIO drivers;
- Voltage and Current Regulator drivers;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI subsystem;
- ASPEED SoC drivers;
- QCOM SoC drivers;
- Samsung SoC drivers;
- SPI subsystem;
- small TFT LCD display modules;
- Media staging drivers;
- TCM subsystem;
- Trusted Execution Environment drivers;
- Thunderbolt and USB4 drivers;
- TTY drivers;
- UFS subsystem;
- Cadence USB3 driver;
- ChipIdea USB driver;
- USB Device Class drivers;
- USB core drivers;
- DesignWare USB3 driver;
- USB Gadget drivers;
- USB Host Controller drivers;
- Renesas USBHS Controller drivers;
- USB Type-C support driver;
- USB Type-C Connector System Software Interface driver;
- VFIO drivers;
- Virtio Host (VHOST) subsystem;
- Backlight driver;
- Framebuffer layer;
- TSM Common Guest driver;
- Virtio drivers;
- Xen hypervisor drivers;
- File systems infrastructure;
- BTRFS file system;
- Ceph distributed file system;
- EFI Variable file system;
- Ext4 file system;
- F2FS file system;
- GFS2 file system;
- JFFS2 file system;
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- NTFS3 file system;
- Overlay file system;
- Proc file system;
- SMB network file system;
- DRM display driver;
- Asynchronous Transfer Mode (ATM) subsystem;
- BPF subsystem;
- Memory Management;
- Internal shared memory driver;
- LZO compression library;
- Mellanox drivers;
- padata parallel execution mechanism;
- Networking subsytem;
- Bluetooth subsystem;
- Netfilter;
- Network traffic control;
- SCTP protocol;
- Network sockets;
- UDP network protocol;
- eXpress Data Path;
- XFRM subsystem;
- Digital Audio (PCM) driver;
- Universal MIDI packet (UMP) support module;
- Tracing infrastructure;
- User-space API (UAPI);
- io_uring subsystem;
- IPC subsystem;
- Perf events;
- Kernel exit() syscall;
- IRQ subsystem;
- Padata parallel execution mechanism;
- Kernel command line parsing driver;
- Hibernation control;
- RCU subsystem;
- Restartable seuqences system call mechanism;
- Maple Tree data structure library;
- Memory management;
- KASAN memory debugging framework;
- 802.1Q VLAN protocol;
- 9P file system network protocol;
- Appletalk network protocol;
- Ethernet bridge;
- CAN network layer;
- Networking core;
- Distributed Switch Architecture;
- HSR network protocol;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- Management Component Transport Protocol (MCTP);
- MultiProtocol Label Switching driver;
- Multipath TCP;
- NetLabel subsystem;
- Netlink;
- NFC subsystem;
- Open vSwitch;
- RDS protocol;
- Rose network layer;
- RxRPC session sockets;
- SMC sockets;
- Sun RPC protocol;
- TIPC protocol;
- TLS protocol;
- Unix domain sockets;
- VMware vSockets driver;
- Wireless networking;
- ALSA framework;
- WCD audio codecs;
- Intel ASoC drivers;
- MediaTek ASoC drivers;
- QCOM ASoC drivers;
- SoC audio core drivers;
- USB sound devices;
- Virtio sound driver;
- CPU Power monitoring subsystem;
- KVM subsystem;
(CVE-2025-21884, CVE-2025-21931, CVE-2025-22026, CVE-2025-22101,
CVE-2025-22102, CVE-2025-22115, CVE-2025-22120, CVE-2025-22126,
CVE-2025-22128, CVE-2025-23140, CVE-2025-23141, CVE-2025-23142,
CVE-2025-23144, CVE-2025-23145, CVE-2025-23146, CVE-2025-23147,
CVE-2025-23148, CVE-2025-23149, CVE-2025-23150, CVE-2025-23151,
CVE-2025-23155, CVE-2025-23156, CVE-2025-23157, CVE-2025-23158,
CVE-2025-23159, CVE-2025-23160, CVE-2025-23161, CVE-2025-23163,
CVE-2025-37738, CVE-2025-37739, CVE-2025-37740, CVE-2025-37741,
CVE-2025-37742, CVE-2025-37744, CVE-2025-37745, CVE-2025-37748,
CVE-2025-37749, CVE-2025-37754, CVE-2025-37755, CVE-2025-37757,
CVE-2025-37758, CVE-2025-37759, CVE-2025-37761, CVE-2025-37763,
CVE-2025-37764, CVE-2025-37765, CVE-2025-37766, CVE-2025-37767,
CVE-2025-37768, CVE-2025-37769, CVE-2025-37770, CVE-2025-37771,
CVE-2025-37772, CVE-2025-37773, CVE-2025-37775, CVE-2025-37777,
CVE-2025-37778, CVE-2025-37780, CVE-2025-37781, CVE-2025-37784,
CVE-2025-37786, CVE-2025-37787, CVE-2025-37788, CVE-2025-37789,
CVE-2025-37790, CVE-2025-37792, CVE-2025-37793, CVE-2025-37794,
CVE-2025-37796, CVE-2025-37799, CVE-2025-37800, CVE-2025-37801,
CVE-2025-37803, CVE-2025-37805, CVE-2025-37808, CVE-2025-37809,
CVE-2025-37810, CVE-2025-37811, CVE-2025-37812, CVE-2025-37813,
CVE-2025-37815, CVE-2025-37816, CVE-2025-37817, CVE-2025-37819,
CVE-2025-37820, CVE-2025-37822, CVE-2025-37823, CVE-2025-37824,
CVE-2025-37826, CVE-2025-37827, CVE-2025-37828, CVE-2025-37829,
CVE-2025-37830, CVE-2025-37831, CVE-2025-37836, CVE-2025-37839,
CVE-2025-37840, CVE-2025-37841, CVE-2025-37842, CVE-2025-37844,
CVE-2025-37846, CVE-2025-37849, CVE-2025-37850, CVE-2025-37851,
CVE-2025-37852, CVE-2025-37853, CVE-2025-37854, CVE-2025-37856,
CVE-2025-37857, CVE-2025-37858, CVE-2025-37859, CVE-2025-37861,
CVE-2025-37862, CVE-2025-37863, CVE-2025-37864, CVE-2025-37865,
CVE-2025-37867, CVE-2025-37869, CVE-2025-37871, CVE-2025-37872,
CVE-2025-37873, CVE-2025-37874, CVE-2025-37875, CVE-2025-37878,
CVE-2025-37879, CVE-2025-37881, CVE-2025-37883, CVE-2025-37884,
CVE-2025-37885, CVE-2025-37886, CVE-2025-37887, CVE-2025-37891,
CVE-2025-37892, CVE-2025-37897, CVE-2025-37900, CVE-2025-37901,
CVE-2025-37903, CVE-2025-37905, CVE-2025-37909, CVE-2025-37911,
CVE-2025-37912, CVE-2025-37913, CVE-2025-37914, CVE-2025-37915,
CVE-2025-37916, CVE-2025-37917, CVE-2025-37918, CVE-2025-37920,
CVE-2025-37921, CVE-2025-37922, CVE-2025-37923, CVE-2025-37924,
CVE-2025-37925, CVE-2025-37927, CVE-2025-37928, CVE-2025-37930,
CVE-2025-37931, CVE-2025-37933, CVE-2025-37935, CVE-2025-37936,
CVE-2025-37938, CVE-2025-37940, CVE-2025-37943, CVE-2025-37944,
CVE-2025-37945, CVE-2025-37947, CVE-2025-37948, CVE-2025-37949,
CVE-2025-37951, CVE-2025-37952, CVE-2025-37956, CVE-2025-37957,
CVE-2025-37959, CVE-2025-37960, CVE-2025-37961, CVE-2025-37962,
CVE-2025-37963, CVE-2025-37967, CVE-2025-37968, CVE-2025-37969,
CVE-2025-37970, CVE-2025-37972, CVE-2025-37973, CVE-2025-37975,
CVE-2025-37977, CVE-2025-37978, CVE-2025-37979, CVE-2025-37980,
CVE-2025-37982, CVE-2025-37983, CVE-2025-37984, CVE-2025-37985,
CVE-2025-37986, CVE-2025-37987, CVE-2025-37988, CVE-2025-37989,
CVE-2025-37990, CVE-2025-37991, CVE-2025-37992, CVE-2025-37994,
CVE-2025-37995, CVE-2025-37998, CVE-2025-38003, CVE-2025-38004,
CVE-2025-38005, CVE-2025-38006, CVE-2025-38007, CVE-2025-38008,
CVE-2025-38009, CVE-2025-38010, CVE-2025-38011, CVE-2025-38013,
CVE-2025-38014, CVE-2025-38015, CVE-2025-38018, CVE-2025-38019,
CVE-2025-38020, CVE-2025-38023, CVE-2025-38024, CVE-2025-38027,
CVE-2025-38031, CVE-2025-38034, CVE-2025-38035, CVE-2025-38037,
CVE-2025-38039, CVE-2025-38040, CVE-2025-38043, CVE-2025-38044,
CVE-2025-38045, CVE-2025-38048, CVE-2025-38051, CVE-2025-38052,
CVE-2025-38053, CVE-2025-38055, CVE-2025-38057, CVE-2025-38058,
CVE-2025-38059, CVE-2025-38060, CVE-2025-38061, CVE-2025-38062,
CVE-2025-38063, CVE-2025-38065, CVE-2025-38066, CVE-2025-38067,
CVE-2025-38068, CVE-2025-38071, CVE-2025-38072, CVE-2025-38074,
CVE-2025-38075, CVE-2025-38077, CVE-2025-38078, CVE-2025-38079,
CVE-2025-38080, CVE-2025-38081, CVE-2025-38084, CVE-2025-38085,
CVE-2025-38086, CVE-2025-38087, CVE-2025-38088, CVE-2025-38089,
CVE-2025-38090, CVE-2025-38094, CVE-2025-38095, CVE-2025-38097,
CVE-2025-38098, CVE-2025-38099, CVE-2025-38100, CVE-2025-38101,
CVE-2025-38102, CVE-2025-38103, CVE-2025-38104, CVE-2025-38107,
CVE-2025-38108, CVE-2025-38109, CVE-2025-38110, CVE-2025-38111,
CVE-2025-38112, CVE-2025-38113, CVE-2025-38115, CVE-2025-38117,
CVE-2025-38119, CVE-2025-38120, CVE-2025-38122, CVE-2025-38123,
CVE-2025-38124, CVE-2025-38125, CVE-2025-38126, CVE-2025-38127,
CVE-2025-38129, CVE-2025-38131, CVE-2025-38135, CVE-2025-38136,
CVE-2025-38138, CVE-2025-38142, CVE-2025-38143, CVE-2025-38145,
CVE-2025-38146, CVE-2025-38147, CVE-2025-38148, CVE-2025-38149,
CVE-2025-38153, CVE-2025-38154, CVE-2025-38155, CVE-2025-38156,
CVE-2025-38157, CVE-2025-38158, CVE-2025-38159, CVE-2025-38160,
CVE-2025-38161, CVE-2025-38162, CVE-2025-38163, CVE-2025-38164,
CVE-2025-38165, CVE-2025-38166, CVE-2025-38167, CVE-2025-38169,
CVE-2025-38170, CVE-2025-38173, CVE-2025-38174, CVE-2025-38180,
CVE-2025-38181, CVE-2025-38182, CVE-2025-38183, CVE-2025-38184,
CVE-2025-38185, CVE-2025-38190, CVE-2025-38191, CVE-2025-38192,
CVE-2025-38193, CVE-2025-38194, CVE-2025-38197, CVE-2025-38198,
CVE-2025-38200, CVE-2025-38202, CVE-2025-38208, CVE-2025-38210,
CVE-2025-38211, CVE-2025-38212, CVE-2025-38214, CVE-2025-38215,
CVE-2025-38217, CVE-2025-38218, CVE-2025-38219, CVE-2025-38220,
CVE-2025-38222, CVE-2025-38225, CVE-2025-38226, CVE-2025-38229,
CVE-2025-38230, CVE-2025-38231, CVE-2025-38232, CVE-2025-38236,
CVE-2025-38239, CVE-2025-38245, CVE-2025-38246, CVE-2025-38248,
CVE-2025-38249, CVE-2025-38250, CVE-2025-38251, CVE-2025-38253,
CVE-2025-38255, CVE-2025-38257, CVE-2025-38258, CVE-2025-38259,
CVE-2025-38260, CVE-2025-38262, CVE-2025-38263, CVE-2025-38264,
CVE-2025-38265, CVE-2025-38269, CVE-2025-38274, CVE-2025-38275,
CVE-2025-38277, CVE-2025-38278, CVE-2025-38279, CVE-2025-38280,
CVE-2025-38282, CVE-2025-38283, CVE-2025-38285, CVE-2025-38286,
CVE-2025-38289, CVE-2025-38290, CVE-2025-38292, CVE-2025-38293,
CVE-2025-38295, CVE-2025-38298, CVE-2025-38299, CVE-2025-38300,
CVE-2025-38303, CVE-2025-38304, CVE-2025-38305, CVE-2025-38307,
CVE-2025-38310, CVE-2025-38312, CVE-2025-38313, CVE-2025-38319,
CVE-2025-38320, CVE-2025-38321, CVE-2025-38322, CVE-2025-38323,
CVE-2025-38324, CVE-2025-38326, CVE-2025-38328, CVE-2025-38331,
CVE-2025-38332, CVE-2025-38333, CVE-2025-38334, CVE-2025-38335,
CVE-2025-38336, CVE-2025-38337, CVE-2025-38338, CVE-2025-38342,
CVE-2025-38343, CVE-2025-38344, CVE-2025-38345, CVE-2025-38346,
CVE-2025-38347, CVE-2025-38348, CVE-2025-38349, CVE-2025-38351,
CVE-2025-38354, CVE-2025-38361, CVE-2025-38362, CVE-2025-38363,
CVE-2025-38364, CVE-2025-38365, CVE-2025-38368, CVE-2025-38369,
CVE-2025-38371, CVE-2025-38373, CVE-2025-38374, CVE-2025-38375,
CVE-2025-38376, CVE-2025-38377, CVE-2025-38382, CVE-2025-38384,
CVE-2025-38385, CVE-2025-38386, CVE-2025-38387, CVE-2025-38388,
CVE-2025-38389, CVE-2025-38390, CVE-2025-38391, CVE-2025-38392,
CVE-2025-38393, CVE-2025-38395, CVE-2025-38396, CVE-2025-38399,
CVE-2025-38400, CVE-2025-38401, CVE-2025-38402, CVE-2025-38403,
CVE-2025-38405, CVE-2025-38406, CVE-2025-38407, CVE-2025-38408,
CVE-2025-38409, CVE-2025-38410, CVE-2025-38412, CVE-2025-38414,
CVE-2025-38415, CVE-2025-38416, CVE-2025-38418, CVE-2025-38419,
CVE-2025-38420, CVE-2025-38422, CVE-2025-38424, CVE-2025-38425,
CVE-2025-38427, CVE-2025-38428, CVE-2025-38429, CVE-2025-38430,
CVE-2025-38436, CVE-2025-38437, CVE-2025-38439, CVE-2025-38441,
CVE-2025-38443, CVE-2025-38444, CVE-2025-38445, CVE-2025-38448,
CVE-2025-38449, CVE-2025-38455, CVE-2025-38456, CVE-2025-38457,
CVE-2025-38458, CVE-2025-38459, CVE-2025-38460, CVE-2025-38461,
CVE-2025-38462, CVE-2025-38463, CVE-2025-38464, CVE-2025-38465,
CVE-2025-38466, CVE-2025-38467, CVE-2025-38468, CVE-2025-38469,
CVE-2025-38470, CVE-2025-38471, CVE-2025-38472, CVE-2025-38473,
CVE-2025-38474, CVE-2025-38476, CVE-2025-38478, CVE-2025-38480,
CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38485,
CVE-2025-38487, CVE-2025-38488, CVE-2025-38489, CVE-2025-38490,
CVE-2025-38491, CVE-2025-38493, CVE-2025-38494, CVE-2025-38495,
CVE-2025-38496, CVE-2025-38497, CVE-2025-38499, CVE-2025-38501,
CVE-2025-38503, CVE-2025-38506, CVE-2025-38507, CVE-2025-38510,
CVE-2025-38511, CVE-2025-38512, CVE-2025-38513, CVE-2025-38514,
CVE-2025-38515, CVE-2025-38516, CVE-2025-38520, CVE-2025-38521,
CVE-2025-38524, CVE-2025-38526, CVE-2025-38527, CVE-2025-38528,
CVE-2025-38529, CVE-2025-38530, CVE-2025-38531, CVE-2025-38532,
CVE-2025-38533, CVE-2025-38535, CVE-2025-38537, CVE-2025-38538,
CVE-2025-38539, CVE-2025-38540, CVE-2025-38542, CVE-2025-38543,
CVE-2025-38544, CVE-2025-38546, CVE-2025-38548, CVE-2025-38549,
CVE-2025-38550, CVE-2025-38551, CVE-2025-38552, CVE-2025-38553,
CVE-2025-38555, CVE-2025-38560, CVE-2025-38561, CVE-2025-38562,
CVE-2025-38566, CVE-2025-38568, CVE-2025-38569, CVE-2025-38571,
CVE-2025-38572, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577,
CVE-2025-38578, CVE-2025-38579, CVE-2025-38581, CVE-2025-38582,
CVE-2025-38583, CVE-2025-38584, CVE-2025-38585, CVE-2025-38587,
CVE-2025-38588, CVE-2025-38590, CVE-2025-38593, CVE-2025-38595,
CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38608,
CVE-2025-38609, CVE-2025-38610, CVE-2025-38612, CVE-2025-38614,
CVE-2025-38615, CVE-2025-38619, CVE-2025-38622, CVE-2025-38623,
CVE-2025-38624, CVE-2025-38625, CVE-2025-38626, CVE-2025-38630,
CVE-2025-38632, CVE-2025-38634, CVE-2025-38635, CVE-2025-38639,
CVE-2025-38640, CVE-2025-38644, CVE-2025-38645, CVE-2025-38646,
CVE-2025-38648, CVE-2025-38650, CVE-2025-38652, CVE-2025-38653,
CVE-2025-38659, CVE-2025-38660, CVE-2025-38663, CVE-2025-38664,
CVE-2025-38665, CVE-2025-38668, CVE-2025-38670, CVE-2025-38671,
CVE-2025-38675, CVE-2025-38676, CVE-2025-38677, CVE-2025-38679,
CVE-2025-38680, CVE-2025-38681, CVE-2025-38684, CVE-2025-38685,
CVE-2025-38686, CVE-2025-38687, CVE-2025-38688, CVE-2025-38691,
CVE-2025-38692, CVE-2025-38693, CVE-2025-38694, CVE-2025-38695,
CVE-2025-38696, CVE-2025-38697, CVE-2025-38698, CVE-2025-38699,
CVE-2025-38700, CVE-2025-38701, CVE-2025-38702, CVE-2025-38703,
CVE-2025-38704, CVE-2025-38705, CVE-2025-38706, CVE-2025-38707,
CVE-2025-38708, CVE-2025-38710, CVE-2025-38711, CVE-2025-38712,
CVE-2025-38713, CVE-2025-38714, CVE-2025-38715, CVE-2025-38716,
CVE-2025-38718, CVE-2025-38721, CVE-2025-38722, CVE-2025-38724,
CVE-2025-38725, CVE-2025-38728, CVE-2025-38729, CVE-2025-38730,
CVE-2025-38732, CVE-2025-38734, CVE-2025-38735, CVE-2025-39673,
CVE-2025-39675, CVE-2025-39676, CVE-2025-39679, CVE-2025-39681,
CVE-2025-39683, CVE-2025-39684, CVE-2025-39685, CVE-2025-39686,
CVE-2025-39687, CVE-2025-39689, CVE-2025-39691, CVE-2025-39692,
CVE-2025-39693, CVE-2025-39694, CVE-2025-39698, CVE-2025-39701,
CVE-2025-39702, CVE-2025-39703, CVE-2025-39705, CVE-2025-39706,
CVE-2025-39707, CVE-2025-39709, CVE-2025-39710, CVE-2025-39711,
CVE-2025-39712, CVE-2025-39713, CVE-2025-39714, CVE-2025-39715,
CVE-2025-39716, CVE-2025-39718, CVE-2025-39719, CVE-2025-39720,
CVE-2025-39721, CVE-2025-39724, CVE-2025-39726, CVE-2025-39730,
CVE-2025-39731, CVE-2025-39732, CVE-2025-39734, CVE-2025-39736,
CVE-2025-39737, CVE-2025-39738, CVE-2025-39739, CVE-2025-39742,
CVE-2025-39743, CVE-2025-39744, CVE-2025-39746, CVE-2025-39747,
CVE-2025-39748, CVE-2025-39749, CVE-2025-39750, CVE-2025-39752,
CVE-2025-39753, CVE-2025-39756, CVE-2025-39757, CVE-2025-39758,
CVE-2025-39759, CVE-2025-39760, CVE-2025-39761, CVE-2025-39763,
CVE-2025-39766, CVE-2025-39770, CVE-2025-39772, CVE-2025-39773,
CVE-2025-39776, CVE-2025-39779, CVE-2025-39781, CVE-2025-39782,
CVE-2025-39783, CVE-2025-39787, CVE-2025-39788, CVE-2025-39790,
CVE-2025-39794, CVE-2025-39795, CVE-2025-39797, CVE-2025-39798,
CVE-2025-39800, CVE-2025-39801, CVE-2025-39889, CVE-2025-39890,
CVE-2025-39946, CVE-2025-39989, CVE-2025-40019, CVE-2025-40215,
CVE-2025-40297, CVE-2025-68750)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
linux-image-6.8.0-1046-azure-fips 6.8.0-1046.52+fips1
Available with Ubuntu Pro
linux-image-azure-fips 6.8.0-1046.52+fips1
Available with Ubuntu Pro
linux-image-azure-fips-6.8 6.8.0-1046.52+fips1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8074-2
https://ubuntu.com/security/notices/USN-8074-1
CVE-2024-36331, CVE-2024-36350, CVE-2024-36357, CVE-2025-21884,
CVE-2025-21931, CVE-2025-22026, CVE-2025-22101, CVE-2025-22102,
CVE-2025-22115, CVE-2025-22120, CVE-2025-22126, CVE-2025-22128,
CVE-2025-23140, CVE-2025-23141, CVE-2025-23142, CVE-2025-23144,
CVE-2025-23145, CVE-2025-23146, CVE-2025-23147, CVE-2025-23148,
CVE-2025-23149, CVE-2025-23150, CVE-2025-23151, CVE-2025-23155,
CVE-2025-23156, CVE-2025-23157, CVE-2025-23158, CVE-2025-23159,
CVE-2025-23160, CVE-2025-23161, CVE-2025-23163, CVE-2025-37738,
CVE-2025-37739, CVE-2025-37740, CVE-2025-37741, CVE-2025-37742,
CVE-2025-37744, CVE-2025-37745, CVE-2025-37748, CVE-2025-37749,
CVE-2025-37754, CVE-2025-37755, CVE-2025-37757, CVE-2025-37758,
CVE-2025-37759, CVE-2025-37761, CVE-2025-37763, CVE-2025-37764,
CVE-2025-37765, CVE-2025-37766, CVE-2025-37767, CVE-2025-37768,
CVE-2025-37769, CVE-2025-37770, CVE-2025-37771, CVE-2025-37772,
CVE-2025-37773, CVE-2025-37775, CVE-2025-37777, CVE-2025-37778,
CVE-2025-37780, CVE-2025-37781, CVE-2025-37784, CVE-2025-37786,
CVE-2025-37787, CVE-2025-37788, CVE-2025-37789, CVE-2025-37790,
CVE-2025-37792, CVE-2025-37793, CVE-2025-37794, CVE-2025-37796,
CVE-2025-37799, CVE-2025-37800, CVE-2025-37801, CVE-2025-37803,
CVE-2025-37805, CVE-2025-37808, CVE-2025-37809, CVE-2025-37810,
CVE-2025-37811, CVE-2025-37812, CVE-2025-37813, CVE-2025-37815,
CVE-2025-37816, CVE-2025-37817, CVE-2025-37819, CVE-2025-37820,
CVE-2025-37822, CVE-2025-37823, CVE-2025-37824, CVE-2025-37826,
CVE-2025-37827, CVE-2025-37828, CVE-2025-37829, CVE-2025-37830,
CVE-2025-37831, CVE-2025-37836, CVE-2025-37839, CVE-2025-37840,
CVE-2025-37841, CVE-2025-37842, CVE-2025-37844, CVE-2025-37846,
CVE-2025-37849, CVE-2025-37850, CVE-2025-37851, CVE-2025-37852,
CVE-2025-37853, CVE-2025-37854, CVE-2025-37856, CVE-2025-37857,
CVE-2025-37858, CVE-2025-37859, CVE-2025-37861, CVE-2025-37862,
CVE-2025-37863, CVE-2025-37864, CVE-2025-37865, CVE-2025-37867,
CVE-2025-37869, CVE-2025-37871, CVE-2025-37872, CVE-2025-37873,
CVE-2025-37874, CVE-2025-37875, CVE-2025-37878, CVE-2025-37879,
CVE-2025-37881, CVE-2025-37883, CVE-2025-37884, CVE-2025-37885,
CVE-2025-37886, CVE-2025-37887, CVE-2025-37891, CVE-2025-37892,
CVE-2025-37897, CVE-2025-37900, CVE-2025-37901, CVE-2025-37903,
CVE-2025-37905, CVE-2025-37909, CVE-2025-37911, CVE-2025-37912,
CVE-2025-37913, CVE-2025-37914, CVE-2025-37915, CVE-2025-37916,
CVE-2025-37917, CVE-2025-37918, CVE-2025-37920, CVE-2025-37921,
CVE-2025-37922, CVE-2025-37923, CVE-2025-37924, CVE-2025-37925,
CVE-2025-37927, CVE-2025-37928, CVE-2025-37930, CVE-2025-37931,
CVE-2025-37933, CVE-2025-37935, CVE-2025-37936, CVE-2025-37938,
CVE-2025-37940, CVE-2025-37943, CVE-2025-37944, CVE-2025-37945,
CVE-2025-37947, CVE-2025-37948, CVE-2025-37949, CVE-2025-37951,
CVE-2025-37952, CVE-2025-37956, CVE-2025-37957, CVE-2025-37959,
CVE-2025-37960, CVE-2025-37961, CVE-2025-37962, CVE-2025-37963,
CVE-2025-37967, CVE-2025-37968, CVE-2025-37969, CVE-2025-37970,
CVE-2025-37972, CVE-2025-37973, CVE-2025-37975, CVE-2025-37977,
CVE-2025-37978, CVE-2025-37979, CVE-2025-37980, CVE-2025-37982,
CVE-2025-37983, CVE-2025-37984, CVE-2025-37985, CVE-2025-37986,
CVE-2025-37987, CVE-2025-37988, CVE-2025-37989, CVE-2025-37990,
CVE-2025-37991, CVE-2025-37992, CVE-2025-37994, CVE-2025-37995,
CVE-2025-37998, CVE-2025-38003, CVE-2025-38004, CVE-2025-38005,
CVE-2025-38006, CVE-2025-38007, CVE-2025-38008, CVE-2025-38009,
CVE-2025-38010, CVE-2025-38011, CVE-2025-38013, CVE-2025-38014,
CVE-2025-38015, CVE-2025-38018, CVE-2025-38019, CVE-2025-38020,
CVE-2025-38023, CVE-2025-38024, CVE-2025-38027, CVE-2025-38031,
CVE-2025-38034, CVE-2025-38035, CVE-2025-38037, CVE-2025-38039,
CVE-2025-38040, CVE-2025-38043, CVE-2025-38044, CVE-2025-38045,
CVE-2025-38048, CVE-2025-38051, CVE-2025-38052, CVE-2025-38053,
CVE-2025-38055, CVE-2025-38057, CVE-2025-38058, CVE-2025-38059,
CVE-2025-38060, CVE-2025-38061, CVE-2025-38062, CVE-2025-38063,
CVE-2025-38065, CVE-2025-38066, CVE-2025-38067, CVE-2025-38068,
CVE-2025-38071, CVE-2025-38072, CVE-2025-38074, CVE-2025-38075,
CVE-2025-38077, CVE-2025-38078, CVE-2025-38079, CVE-2025-38080,
CVE-2025-38081, CVE-2025-38084, CVE-2025-38085, CVE-2025-38086,
CVE-2025-38087, CVE-2025-38088, CVE-2025-38089, CVE-2025-38090,
CVE-2025-38094, CVE-2025-38095, CVE-2025-38097, CVE-2025-38098,
CVE-2025-38099, CVE-2025-38100, CVE-2025-38101, CVE-2025-38102,
CVE-2025-38103, CVE-2025-38104, CVE-2025-38107, CVE-2025-38108,
CVE-2025-38109, CVE-2025-38110, CVE-2025-38111, CVE-2025-38112,
CVE-2025-38113, CVE-2025-38115, CVE-2025-38117, CVE-2025-38119,
CVE-2025-38120, CVE-2025-38122, CVE-2025-38123, CVE-2025-38124,
CVE-2025-38125, CVE-2025-38126, CVE-2025-38127, CVE-2025-38129,
CVE-2025-38131, CVE-2025-38135, CVE-2025-38136, CVE-2025-38138,
CVE-2025-38142, CVE-2025-38143, CVE-2025-38145, CVE-2025-38146,
CVE-2025-38147, CVE-2025-38148, CVE-2025-38149, CVE-2025-38153,
CVE-2025-38154, CVE-2025-38155, CVE-2025-38156, CVE-2025-38157,
CVE-2025-38158, CVE-2025-38159, CVE-2025-38160, CVE-2025-38161,
CVE-2025-38162, CVE-2025-38163, CVE-2025-38164, CVE-2025-38165,
CVE-2025-38166, CVE-2025-38167, CVE-2025-38169, CVE-2025-38170,
CVE-2025-38173, CVE-2025-38174, CVE-2025-38180, CVE-2025-38181,
CVE-2025-38182, CVE-2025-38183, CVE-2025-38184, CVE-2025-38185,
CVE-2025-38190, CVE-2025-38191, CVE-2025-38192, CVE-2025-38193,
CVE-2025-38194, CVE-2025-38197, CVE-2025-38198, CVE-2025-38200,
CVE-2025-38202, CVE-2025-38208, CVE-2025-38210, CVE-2025-38211,
CVE-2025-38212, CVE-2025-38214, CVE-2025-38215, CVE-2025-38217,
CVE-2025-38218, CVE-2025-38219, CVE-2025-38220, CVE-2025-38222,
CVE-2025-38225, CVE-2025-38226, CVE-2025-38229, CVE-2025-38230,
CVE-2025-38231, CVE-2025-38232, CVE-2025-38236, CVE-2025-38239,
CVE-2025-38245, CVE-2025-38246, CVE-2025-38248, CVE-2025-38249,
CVE-2025-38250, CVE-2025-38251, CVE-2025-38253, CVE-2025-38255,
CVE-2025-38257, CVE-2025-38258, CVE-2025-38259, CVE-2025-38260,
CVE-2025-38262, CVE-2025-38263, CVE-2025-38264, CVE-2025-38265,
CVE-2025-38269, CVE-2025-38274, CVE-2025-38275, CVE-2025-38277,
CVE-2025-38278, CVE-2025-38279, CVE-2025-38280, CVE-2025-38282,
CVE-2025-38283, CVE-2025-38285, CVE-2025-38286, CVE-2025-38289,
CVE-2025-38290, CVE-2025-38292, CVE-2025-38293, CVE-2025-38295,
CVE-2025-38298, CVE-2025-38299, CVE-2025-38300, CVE-2025-38303,
CVE-2025-38304, CVE-2025-38305, CVE-2025-38307, CVE-2025-38310,
CVE-2025-38312, CVE-2025-38313, CVE-2025-38319, CVE-2025-38320,
CVE-2025-38321, CVE-2025-38322, CVE-2025-38323, CVE-2025-38324,
CVE-2025-38326, CVE-2025-38328, CVE-2025-38331, CVE-2025-38332,
CVE-2025-38333, CVE-2025-38334, CVE-2025-38335, CVE-2025-38336,
CVE-2025-38337, CVE-2025-38338, CVE-2025-38342, CVE-2025-38343,
CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38347,
CVE-2025-38348, CVE-2025-38349, CVE-2025-38351, CVE-2025-38354,
CVE-2025-38361, CVE-2025-38362, CVE-2025-38363, CVE-2025-38364,
CVE-2025-38365, CVE-2025-38368, CVE-2025-38369, CVE-2025-38371,
CVE-2025-38373, CVE-2025-38374, CVE-2025-38375, CVE-2025-38376,
CVE-2025-38377, CVE-2025-38382, CVE-2025-38384, CVE-2025-38385,
CVE-2025-38386, CVE-2025-38387, CVE-2025-38388, CVE-2025-38389,
CVE-2025-38390, CVE-2025-38391, CVE-2025-38392, CVE-2025-38393,
CVE-2025-38395, CVE-2025-38396, CVE-2025-38399, CVE-2025-38400,
CVE-2025-38401, CVE-2025-38402, CVE-2025-38403, CVE-2025-38405,
CVE-2025-38406, CVE-2025-38407, CVE-2025-38408, CVE-2025-38409,
CVE-2025-38410, CVE-2025-38412, CVE-2025-38414, CVE-2025-38415,
CVE-2025-38416, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420,
CVE-2025-38422, CVE-2025-38424, CVE-2025-38425, CVE-2025-38427,
CVE-2025-38428, CVE-2025-38429, CVE-2025-38430, CVE-2025-38436,
CVE-2025-38437, CVE-2025-38439, CVE-2025-38441, CVE-2025-38443,
CVE-2025-38444, CVE-2025-38445, CVE-2025-38448, CVE-2025-38449,
CVE-2025-38455, CVE-2025-38456, CVE-2025-38457, CVE-2025-38458,
CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462,
CVE-2025-38463, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466,
CVE-2025-38467, CVE-2025-38468, CVE-2025-38469, CVE-2025-38470,
CVE-2025-38471, CVE-2025-38472, CVE-2025-38473, CVE-2025-38474,
CVE-2025-38476, CVE-2025-38478, CVE-2025-38480, CVE-2025-38481,
CVE-2025-38482, CVE-2025-38483, CVE-2025-38485, CVE-2025-38487,
CVE-2025-38488, CVE-2025-38489, CVE-2025-38490, CVE-2025-38491,
CVE-2025-38493, CVE-2025-38494, CVE-2025-38495, CVE-2025-38496,
CVE-2025-38497, CVE-2025-38499, CVE-2025-38501, CVE-2025-38503,
CVE-2025-38506, CVE-2025-38507, CVE-2025-38510, CVE-2025-38511,
CVE-2025-38512, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515,
CVE-2025-38516, CVE-2025-38520, CVE-2025-38521, CVE-2025-38524,
CVE-2025-38526, CVE-2025-38527, CVE-2025-38528, CVE-2025-38529,
CVE-2025-38530, CVE-2025-38531, CVE-2025-38532, CVE-2025-38533,
CVE-2025-38535, CVE-2025-38537, CVE-2025-38538, CVE-2025-38539,
CVE-2025-38540, CVE-2025-38542, CVE-2025-38543, CVE-2025-38544,
CVE-2025-38546, CVE-2025-38548, CVE-2025-38549, CVE-2025-38550,
CVE-2025-38551, CVE-2025-38552, CVE-2025-38553, CVE-2025-38555,
CVE-2025-38560, CVE-2025-38561, CVE-2025-38562, CVE-2025-38566,
CVE-2025-38568, CVE-2025-38569, CVE-2025-38571, CVE-2025-38572,
CVE-2025-38574, CVE-2025-38576, CVE-2025-38577, CVE-2025-38578,
CVE-2025-38579, CVE-2025-38581, CVE-2025-38582, CVE-2025-38583,
CVE-2025-38584, CVE-2025-38585, CVE-2025-38587, CVE-2025-38588,
CVE-2025-38590, CVE-2025-38593, CVE-2025-38595, CVE-2025-38601,
CVE-2025-38602, CVE-2025-38604, CVE-2025-38608, CVE-2025-38609,
CVE-2025-38610, CVE-2025-38612, CVE-2025-38614, CVE-2025-38615,
CVE-2025-38619, CVE-2025-38622, CVE-2025-38623, CVE-2025-38624,
CVE-2025-38625, CVE-2025-38626, CVE-2025-38630, CVE-2025-38632,
CVE-2025-38634, CVE-2025-38635, CVE-2025-38639, CVE-2025-38640,
CVE-2025-38644, CVE-2025-38645, CVE-2025-38646, CVE-2025-38648,
CVE-2025-38650, CVE-2025-38652, CVE-2025-38653, CVE-2025-38659,
CVE-2025-38660, CVE-2025-38663, CVE-2025-38664, CVE-2025-38665,
CVE-2025-38668, CVE-2025-38670, CVE-2025-38671, CVE-2025-38675,
CVE-2025-38676, CVE-2025-38677, CVE-2025-38679, CVE-2025-38680,
CVE-2025-38681, CVE-2025-38684, CVE-2025-38685, CVE-2025-38686,
CVE-2025-38687, CVE-2025-38688, CVE-2025-38691, CVE-2025-38692,
CVE-2025-38693, CVE-2025-38694, CVE-2025-38695, CVE-2025-38696,
CVE-2025-38697, CVE-2025-38698, CVE-2025-38699, CVE-2025-38700,
CVE-2025-38701, CVE-2025-38702, CVE-2025-38703, CVE-2025-38704,
CVE-2025-38705, CVE-2025-38706, CVE-2025-38707, CVE-2025-38708,
CVE-2025-38710, CVE-2025-38711, CVE-2025-38712, CVE-2025-38713,
CVE-2025-38714, CVE-2025-38715, CVE-2025-38716, CVE-2025-38718,
CVE-2025-38721, CVE-2025-38722, CVE-2025-38724, CVE-2025-38725,
CVE-2025-38728, CVE-2025-38729, CVE-2025-38730, CVE-2025-38732,
CVE-2025-38734, CVE-2025-38735, CVE-2025-39673, CVE-2025-39675,
CVE-2025-39676, CVE-2025-39679, CVE-2025-39681, CVE-2025-39683,
CVE-2025-39684, CVE-2025-39685, CVE-2025-39686, CVE-2025-39687,
CVE-2025-39689, CVE-2025-39691, CVE-2025-39692, CVE-2025-39693,
CVE-2025-39694, CVE-2025-39698, CVE-2025-39701, CVE-2025-39702,
CVE-2025-39703, CVE-2025-39705, CVE-2025-39706, CVE-2025-39707,
CVE-2025-39709, CVE-2025-39710, CVE-2025-39711, CVE-2025-39712,
CVE-2025-39713, CVE-2025-39714, CVE-2025-39715, CVE-2025-39716,
CVE-2025-39718, CVE-2025-39719, CVE-2025-39720, CVE-2025-39721,
CVE-2025-39724, CVE-2025-39726, CVE-2025-39730, CVE-2025-39731,
CVE-2025-39732, CVE-2025-39734, CVE-2025-39736, CVE-2025-39737,
CVE-2025-39738, CVE-2025-39739, CVE-2025-39742, CVE-2025-39743,
CVE-2025-39744, CVE-2025-39746, CVE-2025-39747, CVE-2025-39748,
CVE-2025-39749, CVE-2025-39750, CVE-2025-39752, CVE-2025-39753,
CVE-2025-39756, CVE-2025-39757, CVE-2025-39758, CVE-2025-39759,
CVE-2025-39760, CVE-2025-39761, CVE-2025-39763, CVE-2025-39766,
CVE-2025-39770, CVE-2025-39772, CVE-2025-39773, CVE-2025-39776,
CVE-2025-39779, CVE-2025-39781, CVE-2025-39782, CVE-2025-39783,
CVE-2025-39787, CVE-2025-39788, CVE-2025-39790, CVE-2025-39794,
CVE-2025-39795, CVE-2025-39797, CVE-2025-39798, CVE-2025-39800,
CVE-2025-39801, CVE-2025-39889, CVE-2025-39890, CVE-2025-39946,
CVE-2025-39989, CVE-2025-40019, CVE-2025-40215, CVE-2025-40297,
CVE-2025-68750
Package Information:
https://launchpad.net/ubuntu/+source/linux-azure-fips/6.8.0-1046.52+fips1
Ubuntu Security Notice USN-8074-2
March 04, 2026
linux-azure-fips vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-azure-fips: Linux kernel for Microsoft Azure Cloud systems with FIPS
Details:
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- MIPS architecture;
- PA-RISC architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- ATM drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- DRBD Distributed Replicated Block Device drivers;
- Network block device driver;
- Ublk userspace block driver;
- Bluetooth drivers;
- Bus devices;
- Character device driver;
- TPM device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- Device frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- ARM SCMI message protocol;
- FPGA Framework;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- Input Device (Miscellaneous) drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- MCB driver;
- Multiple devices driver;
- Media drivers;
- Multifunction device drivers;
- Microchip PCI driver;
- Intel Management Engine Interface driver;
- PCI Endpoint Test driver;
- TI TPS6594 PFSM driver;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Mellanox network drivers;
- STMicroelectronics network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- PCI subsystem;
- Amlogic Meson DDR PMU;
- PHY drivers;
- Pin controllers subsystem;
- x86 platform drivers;
- Power supply drivers;
- Powercap sysfs driver;
- PTP clock framework;
- PWM drivers;
- RapidIO drivers;
- Voltage and Current Regulator drivers;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI subsystem;
- ASPEED SoC drivers;
- QCOM SoC drivers;
- Samsung SoC drivers;
- SPI subsystem;
- small TFT LCD display modules;
- Media staging drivers;
- TCM subsystem;
- Trusted Execution Environment drivers;
- Thunderbolt and USB4 drivers;
- TTY drivers;
- UFS subsystem;
- Cadence USB3 driver;
- ChipIdea USB driver;
- USB Device Class drivers;
- USB core drivers;
- DesignWare USB3 driver;
- USB Gadget drivers;
- USB Host Controller drivers;
- Renesas USBHS Controller drivers;
- USB Type-C support driver;
- USB Type-C Connector System Software Interface driver;
- VFIO drivers;
- Virtio Host (VHOST) subsystem;
- Backlight driver;
- Framebuffer layer;
- TSM Common Guest driver;
- Virtio drivers;
- Xen hypervisor drivers;
- File systems infrastructure;
- BTRFS file system;
- Ceph distributed file system;
- EFI Variable file system;
- Ext4 file system;
- F2FS file system;
- GFS2 file system;
- JFFS2 file system;
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- NTFS3 file system;
- Overlay file system;
- Proc file system;
- SMB network file system;
- DRM display driver;
- Asynchronous Transfer Mode (ATM) subsystem;
- BPF subsystem;
- Memory Management;
- Internal shared memory driver;
- LZO compression library;
- Mellanox drivers;
- padata parallel execution mechanism;
- Networking subsytem;
- Bluetooth subsystem;
- Netfilter;
- Network traffic control;
- SCTP protocol;
- Network sockets;
- UDP network protocol;
- eXpress Data Path;
- XFRM subsystem;
- Digital Audio (PCM) driver;
- Universal MIDI packet (UMP) support module;
- Tracing infrastructure;
- User-space API (UAPI);
- io_uring subsystem;
- IPC subsystem;
- Perf events;
- Kernel exit() syscall;
- IRQ subsystem;
- Padata parallel execution mechanism;
- Kernel command line parsing driver;
- Hibernation control;
- RCU subsystem;
- Restartable seuqences system call mechanism;
- Maple Tree data structure library;
- Memory management;
- KASAN memory debugging framework;
- 802.1Q VLAN protocol;
- 9P file system network protocol;
- Appletalk network protocol;
- Ethernet bridge;
- CAN network layer;
- Networking core;
- Distributed Switch Architecture;
- HSR network protocol;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- Management Component Transport Protocol (MCTP);
- MultiProtocol Label Switching driver;
- Multipath TCP;
- NetLabel subsystem;
- Netlink;
- NFC subsystem;
- Open vSwitch;
- RDS protocol;
- Rose network layer;
- RxRPC session sockets;
- SMC sockets;
- Sun RPC protocol;
- TIPC protocol;
- TLS protocol;
- Unix domain sockets;
- VMware vSockets driver;
- Wireless networking;
- ALSA framework;
- WCD audio codecs;
- Intel ASoC drivers;
- MediaTek ASoC drivers;
- QCOM ASoC drivers;
- SoC audio core drivers;
- USB sound devices;
- Virtio sound driver;
- CPU Power monitoring subsystem;
- KVM subsystem;
(CVE-2025-21884, CVE-2025-21931, CVE-2025-22026, CVE-2025-22101,
CVE-2025-22102, CVE-2025-22115, CVE-2025-22120, CVE-2025-22126,
CVE-2025-22128, CVE-2025-23140, CVE-2025-23141, CVE-2025-23142,
CVE-2025-23144, CVE-2025-23145, CVE-2025-23146, CVE-2025-23147,
CVE-2025-23148, CVE-2025-23149, CVE-2025-23150, CVE-2025-23151,
CVE-2025-23155, CVE-2025-23156, CVE-2025-23157, CVE-2025-23158,
CVE-2025-23159, CVE-2025-23160, CVE-2025-23161, CVE-2025-23163,
CVE-2025-37738, CVE-2025-37739, CVE-2025-37740, CVE-2025-37741,
CVE-2025-37742, CVE-2025-37744, CVE-2025-37745, CVE-2025-37748,
CVE-2025-37749, CVE-2025-37754, CVE-2025-37755, CVE-2025-37757,
CVE-2025-37758, CVE-2025-37759, CVE-2025-37761, CVE-2025-37763,
CVE-2025-37764, CVE-2025-37765, CVE-2025-37766, CVE-2025-37767,
CVE-2025-37768, CVE-2025-37769, CVE-2025-37770, CVE-2025-37771,
CVE-2025-37772, CVE-2025-37773, CVE-2025-37775, CVE-2025-37777,
CVE-2025-37778, CVE-2025-37780, CVE-2025-37781, CVE-2025-37784,
CVE-2025-37786, CVE-2025-37787, CVE-2025-37788, CVE-2025-37789,
CVE-2025-37790, CVE-2025-37792, CVE-2025-37793, CVE-2025-37794,
CVE-2025-37796, CVE-2025-37799, CVE-2025-37800, CVE-2025-37801,
CVE-2025-37803, CVE-2025-37805, CVE-2025-37808, CVE-2025-37809,
CVE-2025-37810, CVE-2025-37811, CVE-2025-37812, CVE-2025-37813,
CVE-2025-37815, CVE-2025-37816, CVE-2025-37817, CVE-2025-37819,
CVE-2025-37820, CVE-2025-37822, CVE-2025-37823, CVE-2025-37824,
CVE-2025-37826, CVE-2025-37827, CVE-2025-37828, CVE-2025-37829,
CVE-2025-37830, CVE-2025-37831, CVE-2025-37836, CVE-2025-37839,
CVE-2025-37840, CVE-2025-37841, CVE-2025-37842, CVE-2025-37844,
CVE-2025-37846, CVE-2025-37849, CVE-2025-37850, CVE-2025-37851,
CVE-2025-37852, CVE-2025-37853, CVE-2025-37854, CVE-2025-37856,
CVE-2025-37857, CVE-2025-37858, CVE-2025-37859, CVE-2025-37861,
CVE-2025-37862, CVE-2025-37863, CVE-2025-37864, CVE-2025-37865,
CVE-2025-37867, CVE-2025-37869, CVE-2025-37871, CVE-2025-37872,
CVE-2025-37873, CVE-2025-37874, CVE-2025-37875, CVE-2025-37878,
CVE-2025-37879, CVE-2025-37881, CVE-2025-37883, CVE-2025-37884,
CVE-2025-37885, CVE-2025-37886, CVE-2025-37887, CVE-2025-37891,
CVE-2025-37892, CVE-2025-37897, CVE-2025-37900, CVE-2025-37901,
CVE-2025-37903, CVE-2025-37905, CVE-2025-37909, CVE-2025-37911,
CVE-2025-37912, CVE-2025-37913, CVE-2025-37914, CVE-2025-37915,
CVE-2025-37916, CVE-2025-37917, CVE-2025-37918, CVE-2025-37920,
CVE-2025-37921, CVE-2025-37922, CVE-2025-37923, CVE-2025-37924,
CVE-2025-37925, CVE-2025-37927, CVE-2025-37928, CVE-2025-37930,
CVE-2025-37931, CVE-2025-37933, CVE-2025-37935, CVE-2025-37936,
CVE-2025-37938, CVE-2025-37940, CVE-2025-37943, CVE-2025-37944,
CVE-2025-37945, CVE-2025-37947, CVE-2025-37948, CVE-2025-37949,
CVE-2025-37951, CVE-2025-37952, CVE-2025-37956, CVE-2025-37957,
CVE-2025-37959, CVE-2025-37960, CVE-2025-37961, CVE-2025-37962,
CVE-2025-37963, CVE-2025-37967, CVE-2025-37968, CVE-2025-37969,
CVE-2025-37970, CVE-2025-37972, CVE-2025-37973, CVE-2025-37975,
CVE-2025-37977, CVE-2025-37978, CVE-2025-37979, CVE-2025-37980,
CVE-2025-37982, CVE-2025-37983, CVE-2025-37984, CVE-2025-37985,
CVE-2025-37986, CVE-2025-37987, CVE-2025-37988, CVE-2025-37989,
CVE-2025-37990, CVE-2025-37991, CVE-2025-37992, CVE-2025-37994,
CVE-2025-37995, CVE-2025-37998, CVE-2025-38003, CVE-2025-38004,
CVE-2025-38005, CVE-2025-38006, CVE-2025-38007, CVE-2025-38008,
CVE-2025-38009, CVE-2025-38010, CVE-2025-38011, CVE-2025-38013,
CVE-2025-38014, CVE-2025-38015, CVE-2025-38018, CVE-2025-38019,
CVE-2025-38020, CVE-2025-38023, CVE-2025-38024, CVE-2025-38027,
CVE-2025-38031, CVE-2025-38034, CVE-2025-38035, CVE-2025-38037,
CVE-2025-38039, CVE-2025-38040, CVE-2025-38043, CVE-2025-38044,
CVE-2025-38045, CVE-2025-38048, CVE-2025-38051, CVE-2025-38052,
CVE-2025-38053, CVE-2025-38055, CVE-2025-38057, CVE-2025-38058,
CVE-2025-38059, CVE-2025-38060, CVE-2025-38061, CVE-2025-38062,
CVE-2025-38063, CVE-2025-38065, CVE-2025-38066, CVE-2025-38067,
CVE-2025-38068, CVE-2025-38071, CVE-2025-38072, CVE-2025-38074,
CVE-2025-38075, CVE-2025-38077, CVE-2025-38078, CVE-2025-38079,
CVE-2025-38080, CVE-2025-38081, CVE-2025-38084, CVE-2025-38085,
CVE-2025-38086, CVE-2025-38087, CVE-2025-38088, CVE-2025-38089,
CVE-2025-38090, CVE-2025-38094, CVE-2025-38095, CVE-2025-38097,
CVE-2025-38098, CVE-2025-38099, CVE-2025-38100, CVE-2025-38101,
CVE-2025-38102, CVE-2025-38103, CVE-2025-38104, CVE-2025-38107,
CVE-2025-38108, CVE-2025-38109, CVE-2025-38110, CVE-2025-38111,
CVE-2025-38112, CVE-2025-38113, CVE-2025-38115, CVE-2025-38117,
CVE-2025-38119, CVE-2025-38120, CVE-2025-38122, CVE-2025-38123,
CVE-2025-38124, CVE-2025-38125, CVE-2025-38126, CVE-2025-38127,
CVE-2025-38129, CVE-2025-38131, CVE-2025-38135, CVE-2025-38136,
CVE-2025-38138, CVE-2025-38142, CVE-2025-38143, CVE-2025-38145,
CVE-2025-38146, CVE-2025-38147, CVE-2025-38148, CVE-2025-38149,
CVE-2025-38153, CVE-2025-38154, CVE-2025-38155, CVE-2025-38156,
CVE-2025-38157, CVE-2025-38158, CVE-2025-38159, CVE-2025-38160,
CVE-2025-38161, CVE-2025-38162, CVE-2025-38163, CVE-2025-38164,
CVE-2025-38165, CVE-2025-38166, CVE-2025-38167, CVE-2025-38169,
CVE-2025-38170, CVE-2025-38173, CVE-2025-38174, CVE-2025-38180,
CVE-2025-38181, CVE-2025-38182, CVE-2025-38183, CVE-2025-38184,
CVE-2025-38185, CVE-2025-38190, CVE-2025-38191, CVE-2025-38192,
CVE-2025-38193, CVE-2025-38194, CVE-2025-38197, CVE-2025-38198,
CVE-2025-38200, CVE-2025-38202, CVE-2025-38208, CVE-2025-38210,
CVE-2025-38211, CVE-2025-38212, CVE-2025-38214, CVE-2025-38215,
CVE-2025-38217, CVE-2025-38218, CVE-2025-38219, CVE-2025-38220,
CVE-2025-38222, CVE-2025-38225, CVE-2025-38226, CVE-2025-38229,
CVE-2025-38230, CVE-2025-38231, CVE-2025-38232, CVE-2025-38236,
CVE-2025-38239, CVE-2025-38245, CVE-2025-38246, CVE-2025-38248,
CVE-2025-38249, CVE-2025-38250, CVE-2025-38251, CVE-2025-38253,
CVE-2025-38255, CVE-2025-38257, CVE-2025-38258, CVE-2025-38259,
CVE-2025-38260, CVE-2025-38262, CVE-2025-38263, CVE-2025-38264,
CVE-2025-38265, CVE-2025-38269, CVE-2025-38274, CVE-2025-38275,
CVE-2025-38277, CVE-2025-38278, CVE-2025-38279, CVE-2025-38280,
CVE-2025-38282, CVE-2025-38283, CVE-2025-38285, CVE-2025-38286,
CVE-2025-38289, CVE-2025-38290, CVE-2025-38292, CVE-2025-38293,
CVE-2025-38295, CVE-2025-38298, CVE-2025-38299, CVE-2025-38300,
CVE-2025-38303, CVE-2025-38304, CVE-2025-38305, CVE-2025-38307,
CVE-2025-38310, CVE-2025-38312, CVE-2025-38313, CVE-2025-38319,
CVE-2025-38320, CVE-2025-38321, CVE-2025-38322, CVE-2025-38323,
CVE-2025-38324, CVE-2025-38326, CVE-2025-38328, CVE-2025-38331,
CVE-2025-38332, CVE-2025-38333, CVE-2025-38334, CVE-2025-38335,
CVE-2025-38336, CVE-2025-38337, CVE-2025-38338, CVE-2025-38342,
CVE-2025-38343, CVE-2025-38344, CVE-2025-38345, CVE-2025-38346,
CVE-2025-38347, CVE-2025-38348, CVE-2025-38349, CVE-2025-38351,
CVE-2025-38354, CVE-2025-38361, CVE-2025-38362, CVE-2025-38363,
CVE-2025-38364, CVE-2025-38365, CVE-2025-38368, CVE-2025-38369,
CVE-2025-38371, CVE-2025-38373, CVE-2025-38374, CVE-2025-38375,
CVE-2025-38376, CVE-2025-38377, CVE-2025-38382, CVE-2025-38384,
CVE-2025-38385, CVE-2025-38386, CVE-2025-38387, CVE-2025-38388,
CVE-2025-38389, CVE-2025-38390, CVE-2025-38391, CVE-2025-38392,
CVE-2025-38393, CVE-2025-38395, CVE-2025-38396, CVE-2025-38399,
CVE-2025-38400, CVE-2025-38401, CVE-2025-38402, CVE-2025-38403,
CVE-2025-38405, CVE-2025-38406, CVE-2025-38407, CVE-2025-38408,
CVE-2025-38409, CVE-2025-38410, CVE-2025-38412, CVE-2025-38414,
CVE-2025-38415, CVE-2025-38416, CVE-2025-38418, CVE-2025-38419,
CVE-2025-38420, CVE-2025-38422, CVE-2025-38424, CVE-2025-38425,
CVE-2025-38427, CVE-2025-38428, CVE-2025-38429, CVE-2025-38430,
CVE-2025-38436, CVE-2025-38437, CVE-2025-38439, CVE-2025-38441,
CVE-2025-38443, CVE-2025-38444, CVE-2025-38445, CVE-2025-38448,
CVE-2025-38449, CVE-2025-38455, CVE-2025-38456, CVE-2025-38457,
CVE-2025-38458, CVE-2025-38459, CVE-2025-38460, CVE-2025-38461,
CVE-2025-38462, CVE-2025-38463, CVE-2025-38464, CVE-2025-38465,
CVE-2025-38466, CVE-2025-38467, CVE-2025-38468, CVE-2025-38469,
CVE-2025-38470, CVE-2025-38471, CVE-2025-38472, CVE-2025-38473,
CVE-2025-38474, CVE-2025-38476, CVE-2025-38478, CVE-2025-38480,
CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38485,
CVE-2025-38487, CVE-2025-38488, CVE-2025-38489, CVE-2025-38490,
CVE-2025-38491, CVE-2025-38493, CVE-2025-38494, CVE-2025-38495,
CVE-2025-38496, CVE-2025-38497, CVE-2025-38499, CVE-2025-38501,
CVE-2025-38503, CVE-2025-38506, CVE-2025-38507, CVE-2025-38510,
CVE-2025-38511, CVE-2025-38512, CVE-2025-38513, CVE-2025-38514,
CVE-2025-38515, CVE-2025-38516, CVE-2025-38520, CVE-2025-38521,
CVE-2025-38524, CVE-2025-38526, CVE-2025-38527, CVE-2025-38528,
CVE-2025-38529, CVE-2025-38530, CVE-2025-38531, CVE-2025-38532,
CVE-2025-38533, CVE-2025-38535, CVE-2025-38537, CVE-2025-38538,
CVE-2025-38539, CVE-2025-38540, CVE-2025-38542, CVE-2025-38543,
CVE-2025-38544, CVE-2025-38546, CVE-2025-38548, CVE-2025-38549,
CVE-2025-38550, CVE-2025-38551, CVE-2025-38552, CVE-2025-38553,
CVE-2025-38555, CVE-2025-38560, CVE-2025-38561, CVE-2025-38562,
CVE-2025-38566, CVE-2025-38568, CVE-2025-38569, CVE-2025-38571,
CVE-2025-38572, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577,
CVE-2025-38578, CVE-2025-38579, CVE-2025-38581, CVE-2025-38582,
CVE-2025-38583, CVE-2025-38584, CVE-2025-38585, CVE-2025-38587,
CVE-2025-38588, CVE-2025-38590, CVE-2025-38593, CVE-2025-38595,
CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38608,
CVE-2025-38609, CVE-2025-38610, CVE-2025-38612, CVE-2025-38614,
CVE-2025-38615, CVE-2025-38619, CVE-2025-38622, CVE-2025-38623,
CVE-2025-38624, CVE-2025-38625, CVE-2025-38626, CVE-2025-38630,
CVE-2025-38632, CVE-2025-38634, CVE-2025-38635, CVE-2025-38639,
CVE-2025-38640, CVE-2025-38644, CVE-2025-38645, CVE-2025-38646,
CVE-2025-38648, CVE-2025-38650, CVE-2025-38652, CVE-2025-38653,
CVE-2025-38659, CVE-2025-38660, CVE-2025-38663, CVE-2025-38664,
CVE-2025-38665, CVE-2025-38668, CVE-2025-38670, CVE-2025-38671,
CVE-2025-38675, CVE-2025-38676, CVE-2025-38677, CVE-2025-38679,
CVE-2025-38680, CVE-2025-38681, CVE-2025-38684, CVE-2025-38685,
CVE-2025-38686, CVE-2025-38687, CVE-2025-38688, CVE-2025-38691,
CVE-2025-38692, CVE-2025-38693, CVE-2025-38694, CVE-2025-38695,
CVE-2025-38696, CVE-2025-38697, CVE-2025-38698, CVE-2025-38699,
CVE-2025-38700, CVE-2025-38701, CVE-2025-38702, CVE-2025-38703,
CVE-2025-38704, CVE-2025-38705, CVE-2025-38706, CVE-2025-38707,
CVE-2025-38708, CVE-2025-38710, CVE-2025-38711, CVE-2025-38712,
CVE-2025-38713, CVE-2025-38714, CVE-2025-38715, CVE-2025-38716,
CVE-2025-38718, CVE-2025-38721, CVE-2025-38722, CVE-2025-38724,
CVE-2025-38725, CVE-2025-38728, CVE-2025-38729, CVE-2025-38730,
CVE-2025-38732, CVE-2025-38734, CVE-2025-38735, CVE-2025-39673,
CVE-2025-39675, CVE-2025-39676, CVE-2025-39679, CVE-2025-39681,
CVE-2025-39683, CVE-2025-39684, CVE-2025-39685, CVE-2025-39686,
CVE-2025-39687, CVE-2025-39689, CVE-2025-39691, CVE-2025-39692,
CVE-2025-39693, CVE-2025-39694, CVE-2025-39698, CVE-2025-39701,
CVE-2025-39702, CVE-2025-39703, CVE-2025-39705, CVE-2025-39706,
CVE-2025-39707, CVE-2025-39709, CVE-2025-39710, CVE-2025-39711,
CVE-2025-39712, CVE-2025-39713, CVE-2025-39714, CVE-2025-39715,
CVE-2025-39716, CVE-2025-39718, CVE-2025-39719, CVE-2025-39720,
CVE-2025-39721, CVE-2025-39724, CVE-2025-39726, CVE-2025-39730,
CVE-2025-39731, CVE-2025-39732, CVE-2025-39734, CVE-2025-39736,
CVE-2025-39737, CVE-2025-39738, CVE-2025-39739, CVE-2025-39742,
CVE-2025-39743, CVE-2025-39744, CVE-2025-39746, CVE-2025-39747,
CVE-2025-39748, CVE-2025-39749, CVE-2025-39750, CVE-2025-39752,
CVE-2025-39753, CVE-2025-39756, CVE-2025-39757, CVE-2025-39758,
CVE-2025-39759, CVE-2025-39760, CVE-2025-39761, CVE-2025-39763,
CVE-2025-39766, CVE-2025-39770, CVE-2025-39772, CVE-2025-39773,
CVE-2025-39776, CVE-2025-39779, CVE-2025-39781, CVE-2025-39782,
CVE-2025-39783, CVE-2025-39787, CVE-2025-39788, CVE-2025-39790,
CVE-2025-39794, CVE-2025-39795, CVE-2025-39797, CVE-2025-39798,
CVE-2025-39800, CVE-2025-39801, CVE-2025-39889, CVE-2025-39890,
CVE-2025-39946, CVE-2025-39989, CVE-2025-40019, CVE-2025-40215,
CVE-2025-40297, CVE-2025-68750)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
linux-image-6.8.0-1046-azure-fips 6.8.0-1046.52+fips1
Available with Ubuntu Pro
linux-image-azure-fips 6.8.0-1046.52+fips1
Available with Ubuntu Pro
linux-image-azure-fips-6.8 6.8.0-1046.52+fips1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8074-2
https://ubuntu.com/security/notices/USN-8074-1
CVE-2024-36331, CVE-2024-36350, CVE-2024-36357, CVE-2025-21884,
CVE-2025-21931, CVE-2025-22026, CVE-2025-22101, CVE-2025-22102,
CVE-2025-22115, CVE-2025-22120, CVE-2025-22126, CVE-2025-22128,
CVE-2025-23140, CVE-2025-23141, CVE-2025-23142, CVE-2025-23144,
CVE-2025-23145, CVE-2025-23146, CVE-2025-23147, CVE-2025-23148,
CVE-2025-23149, CVE-2025-23150, CVE-2025-23151, CVE-2025-23155,
CVE-2025-23156, CVE-2025-23157, CVE-2025-23158, CVE-2025-23159,
CVE-2025-23160, CVE-2025-23161, CVE-2025-23163, CVE-2025-37738,
CVE-2025-37739, CVE-2025-37740, CVE-2025-37741, CVE-2025-37742,
CVE-2025-37744, CVE-2025-37745, CVE-2025-37748, CVE-2025-37749,
CVE-2025-37754, CVE-2025-37755, CVE-2025-37757, CVE-2025-37758,
CVE-2025-37759, CVE-2025-37761, CVE-2025-37763, CVE-2025-37764,
CVE-2025-37765, CVE-2025-37766, CVE-2025-37767, CVE-2025-37768,
CVE-2025-37769, CVE-2025-37770, CVE-2025-37771, CVE-2025-37772,
CVE-2025-37773, CVE-2025-37775, CVE-2025-37777, CVE-2025-37778,
CVE-2025-37780, CVE-2025-37781, CVE-2025-37784, CVE-2025-37786,
CVE-2025-37787, CVE-2025-37788, CVE-2025-37789, CVE-2025-37790,
CVE-2025-37792, CVE-2025-37793, CVE-2025-37794, CVE-2025-37796,
CVE-2025-37799, CVE-2025-37800, CVE-2025-37801, CVE-2025-37803,
CVE-2025-37805, CVE-2025-37808, CVE-2025-37809, CVE-2025-37810,
CVE-2025-37811, CVE-2025-37812, CVE-2025-37813, CVE-2025-37815,
CVE-2025-37816, CVE-2025-37817, CVE-2025-37819, CVE-2025-37820,
CVE-2025-37822, CVE-2025-37823, CVE-2025-37824, CVE-2025-37826,
CVE-2025-37827, CVE-2025-37828, CVE-2025-37829, CVE-2025-37830,
CVE-2025-37831, CVE-2025-37836, CVE-2025-37839, CVE-2025-37840,
CVE-2025-37841, CVE-2025-37842, CVE-2025-37844, CVE-2025-37846,
CVE-2025-37849, CVE-2025-37850, CVE-2025-37851, CVE-2025-37852,
CVE-2025-37853, CVE-2025-37854, CVE-2025-37856, CVE-2025-37857,
CVE-2025-37858, CVE-2025-37859, CVE-2025-37861, CVE-2025-37862,
CVE-2025-37863, CVE-2025-37864, CVE-2025-37865, CVE-2025-37867,
CVE-2025-37869, CVE-2025-37871, CVE-2025-37872, CVE-2025-37873,
CVE-2025-37874, CVE-2025-37875, CVE-2025-37878, CVE-2025-37879,
CVE-2025-37881, CVE-2025-37883, CVE-2025-37884, CVE-2025-37885,
CVE-2025-37886, CVE-2025-37887, CVE-2025-37891, CVE-2025-37892,
CVE-2025-37897, CVE-2025-37900, CVE-2025-37901, CVE-2025-37903,
CVE-2025-37905, CVE-2025-37909, CVE-2025-37911, CVE-2025-37912,
CVE-2025-37913, CVE-2025-37914, CVE-2025-37915, CVE-2025-37916,
CVE-2025-37917, CVE-2025-37918, CVE-2025-37920, CVE-2025-37921,
CVE-2025-37922, CVE-2025-37923, CVE-2025-37924, CVE-2025-37925,
CVE-2025-37927, CVE-2025-37928, CVE-2025-37930, CVE-2025-37931,
CVE-2025-37933, CVE-2025-37935, CVE-2025-37936, CVE-2025-37938,
CVE-2025-37940, CVE-2025-37943, CVE-2025-37944, CVE-2025-37945,
CVE-2025-37947, CVE-2025-37948, CVE-2025-37949, CVE-2025-37951,
CVE-2025-37952, CVE-2025-37956, CVE-2025-37957, CVE-2025-37959,
CVE-2025-37960, CVE-2025-37961, CVE-2025-37962, CVE-2025-37963,
CVE-2025-37967, CVE-2025-37968, CVE-2025-37969, CVE-2025-37970,
CVE-2025-37972, CVE-2025-37973, CVE-2025-37975, CVE-2025-37977,
CVE-2025-37978, CVE-2025-37979, CVE-2025-37980, CVE-2025-37982,
CVE-2025-37983, CVE-2025-37984, CVE-2025-37985, CVE-2025-37986,
CVE-2025-37987, CVE-2025-37988, CVE-2025-37989, CVE-2025-37990,
CVE-2025-37991, CVE-2025-37992, CVE-2025-37994, CVE-2025-37995,
CVE-2025-37998, CVE-2025-38003, CVE-2025-38004, CVE-2025-38005,
CVE-2025-38006, CVE-2025-38007, CVE-2025-38008, CVE-2025-38009,
CVE-2025-38010, CVE-2025-38011, CVE-2025-38013, CVE-2025-38014,
CVE-2025-38015, CVE-2025-38018, CVE-2025-38019, CVE-2025-38020,
CVE-2025-38023, CVE-2025-38024, CVE-2025-38027, CVE-2025-38031,
CVE-2025-38034, CVE-2025-38035, CVE-2025-38037, CVE-2025-38039,
CVE-2025-38040, CVE-2025-38043, CVE-2025-38044, CVE-2025-38045,
CVE-2025-38048, CVE-2025-38051, CVE-2025-38052, CVE-2025-38053,
CVE-2025-38055, CVE-2025-38057, CVE-2025-38058, CVE-2025-38059,
CVE-2025-38060, CVE-2025-38061, CVE-2025-38062, CVE-2025-38063,
CVE-2025-38065, CVE-2025-38066, CVE-2025-38067, CVE-2025-38068,
CVE-2025-38071, CVE-2025-38072, CVE-2025-38074, CVE-2025-38075,
CVE-2025-38077, CVE-2025-38078, CVE-2025-38079, CVE-2025-38080,
CVE-2025-38081, CVE-2025-38084, CVE-2025-38085, CVE-2025-38086,
CVE-2025-38087, CVE-2025-38088, CVE-2025-38089, CVE-2025-38090,
CVE-2025-38094, CVE-2025-38095, CVE-2025-38097, CVE-2025-38098,
CVE-2025-38099, CVE-2025-38100, CVE-2025-38101, CVE-2025-38102,
CVE-2025-38103, CVE-2025-38104, CVE-2025-38107, CVE-2025-38108,
CVE-2025-38109, CVE-2025-38110, CVE-2025-38111, CVE-2025-38112,
CVE-2025-38113, CVE-2025-38115, CVE-2025-38117, CVE-2025-38119,
CVE-2025-38120, CVE-2025-38122, CVE-2025-38123, CVE-2025-38124,
CVE-2025-38125, CVE-2025-38126, CVE-2025-38127, CVE-2025-38129,
CVE-2025-38131, CVE-2025-38135, CVE-2025-38136, CVE-2025-38138,
CVE-2025-38142, CVE-2025-38143, CVE-2025-38145, CVE-2025-38146,
CVE-2025-38147, CVE-2025-38148, CVE-2025-38149, CVE-2025-38153,
CVE-2025-38154, CVE-2025-38155, CVE-2025-38156, CVE-2025-38157,
CVE-2025-38158, CVE-2025-38159, CVE-2025-38160, CVE-2025-38161,
CVE-2025-38162, CVE-2025-38163, CVE-2025-38164, CVE-2025-38165,
CVE-2025-38166, CVE-2025-38167, CVE-2025-38169, CVE-2025-38170,
CVE-2025-38173, CVE-2025-38174, CVE-2025-38180, CVE-2025-38181,
CVE-2025-38182, CVE-2025-38183, CVE-2025-38184, CVE-2025-38185,
CVE-2025-38190, CVE-2025-38191, CVE-2025-38192, CVE-2025-38193,
CVE-2025-38194, CVE-2025-38197, CVE-2025-38198, CVE-2025-38200,
CVE-2025-38202, CVE-2025-38208, CVE-2025-38210, CVE-2025-38211,
CVE-2025-38212, CVE-2025-38214, CVE-2025-38215, CVE-2025-38217,
CVE-2025-38218, CVE-2025-38219, CVE-2025-38220, CVE-2025-38222,
CVE-2025-38225, CVE-2025-38226, CVE-2025-38229, CVE-2025-38230,
CVE-2025-38231, CVE-2025-38232, CVE-2025-38236, CVE-2025-38239,
CVE-2025-38245, CVE-2025-38246, CVE-2025-38248, CVE-2025-38249,
CVE-2025-38250, CVE-2025-38251, CVE-2025-38253, CVE-2025-38255,
CVE-2025-38257, CVE-2025-38258, CVE-2025-38259, CVE-2025-38260,
CVE-2025-38262, CVE-2025-38263, CVE-2025-38264, CVE-2025-38265,
CVE-2025-38269, CVE-2025-38274, CVE-2025-38275, CVE-2025-38277,
CVE-2025-38278, CVE-2025-38279, CVE-2025-38280, CVE-2025-38282,
CVE-2025-38283, CVE-2025-38285, CVE-2025-38286, CVE-2025-38289,
CVE-2025-38290, CVE-2025-38292, CVE-2025-38293, CVE-2025-38295,
CVE-2025-38298, CVE-2025-38299, CVE-2025-38300, CVE-2025-38303,
CVE-2025-38304, CVE-2025-38305, CVE-2025-38307, CVE-2025-38310,
CVE-2025-38312, CVE-2025-38313, CVE-2025-38319, CVE-2025-38320,
CVE-2025-38321, CVE-2025-38322, CVE-2025-38323, CVE-2025-38324,
CVE-2025-38326, CVE-2025-38328, CVE-2025-38331, CVE-2025-38332,
CVE-2025-38333, CVE-2025-38334, CVE-2025-38335, CVE-2025-38336,
CVE-2025-38337, CVE-2025-38338, CVE-2025-38342, CVE-2025-38343,
CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38347,
CVE-2025-38348, CVE-2025-38349, CVE-2025-38351, CVE-2025-38354,
CVE-2025-38361, CVE-2025-38362, CVE-2025-38363, CVE-2025-38364,
CVE-2025-38365, CVE-2025-38368, CVE-2025-38369, CVE-2025-38371,
CVE-2025-38373, CVE-2025-38374, CVE-2025-38375, CVE-2025-38376,
CVE-2025-38377, CVE-2025-38382, CVE-2025-38384, CVE-2025-38385,
CVE-2025-38386, CVE-2025-38387, CVE-2025-38388, CVE-2025-38389,
CVE-2025-38390, CVE-2025-38391, CVE-2025-38392, CVE-2025-38393,
CVE-2025-38395, CVE-2025-38396, CVE-2025-38399, CVE-2025-38400,
CVE-2025-38401, CVE-2025-38402, CVE-2025-38403, CVE-2025-38405,
CVE-2025-38406, CVE-2025-38407, CVE-2025-38408, CVE-2025-38409,
CVE-2025-38410, CVE-2025-38412, CVE-2025-38414, CVE-2025-38415,
CVE-2025-38416, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420,
CVE-2025-38422, CVE-2025-38424, CVE-2025-38425, CVE-2025-38427,
CVE-2025-38428, CVE-2025-38429, CVE-2025-38430, CVE-2025-38436,
CVE-2025-38437, CVE-2025-38439, CVE-2025-38441, CVE-2025-38443,
CVE-2025-38444, CVE-2025-38445, CVE-2025-38448, CVE-2025-38449,
CVE-2025-38455, CVE-2025-38456, CVE-2025-38457, CVE-2025-38458,
CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462,
CVE-2025-38463, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466,
CVE-2025-38467, CVE-2025-38468, CVE-2025-38469, CVE-2025-38470,
CVE-2025-38471, CVE-2025-38472, CVE-2025-38473, CVE-2025-38474,
CVE-2025-38476, CVE-2025-38478, CVE-2025-38480, CVE-2025-38481,
CVE-2025-38482, CVE-2025-38483, CVE-2025-38485, CVE-2025-38487,
CVE-2025-38488, CVE-2025-38489, CVE-2025-38490, CVE-2025-38491,
CVE-2025-38493, CVE-2025-38494, CVE-2025-38495, CVE-2025-38496,
CVE-2025-38497, CVE-2025-38499, CVE-2025-38501, CVE-2025-38503,
CVE-2025-38506, CVE-2025-38507, CVE-2025-38510, CVE-2025-38511,
CVE-2025-38512, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515,
CVE-2025-38516, CVE-2025-38520, CVE-2025-38521, CVE-2025-38524,
CVE-2025-38526, CVE-2025-38527, CVE-2025-38528, CVE-2025-38529,
CVE-2025-38530, CVE-2025-38531, CVE-2025-38532, CVE-2025-38533,
CVE-2025-38535, CVE-2025-38537, CVE-2025-38538, CVE-2025-38539,
CVE-2025-38540, CVE-2025-38542, CVE-2025-38543, CVE-2025-38544,
CVE-2025-38546, CVE-2025-38548, CVE-2025-38549, CVE-2025-38550,
CVE-2025-38551, CVE-2025-38552, CVE-2025-38553, CVE-2025-38555,
CVE-2025-38560, CVE-2025-38561, CVE-2025-38562, CVE-2025-38566,
CVE-2025-38568, CVE-2025-38569, CVE-2025-38571, CVE-2025-38572,
CVE-2025-38574, CVE-2025-38576, CVE-2025-38577, CVE-2025-38578,
CVE-2025-38579, CVE-2025-38581, CVE-2025-38582, CVE-2025-38583,
CVE-2025-38584, CVE-2025-38585, CVE-2025-38587, CVE-2025-38588,
CVE-2025-38590, CVE-2025-38593, CVE-2025-38595, CVE-2025-38601,
CVE-2025-38602, CVE-2025-38604, CVE-2025-38608, CVE-2025-38609,
CVE-2025-38610, CVE-2025-38612, CVE-2025-38614, CVE-2025-38615,
CVE-2025-38619, CVE-2025-38622, CVE-2025-38623, CVE-2025-38624,
CVE-2025-38625, CVE-2025-38626, CVE-2025-38630, CVE-2025-38632,
CVE-2025-38634, CVE-2025-38635, CVE-2025-38639, CVE-2025-38640,
CVE-2025-38644, CVE-2025-38645, CVE-2025-38646, CVE-2025-38648,
CVE-2025-38650, CVE-2025-38652, CVE-2025-38653, CVE-2025-38659,
CVE-2025-38660, CVE-2025-38663, CVE-2025-38664, CVE-2025-38665,
CVE-2025-38668, CVE-2025-38670, CVE-2025-38671, CVE-2025-38675,
CVE-2025-38676, CVE-2025-38677, CVE-2025-38679, CVE-2025-38680,
CVE-2025-38681, CVE-2025-38684, CVE-2025-38685, CVE-2025-38686,
CVE-2025-38687, CVE-2025-38688, CVE-2025-38691, CVE-2025-38692,
CVE-2025-38693, CVE-2025-38694, CVE-2025-38695, CVE-2025-38696,
CVE-2025-38697, CVE-2025-38698, CVE-2025-38699, CVE-2025-38700,
CVE-2025-38701, CVE-2025-38702, CVE-2025-38703, CVE-2025-38704,
CVE-2025-38705, CVE-2025-38706, CVE-2025-38707, CVE-2025-38708,
CVE-2025-38710, CVE-2025-38711, CVE-2025-38712, CVE-2025-38713,
CVE-2025-38714, CVE-2025-38715, CVE-2025-38716, CVE-2025-38718,
CVE-2025-38721, CVE-2025-38722, CVE-2025-38724, CVE-2025-38725,
CVE-2025-38728, CVE-2025-38729, CVE-2025-38730, CVE-2025-38732,
CVE-2025-38734, CVE-2025-38735, CVE-2025-39673, CVE-2025-39675,
CVE-2025-39676, CVE-2025-39679, CVE-2025-39681, CVE-2025-39683,
CVE-2025-39684, CVE-2025-39685, CVE-2025-39686, CVE-2025-39687,
CVE-2025-39689, CVE-2025-39691, CVE-2025-39692, CVE-2025-39693,
CVE-2025-39694, CVE-2025-39698, CVE-2025-39701, CVE-2025-39702,
CVE-2025-39703, CVE-2025-39705, CVE-2025-39706, CVE-2025-39707,
CVE-2025-39709, CVE-2025-39710, CVE-2025-39711, CVE-2025-39712,
CVE-2025-39713, CVE-2025-39714, CVE-2025-39715, CVE-2025-39716,
CVE-2025-39718, CVE-2025-39719, CVE-2025-39720, CVE-2025-39721,
CVE-2025-39724, CVE-2025-39726, CVE-2025-39730, CVE-2025-39731,
CVE-2025-39732, CVE-2025-39734, CVE-2025-39736, CVE-2025-39737,
CVE-2025-39738, CVE-2025-39739, CVE-2025-39742, CVE-2025-39743,
CVE-2025-39744, CVE-2025-39746, CVE-2025-39747, CVE-2025-39748,
CVE-2025-39749, CVE-2025-39750, CVE-2025-39752, CVE-2025-39753,
CVE-2025-39756, CVE-2025-39757, CVE-2025-39758, CVE-2025-39759,
CVE-2025-39760, CVE-2025-39761, CVE-2025-39763, CVE-2025-39766,
CVE-2025-39770, CVE-2025-39772, CVE-2025-39773, CVE-2025-39776,
CVE-2025-39779, CVE-2025-39781, CVE-2025-39782, CVE-2025-39783,
CVE-2025-39787, CVE-2025-39788, CVE-2025-39790, CVE-2025-39794,
CVE-2025-39795, CVE-2025-39797, CVE-2025-39798, CVE-2025-39800,
CVE-2025-39801, CVE-2025-39889, CVE-2025-39890, CVE-2025-39946,
CVE-2025-39989, CVE-2025-40019, CVE-2025-40215, CVE-2025-40297,
CVE-2025-68750
Package Information:
https://launchpad.net/ubuntu/+source/linux-azure-fips/6.8.0-1046.52+fips1
[USN-8074-1] Linux kernel (Azure) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8074-1
March 04, 2026
linux-azure vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
Details:
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- MIPS architecture;
- PA-RISC architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- ATM drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- DRBD Distributed Replicated Block Device drivers;
- Network block device driver;
- Ublk userspace block driver;
- Bluetooth drivers;
- Bus devices;
- Character device driver;
- TPM device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- Device frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- ARM SCMI message protocol;
- FPGA Framework;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- Input Device (Miscellaneous) drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- MCB driver;
- Multiple devices driver;
- Media drivers;
- Multifunction device drivers;
- Microchip PCI driver;
- Intel Management Engine Interface driver;
- PCI Endpoint Test driver;
- TI TPS6594 PFSM driver;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Mellanox network drivers;
- STMicroelectronics network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- PCI subsystem;
- Amlogic Meson DDR PMU;
- PHY drivers;
- Pin controllers subsystem;
- x86 platform drivers;
- Power supply drivers;
- Powercap sysfs driver;
- PTP clock framework;
- PWM drivers;
- RapidIO drivers;
- Voltage and Current Regulator drivers;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI subsystem;
- ASPEED SoC drivers;
- QCOM SoC drivers;
- Samsung SoC drivers;
- SPI subsystem;
- small TFT LCD display modules;
- Media staging drivers;
- TCM subsystem;
- Trusted Execution Environment drivers;
- Thunderbolt and USB4 drivers;
- TTY drivers;
- UFS subsystem;
- Cadence USB3 driver;
- ChipIdea USB driver;
- USB Device Class drivers;
- USB core drivers;
- DesignWare USB3 driver;
- USB Gadget drivers;
- USB Host Controller drivers;
- Renesas USBHS Controller drivers;
- USB Type-C support driver;
- USB Type-C Connector System Software Interface driver;
- VFIO drivers;
- Virtio Host (VHOST) subsystem;
- Backlight driver;
- Framebuffer layer;
- TSM Common Guest driver;
- Virtio drivers;
- Xen hypervisor drivers;
- File systems infrastructure;
- BTRFS file system;
- Ceph distributed file system;
- EFI Variable file system;
- Ext4 file system;
- F2FS file system;
- GFS2 file system;
- JFFS2 file system;
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- NTFS3 file system;
- Overlay file system;
- Proc file system;
- SMB network file system;
- DRM display driver;
- Asynchronous Transfer Mode (ATM) subsystem;
- BPF subsystem;
- Memory Management;
- Internal shared memory driver;
- LZO compression library;
- Mellanox drivers;
- padata parallel execution mechanism;
- Networking subsytem;
- Bluetooth subsystem;
- Netfilter;
- Network traffic control;
- SCTP protocol;
- Network sockets;
- UDP network protocol;
- eXpress Data Path;
- XFRM subsystem;
- Digital Audio (PCM) driver;
- Universal MIDI packet (UMP) support module;
- Tracing infrastructure;
- User-space API (UAPI);
- io_uring subsystem;
- IPC subsystem;
- Perf events;
- Kernel exit() syscall;
- IRQ subsystem;
- Padata parallel execution mechanism;
- Kernel command line parsing driver;
- Hibernation control;
- RCU subsystem;
- Restartable seuqences system call mechanism;
- Maple Tree data structure library;
- Memory management;
- KASAN memory debugging framework;
- 802.1Q VLAN protocol;
- 9P file system network protocol;
- Appletalk network protocol;
- Ethernet bridge;
- CAN network layer;
- Networking core;
- Distributed Switch Architecture;
- HSR network protocol;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- Management Component Transport Protocol (MCTP);
- MultiProtocol Label Switching driver;
- Multipath TCP;
- NetLabel subsystem;
- Netlink;
- NFC subsystem;
- Open vSwitch;
- RDS protocol;
- Rose network layer;
- RxRPC session sockets;
- SMC sockets;
- Sun RPC protocol;
- TIPC protocol;
- TLS protocol;
- Unix domain sockets;
- VMware vSockets driver;
- Wireless networking;
- ALSA framework;
- WCD audio codecs;
- Intel ASoC drivers;
- MediaTek ASoC drivers;
- QCOM ASoC drivers;
- SoC audio core drivers;
- USB sound devices;
- Virtio sound driver;
- CPU Power monitoring subsystem;
- KVM subsystem;
(CVE-2025-21884, CVE-2025-21931, CVE-2025-22026, CVE-2025-22101,
CVE-2025-22102, CVE-2025-22115, CVE-2025-22120, CVE-2025-22126,
CVE-2025-22128, CVE-2025-23140, CVE-2025-23141, CVE-2025-23142,
CVE-2025-23144, CVE-2025-23145, CVE-2025-23146, CVE-2025-23147,
CVE-2025-23148, CVE-2025-23149, CVE-2025-23150, CVE-2025-23151,
CVE-2025-23155, CVE-2025-23156, CVE-2025-23157, CVE-2025-23158,
CVE-2025-23159, CVE-2025-23160, CVE-2025-23161, CVE-2025-23163,
CVE-2025-37738, CVE-2025-37739, CVE-2025-37740, CVE-2025-37741,
CVE-2025-37742, CVE-2025-37744, CVE-2025-37745, CVE-2025-37748,
CVE-2025-37749, CVE-2025-37754, CVE-2025-37755, CVE-2025-37757,
CVE-2025-37758, CVE-2025-37759, CVE-2025-37761, CVE-2025-37763,
CVE-2025-37764, CVE-2025-37765, CVE-2025-37766, CVE-2025-37767,
CVE-2025-37768, CVE-2025-37769, CVE-2025-37770, CVE-2025-37771,
CVE-2025-37772, CVE-2025-37773, CVE-2025-37775, CVE-2025-37777,
CVE-2025-37778, CVE-2025-37780, CVE-2025-37781, CVE-2025-37784,
CVE-2025-37786, CVE-2025-37787, CVE-2025-37788, CVE-2025-37789,
CVE-2025-37790, CVE-2025-37792, CVE-2025-37793, CVE-2025-37794,
CVE-2025-37796, CVE-2025-37799, CVE-2025-37800, CVE-2025-37801,
CVE-2025-37803, CVE-2025-37805, CVE-2025-37808, CVE-2025-37809,
CVE-2025-37810, CVE-2025-37811, CVE-2025-37812, CVE-2025-37813,
CVE-2025-37815, CVE-2025-37816, CVE-2025-37817, CVE-2025-37819,
CVE-2025-37820, CVE-2025-37822, CVE-2025-37823, CVE-2025-37824,
CVE-2025-37826, CVE-2025-37827, CVE-2025-37828, CVE-2025-37829,
CVE-2025-37830, CVE-2025-37831, CVE-2025-37836, CVE-2025-37839,
CVE-2025-37840, CVE-2025-37841, CVE-2025-37842, CVE-2025-37844,
CVE-2025-37846, CVE-2025-37849, CVE-2025-37850, CVE-2025-37851,
CVE-2025-37852, CVE-2025-37853, CVE-2025-37854, CVE-2025-37856,
CVE-2025-37857, CVE-2025-37858, CVE-2025-37859, CVE-2025-37861,
CVE-2025-37862, CVE-2025-37863, CVE-2025-37864, CVE-2025-37865,
CVE-2025-37867, CVE-2025-37869, CVE-2025-37871, CVE-2025-37872,
CVE-2025-37873, CVE-2025-37874, CVE-2025-37875, CVE-2025-37878,
CVE-2025-37879, CVE-2025-37881, CVE-2025-37883, CVE-2025-37884,
CVE-2025-37885, CVE-2025-37886, CVE-2025-37887, CVE-2025-37891,
CVE-2025-37892, CVE-2025-37897, CVE-2025-37900, CVE-2025-37901,
CVE-2025-37903, CVE-2025-37905, CVE-2025-37909, CVE-2025-37911,
CVE-2025-37912, CVE-2025-37913, CVE-2025-37914, CVE-2025-37915,
CVE-2025-37916, CVE-2025-37917, CVE-2025-37918, CVE-2025-37920,
CVE-2025-37921, CVE-2025-37922, CVE-2025-37923, CVE-2025-37924,
CVE-2025-37925, CVE-2025-37927, CVE-2025-37928, CVE-2025-37930,
CVE-2025-37931, CVE-2025-37933, CVE-2025-37935, CVE-2025-37936,
CVE-2025-37938, CVE-2025-37940, CVE-2025-37943, CVE-2025-37944,
CVE-2025-37945, CVE-2025-37947, CVE-2025-37948, CVE-2025-37949,
CVE-2025-37951, CVE-2025-37952, CVE-2025-37956, CVE-2025-37957,
CVE-2025-37959, CVE-2025-37960, CVE-2025-37961, CVE-2025-37962,
CVE-2025-37963, CVE-2025-37967, CVE-2025-37968, CVE-2025-37969,
CVE-2025-37970, CVE-2025-37972, CVE-2025-37973, CVE-2025-37975,
CVE-2025-37977, CVE-2025-37978, CVE-2025-37979, CVE-2025-37980,
CVE-2025-37982, CVE-2025-37983, CVE-2025-37984, CVE-2025-37985,
CVE-2025-37986, CVE-2025-37987, CVE-2025-37988, CVE-2025-37989,
CVE-2025-37990, CVE-2025-37991, CVE-2025-37992, CVE-2025-37994,
CVE-2025-37995, CVE-2025-37998, CVE-2025-38003, CVE-2025-38004,
CVE-2025-38005, CVE-2025-38006, CVE-2025-38007, CVE-2025-38008,
CVE-2025-38009, CVE-2025-38010, CVE-2025-38011, CVE-2025-38013,
CVE-2025-38014, CVE-2025-38015, CVE-2025-38018, CVE-2025-38019,
CVE-2025-38020, CVE-2025-38023, CVE-2025-38024, CVE-2025-38027,
CVE-2025-38031, CVE-2025-38034, CVE-2025-38035, CVE-2025-38037,
CVE-2025-38039, CVE-2025-38040, CVE-2025-38043, CVE-2025-38044,
CVE-2025-38045, CVE-2025-38048, CVE-2025-38051, CVE-2025-38052,
CVE-2025-38053, CVE-2025-38055, CVE-2025-38057, CVE-2025-38058,
CVE-2025-38059, CVE-2025-38060, CVE-2025-38061, CVE-2025-38062,
CVE-2025-38063, CVE-2025-38065, CVE-2025-38066, CVE-2025-38067,
CVE-2025-38068, CVE-2025-38071, CVE-2025-38072, CVE-2025-38074,
CVE-2025-38075, CVE-2025-38077, CVE-2025-38078, CVE-2025-38079,
CVE-2025-38080, CVE-2025-38081, CVE-2025-38084, CVE-2025-38085,
CVE-2025-38086, CVE-2025-38087, CVE-2025-38088, CVE-2025-38089,
CVE-2025-38090, CVE-2025-38094, CVE-2025-38095, CVE-2025-38097,
CVE-2025-38098, CVE-2025-38099, CVE-2025-38100, CVE-2025-38101,
CVE-2025-38102, CVE-2025-38103, CVE-2025-38104, CVE-2025-38107,
CVE-2025-38108, CVE-2025-38109, CVE-2025-38110, CVE-2025-38111,
CVE-2025-38112, CVE-2025-38113, CVE-2025-38115, CVE-2025-38117,
CVE-2025-38119, CVE-2025-38120, CVE-2025-38122, CVE-2025-38123,
CVE-2025-38124, CVE-2025-38125, CVE-2025-38126, CVE-2025-38127,
CVE-2025-38129, CVE-2025-38131, CVE-2025-38135, CVE-2025-38136,
CVE-2025-38138, CVE-2025-38142, CVE-2025-38143, CVE-2025-38145,
CVE-2025-38146, CVE-2025-38147, CVE-2025-38148, CVE-2025-38149,
CVE-2025-38153, CVE-2025-38154, CVE-2025-38155, CVE-2025-38156,
CVE-2025-38157, CVE-2025-38158, CVE-2025-38159, CVE-2025-38160,
CVE-2025-38161, CVE-2025-38162, CVE-2025-38163, CVE-2025-38164,
CVE-2025-38165, CVE-2025-38166, CVE-2025-38167, CVE-2025-38169,
CVE-2025-38170, CVE-2025-38173, CVE-2025-38174, CVE-2025-38180,
CVE-2025-38181, CVE-2025-38182, CVE-2025-38183, CVE-2025-38184,
CVE-2025-38185, CVE-2025-38190, CVE-2025-38191, CVE-2025-38192,
CVE-2025-38193, CVE-2025-38194, CVE-2025-38197, CVE-2025-38198,
CVE-2025-38200, CVE-2025-38202, CVE-2025-38208, CVE-2025-38210,
CVE-2025-38211, CVE-2025-38212, CVE-2025-38214, CVE-2025-38215,
CVE-2025-38217, CVE-2025-38218, CVE-2025-38219, CVE-2025-38220,
CVE-2025-38222, CVE-2025-38225, CVE-2025-38226, CVE-2025-38229,
CVE-2025-38230, CVE-2025-38231, CVE-2025-38232, CVE-2025-38236,
CVE-2025-38239, CVE-2025-38245, CVE-2025-38246, CVE-2025-38248,
CVE-2025-38249, CVE-2025-38250, CVE-2025-38251, CVE-2025-38253,
CVE-2025-38255, CVE-2025-38257, CVE-2025-38258, CVE-2025-38259,
CVE-2025-38260, CVE-2025-38262, CVE-2025-38263, CVE-2025-38264,
CVE-2025-38265, CVE-2025-38269, CVE-2025-38274, CVE-2025-38275,
CVE-2025-38277, CVE-2025-38278, CVE-2025-38279, CVE-2025-38280,
CVE-2025-38282, CVE-2025-38283, CVE-2025-38285, CVE-2025-38286,
CVE-2025-38289, CVE-2025-38290, CVE-2025-38292, CVE-2025-38293,
CVE-2025-38295, CVE-2025-38298, CVE-2025-38299, CVE-2025-38300,
CVE-2025-38303, CVE-2025-38304, CVE-2025-38305, CVE-2025-38307,
CVE-2025-38310, CVE-2025-38312, CVE-2025-38313, CVE-2025-38319,
CVE-2025-38320, CVE-2025-38321, CVE-2025-38322, CVE-2025-38323,
CVE-2025-38324, CVE-2025-38326, CVE-2025-38328, CVE-2025-38331,
CVE-2025-38332, CVE-2025-38333, CVE-2025-38334, CVE-2025-38335,
CVE-2025-38336, CVE-2025-38337, CVE-2025-38338, CVE-2025-38342,
CVE-2025-38343, CVE-2025-38344, CVE-2025-38345, CVE-2025-38346,
CVE-2025-38347, CVE-2025-38348, CVE-2025-38349, CVE-2025-38351,
CVE-2025-38354, CVE-2025-38361, CVE-2025-38362, CVE-2025-38363,
CVE-2025-38364, CVE-2025-38365, CVE-2025-38368, CVE-2025-38369,
CVE-2025-38371, CVE-2025-38373, CVE-2025-38374, CVE-2025-38375,
CVE-2025-38376, CVE-2025-38377, CVE-2025-38382, CVE-2025-38384,
CVE-2025-38385, CVE-2025-38386, CVE-2025-38387, CVE-2025-38388,
CVE-2025-38389, CVE-2025-38390, CVE-2025-38391, CVE-2025-38392,
CVE-2025-38393, CVE-2025-38395, CVE-2025-38396, CVE-2025-38399,
CVE-2025-38400, CVE-2025-38401, CVE-2025-38402, CVE-2025-38403,
CVE-2025-38405, CVE-2025-38406, CVE-2025-38407, CVE-2025-38408,
CVE-2025-38409, CVE-2025-38410, CVE-2025-38412, CVE-2025-38414,
CVE-2025-38415, CVE-2025-38416, CVE-2025-38418, CVE-2025-38419,
CVE-2025-38420, CVE-2025-38422, CVE-2025-38424, CVE-2025-38425,
CVE-2025-38427, CVE-2025-38428, CVE-2025-38429, CVE-2025-38430,
CVE-2025-38436, CVE-2025-38437, CVE-2025-38439, CVE-2025-38441,
CVE-2025-38443, CVE-2025-38444, CVE-2025-38445, CVE-2025-38448,
CVE-2025-38449, CVE-2025-38455, CVE-2025-38456, CVE-2025-38457,
CVE-2025-38458, CVE-2025-38459, CVE-2025-38460, CVE-2025-38461,
CVE-2025-38462, CVE-2025-38463, CVE-2025-38464, CVE-2025-38465,
CVE-2025-38466, CVE-2025-38467, CVE-2025-38468, CVE-2025-38469,
CVE-2025-38470, CVE-2025-38471, CVE-2025-38472, CVE-2025-38473,
CVE-2025-38474, CVE-2025-38476, CVE-2025-38478, CVE-2025-38480,
CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38485,
CVE-2025-38487, CVE-2025-38488, CVE-2025-38489, CVE-2025-38490,
CVE-2025-38491, CVE-2025-38493, CVE-2025-38494, CVE-2025-38495,
CVE-2025-38496, CVE-2025-38497, CVE-2025-38499, CVE-2025-38501,
CVE-2025-38503, CVE-2025-38506, CVE-2025-38507, CVE-2025-38510,
CVE-2025-38511, CVE-2025-38512, CVE-2025-38513, CVE-2025-38514,
CVE-2025-38515, CVE-2025-38516, CVE-2025-38520, CVE-2025-38521,
CVE-2025-38524, CVE-2025-38526, CVE-2025-38527, CVE-2025-38528,
CVE-2025-38529, CVE-2025-38530, CVE-2025-38531, CVE-2025-38532,
CVE-2025-38533, CVE-2025-38535, CVE-2025-38537, CVE-2025-38538,
CVE-2025-38539, CVE-2025-38540, CVE-2025-38542, CVE-2025-38543,
CVE-2025-38544, CVE-2025-38546, CVE-2025-38548, CVE-2025-38549,
CVE-2025-38550, CVE-2025-38551, CVE-2025-38552, CVE-2025-38553,
CVE-2025-38555, CVE-2025-38560, CVE-2025-38561, CVE-2025-38562,
CVE-2025-38566, CVE-2025-38568, CVE-2025-38569, CVE-2025-38571,
CVE-2025-38572, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577,
CVE-2025-38578, CVE-2025-38579, CVE-2025-38581, CVE-2025-38582,
CVE-2025-38583, CVE-2025-38584, CVE-2025-38585, CVE-2025-38587,
CVE-2025-38588, CVE-2025-38590, CVE-2025-38593, CVE-2025-38595,
CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38608,
CVE-2025-38609, CVE-2025-38610, CVE-2025-38612, CVE-2025-38614,
CVE-2025-38615, CVE-2025-38619, CVE-2025-38622, CVE-2025-38623,
CVE-2025-38624, CVE-2025-38625, CVE-2025-38626, CVE-2025-38630,
CVE-2025-38632, CVE-2025-38634, CVE-2025-38635, CVE-2025-38639,
CVE-2025-38640, CVE-2025-38644, CVE-2025-38645, CVE-2025-38646,
CVE-2025-38648, CVE-2025-38650, CVE-2025-38652, CVE-2025-38653,
CVE-2025-38659, CVE-2025-38660, CVE-2025-38663, CVE-2025-38664,
CVE-2025-38665, CVE-2025-38668, CVE-2025-38670, CVE-2025-38671,
CVE-2025-38675, CVE-2025-38676, CVE-2025-38677, CVE-2025-38679,
CVE-2025-38680, CVE-2025-38681, CVE-2025-38684, CVE-2025-38685,
CVE-2025-38686, CVE-2025-38687, CVE-2025-38688, CVE-2025-38691,
CVE-2025-38692, CVE-2025-38693, CVE-2025-38694, CVE-2025-38695,
CVE-2025-38696, CVE-2025-38697, CVE-2025-38698, CVE-2025-38699,
CVE-2025-38700, CVE-2025-38701, CVE-2025-38702, CVE-2025-38703,
CVE-2025-38704, CVE-2025-38705, CVE-2025-38706, CVE-2025-38707,
CVE-2025-38708, CVE-2025-38710, CVE-2025-38711, CVE-2025-38712,
CVE-2025-38713, CVE-2025-38714, CVE-2025-38715, CVE-2025-38716,
CVE-2025-38718, CVE-2025-38721, CVE-2025-38722, CVE-2025-38724,
CVE-2025-38725, CVE-2025-38728, CVE-2025-38729, CVE-2025-38730,
CVE-2025-38732, CVE-2025-38734, CVE-2025-38735, CVE-2025-39673,
CVE-2025-39675, CVE-2025-39676, CVE-2025-39679, CVE-2025-39681,
CVE-2025-39683, CVE-2025-39684, CVE-2025-39685, CVE-2025-39686,
CVE-2025-39687, CVE-2025-39689, CVE-2025-39691, CVE-2025-39692,
CVE-2025-39693, CVE-2025-39694, CVE-2025-39698, CVE-2025-39701,
CVE-2025-39702, CVE-2025-39703, CVE-2025-39705, CVE-2025-39706,
CVE-2025-39707, CVE-2025-39709, CVE-2025-39710, CVE-2025-39711,
CVE-2025-39712, CVE-2025-39713, CVE-2025-39714, CVE-2025-39715,
CVE-2025-39716, CVE-2025-39718, CVE-2025-39719, CVE-2025-39720,
CVE-2025-39721, CVE-2025-39724, CVE-2025-39726, CVE-2025-39730,
CVE-2025-39731, CVE-2025-39732, CVE-2025-39734, CVE-2025-39736,
CVE-2025-39737, CVE-2025-39738, CVE-2025-39739, CVE-2025-39742,
CVE-2025-39743, CVE-2025-39744, CVE-2025-39746, CVE-2025-39747,
CVE-2025-39748, CVE-2025-39749, CVE-2025-39750, CVE-2025-39752,
CVE-2025-39753, CVE-2025-39756, CVE-2025-39757, CVE-2025-39758,
CVE-2025-39759, CVE-2025-39760, CVE-2025-39761, CVE-2025-39763,
CVE-2025-39766, CVE-2025-39770, CVE-2025-39772, CVE-2025-39773,
CVE-2025-39776, CVE-2025-39779, CVE-2025-39781, CVE-2025-39782,
CVE-2025-39783, CVE-2025-39787, CVE-2025-39788, CVE-2025-39790,
CVE-2025-39794, CVE-2025-39795, CVE-2025-39797, CVE-2025-39798,
CVE-2025-39800, CVE-2025-39801, CVE-2025-39889, CVE-2025-39890,
CVE-2025-39946, CVE-2025-39989, CVE-2025-40019, CVE-2025-40215,
CVE-2025-40297, CVE-2025-68750)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
linux-image-6.8.0-1046-azure 6.8.0-1046.52
linux-image-azure-6.8 6.8.0-1046.52
linux-image-azure-lts-24.04 6.8.0-1046.52
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8074-1
CVE-2024-36331, CVE-2024-36350, CVE-2024-36357, CVE-2025-21884,
CVE-2025-21931, CVE-2025-22026, CVE-2025-22101, CVE-2025-22102,
CVE-2025-22115, CVE-2025-22120, CVE-2025-22126, CVE-2025-22128,
CVE-2025-23140, CVE-2025-23141, CVE-2025-23142, CVE-2025-23144,
CVE-2025-23145, CVE-2025-23146, CVE-2025-23147, CVE-2025-23148,
CVE-2025-23149, CVE-2025-23150, CVE-2025-23151, CVE-2025-23155,
CVE-2025-23156, CVE-2025-23157, CVE-2025-23158, CVE-2025-23159,
CVE-2025-23160, CVE-2025-23161, CVE-2025-23163, CVE-2025-37738,
CVE-2025-37739, CVE-2025-37740, CVE-2025-37741, CVE-2025-37742,
CVE-2025-37744, CVE-2025-37745, CVE-2025-37748, CVE-2025-37749,
CVE-2025-37754, CVE-2025-37755, CVE-2025-37757, CVE-2025-37758,
CVE-2025-37759, CVE-2025-37761, CVE-2025-37763, CVE-2025-37764,
CVE-2025-37765, CVE-2025-37766, CVE-2025-37767, CVE-2025-37768,
CVE-2025-37769, CVE-2025-37770, CVE-2025-37771, CVE-2025-37772,
CVE-2025-37773, CVE-2025-37775, CVE-2025-37777, CVE-2025-37778,
CVE-2025-37780, CVE-2025-37781, CVE-2025-37784, CVE-2025-37786,
CVE-2025-37787, CVE-2025-37788, CVE-2025-37789, CVE-2025-37790,
CVE-2025-37792, CVE-2025-37793, CVE-2025-37794, CVE-2025-37796,
CVE-2025-37799, CVE-2025-37800, CVE-2025-37801, CVE-2025-37803,
CVE-2025-37805, CVE-2025-37808, CVE-2025-37809, CVE-2025-37810,
CVE-2025-37811, CVE-2025-37812, CVE-2025-37813, CVE-2025-37815,
CVE-2025-37816, CVE-2025-37817, CVE-2025-37819, CVE-2025-37820,
CVE-2025-37822, CVE-2025-37823, CVE-2025-37824, CVE-2025-37826,
CVE-2025-37827, CVE-2025-37828, CVE-2025-37829, CVE-2025-37830,
CVE-2025-37831, CVE-2025-37836, CVE-2025-37839, CVE-2025-37840,
CVE-2025-37841, CVE-2025-37842, CVE-2025-37844, CVE-2025-37846,
CVE-2025-37849, CVE-2025-37850, CVE-2025-37851, CVE-2025-37852,
CVE-2025-37853, CVE-2025-37854, CVE-2025-37856, CVE-2025-37857,
CVE-2025-37858, CVE-2025-37859, CVE-2025-37861, CVE-2025-37862,
CVE-2025-37863, CVE-2025-37864, CVE-2025-37865, CVE-2025-37867,
CVE-2025-37869, CVE-2025-37871, CVE-2025-37872, CVE-2025-37873,
CVE-2025-37874, CVE-2025-37875, CVE-2025-37878, CVE-2025-37879,
CVE-2025-37881, CVE-2025-37883, CVE-2025-37884, CVE-2025-37885,
CVE-2025-37886, CVE-2025-37887, CVE-2025-37891, CVE-2025-37892,
CVE-2025-37897, CVE-2025-37900, CVE-2025-37901, CVE-2025-37903,
CVE-2025-37905, CVE-2025-37909, CVE-2025-37911, CVE-2025-37912,
CVE-2025-37913, CVE-2025-37914, CVE-2025-37915, CVE-2025-37916,
CVE-2025-37917, CVE-2025-37918, CVE-2025-37920, CVE-2025-37921,
CVE-2025-37922, CVE-2025-37923, CVE-2025-37924, CVE-2025-37925,
CVE-2025-37927, CVE-2025-37928, CVE-2025-37930, CVE-2025-37931,
CVE-2025-37933, CVE-2025-37935, CVE-2025-37936, CVE-2025-37938,
CVE-2025-37940, CVE-2025-37943, CVE-2025-37944, CVE-2025-37945,
CVE-2025-37947, CVE-2025-37948, CVE-2025-37949, CVE-2025-37951,
CVE-2025-37952, CVE-2025-37956, CVE-2025-37957, CVE-2025-37959,
CVE-2025-37960, CVE-2025-37961, CVE-2025-37962, CVE-2025-37963,
CVE-2025-37967, CVE-2025-37968, CVE-2025-37969, CVE-2025-37970,
CVE-2025-37972, CVE-2025-37973, CVE-2025-37975, CVE-2025-37977,
CVE-2025-37978, CVE-2025-37979, CVE-2025-37980, CVE-2025-37982,
CVE-2025-37983, CVE-2025-37984, CVE-2025-37985, CVE-2025-37986,
CVE-2025-37987, CVE-2025-37988, CVE-2025-37989, CVE-2025-37990,
CVE-2025-37991, CVE-2025-37992, CVE-2025-37994, CVE-2025-37995,
CVE-2025-37998, CVE-2025-38003, CVE-2025-38004, CVE-2025-38005,
CVE-2025-38006, CVE-2025-38007, CVE-2025-38008, CVE-2025-38009,
CVE-2025-38010, CVE-2025-38011, CVE-2025-38013, CVE-2025-38014,
CVE-2025-38015, CVE-2025-38018, CVE-2025-38019, CVE-2025-38020,
CVE-2025-38023, CVE-2025-38024, CVE-2025-38027, CVE-2025-38031,
CVE-2025-38034, CVE-2025-38035, CVE-2025-38037, CVE-2025-38039,
CVE-2025-38040, CVE-2025-38043, CVE-2025-38044, CVE-2025-38045,
CVE-2025-38048, CVE-2025-38051, CVE-2025-38052, CVE-2025-38053,
CVE-2025-38055, CVE-2025-38057, CVE-2025-38058, CVE-2025-38059,
CVE-2025-38060, CVE-2025-38061, CVE-2025-38062, CVE-2025-38063,
CVE-2025-38065, CVE-2025-38066, CVE-2025-38067, CVE-2025-38068,
CVE-2025-38071, CVE-2025-38072, CVE-2025-38074, CVE-2025-38075,
CVE-2025-38077, CVE-2025-38078, CVE-2025-38079, CVE-2025-38080,
CVE-2025-38081, CVE-2025-38084, CVE-2025-38085, CVE-2025-38086,
CVE-2025-38087, CVE-2025-38088, CVE-2025-38089, CVE-2025-38090,
CVE-2025-38094, CVE-2025-38095, CVE-2025-38097, CVE-2025-38098,
CVE-2025-38099, CVE-2025-38100, CVE-2025-38101, CVE-2025-38102,
CVE-2025-38103, CVE-2025-38104, CVE-2025-38107, CVE-2025-38108,
CVE-2025-38109, CVE-2025-38110, CVE-2025-38111, CVE-2025-38112,
CVE-2025-38113, CVE-2025-38115, CVE-2025-38117, CVE-2025-38119,
CVE-2025-38120, CVE-2025-38122, CVE-2025-38123, CVE-2025-38124,
CVE-2025-38125, CVE-2025-38126, CVE-2025-38127, CVE-2025-38129,
CVE-2025-38131, CVE-2025-38135, CVE-2025-38136, CVE-2025-38138,
CVE-2025-38142, CVE-2025-38143, CVE-2025-38145, CVE-2025-38146,
CVE-2025-38147, CVE-2025-38148, CVE-2025-38149, CVE-2025-38153,
CVE-2025-38154, CVE-2025-38155, CVE-2025-38156, CVE-2025-38157,
CVE-2025-38158, CVE-2025-38159, CVE-2025-38160, CVE-2025-38161,
CVE-2025-38162, CVE-2025-38163, CVE-2025-38164, CVE-2025-38165,
CVE-2025-38166, CVE-2025-38167, CVE-2025-38169, CVE-2025-38170,
CVE-2025-38173, CVE-2025-38174, CVE-2025-38180, CVE-2025-38181,
CVE-2025-38182, CVE-2025-38183, CVE-2025-38184, CVE-2025-38185,
CVE-2025-38190, CVE-2025-38191, CVE-2025-38192, CVE-2025-38193,
CVE-2025-38194, CVE-2025-38197, CVE-2025-38198, CVE-2025-38200,
CVE-2025-38202, CVE-2025-38208, CVE-2025-38210, CVE-2025-38211,
CVE-2025-38212, CVE-2025-38214, CVE-2025-38215, CVE-2025-38217,
CVE-2025-38218, CVE-2025-38219, CVE-2025-38220, CVE-2025-38222,
CVE-2025-38225, CVE-2025-38226, CVE-2025-38229, CVE-2025-38230,
CVE-2025-38231, CVE-2025-38232, CVE-2025-38236, CVE-2025-38239,
CVE-2025-38245, CVE-2025-38246, CVE-2025-38248, CVE-2025-38249,
CVE-2025-38250, CVE-2025-38251, CVE-2025-38253, CVE-2025-38255,
CVE-2025-38257, CVE-2025-38258, CVE-2025-38259, CVE-2025-38260,
CVE-2025-38262, CVE-2025-38263, CVE-2025-38264, CVE-2025-38265,
CVE-2025-38269, CVE-2025-38274, CVE-2025-38275, CVE-2025-38277,
CVE-2025-38278, CVE-2025-38279, CVE-2025-38280, CVE-2025-38282,
CVE-2025-38283, CVE-2025-38285, CVE-2025-38286, CVE-2025-38289,
CVE-2025-38290, CVE-2025-38292, CVE-2025-38293, CVE-2025-38295,
CVE-2025-38298, CVE-2025-38299, CVE-2025-38300, CVE-2025-38303,
CVE-2025-38304, CVE-2025-38305, CVE-2025-38307, CVE-2025-38310,
CVE-2025-38312, CVE-2025-38313, CVE-2025-38319, CVE-2025-38320,
CVE-2025-38321, CVE-2025-38322, CVE-2025-38323, CVE-2025-38324,
CVE-2025-38326, CVE-2025-38328, CVE-2025-38331, CVE-2025-38332,
CVE-2025-38333, CVE-2025-38334, CVE-2025-38335, CVE-2025-38336,
CVE-2025-38337, CVE-2025-38338, CVE-2025-38342, CVE-2025-38343,
CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38347,
CVE-2025-38348, CVE-2025-38349, CVE-2025-38351, CVE-2025-38354,
CVE-2025-38361, CVE-2025-38362, CVE-2025-38363, CVE-2025-38364,
CVE-2025-38365, CVE-2025-38368, CVE-2025-38369, CVE-2025-38371,
CVE-2025-38373, CVE-2025-38374, CVE-2025-38375, CVE-2025-38376,
CVE-2025-38377, CVE-2025-38382, CVE-2025-38384, CVE-2025-38385,
CVE-2025-38386, CVE-2025-38387, CVE-2025-38388, CVE-2025-38389,
CVE-2025-38390, CVE-2025-38391, CVE-2025-38392, CVE-2025-38393,
CVE-2025-38395, CVE-2025-38396, CVE-2025-38399, CVE-2025-38400,
CVE-2025-38401, CVE-2025-38402, CVE-2025-38403, CVE-2025-38405,
CVE-2025-38406, CVE-2025-38407, CVE-2025-38408, CVE-2025-38409,
CVE-2025-38410, CVE-2025-38412, CVE-2025-38414, CVE-2025-38415,
CVE-2025-38416, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420,
CVE-2025-38422, CVE-2025-38424, CVE-2025-38425, CVE-2025-38427,
CVE-2025-38428, CVE-2025-38429, CVE-2025-38430, CVE-2025-38436,
CVE-2025-38437, CVE-2025-38439, CVE-2025-38441, CVE-2025-38443,
CVE-2025-38444, CVE-2025-38445, CVE-2025-38448, CVE-2025-38449,
CVE-2025-38455, CVE-2025-38456, CVE-2025-38457, CVE-2025-38458,
CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462,
CVE-2025-38463, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466,
CVE-2025-38467, CVE-2025-38468, CVE-2025-38469, CVE-2025-38470,
CVE-2025-38471, CVE-2025-38472, CVE-2025-38473, CVE-2025-38474,
CVE-2025-38476, CVE-2025-38478, CVE-2025-38480, CVE-2025-38481,
CVE-2025-38482, CVE-2025-38483, CVE-2025-38485, CVE-2025-38487,
CVE-2025-38488, CVE-2025-38489, CVE-2025-38490, CVE-2025-38491,
CVE-2025-38493, CVE-2025-38494, CVE-2025-38495, CVE-2025-38496,
CVE-2025-38497, CVE-2025-38499, CVE-2025-38501, CVE-2025-38503,
CVE-2025-38506, CVE-2025-38507, CVE-2025-38510, CVE-2025-38511,
CVE-2025-38512, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515,
CVE-2025-38516, CVE-2025-38520, CVE-2025-38521, CVE-2025-38524,
CVE-2025-38526, CVE-2025-38527, CVE-2025-38528, CVE-2025-38529,
CVE-2025-38530, CVE-2025-38531, CVE-2025-38532, CVE-2025-38533,
CVE-2025-38535, CVE-2025-38537, CVE-2025-38538, CVE-2025-38539,
CVE-2025-38540, CVE-2025-38542, CVE-2025-38543, CVE-2025-38544,
CVE-2025-38546, CVE-2025-38548, CVE-2025-38549, CVE-2025-38550,
CVE-2025-38551, CVE-2025-38552, CVE-2025-38553, CVE-2025-38555,
CVE-2025-38560, CVE-2025-38561, CVE-2025-38562, CVE-2025-38566,
CVE-2025-38568, CVE-2025-38569, CVE-2025-38571, CVE-2025-38572,
CVE-2025-38574, CVE-2025-38576, CVE-2025-38577, CVE-2025-38578,
CVE-2025-38579, CVE-2025-38581, CVE-2025-38582, CVE-2025-38583,
CVE-2025-38584, CVE-2025-38585, CVE-2025-38587, CVE-2025-38588,
CVE-2025-38590, CVE-2025-38593, CVE-2025-38595, CVE-2025-38601,
CVE-2025-38602, CVE-2025-38604, CVE-2025-38608, CVE-2025-38609,
CVE-2025-38610, CVE-2025-38612, CVE-2025-38614, CVE-2025-38615,
CVE-2025-38619, CVE-2025-38622, CVE-2025-38623, CVE-2025-38624,
CVE-2025-38625, CVE-2025-38626, CVE-2025-38630, CVE-2025-38632,
CVE-2025-38634, CVE-2025-38635, CVE-2025-38639, CVE-2025-38640,
CVE-2025-38644, CVE-2025-38645, CVE-2025-38646, CVE-2025-38648,
CVE-2025-38650, CVE-2025-38652, CVE-2025-38653, CVE-2025-38659,
CVE-2025-38660, CVE-2025-38663, CVE-2025-38664, CVE-2025-38665,
CVE-2025-38668, CVE-2025-38670, CVE-2025-38671, CVE-2025-38675,
CVE-2025-38676, CVE-2025-38677, CVE-2025-38679, CVE-2025-38680,
CVE-2025-38681, CVE-2025-38684, CVE-2025-38685, CVE-2025-38686,
CVE-2025-38687, CVE-2025-38688, CVE-2025-38691, CVE-2025-38692,
CVE-2025-38693, CVE-2025-38694, CVE-2025-38695, CVE-2025-38696,
CVE-2025-38697, CVE-2025-38698, CVE-2025-38699, CVE-2025-38700,
CVE-2025-38701, CVE-2025-38702, CVE-2025-38703, CVE-2025-38704,
CVE-2025-38705, CVE-2025-38706, CVE-2025-38707, CVE-2025-38708,
CVE-2025-38710, CVE-2025-38711, CVE-2025-38712, CVE-2025-38713,
CVE-2025-38714, CVE-2025-38715, CVE-2025-38716, CVE-2025-38718,
CVE-2025-38721, CVE-2025-38722, CVE-2025-38724, CVE-2025-38725,
CVE-2025-38728, CVE-2025-38729, CVE-2025-38730, CVE-2025-38732,
CVE-2025-38734, CVE-2025-38735, CVE-2025-39673, CVE-2025-39675,
CVE-2025-39676, CVE-2025-39679, CVE-2025-39681, CVE-2025-39683,
CVE-2025-39684, CVE-2025-39685, CVE-2025-39686, CVE-2025-39687,
CVE-2025-39689, CVE-2025-39691, CVE-2025-39692, CVE-2025-39693,
CVE-2025-39694, CVE-2025-39698, CVE-2025-39701, CVE-2025-39702,
CVE-2025-39703, CVE-2025-39705, CVE-2025-39706, CVE-2025-39707,
CVE-2025-39709, CVE-2025-39710, CVE-2025-39711, CVE-2025-39712,
CVE-2025-39713, CVE-2025-39714, CVE-2025-39715, CVE-2025-39716,
CVE-2025-39718, CVE-2025-39719, CVE-2025-39720, CVE-2025-39721,
CVE-2025-39724, CVE-2025-39726, CVE-2025-39730, CVE-2025-39731,
CVE-2025-39732, CVE-2025-39734, CVE-2025-39736, CVE-2025-39737,
CVE-2025-39738, CVE-2025-39739, CVE-2025-39742, CVE-2025-39743,
CVE-2025-39744, CVE-2025-39746, CVE-2025-39747, CVE-2025-39748,
CVE-2025-39749, CVE-2025-39750, CVE-2025-39752, CVE-2025-39753,
CVE-2025-39756, CVE-2025-39757, CVE-2025-39758, CVE-2025-39759,
CVE-2025-39760, CVE-2025-39761, CVE-2025-39763, CVE-2025-39766,
CVE-2025-39770, CVE-2025-39772, CVE-2025-39773, CVE-2025-39776,
CVE-2025-39779, CVE-2025-39781, CVE-2025-39782, CVE-2025-39783,
CVE-2025-39787, CVE-2025-39788, CVE-2025-39790, CVE-2025-39794,
CVE-2025-39795, CVE-2025-39797, CVE-2025-39798, CVE-2025-39800,
CVE-2025-39801, CVE-2025-39889, CVE-2025-39890, CVE-2025-39946,
CVE-2025-39989, CVE-2025-40019, CVE-2025-40215, CVE-2025-40297,
CVE-2025-68750
Package Information:
https://launchpad.net/ubuntu/+source/linux-azure/6.8.0-1046.52
Ubuntu Security Notice USN-8074-1
March 04, 2026
linux-azure vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
Details:
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- MIPS architecture;
- PA-RISC architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- ATM drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- DRBD Distributed Replicated Block Device drivers;
- Network block device driver;
- Ublk userspace block driver;
- Bluetooth drivers;
- Bus devices;
- Character device driver;
- TPM device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- Device frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- ARM SCMI message protocol;
- FPGA Framework;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- Input Device (Miscellaneous) drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- MCB driver;
- Multiple devices driver;
- Media drivers;
- Multifunction device drivers;
- Microchip PCI driver;
- Intel Management Engine Interface driver;
- PCI Endpoint Test driver;
- TI TPS6594 PFSM driver;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Mellanox network drivers;
- STMicroelectronics network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- PCI subsystem;
- Amlogic Meson DDR PMU;
- PHY drivers;
- Pin controllers subsystem;
- x86 platform drivers;
- Power supply drivers;
- Powercap sysfs driver;
- PTP clock framework;
- PWM drivers;
- RapidIO drivers;
- Voltage and Current Regulator drivers;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI subsystem;
- ASPEED SoC drivers;
- QCOM SoC drivers;
- Samsung SoC drivers;
- SPI subsystem;
- small TFT LCD display modules;
- Media staging drivers;
- TCM subsystem;
- Trusted Execution Environment drivers;
- Thunderbolt and USB4 drivers;
- TTY drivers;
- UFS subsystem;
- Cadence USB3 driver;
- ChipIdea USB driver;
- USB Device Class drivers;
- USB core drivers;
- DesignWare USB3 driver;
- USB Gadget drivers;
- USB Host Controller drivers;
- Renesas USBHS Controller drivers;
- USB Type-C support driver;
- USB Type-C Connector System Software Interface driver;
- VFIO drivers;
- Virtio Host (VHOST) subsystem;
- Backlight driver;
- Framebuffer layer;
- TSM Common Guest driver;
- Virtio drivers;
- Xen hypervisor drivers;
- File systems infrastructure;
- BTRFS file system;
- Ceph distributed file system;
- EFI Variable file system;
- Ext4 file system;
- F2FS file system;
- GFS2 file system;
- JFFS2 file system;
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- NTFS3 file system;
- Overlay file system;
- Proc file system;
- SMB network file system;
- DRM display driver;
- Asynchronous Transfer Mode (ATM) subsystem;
- BPF subsystem;
- Memory Management;
- Internal shared memory driver;
- LZO compression library;
- Mellanox drivers;
- padata parallel execution mechanism;
- Networking subsytem;
- Bluetooth subsystem;
- Netfilter;
- Network traffic control;
- SCTP protocol;
- Network sockets;
- UDP network protocol;
- eXpress Data Path;
- XFRM subsystem;
- Digital Audio (PCM) driver;
- Universal MIDI packet (UMP) support module;
- Tracing infrastructure;
- User-space API (UAPI);
- io_uring subsystem;
- IPC subsystem;
- Perf events;
- Kernel exit() syscall;
- IRQ subsystem;
- Padata parallel execution mechanism;
- Kernel command line parsing driver;
- Hibernation control;
- RCU subsystem;
- Restartable seuqences system call mechanism;
- Maple Tree data structure library;
- Memory management;
- KASAN memory debugging framework;
- 802.1Q VLAN protocol;
- 9P file system network protocol;
- Appletalk network protocol;
- Ethernet bridge;
- CAN network layer;
- Networking core;
- Distributed Switch Architecture;
- HSR network protocol;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- Management Component Transport Protocol (MCTP);
- MultiProtocol Label Switching driver;
- Multipath TCP;
- NetLabel subsystem;
- Netlink;
- NFC subsystem;
- Open vSwitch;
- RDS protocol;
- Rose network layer;
- RxRPC session sockets;
- SMC sockets;
- Sun RPC protocol;
- TIPC protocol;
- TLS protocol;
- Unix domain sockets;
- VMware vSockets driver;
- Wireless networking;
- ALSA framework;
- WCD audio codecs;
- Intel ASoC drivers;
- MediaTek ASoC drivers;
- QCOM ASoC drivers;
- SoC audio core drivers;
- USB sound devices;
- Virtio sound driver;
- CPU Power monitoring subsystem;
- KVM subsystem;
(CVE-2025-21884, CVE-2025-21931, CVE-2025-22026, CVE-2025-22101,
CVE-2025-22102, CVE-2025-22115, CVE-2025-22120, CVE-2025-22126,
CVE-2025-22128, CVE-2025-23140, CVE-2025-23141, CVE-2025-23142,
CVE-2025-23144, CVE-2025-23145, CVE-2025-23146, CVE-2025-23147,
CVE-2025-23148, CVE-2025-23149, CVE-2025-23150, CVE-2025-23151,
CVE-2025-23155, CVE-2025-23156, CVE-2025-23157, CVE-2025-23158,
CVE-2025-23159, CVE-2025-23160, CVE-2025-23161, CVE-2025-23163,
CVE-2025-37738, CVE-2025-37739, CVE-2025-37740, CVE-2025-37741,
CVE-2025-37742, CVE-2025-37744, CVE-2025-37745, CVE-2025-37748,
CVE-2025-37749, CVE-2025-37754, CVE-2025-37755, CVE-2025-37757,
CVE-2025-37758, CVE-2025-37759, CVE-2025-37761, CVE-2025-37763,
CVE-2025-37764, CVE-2025-37765, CVE-2025-37766, CVE-2025-37767,
CVE-2025-37768, CVE-2025-37769, CVE-2025-37770, CVE-2025-37771,
CVE-2025-37772, CVE-2025-37773, CVE-2025-37775, CVE-2025-37777,
CVE-2025-37778, CVE-2025-37780, CVE-2025-37781, CVE-2025-37784,
CVE-2025-37786, CVE-2025-37787, CVE-2025-37788, CVE-2025-37789,
CVE-2025-37790, CVE-2025-37792, CVE-2025-37793, CVE-2025-37794,
CVE-2025-37796, CVE-2025-37799, CVE-2025-37800, CVE-2025-37801,
CVE-2025-37803, CVE-2025-37805, CVE-2025-37808, CVE-2025-37809,
CVE-2025-37810, CVE-2025-37811, CVE-2025-37812, CVE-2025-37813,
CVE-2025-37815, CVE-2025-37816, CVE-2025-37817, CVE-2025-37819,
CVE-2025-37820, CVE-2025-37822, CVE-2025-37823, CVE-2025-37824,
CVE-2025-37826, CVE-2025-37827, CVE-2025-37828, CVE-2025-37829,
CVE-2025-37830, CVE-2025-37831, CVE-2025-37836, CVE-2025-37839,
CVE-2025-37840, CVE-2025-37841, CVE-2025-37842, CVE-2025-37844,
CVE-2025-37846, CVE-2025-37849, CVE-2025-37850, CVE-2025-37851,
CVE-2025-37852, CVE-2025-37853, CVE-2025-37854, CVE-2025-37856,
CVE-2025-37857, CVE-2025-37858, CVE-2025-37859, CVE-2025-37861,
CVE-2025-37862, CVE-2025-37863, CVE-2025-37864, CVE-2025-37865,
CVE-2025-37867, CVE-2025-37869, CVE-2025-37871, CVE-2025-37872,
CVE-2025-37873, CVE-2025-37874, CVE-2025-37875, CVE-2025-37878,
CVE-2025-37879, CVE-2025-37881, CVE-2025-37883, CVE-2025-37884,
CVE-2025-37885, CVE-2025-37886, CVE-2025-37887, CVE-2025-37891,
CVE-2025-37892, CVE-2025-37897, CVE-2025-37900, CVE-2025-37901,
CVE-2025-37903, CVE-2025-37905, CVE-2025-37909, CVE-2025-37911,
CVE-2025-37912, CVE-2025-37913, CVE-2025-37914, CVE-2025-37915,
CVE-2025-37916, CVE-2025-37917, CVE-2025-37918, CVE-2025-37920,
CVE-2025-37921, CVE-2025-37922, CVE-2025-37923, CVE-2025-37924,
CVE-2025-37925, CVE-2025-37927, CVE-2025-37928, CVE-2025-37930,
CVE-2025-37931, CVE-2025-37933, CVE-2025-37935, CVE-2025-37936,
CVE-2025-37938, CVE-2025-37940, CVE-2025-37943, CVE-2025-37944,
CVE-2025-37945, CVE-2025-37947, CVE-2025-37948, CVE-2025-37949,
CVE-2025-37951, CVE-2025-37952, CVE-2025-37956, CVE-2025-37957,
CVE-2025-37959, CVE-2025-37960, CVE-2025-37961, CVE-2025-37962,
CVE-2025-37963, CVE-2025-37967, CVE-2025-37968, CVE-2025-37969,
CVE-2025-37970, CVE-2025-37972, CVE-2025-37973, CVE-2025-37975,
CVE-2025-37977, CVE-2025-37978, CVE-2025-37979, CVE-2025-37980,
CVE-2025-37982, CVE-2025-37983, CVE-2025-37984, CVE-2025-37985,
CVE-2025-37986, CVE-2025-37987, CVE-2025-37988, CVE-2025-37989,
CVE-2025-37990, CVE-2025-37991, CVE-2025-37992, CVE-2025-37994,
CVE-2025-37995, CVE-2025-37998, CVE-2025-38003, CVE-2025-38004,
CVE-2025-38005, CVE-2025-38006, CVE-2025-38007, CVE-2025-38008,
CVE-2025-38009, CVE-2025-38010, CVE-2025-38011, CVE-2025-38013,
CVE-2025-38014, CVE-2025-38015, CVE-2025-38018, CVE-2025-38019,
CVE-2025-38020, CVE-2025-38023, CVE-2025-38024, CVE-2025-38027,
CVE-2025-38031, CVE-2025-38034, CVE-2025-38035, CVE-2025-38037,
CVE-2025-38039, CVE-2025-38040, CVE-2025-38043, CVE-2025-38044,
CVE-2025-38045, CVE-2025-38048, CVE-2025-38051, CVE-2025-38052,
CVE-2025-38053, CVE-2025-38055, CVE-2025-38057, CVE-2025-38058,
CVE-2025-38059, CVE-2025-38060, CVE-2025-38061, CVE-2025-38062,
CVE-2025-38063, CVE-2025-38065, CVE-2025-38066, CVE-2025-38067,
CVE-2025-38068, CVE-2025-38071, CVE-2025-38072, CVE-2025-38074,
CVE-2025-38075, CVE-2025-38077, CVE-2025-38078, CVE-2025-38079,
CVE-2025-38080, CVE-2025-38081, CVE-2025-38084, CVE-2025-38085,
CVE-2025-38086, CVE-2025-38087, CVE-2025-38088, CVE-2025-38089,
CVE-2025-38090, CVE-2025-38094, CVE-2025-38095, CVE-2025-38097,
CVE-2025-38098, CVE-2025-38099, CVE-2025-38100, CVE-2025-38101,
CVE-2025-38102, CVE-2025-38103, CVE-2025-38104, CVE-2025-38107,
CVE-2025-38108, CVE-2025-38109, CVE-2025-38110, CVE-2025-38111,
CVE-2025-38112, CVE-2025-38113, CVE-2025-38115, CVE-2025-38117,
CVE-2025-38119, CVE-2025-38120, CVE-2025-38122, CVE-2025-38123,
CVE-2025-38124, CVE-2025-38125, CVE-2025-38126, CVE-2025-38127,
CVE-2025-38129, CVE-2025-38131, CVE-2025-38135, CVE-2025-38136,
CVE-2025-38138, CVE-2025-38142, CVE-2025-38143, CVE-2025-38145,
CVE-2025-38146, CVE-2025-38147, CVE-2025-38148, CVE-2025-38149,
CVE-2025-38153, CVE-2025-38154, CVE-2025-38155, CVE-2025-38156,
CVE-2025-38157, CVE-2025-38158, CVE-2025-38159, CVE-2025-38160,
CVE-2025-38161, CVE-2025-38162, CVE-2025-38163, CVE-2025-38164,
CVE-2025-38165, CVE-2025-38166, CVE-2025-38167, CVE-2025-38169,
CVE-2025-38170, CVE-2025-38173, CVE-2025-38174, CVE-2025-38180,
CVE-2025-38181, CVE-2025-38182, CVE-2025-38183, CVE-2025-38184,
CVE-2025-38185, CVE-2025-38190, CVE-2025-38191, CVE-2025-38192,
CVE-2025-38193, CVE-2025-38194, CVE-2025-38197, CVE-2025-38198,
CVE-2025-38200, CVE-2025-38202, CVE-2025-38208, CVE-2025-38210,
CVE-2025-38211, CVE-2025-38212, CVE-2025-38214, CVE-2025-38215,
CVE-2025-38217, CVE-2025-38218, CVE-2025-38219, CVE-2025-38220,
CVE-2025-38222, CVE-2025-38225, CVE-2025-38226, CVE-2025-38229,
CVE-2025-38230, CVE-2025-38231, CVE-2025-38232, CVE-2025-38236,
CVE-2025-38239, CVE-2025-38245, CVE-2025-38246, CVE-2025-38248,
CVE-2025-38249, CVE-2025-38250, CVE-2025-38251, CVE-2025-38253,
CVE-2025-38255, CVE-2025-38257, CVE-2025-38258, CVE-2025-38259,
CVE-2025-38260, CVE-2025-38262, CVE-2025-38263, CVE-2025-38264,
CVE-2025-38265, CVE-2025-38269, CVE-2025-38274, CVE-2025-38275,
CVE-2025-38277, CVE-2025-38278, CVE-2025-38279, CVE-2025-38280,
CVE-2025-38282, CVE-2025-38283, CVE-2025-38285, CVE-2025-38286,
CVE-2025-38289, CVE-2025-38290, CVE-2025-38292, CVE-2025-38293,
CVE-2025-38295, CVE-2025-38298, CVE-2025-38299, CVE-2025-38300,
CVE-2025-38303, CVE-2025-38304, CVE-2025-38305, CVE-2025-38307,
CVE-2025-38310, CVE-2025-38312, CVE-2025-38313, CVE-2025-38319,
CVE-2025-38320, CVE-2025-38321, CVE-2025-38322, CVE-2025-38323,
CVE-2025-38324, CVE-2025-38326, CVE-2025-38328, CVE-2025-38331,
CVE-2025-38332, CVE-2025-38333, CVE-2025-38334, CVE-2025-38335,
CVE-2025-38336, CVE-2025-38337, CVE-2025-38338, CVE-2025-38342,
CVE-2025-38343, CVE-2025-38344, CVE-2025-38345, CVE-2025-38346,
CVE-2025-38347, CVE-2025-38348, CVE-2025-38349, CVE-2025-38351,
CVE-2025-38354, CVE-2025-38361, CVE-2025-38362, CVE-2025-38363,
CVE-2025-38364, CVE-2025-38365, CVE-2025-38368, CVE-2025-38369,
CVE-2025-38371, CVE-2025-38373, CVE-2025-38374, CVE-2025-38375,
CVE-2025-38376, CVE-2025-38377, CVE-2025-38382, CVE-2025-38384,
CVE-2025-38385, CVE-2025-38386, CVE-2025-38387, CVE-2025-38388,
CVE-2025-38389, CVE-2025-38390, CVE-2025-38391, CVE-2025-38392,
CVE-2025-38393, CVE-2025-38395, CVE-2025-38396, CVE-2025-38399,
CVE-2025-38400, CVE-2025-38401, CVE-2025-38402, CVE-2025-38403,
CVE-2025-38405, CVE-2025-38406, CVE-2025-38407, CVE-2025-38408,
CVE-2025-38409, CVE-2025-38410, CVE-2025-38412, CVE-2025-38414,
CVE-2025-38415, CVE-2025-38416, CVE-2025-38418, CVE-2025-38419,
CVE-2025-38420, CVE-2025-38422, CVE-2025-38424, CVE-2025-38425,
CVE-2025-38427, CVE-2025-38428, CVE-2025-38429, CVE-2025-38430,
CVE-2025-38436, CVE-2025-38437, CVE-2025-38439, CVE-2025-38441,
CVE-2025-38443, CVE-2025-38444, CVE-2025-38445, CVE-2025-38448,
CVE-2025-38449, CVE-2025-38455, CVE-2025-38456, CVE-2025-38457,
CVE-2025-38458, CVE-2025-38459, CVE-2025-38460, CVE-2025-38461,
CVE-2025-38462, CVE-2025-38463, CVE-2025-38464, CVE-2025-38465,
CVE-2025-38466, CVE-2025-38467, CVE-2025-38468, CVE-2025-38469,
CVE-2025-38470, CVE-2025-38471, CVE-2025-38472, CVE-2025-38473,
CVE-2025-38474, CVE-2025-38476, CVE-2025-38478, CVE-2025-38480,
CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38485,
CVE-2025-38487, CVE-2025-38488, CVE-2025-38489, CVE-2025-38490,
CVE-2025-38491, CVE-2025-38493, CVE-2025-38494, CVE-2025-38495,
CVE-2025-38496, CVE-2025-38497, CVE-2025-38499, CVE-2025-38501,
CVE-2025-38503, CVE-2025-38506, CVE-2025-38507, CVE-2025-38510,
CVE-2025-38511, CVE-2025-38512, CVE-2025-38513, CVE-2025-38514,
CVE-2025-38515, CVE-2025-38516, CVE-2025-38520, CVE-2025-38521,
CVE-2025-38524, CVE-2025-38526, CVE-2025-38527, CVE-2025-38528,
CVE-2025-38529, CVE-2025-38530, CVE-2025-38531, CVE-2025-38532,
CVE-2025-38533, CVE-2025-38535, CVE-2025-38537, CVE-2025-38538,
CVE-2025-38539, CVE-2025-38540, CVE-2025-38542, CVE-2025-38543,
CVE-2025-38544, CVE-2025-38546, CVE-2025-38548, CVE-2025-38549,
CVE-2025-38550, CVE-2025-38551, CVE-2025-38552, CVE-2025-38553,
CVE-2025-38555, CVE-2025-38560, CVE-2025-38561, CVE-2025-38562,
CVE-2025-38566, CVE-2025-38568, CVE-2025-38569, CVE-2025-38571,
CVE-2025-38572, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577,
CVE-2025-38578, CVE-2025-38579, CVE-2025-38581, CVE-2025-38582,
CVE-2025-38583, CVE-2025-38584, CVE-2025-38585, CVE-2025-38587,
CVE-2025-38588, CVE-2025-38590, CVE-2025-38593, CVE-2025-38595,
CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38608,
CVE-2025-38609, CVE-2025-38610, CVE-2025-38612, CVE-2025-38614,
CVE-2025-38615, CVE-2025-38619, CVE-2025-38622, CVE-2025-38623,
CVE-2025-38624, CVE-2025-38625, CVE-2025-38626, CVE-2025-38630,
CVE-2025-38632, CVE-2025-38634, CVE-2025-38635, CVE-2025-38639,
CVE-2025-38640, CVE-2025-38644, CVE-2025-38645, CVE-2025-38646,
CVE-2025-38648, CVE-2025-38650, CVE-2025-38652, CVE-2025-38653,
CVE-2025-38659, CVE-2025-38660, CVE-2025-38663, CVE-2025-38664,
CVE-2025-38665, CVE-2025-38668, CVE-2025-38670, CVE-2025-38671,
CVE-2025-38675, CVE-2025-38676, CVE-2025-38677, CVE-2025-38679,
CVE-2025-38680, CVE-2025-38681, CVE-2025-38684, CVE-2025-38685,
CVE-2025-38686, CVE-2025-38687, CVE-2025-38688, CVE-2025-38691,
CVE-2025-38692, CVE-2025-38693, CVE-2025-38694, CVE-2025-38695,
CVE-2025-38696, CVE-2025-38697, CVE-2025-38698, CVE-2025-38699,
CVE-2025-38700, CVE-2025-38701, CVE-2025-38702, CVE-2025-38703,
CVE-2025-38704, CVE-2025-38705, CVE-2025-38706, CVE-2025-38707,
CVE-2025-38708, CVE-2025-38710, CVE-2025-38711, CVE-2025-38712,
CVE-2025-38713, CVE-2025-38714, CVE-2025-38715, CVE-2025-38716,
CVE-2025-38718, CVE-2025-38721, CVE-2025-38722, CVE-2025-38724,
CVE-2025-38725, CVE-2025-38728, CVE-2025-38729, CVE-2025-38730,
CVE-2025-38732, CVE-2025-38734, CVE-2025-38735, CVE-2025-39673,
CVE-2025-39675, CVE-2025-39676, CVE-2025-39679, CVE-2025-39681,
CVE-2025-39683, CVE-2025-39684, CVE-2025-39685, CVE-2025-39686,
CVE-2025-39687, CVE-2025-39689, CVE-2025-39691, CVE-2025-39692,
CVE-2025-39693, CVE-2025-39694, CVE-2025-39698, CVE-2025-39701,
CVE-2025-39702, CVE-2025-39703, CVE-2025-39705, CVE-2025-39706,
CVE-2025-39707, CVE-2025-39709, CVE-2025-39710, CVE-2025-39711,
CVE-2025-39712, CVE-2025-39713, CVE-2025-39714, CVE-2025-39715,
CVE-2025-39716, CVE-2025-39718, CVE-2025-39719, CVE-2025-39720,
CVE-2025-39721, CVE-2025-39724, CVE-2025-39726, CVE-2025-39730,
CVE-2025-39731, CVE-2025-39732, CVE-2025-39734, CVE-2025-39736,
CVE-2025-39737, CVE-2025-39738, CVE-2025-39739, CVE-2025-39742,
CVE-2025-39743, CVE-2025-39744, CVE-2025-39746, CVE-2025-39747,
CVE-2025-39748, CVE-2025-39749, CVE-2025-39750, CVE-2025-39752,
CVE-2025-39753, CVE-2025-39756, CVE-2025-39757, CVE-2025-39758,
CVE-2025-39759, CVE-2025-39760, CVE-2025-39761, CVE-2025-39763,
CVE-2025-39766, CVE-2025-39770, CVE-2025-39772, CVE-2025-39773,
CVE-2025-39776, CVE-2025-39779, CVE-2025-39781, CVE-2025-39782,
CVE-2025-39783, CVE-2025-39787, CVE-2025-39788, CVE-2025-39790,
CVE-2025-39794, CVE-2025-39795, CVE-2025-39797, CVE-2025-39798,
CVE-2025-39800, CVE-2025-39801, CVE-2025-39889, CVE-2025-39890,
CVE-2025-39946, CVE-2025-39989, CVE-2025-40019, CVE-2025-40215,
CVE-2025-40297, CVE-2025-68750)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
linux-image-6.8.0-1046-azure 6.8.0-1046.52
linux-image-azure-6.8 6.8.0-1046.52
linux-image-azure-lts-24.04 6.8.0-1046.52
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8074-1
CVE-2024-36331, CVE-2024-36350, CVE-2024-36357, CVE-2025-21884,
CVE-2025-21931, CVE-2025-22026, CVE-2025-22101, CVE-2025-22102,
CVE-2025-22115, CVE-2025-22120, CVE-2025-22126, CVE-2025-22128,
CVE-2025-23140, CVE-2025-23141, CVE-2025-23142, CVE-2025-23144,
CVE-2025-23145, CVE-2025-23146, CVE-2025-23147, CVE-2025-23148,
CVE-2025-23149, CVE-2025-23150, CVE-2025-23151, CVE-2025-23155,
CVE-2025-23156, CVE-2025-23157, CVE-2025-23158, CVE-2025-23159,
CVE-2025-23160, CVE-2025-23161, CVE-2025-23163, CVE-2025-37738,
CVE-2025-37739, CVE-2025-37740, CVE-2025-37741, CVE-2025-37742,
CVE-2025-37744, CVE-2025-37745, CVE-2025-37748, CVE-2025-37749,
CVE-2025-37754, CVE-2025-37755, CVE-2025-37757, CVE-2025-37758,
CVE-2025-37759, CVE-2025-37761, CVE-2025-37763, CVE-2025-37764,
CVE-2025-37765, CVE-2025-37766, CVE-2025-37767, CVE-2025-37768,
CVE-2025-37769, CVE-2025-37770, CVE-2025-37771, CVE-2025-37772,
CVE-2025-37773, CVE-2025-37775, CVE-2025-37777, CVE-2025-37778,
CVE-2025-37780, CVE-2025-37781, CVE-2025-37784, CVE-2025-37786,
CVE-2025-37787, CVE-2025-37788, CVE-2025-37789, CVE-2025-37790,
CVE-2025-37792, CVE-2025-37793, CVE-2025-37794, CVE-2025-37796,
CVE-2025-37799, CVE-2025-37800, CVE-2025-37801, CVE-2025-37803,
CVE-2025-37805, CVE-2025-37808, CVE-2025-37809, CVE-2025-37810,
CVE-2025-37811, CVE-2025-37812, CVE-2025-37813, CVE-2025-37815,
CVE-2025-37816, CVE-2025-37817, CVE-2025-37819, CVE-2025-37820,
CVE-2025-37822, CVE-2025-37823, CVE-2025-37824, CVE-2025-37826,
CVE-2025-37827, CVE-2025-37828, CVE-2025-37829, CVE-2025-37830,
CVE-2025-37831, CVE-2025-37836, CVE-2025-37839, CVE-2025-37840,
CVE-2025-37841, CVE-2025-37842, CVE-2025-37844, CVE-2025-37846,
CVE-2025-37849, CVE-2025-37850, CVE-2025-37851, CVE-2025-37852,
CVE-2025-37853, CVE-2025-37854, CVE-2025-37856, CVE-2025-37857,
CVE-2025-37858, CVE-2025-37859, CVE-2025-37861, CVE-2025-37862,
CVE-2025-37863, CVE-2025-37864, CVE-2025-37865, CVE-2025-37867,
CVE-2025-37869, CVE-2025-37871, CVE-2025-37872, CVE-2025-37873,
CVE-2025-37874, CVE-2025-37875, CVE-2025-37878, CVE-2025-37879,
CVE-2025-37881, CVE-2025-37883, CVE-2025-37884, CVE-2025-37885,
CVE-2025-37886, CVE-2025-37887, CVE-2025-37891, CVE-2025-37892,
CVE-2025-37897, CVE-2025-37900, CVE-2025-37901, CVE-2025-37903,
CVE-2025-37905, CVE-2025-37909, CVE-2025-37911, CVE-2025-37912,
CVE-2025-37913, CVE-2025-37914, CVE-2025-37915, CVE-2025-37916,
CVE-2025-37917, CVE-2025-37918, CVE-2025-37920, CVE-2025-37921,
CVE-2025-37922, CVE-2025-37923, CVE-2025-37924, CVE-2025-37925,
CVE-2025-37927, CVE-2025-37928, CVE-2025-37930, CVE-2025-37931,
CVE-2025-37933, CVE-2025-37935, CVE-2025-37936, CVE-2025-37938,
CVE-2025-37940, CVE-2025-37943, CVE-2025-37944, CVE-2025-37945,
CVE-2025-37947, CVE-2025-37948, CVE-2025-37949, CVE-2025-37951,
CVE-2025-37952, CVE-2025-37956, CVE-2025-37957, CVE-2025-37959,
CVE-2025-37960, CVE-2025-37961, CVE-2025-37962, CVE-2025-37963,
CVE-2025-37967, CVE-2025-37968, CVE-2025-37969, CVE-2025-37970,
CVE-2025-37972, CVE-2025-37973, CVE-2025-37975, CVE-2025-37977,
CVE-2025-37978, CVE-2025-37979, CVE-2025-37980, CVE-2025-37982,
CVE-2025-37983, CVE-2025-37984, CVE-2025-37985, CVE-2025-37986,
CVE-2025-37987, CVE-2025-37988, CVE-2025-37989, CVE-2025-37990,
CVE-2025-37991, CVE-2025-37992, CVE-2025-37994, CVE-2025-37995,
CVE-2025-37998, CVE-2025-38003, CVE-2025-38004, CVE-2025-38005,
CVE-2025-38006, CVE-2025-38007, CVE-2025-38008, CVE-2025-38009,
CVE-2025-38010, CVE-2025-38011, CVE-2025-38013, CVE-2025-38014,
CVE-2025-38015, CVE-2025-38018, CVE-2025-38019, CVE-2025-38020,
CVE-2025-38023, CVE-2025-38024, CVE-2025-38027, CVE-2025-38031,
CVE-2025-38034, CVE-2025-38035, CVE-2025-38037, CVE-2025-38039,
CVE-2025-38040, CVE-2025-38043, CVE-2025-38044, CVE-2025-38045,
CVE-2025-38048, CVE-2025-38051, CVE-2025-38052, CVE-2025-38053,
CVE-2025-38055, CVE-2025-38057, CVE-2025-38058, CVE-2025-38059,
CVE-2025-38060, CVE-2025-38061, CVE-2025-38062, CVE-2025-38063,
CVE-2025-38065, CVE-2025-38066, CVE-2025-38067, CVE-2025-38068,
CVE-2025-38071, CVE-2025-38072, CVE-2025-38074, CVE-2025-38075,
CVE-2025-38077, CVE-2025-38078, CVE-2025-38079, CVE-2025-38080,
CVE-2025-38081, CVE-2025-38084, CVE-2025-38085, CVE-2025-38086,
CVE-2025-38087, CVE-2025-38088, CVE-2025-38089, CVE-2025-38090,
CVE-2025-38094, CVE-2025-38095, CVE-2025-38097, CVE-2025-38098,
CVE-2025-38099, CVE-2025-38100, CVE-2025-38101, CVE-2025-38102,
CVE-2025-38103, CVE-2025-38104, CVE-2025-38107, CVE-2025-38108,
CVE-2025-38109, CVE-2025-38110, CVE-2025-38111, CVE-2025-38112,
CVE-2025-38113, CVE-2025-38115, CVE-2025-38117, CVE-2025-38119,
CVE-2025-38120, CVE-2025-38122, CVE-2025-38123, CVE-2025-38124,
CVE-2025-38125, CVE-2025-38126, CVE-2025-38127, CVE-2025-38129,
CVE-2025-38131, CVE-2025-38135, CVE-2025-38136, CVE-2025-38138,
CVE-2025-38142, CVE-2025-38143, CVE-2025-38145, CVE-2025-38146,
CVE-2025-38147, CVE-2025-38148, CVE-2025-38149, CVE-2025-38153,
CVE-2025-38154, CVE-2025-38155, CVE-2025-38156, CVE-2025-38157,
CVE-2025-38158, CVE-2025-38159, CVE-2025-38160, CVE-2025-38161,
CVE-2025-38162, CVE-2025-38163, CVE-2025-38164, CVE-2025-38165,
CVE-2025-38166, CVE-2025-38167, CVE-2025-38169, CVE-2025-38170,
CVE-2025-38173, CVE-2025-38174, CVE-2025-38180, CVE-2025-38181,
CVE-2025-38182, CVE-2025-38183, CVE-2025-38184, CVE-2025-38185,
CVE-2025-38190, CVE-2025-38191, CVE-2025-38192, CVE-2025-38193,
CVE-2025-38194, CVE-2025-38197, CVE-2025-38198, CVE-2025-38200,
CVE-2025-38202, CVE-2025-38208, CVE-2025-38210, CVE-2025-38211,
CVE-2025-38212, CVE-2025-38214, CVE-2025-38215, CVE-2025-38217,
CVE-2025-38218, CVE-2025-38219, CVE-2025-38220, CVE-2025-38222,
CVE-2025-38225, CVE-2025-38226, CVE-2025-38229, CVE-2025-38230,
CVE-2025-38231, CVE-2025-38232, CVE-2025-38236, CVE-2025-38239,
CVE-2025-38245, CVE-2025-38246, CVE-2025-38248, CVE-2025-38249,
CVE-2025-38250, CVE-2025-38251, CVE-2025-38253, CVE-2025-38255,
CVE-2025-38257, CVE-2025-38258, CVE-2025-38259, CVE-2025-38260,
CVE-2025-38262, CVE-2025-38263, CVE-2025-38264, CVE-2025-38265,
CVE-2025-38269, CVE-2025-38274, CVE-2025-38275, CVE-2025-38277,
CVE-2025-38278, CVE-2025-38279, CVE-2025-38280, CVE-2025-38282,
CVE-2025-38283, CVE-2025-38285, CVE-2025-38286, CVE-2025-38289,
CVE-2025-38290, CVE-2025-38292, CVE-2025-38293, CVE-2025-38295,
CVE-2025-38298, CVE-2025-38299, CVE-2025-38300, CVE-2025-38303,
CVE-2025-38304, CVE-2025-38305, CVE-2025-38307, CVE-2025-38310,
CVE-2025-38312, CVE-2025-38313, CVE-2025-38319, CVE-2025-38320,
CVE-2025-38321, CVE-2025-38322, CVE-2025-38323, CVE-2025-38324,
CVE-2025-38326, CVE-2025-38328, CVE-2025-38331, CVE-2025-38332,
CVE-2025-38333, CVE-2025-38334, CVE-2025-38335, CVE-2025-38336,
CVE-2025-38337, CVE-2025-38338, CVE-2025-38342, CVE-2025-38343,
CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38347,
CVE-2025-38348, CVE-2025-38349, CVE-2025-38351, CVE-2025-38354,
CVE-2025-38361, CVE-2025-38362, CVE-2025-38363, CVE-2025-38364,
CVE-2025-38365, CVE-2025-38368, CVE-2025-38369, CVE-2025-38371,
CVE-2025-38373, CVE-2025-38374, CVE-2025-38375, CVE-2025-38376,
CVE-2025-38377, CVE-2025-38382, CVE-2025-38384, CVE-2025-38385,
CVE-2025-38386, CVE-2025-38387, CVE-2025-38388, CVE-2025-38389,
CVE-2025-38390, CVE-2025-38391, CVE-2025-38392, CVE-2025-38393,
CVE-2025-38395, CVE-2025-38396, CVE-2025-38399, CVE-2025-38400,
CVE-2025-38401, CVE-2025-38402, CVE-2025-38403, CVE-2025-38405,
CVE-2025-38406, CVE-2025-38407, CVE-2025-38408, CVE-2025-38409,
CVE-2025-38410, CVE-2025-38412, CVE-2025-38414, CVE-2025-38415,
CVE-2025-38416, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420,
CVE-2025-38422, CVE-2025-38424, CVE-2025-38425, CVE-2025-38427,
CVE-2025-38428, CVE-2025-38429, CVE-2025-38430, CVE-2025-38436,
CVE-2025-38437, CVE-2025-38439, CVE-2025-38441, CVE-2025-38443,
CVE-2025-38444, CVE-2025-38445, CVE-2025-38448, CVE-2025-38449,
CVE-2025-38455, CVE-2025-38456, CVE-2025-38457, CVE-2025-38458,
CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462,
CVE-2025-38463, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466,
CVE-2025-38467, CVE-2025-38468, CVE-2025-38469, CVE-2025-38470,
CVE-2025-38471, CVE-2025-38472, CVE-2025-38473, CVE-2025-38474,
CVE-2025-38476, CVE-2025-38478, CVE-2025-38480, CVE-2025-38481,
CVE-2025-38482, CVE-2025-38483, CVE-2025-38485, CVE-2025-38487,
CVE-2025-38488, CVE-2025-38489, CVE-2025-38490, CVE-2025-38491,
CVE-2025-38493, CVE-2025-38494, CVE-2025-38495, CVE-2025-38496,
CVE-2025-38497, CVE-2025-38499, CVE-2025-38501, CVE-2025-38503,
CVE-2025-38506, CVE-2025-38507, CVE-2025-38510, CVE-2025-38511,
CVE-2025-38512, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515,
CVE-2025-38516, CVE-2025-38520, CVE-2025-38521, CVE-2025-38524,
CVE-2025-38526, CVE-2025-38527, CVE-2025-38528, CVE-2025-38529,
CVE-2025-38530, CVE-2025-38531, CVE-2025-38532, CVE-2025-38533,
CVE-2025-38535, CVE-2025-38537, CVE-2025-38538, CVE-2025-38539,
CVE-2025-38540, CVE-2025-38542, CVE-2025-38543, CVE-2025-38544,
CVE-2025-38546, CVE-2025-38548, CVE-2025-38549, CVE-2025-38550,
CVE-2025-38551, CVE-2025-38552, CVE-2025-38553, CVE-2025-38555,
CVE-2025-38560, CVE-2025-38561, CVE-2025-38562, CVE-2025-38566,
CVE-2025-38568, CVE-2025-38569, CVE-2025-38571, CVE-2025-38572,
CVE-2025-38574, CVE-2025-38576, CVE-2025-38577, CVE-2025-38578,
CVE-2025-38579, CVE-2025-38581, CVE-2025-38582, CVE-2025-38583,
CVE-2025-38584, CVE-2025-38585, CVE-2025-38587, CVE-2025-38588,
CVE-2025-38590, CVE-2025-38593, CVE-2025-38595, CVE-2025-38601,
CVE-2025-38602, CVE-2025-38604, CVE-2025-38608, CVE-2025-38609,
CVE-2025-38610, CVE-2025-38612, CVE-2025-38614, CVE-2025-38615,
CVE-2025-38619, CVE-2025-38622, CVE-2025-38623, CVE-2025-38624,
CVE-2025-38625, CVE-2025-38626, CVE-2025-38630, CVE-2025-38632,
CVE-2025-38634, CVE-2025-38635, CVE-2025-38639, CVE-2025-38640,
CVE-2025-38644, CVE-2025-38645, CVE-2025-38646, CVE-2025-38648,
CVE-2025-38650, CVE-2025-38652, CVE-2025-38653, CVE-2025-38659,
CVE-2025-38660, CVE-2025-38663, CVE-2025-38664, CVE-2025-38665,
CVE-2025-38668, CVE-2025-38670, CVE-2025-38671, CVE-2025-38675,
CVE-2025-38676, CVE-2025-38677, CVE-2025-38679, CVE-2025-38680,
CVE-2025-38681, CVE-2025-38684, CVE-2025-38685, CVE-2025-38686,
CVE-2025-38687, CVE-2025-38688, CVE-2025-38691, CVE-2025-38692,
CVE-2025-38693, CVE-2025-38694, CVE-2025-38695, CVE-2025-38696,
CVE-2025-38697, CVE-2025-38698, CVE-2025-38699, CVE-2025-38700,
CVE-2025-38701, CVE-2025-38702, CVE-2025-38703, CVE-2025-38704,
CVE-2025-38705, CVE-2025-38706, CVE-2025-38707, CVE-2025-38708,
CVE-2025-38710, CVE-2025-38711, CVE-2025-38712, CVE-2025-38713,
CVE-2025-38714, CVE-2025-38715, CVE-2025-38716, CVE-2025-38718,
CVE-2025-38721, CVE-2025-38722, CVE-2025-38724, CVE-2025-38725,
CVE-2025-38728, CVE-2025-38729, CVE-2025-38730, CVE-2025-38732,
CVE-2025-38734, CVE-2025-38735, CVE-2025-39673, CVE-2025-39675,
CVE-2025-39676, CVE-2025-39679, CVE-2025-39681, CVE-2025-39683,
CVE-2025-39684, CVE-2025-39685, CVE-2025-39686, CVE-2025-39687,
CVE-2025-39689, CVE-2025-39691, CVE-2025-39692, CVE-2025-39693,
CVE-2025-39694, CVE-2025-39698, CVE-2025-39701, CVE-2025-39702,
CVE-2025-39703, CVE-2025-39705, CVE-2025-39706, CVE-2025-39707,
CVE-2025-39709, CVE-2025-39710, CVE-2025-39711, CVE-2025-39712,
CVE-2025-39713, CVE-2025-39714, CVE-2025-39715, CVE-2025-39716,
CVE-2025-39718, CVE-2025-39719, CVE-2025-39720, CVE-2025-39721,
CVE-2025-39724, CVE-2025-39726, CVE-2025-39730, CVE-2025-39731,
CVE-2025-39732, CVE-2025-39734, CVE-2025-39736, CVE-2025-39737,
CVE-2025-39738, CVE-2025-39739, CVE-2025-39742, CVE-2025-39743,
CVE-2025-39744, CVE-2025-39746, CVE-2025-39747, CVE-2025-39748,
CVE-2025-39749, CVE-2025-39750, CVE-2025-39752, CVE-2025-39753,
CVE-2025-39756, CVE-2025-39757, CVE-2025-39758, CVE-2025-39759,
CVE-2025-39760, CVE-2025-39761, CVE-2025-39763, CVE-2025-39766,
CVE-2025-39770, CVE-2025-39772, CVE-2025-39773, CVE-2025-39776,
CVE-2025-39779, CVE-2025-39781, CVE-2025-39782, CVE-2025-39783,
CVE-2025-39787, CVE-2025-39788, CVE-2025-39790, CVE-2025-39794,
CVE-2025-39795, CVE-2025-39797, CVE-2025-39798, CVE-2025-39800,
CVE-2025-39801, CVE-2025-39889, CVE-2025-39890, CVE-2025-39946,
CVE-2025-39989, CVE-2025-40019, CVE-2025-40215, CVE-2025-40297,
CVE-2025-68750
Package Information:
https://launchpad.net/ubuntu/+source/linux-azure/6.8.0-1046.52
[USN-8059-7] Linux kernel (AWS FIPS) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8059-7
March 04, 2026
linux-aws-fips vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws-fips: Linux kernel for Amazon Web Services (AWS) systems with FIPS
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
linux-image-6.8.0-1047-aws-fips 6.8.0-1047.50+fips1
Available with Ubuntu Pro
linux-image-aws-fips 6.8.0-1047.50+fips1
Available with Ubuntu Pro
linux-image-aws-fips-6.8 6.8.0-1047.50+fips1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8059-7
https://ubuntu.com/security/notices/USN-8059-6
https://ubuntu.com/security/notices/USN-8059-5
https://ubuntu.com/security/notices/USN-8059-4
https://ubuntu.com/security/notices/USN-8059-3
https://ubuntu.com/security/notices/USN-8059-2
https://ubuntu.com/security/notices/USN-8059-1
CVE-2025-22037, CVE-2025-37899
Package Information:
https://launchpad.net/ubuntu/+source/linux-aws-fips/6.8.0-1047.50+fips1
Ubuntu Security Notice USN-8059-7
March 04, 2026
linux-aws-fips vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws-fips: Linux kernel for Amazon Web Services (AWS) systems with FIPS
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
linux-image-6.8.0-1047-aws-fips 6.8.0-1047.50+fips1
Available with Ubuntu Pro
linux-image-aws-fips 6.8.0-1047.50+fips1
Available with Ubuntu Pro
linux-image-aws-fips-6.8 6.8.0-1047.50+fips1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8059-7
https://ubuntu.com/security/notices/USN-8059-6
https://ubuntu.com/security/notices/USN-8059-5
https://ubuntu.com/security/notices/USN-8059-4
https://ubuntu.com/security/notices/USN-8059-3
https://ubuntu.com/security/notices/USN-8059-2
https://ubuntu.com/security/notices/USN-8059-1
CVE-2025-22037, CVE-2025-37899
Package Information:
https://launchpad.net/ubuntu/+source/linux-aws-fips/6.8.0-1047.50+fips1
[USN-8072-1] PostgreSQL vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8072-1
March 04, 2026
postgresql-14, postgresql-16, postgresql-17 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in PostgreSQL.
Software Description:
- postgresql-17: Object-relational SQL database
- postgresql-16: Object-relational SQL database
- postgresql-14: Object-relational SQL database
Details:
Altan Birler discovered that PostgreSQL incorrectly validated oidvector
types. An attacker could possibly use this issue to obtain a few bytes of
sensitive information. (CVE-2026-2003)
Daniel Firer discovered that PostgreSQL incorrectly validated input in the
intarray extension. An attacker could possibly use this issue to execute
arbitrary code. (CVE-2026-2004)
It was dicovered that PosgreSQL incorrectly handled certain pgcrypto memory
operations. An attacker could possibly use this issue to execute arbitrary
code. (CVE-2026-2005)
Paul Gerste and Moritz Sanft discovered that PostgreSQL incorrectly
validated multibyte character lengths. An attacker could possibly use this
issue to execute arbitrary code. (CVE-2026-2006)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
postgresql-17 17.9-0ubuntu0.25.10.1
postgresql-client-17 17.9-0ubuntu0.25.10.1
Ubuntu 24.04 LTS
postgresql-16 16.13-0ubuntu0.24.04.1
postgresql-client-16 16.13-0ubuntu0.24.04.1
Ubuntu 22.04 LTS
postgresql-14 14.22-0ubuntu0.22.04.1
postgresql-client-14 14.22-0ubuntu0.22.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart PostgreSQL to
make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8072-1
CVE-2026-2003, CVE-2026-2004, CVE-2026-2005, CVE-2026-2006
Package Information:
https://launchpad.net/ubuntu/+source/postgresql-17/17.9-0ubuntu0.25.10.1
https://launchpad.net/ubuntu/+source/postgresql-16/16.13-0ubuntu0.24.04.1
https://launchpad.net/ubuntu/+source/postgresql-14/14.22-0ubuntu0.22.04.1
Ubuntu Security Notice USN-8072-1
March 04, 2026
postgresql-14, postgresql-16, postgresql-17 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in PostgreSQL.
Software Description:
- postgresql-17: Object-relational SQL database
- postgresql-16: Object-relational SQL database
- postgresql-14: Object-relational SQL database
Details:
Altan Birler discovered that PostgreSQL incorrectly validated oidvector
types. An attacker could possibly use this issue to obtain a few bytes of
sensitive information. (CVE-2026-2003)
Daniel Firer discovered that PostgreSQL incorrectly validated input in the
intarray extension. An attacker could possibly use this issue to execute
arbitrary code. (CVE-2026-2004)
It was dicovered that PosgreSQL incorrectly handled certain pgcrypto memory
operations. An attacker could possibly use this issue to execute arbitrary
code. (CVE-2026-2005)
Paul Gerste and Moritz Sanft discovered that PostgreSQL incorrectly
validated multibyte character lengths. An attacker could possibly use this
issue to execute arbitrary code. (CVE-2026-2006)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
postgresql-17 17.9-0ubuntu0.25.10.1
postgresql-client-17 17.9-0ubuntu0.25.10.1
Ubuntu 24.04 LTS
postgresql-16 16.13-0ubuntu0.24.04.1
postgresql-client-16 16.13-0ubuntu0.24.04.1
Ubuntu 22.04 LTS
postgresql-14 14.22-0ubuntu0.22.04.1
postgresql-client-14 14.22-0ubuntu0.22.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart PostgreSQL to
make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8072-1
CVE-2026-2003, CVE-2026-2004, CVE-2026-2005, CVE-2026-2006
Package Information:
https://launchpad.net/ubuntu/+source/postgresql-17/17.9-0ubuntu0.25.10.1
https://launchpad.net/ubuntu/+source/postgresql-16/16.13-0ubuntu0.24.04.1
https://launchpad.net/ubuntu/+source/postgresql-14/14.22-0ubuntu0.22.04.1
[USN-8071-1] NSS vulnerability
==========================================================================
Ubuntu Security Notice USN-8071-1
March 04, 2026
nss vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
NSS could be made to crash or run programs if it received specially crafted
network traffic.
Software Description:
- nss: Network Security Service library
Details:
It was discovered that NSS incorrectly handled memory when performing
certain GHASH operations. A remote attacker could use this issue to cause
NSS to crash, resulting in a denial of service, or possibly execute
arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
libnss3 2:3.114-1ubuntu0.1
Ubuntu 24.04 LTS
libnss3 2:3.98-1ubuntu0.1
Ubuntu 22.04 LTS
libnss3 2:3.98-0ubuntu0.22.04.3
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8071-1
CVE-2026-2781
Package Information:
https://launchpad.net/ubuntu/+source/nss/2:3.114-1ubuntu0.1
https://launchpad.net/ubuntu/+source/nss/2:3.98-1ubuntu0.1
https://launchpad.net/ubuntu/+source/nss/2:3.98-0ubuntu0.22.04.3
Ubuntu Security Notice USN-8071-1
March 04, 2026
nss vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
NSS could be made to crash or run programs if it received specially crafted
network traffic.
Software Description:
- nss: Network Security Service library
Details:
It was discovered that NSS incorrectly handled memory when performing
certain GHASH operations. A remote attacker could use this issue to cause
NSS to crash, resulting in a denial of service, or possibly execute
arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
libnss3 2:3.114-1ubuntu0.1
Ubuntu 24.04 LTS
libnss3 2:3.98-1ubuntu0.1
Ubuntu 22.04 LTS
libnss3 2:3.98-0ubuntu0.22.04.3
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8071-1
CVE-2026-2781
Package Information:
https://launchpad.net/ubuntu/+source/nss/2:3.114-1ubuntu0.1
https://launchpad.net/ubuntu/+source/nss/2:3.98-1ubuntu0.1
https://launchpad.net/ubuntu/+source/nss/2:3.98-0ubuntu0.22.04.3
[USN-8070-3] Linux kernel (FIPS) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8070-3
March 04, 2026
linux-fips vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-fips: Linux kernel with FIPS
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- x86 architecture;
- MMC subsystem;
- Network drivers;
- USB Device Class drivers;
- BTRFS file system;
- File systems infrastructure;
- XFRM subsystem;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- Simplified Mandatory Access Control Kernel framework;
(CVE-2021-47599, CVE-2022-48875, CVE-2022-49267, CVE-2024-47659,
CVE-2024-49927, CVE-2024-56548, CVE-2024-56593, CVE-2025-21704,
CVE-2025-40215)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS
linux-image-4.4.0-1122-fips 4.4.0-1122.129
Available with Ubuntu Pro
linux-image-fips 4.4.0.1122.123
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8070-3
https://ubuntu.com/security/notices/USN-8070-2
https://ubuntu.com/security/notices/USN-8070-1
CVE-2021-47599, CVE-2022-48875, CVE-2022-49267, CVE-2024-47659,
CVE-2024-49927, CVE-2024-56548, CVE-2024-56593, CVE-2025-21704,
CVE-2025-40215
Package Information:
https://launchpad.net/ubuntu/+source/linux-fips/4.4.0-1122.129
Ubuntu Security Notice USN-8070-3
March 04, 2026
linux-fips vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-fips: Linux kernel with FIPS
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- x86 architecture;
- MMC subsystem;
- Network drivers;
- USB Device Class drivers;
- BTRFS file system;
- File systems infrastructure;
- XFRM subsystem;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- Simplified Mandatory Access Control Kernel framework;
(CVE-2021-47599, CVE-2022-48875, CVE-2022-49267, CVE-2024-47659,
CVE-2024-49927, CVE-2024-56548, CVE-2024-56593, CVE-2025-21704,
CVE-2025-40215)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS
linux-image-4.4.0-1122-fips 4.4.0-1122.129
Available with Ubuntu Pro
linux-image-fips 4.4.0.1122.123
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8070-3
https://ubuntu.com/security/notices/USN-8070-2
https://ubuntu.com/security/notices/USN-8070-1
CVE-2021-47599, CVE-2022-48875, CVE-2022-49267, CVE-2024-47659,
CVE-2024-49927, CVE-2024-56548, CVE-2024-56593, CVE-2025-21704,
CVE-2025-40215
Package Information:
https://launchpad.net/ubuntu/+source/linux-fips/4.4.0-1122.129
Subscribe to:
Comments (Atom)