========================================================================== Ubuntu Security Notice USN-8156-1 April 08, 2026 gdk-pixbuf vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: GDK-PixBuf could be made to crash or run programs if it opened a specially crafted file. Software Description: - gdk-pixbuf: GDK Pixbuf library Details: It was discovered that GDK-PixBuf incorrectly handled certain JPEG files. An attacker could use this issue to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 libgdk-pixbuf-2.0-0 2.42.12+dfsg-5ubuntu0.1 Ubuntu 24.04 LTS libgdk-pixbuf-2.0-0 2.42.10+dfsg-3ubuntu3.3 Ubuntu 22.04 LTS libgdk-pixbuf-2.0-0 2.42.8+dfsg-1ubuntu0.5 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8156-1 CVE-2026-5201 Package Information: https://launchpad.net/ubuntu/+source/gdk-pixbuf/2.42.12+dfsg-5ubuntu0.1 https://launchpad.net/ubuntu/+source/gdk-pixbuf/2.42.10+dfsg-3ubuntu3.3 https://launchpad.net/ubuntu/+source/gdk-pixbuf/2.42.8+dfsg-1ubuntu0.5
Wednesday, April 8, 2026
[USN-8155-1] OpenSSL vulnerabilities
========================================================================== Ubuntu Security Notice USN-8155-1 April 08, 2026 openssl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in OpenSSL. Software Description: - openssl: Secure Socket Layer (SSL) cryptographic library and tools Details: Viktor Dukhovni discovered that OpenSSL incorrectly negotiated the expected preferred key exchange group when used as a TLS 1.3 server. This could result in a less preferred key exchange being used, contrary to expectations. This issue only affected Ubuntu 25.10. (CVE-2026-2673) Igor Morgenstern discovered that OpenSSL incorrectly handled certain memory operations when used as a DANE client. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-28387) Igor Morgenstern discovered that OpenSSL incorrectly handled certain memory operations when processing a delta CRL. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2026-28388) Nathan Sportsman, Daniel Rhea, and Jaeho Nam discovered that OpenSSL incorrectly handled certain memory operations when processing a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2026-28389) Muhammad Daffa, Joshua Rogers, and Chanho Kim discovered that OpenSSL incorrectly handled processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2026-28390) Quoc Tran discovered that OpenSSL incorrectly handled hexadecimal conversion on 32-bit platforms. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-31789) Simo Sorce discovered that OpenSSL incorrectly handled failures in RSA KEM RSASVE Encapsulation. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2026-31790) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 libssl3t64 3.5.3-1ubuntu3.3 openssl 3.5.3-1ubuntu3.3 Ubuntu 24.04 LTS libssl3t64 3.0.13-0ubuntu3.9 openssl 3.0.13-0ubuntu3.9 Ubuntu 22.04 LTS libssl3 3.0.2-0ubuntu1.23 openssl 3.0.2-0ubuntu1.23 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8155-1 CVE-2026-2673, CVE-2026-28387, CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-31789, CVE-2026-31790 Package Information: https://launchpad.net/ubuntu/+source/openssl/3.5.3-1ubuntu3.3 https://launchpad.net/ubuntu/+source/openssl/3.0.13-0ubuntu3.9 https://launchpad.net/ubuntu/+source/openssl/3.0.2-0ubuntu1.23
[USN-8157-1] Squid vulnerabilities
========================================================================== Ubuntu Security Notice USN-8157-1 April 08, 2026 squid vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in Squid. Software Description: - squid: Web proxy cache server Details: It was discovered that Squid incorrectly handled certain ICP traffic. In environments where ICP support is enabled, a remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or obtain small amounts of sensitive information. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 squid 6.14-0ubuntu0.25.10.2 Ubuntu 24.04 LTS squid 6.14-0ubuntu0.24.04.2 Ubuntu 22.04 LTS squid 5.9-0ubuntu0.22.04.5 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8157-1 CVE-2026-32748, CVE-2026-33515, CVE-2026-33526 Package Information: https://launchpad.net/ubuntu/+source/squid/6.14-0ubuntu0.25.10.2 https://launchpad.net/ubuntu/+source/squid/6.14-0ubuntu0.24.04.2 https://launchpad.net/ubuntu/+source/squid/5.9-0ubuntu0.22.04.5
Tuesday, April 7, 2026
[USN-8089-3] ADSys, Juju Core, LXD vulnerabilities
========================================================================== Ubuntu Security Notice USN-8089-3 April 07, 2026 adsys, juju-core, lxd vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in ADSys, Juju Core, LXD Software Description: - adsys: Active Directory Group Policy client - lxd: Container hypervisor based on LXC - juju-core: Application orchestration engine Details: USN-8089-1 fixed vulnerabilities in Go Networking. This update provides the corresponding update to code vendored in LXD, ADSys, and Juju Core. Original advisory details: Bahruz Jabiyev, Tommaso Innocenti, Anthony Gavazzi, Steven Sprecher, and Kaan Onarlioglu discovered that servers using Go Networking could hang during shutdown if preempted by a fatal error. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-27664) Arpad Ryszka and Jakob Ackermann discovered that a maliciously crafted stream could cause excessive CPU usage in Go Networking's HPACK decoder. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-41723) Mohammad Thoriq Aziz discovered that Go Networking did not properly sanitize some text nodes. An attacker could possibly use this to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-3978) Sean Ng discovered an error in Go Networking's HTML tag handling. An attacker could possibly use this to cause a denial of service. (CVE-2025-22872) Guido Vranken and Jakub Ciolek discovered that a maliciously crafted HTML document could exhaust system resources on servers using Go Networking. An attacker could possibly use this to cause a denial of service. (CVE-2025-47911) Guido Vranken discovered that a maliciously crafted HTML document could put servers using Go Networking into an infinite loop. An attacker could possibly use this to cause a denial of service. (CVE-2025-58190) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS adsys 0.9.2~20.04.2ubuntu0.1+esm1 Available with Ubuntu Pro adsys-windows 0.9.2~20.04.2ubuntu0.1+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS lxd 3.0.3-0ubuntu1~18.04.2+esm2 Available with Ubuntu Pro lxd-client 3.0.3-0ubuntu1~18.04.2+esm2 Available with Ubuntu Pro lxd-tools 3.0.3-0ubuntu1~18.04.2+esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS golang-github-lxc-lxd-dev 2.0.11-0ubuntu1~16.04.4+esm2 Available with Ubuntu Pro juju 2.3.7-0ubuntu0.16.04.1+esm2 Available with Ubuntu Pro juju-2.0 2.3.7-0ubuntu0.16.04.1+esm2 Available with Ubuntu Pro lxc2 2.0.11-0ubuntu1~16.04.4+esm2 Available with Ubuntu Pro lxd 2.0.11-0ubuntu1~16.04.4+esm2 Available with Ubuntu Pro lxd-client 2.0.11-0ubuntu1~16.04.4+esm2 Available with Ubuntu Pro lxd-tools 2.0.11-0ubuntu1~16.04.4+esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8089-3 https://ubuntu.com/security/notices/USN-8089-2 https://ubuntu.com/security/notices/USN-8089-1 CVE-2021-33194, CVE-2022-27664, CVE-2022-41723, CVE-2023-3978, CVE-2025-22872, CVE-2025-47911, CVE-2025-58190
devel-announce posts not also send to devel since 2026-02-17
Greetings. List posts made to devel-announce@lists.fedoraproject.org are normally also copied to the devel@lists.fedoraproject.org list. Unfortunately this seems to have stopped working and posts after 2026-02-17 may not have been also copied to the devel list. This is being investigated in https://forge.fedoraproject.org/infra/tickets/issues/13257 but I thought I would let everyone know it's happened. If you are not subscribed to the devel-announce list, you may wish to do so and/or review the posts in the archives for posts after 2026-02-17. Sorry for the trouble. kevin -- _______________________________________________ devel-announce mailing list -- devel-announce@lists.fedoraproject.org To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[USN-8154-1] Django vulnerabilities
========================================================================== Ubuntu Security Notice USN-8154-1 April 07, 2026 python-django vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in Django. Software Description: - python-django: High-level Python web development framework Details: Seokchan Yoon discovered that Django incorrectly handled copying memory when parsing multipart uploads with excessive whitespace. A remote attacker could possibly use this issue to cause Django to use excessive resources, leading to a denial of service. (CVE-2026-33033) It was discovered that Django did not enforce an upload memory size limit in the Content-Length header. A remote attacker could possibly use this issue to cause Django to use excessive resources, leading to a denial of service. This issue only affected Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2026-33034) Tarek Nakkouch discovered that Django incorrectly handled underscores in the ASGI headers. A remote attacker could possibly use this issue to spoof HTTP headers. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 25.10. (CVE-2026-3902) It was discovered that Django incorrectly handled verification of model data created with POST requests. A remote attacker could possibly use this issue to forge new model permissions. (CVE-2026-4277, CVE-2026-4292) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 python3-django 3:5.2.4-1ubuntu2.4 Ubuntu 24.04 LTS python3-django 3:4.2.11-1ubuntu1.15 Ubuntu 22.04 LTS python3-django 2:3.2.12-2ubuntu1.26 Ubuntu 20.04 LTS python3-django 2:2.2.12-1ubuntu0.29+esm8 Available with Ubuntu Pro Ubuntu 18.04 LTS python-django 1:1.11.11-1ubuntu1.21+esm15 Available with Ubuntu Pro python3-django 1:1.11.11-1ubuntu1.21+esm15 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8154-1 CVE-2026-33033, CVE-2026-33034, CVE-2026-3902, CVE-2026-4277, CVE-2026-4292 Package Information: https://launchpad.net/ubuntu/+source/python-django/3:5.2.4-1ubuntu2.4 https://launchpad.net/ubuntu/+source/python-django/3:4.2.11-1ubuntu1.15 https://launchpad.net/ubuntu/+source/python-django/2:3.2.12-2ubuntu1.26
Planned Outage - fedora.im / matrix - 2026-04-14 11:15 UTC
-- _______________________________________________ devel-announce mailing list -- devel-announce@lists.fedoraproject.org To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[arch-announce] kea >= 1:3.0.3-6 update requires manual intervention
The `kea` package has moved all services to run as a dedicated `kea` user (instead of `root`) for improved security. This change requires permission updates to the runtime files created by the `kea` services. Users upgrading from an existing `kea` installation should therefore run the following commands after the upgrade: `chown kea: /var/lib/kea/* /var/log/kea/* /run/lock/kea/logger_lockfile` `systemctl try-restart kea-ctrl-agent.service kea-dhcp{4,6,-ddns}.service` Accounts that need to interact with `kea` services files (e.g. lease files under `/var/lib/kea`, log files under `/var/log/kea` or configuration files under `/etc/kea`) should be added to the `kea` group. URL: https://archlinux.org/news/kea-1303-6-update-requires-manual-intervention/
[USN-8153-1] Salt vulnerabilities
========================================================================== Ubuntu Security Notice USN-8153-1 April 07, 2026 salt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: Several security issues were fixed in Salt. Software Description: - salt: Infrastructure management built on a dynamic communication bus Details: Zach Malone discovered that Salt did not properly handle permissions to cache data. A local attacker could possibly use this issue to obtain sensitive information. (CVE-2015-8034) Dylan Frese discovered that Salt incorrectly allowed users to specify PAM service. An attacker could possibly use this issue to bypass authentication. (CVE-2016-3176) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS salt-common 0.17.5+ds-1ubuntu0.1~esm5 Available with Ubuntu Pro salt-master 0.17.5+ds-1ubuntu0.1~esm5 Available with Ubuntu Pro salt-minion 0.17.5+ds-1ubuntu0.1~esm5 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8153-1 CVE-2015-8034, CVE-2016-3176
Monday, April 6, 2026
[USN-8148-4] Linux kernel (Real-time) vulnerabilities
========================================================================== Ubuntu Security Notice USN-8148-4 April 06, 2026 linux-realtime-6.17 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-realtime-6.17: Linux kernel for Real-time systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; (CVE-2026-23060, CVE-2026-23074, CVE-2026-23111) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS linux-image-6.17.0-1009-realtime 6.17.0-1009.10~24.04.1 Available with Ubuntu Pro linux-image-realtime-6.17 6.17.0-1009.10~24.04.1 Available with Ubuntu Pro linux-image-realtime-hwe-24.04 6.17.0-1009.10~24.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8148-4 https://ubuntu.com/security/notices/USN-8148-3 https://ubuntu.com/security/notices/USN-8148-2 https://ubuntu.com/security/notices/USN-8148-1 CVE-2026-23060, CVE-2026-23074, CVE-2026-23111 Package Information: https://launchpad.net/ubuntu/+source/linux-realtime-6.17/6.17.0-1009.10~24.04.1
[USN-8152-1] Linux kernel (OEM) vulnerabilities
========================================================================== Ubuntu Security Notice USN-8152-1 April 06, 2026 linux-oem-6.17 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-oem-6.17: Linux kernel for OEM systems Details: It was discovered that some AMD Zen 5 processors supporting RDSEED instruction did not properly handle entropy, potentially resulting in the consumption of insufficiently random values. A local attacker could possibly use this issue to influence the values returned by the RDSEED instruction causing loss of confidentiality and integrity. (CVE-2025-62626) Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853, CVE-2026-23268, CVE-2026-23269, CVE-2026-23403, CVE-2026-23404, CVE-2026-23405, CVE-2026-23406, CVE-2026-23407, CVE-2026-23408, CVE-2026-23409, CVE-2026-23410, CVE-2026-23411) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Compute Acceleration Framework; - ATM drivers; - Network block device driver; - Bluetooth drivers; - Data acquisition framework and drivers; - Hardware crypto device drivers; - Device frequency scaling framework; - Intel Stratix 10 firmware drivers; - GPIO subsystem; - GPU drivers; - Microsoft Hyper-V drivers; - CoreSight HW tracing drivers; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; - Input Device (Tablet) drivers; - IOMMU subsystem; - IRQ chip drivers; - Macintosh device drivers; - Multiple devices driver; - MOST (Media Oriented Systems Transport) drivers; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - Texas Instruments network drivers; - Ethernet team driver; - MediaTek network drivers; - NVME drivers; - Pin controllers subsystem; - x86 platform drivers; - Voltage and Current Regulator drivers; - Real Time Clock drivers; - S/390 drivers; - SCSI subsystem; - Texas Instruments SoC drivers; - SPI subsystem; - Media Oriented Systems Transport (MOST) driver; - Realtek RTL8723BS SDIO drivers; - TCM subsystem; - UFS subsystem; - DesignWare USB3 driver; - USB Gadget drivers; - Renesas USBHS Controller drivers; - USB Mass Storage drivers; - USB Type-C Connector System Software Interface driver; - Backlight driver; - Framebuffer layer; - AFS file system; - BFS file system; - BTRFS file system; - EROFS file system; - Ext4 file system; - FAT file system; - GFS2 file system; - Journaling layer for block devices (JBD2); - File systems infrastructure; - Network file system (NFS) client; - NTFS3 file system; - OCFS2 file system; - SMB network file system; - XFS file system; - BPF subsystem; - MediaTek SoC drivers; - Bluetooth subsystem; - io_uring subsystem; - Locking primitives; - Scheduler infrastructure; - Timer subsystem; - Tracing infrastructure; - Kexec HandOver (KHO); - Memory management; - Ceph Core library; - Networking core; - Devlink API; - IPv4 networking; - IPv6 networking; - Multipath TCP; - Netfilter; - Open vSwitch; - Network traffic control; - VMware vSockets driver; - eXpress Data Path; - Integrity Measurement Architecture(IMA) framework; - Simplified Mandatory Access Control Kernel framework; - FireWire sound drivers; - HD-audio driver; - Turtle Beach Wavefront ALSA driver; - SoundWire (SDCA) ASoC drivers; (CVE-2025-40246, CVE-2025-40247, CVE-2025-40248, CVE-2025-40249, CVE-2025-40250, CVE-2025-40251, CVE-2025-40252, CVE-2025-40253, CVE-2025-40254, CVE-2025-40255, CVE-2025-40257, CVE-2025-40258, CVE-2025-40259, CVE-2025-40260, CVE-2025-40261, CVE-2025-40262, CVE-2025-40263, CVE-2025-40264, CVE-2025-40265, CVE-2025-40266, CVE-2025-40290, CVE-2025-40345, CVE-2025-68212, CVE-2025-68213, CVE-2025-68214, CVE-2025-68215, CVE-2025-68217, CVE-2025-68218, CVE-2025-68219, CVE-2025-68220, CVE-2025-68221, CVE-2025-68222, CVE-2025-68223, CVE-2025-68225, CVE-2025-68227, CVE-2025-68228, CVE-2025-68229, CVE-2025-68230, CVE-2025-68231, CVE-2025-68232, CVE-2025-68233, CVE-2025-68234, CVE-2025-68235, CVE-2025-68236, CVE-2025-68237, CVE-2025-68238, CVE-2025-68254, CVE-2025-68255, CVE-2025-68256, CVE-2025-68257, CVE-2025-68258, CVE-2025-68259, CVE-2025-68261, CVE-2025-68262, CVE-2025-68263, CVE-2025-68264, CVE-2025-68265, CVE-2025-68266, CVE-2025-68281, CVE-2025-68282, CVE-2025-68283, CVE-2025-68284, CVE-2025-68285, CVE-2025-68286, CVE-2025-68287, CVE-2025-68288, CVE-2025-68289, CVE-2025-68290, CVE-2025-68292, CVE-2025-68293, CVE-2025-68294, CVE-2025-68295, CVE-2025-68296, CVE-2025-68297, CVE-2025-68298, CVE-2025-68299, CVE-2025-68300, CVE-2025-68301, CVE-2025-68302, CVE-2025-68303, CVE-2025-68304, CVE-2025-68305, CVE-2025-68306, CVE-2025-68307, CVE-2025-68308, CVE-2025-68323, CVE-2025-68324, CVE-2025-68325, CVE-2025-68326, CVE-2025-68327, CVE-2025-68328, CVE-2025-68329, CVE-2025-68330, CVE-2025-68331, CVE-2025-68332, CVE-2025-68333, CVE-2025-68334, CVE-2025-68335, CVE-2025-68336, CVE-2025-68337, CVE-2025-68338, CVE-2025-68339, CVE-2025-68340, CVE-2025-68341, CVE-2025-68342, CVE-2025-68343, CVE-2025-68344, CVE-2025-68345, CVE-2025-68346, CVE-2025-68347, CVE-2025-68348, CVE-2025-68349, CVE-2025-68352, CVE-2025-68354, CVE-2025-68356, CVE-2025-68358, CVE-2025-68359, CVE-2025-68360, CVE-2025-68361, CVE-2025-68362, CVE-2025-68363, CVE-2025-68364, CVE-2025-68366, CVE-2025-68367, CVE-2025-68369, CVE-2025-68370, CVE-2025-68371, CVE-2025-68372, CVE-2025-68373, CVE-2025-68374, CVE-2025-68375, CVE-2025-68376, CVE-2025-68378, CVE-2025-68379, CVE-2025-68380, CVE-2025-68724, CVE-2025-68726, CVE-2025-68727, CVE-2025-68728, CVE-2025-68729, CVE-2025-68730, CVE-2025-68732, CVE-2025-68733, CVE-2025-68735, CVE-2025-68738, CVE-2025-68739, CVE-2025-68740, CVE-2025-68741, CVE-2025-68742, CVE-2025-68743, CVE-2025-68744, CVE-2025-68746, CVE-2025-68747, CVE-2025-68748, CVE-2025-68749, CVE-2025-68751, CVE-2025-68752, CVE-2025-68753, CVE-2025-68754, CVE-2025-68755, CVE-2025-68756, CVE-2025-68757, CVE-2025-68758, CVE-2025-68759, CVE-2025-68760, CVE-2025-68762, CVE-2025-68763, CVE-2025-68764, CVE-2025-68765, CVE-2025-68766, CVE-2025-71128, CVE-2026-23060, CVE-2026-23074, CVE-2026-23111) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS linux-image-6.17.0-1017-oem 6.17.0-1017.17 linux-image-oem-24.04 6.17.0-1017.17 linux-image-oem-24.04a 6.17.0-1017.17 linux-image-oem-24.04b 6.17.0-1017.17 linux-image-oem-24.04c 6.17.0-1017.17 linux-image-oem-24.04d 6.17.0-1017.17 linux-image-oem-6.17 6.17.0-1017.17 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8152-1 https://launchpad.net/bugs/2143853 CVE-2025-40246, CVE-2025-40247, CVE-2025-40248, CVE-2025-40249, CVE-2025-40250, CVE-2025-40251, CVE-2025-40252, CVE-2025-40253, CVE-2025-40254, CVE-2025-40255, CVE-2025-40257, CVE-2025-40258, CVE-2025-40259, CVE-2025-40260, CVE-2025-40261, CVE-2025-40262, CVE-2025-40263, CVE-2025-40264, CVE-2025-40265, CVE-2025-40266, CVE-2025-40290, CVE-2025-40345, CVE-2025-62626, CVE-2025-68212, CVE-2025-68213, CVE-2025-68214, CVE-2025-68215, CVE-2025-68217, CVE-2025-68218, CVE-2025-68219, CVE-2025-68220, CVE-2025-68221, CVE-2025-68222, CVE-2025-68223, CVE-2025-68225, CVE-2025-68227, CVE-2025-68228, CVE-2025-68229, CVE-2025-68230, CVE-2025-68231, CVE-2025-68232, CVE-2025-68233, CVE-2025-68234, CVE-2025-68235, CVE-2025-68236, CVE-2025-68237, CVE-2025-68238, CVE-2025-68254, CVE-2025-68255, CVE-2025-68256, CVE-2025-68257, CVE-2025-68258, CVE-2025-68259, CVE-2025-68261, CVE-2025-68262, CVE-2025-68263, CVE-2025-68264, CVE-2025-68265, CVE-2025-68266, CVE-2025-68281, CVE-2025-68282, CVE-2025-68283, CVE-2025-68284, CVE-2025-68285, CVE-2025-68286, CVE-2025-68287, CVE-2025-68288, CVE-2025-68289, CVE-2025-68290, CVE-2025-68292, CVE-2025-68293, CVE-2025-68294, CVE-2025-68295, CVE-2025-68296, CVE-2025-68297, CVE-2025-68298, CVE-2025-68299, CVE-2025-68300, CVE-2025-68301, CVE-2025-68302, CVE-2025-68303, CVE-2025-68304, CVE-2025-68305, CVE-2025-68306, CVE-2025-68307, CVE-2025-68308, CVE-2025-68323, CVE-2025-68324, CVE-2025-68325, CVE-2025-68326, CVE-2025-68327, CVE-2025-68328, CVE-2025-68329, CVE-2025-68330, CVE-2025-68331, CVE-2025-68332, CVE-2025-68333, CVE-2025-68334, CVE-2025-68335, CVE-2025-68336, CVE-2025-68337, CVE-2025-68338, CVE-2025-68339, CVE-2025-68340, CVE-2025-68341, CVE-2025-68342, CVE-2025-68343, CVE-2025-68344, CVE-2025-68345, CVE-2025-68346, CVE-2025-68347, CVE-2025-68348, CVE-2025-68349, CVE-2025-68352, CVE-2025-68354, CVE-2025-68356, CVE-2025-68358, CVE-2025-68359, CVE-2025-68360, CVE-2025-68361, CVE-2025-68362, CVE-2025-68363, CVE-2025-68364, CVE-2025-68366, CVE-2025-68367, CVE-2025-68369, CVE-2025-68370, CVE-2025-68371, CVE-2025-68372, CVE-2025-68373, CVE-2025-68374, CVE-2025-68375, CVE-2025-68376, CVE-2025-68378, CVE-2025-68379, CVE-2025-68380, CVE-2025-68724, CVE-2025-68726, CVE-2025-68727, CVE-2025-68728, CVE-2025-68729, CVE-2025-68730, CVE-2025-68732, CVE-2025-68733, CVE-2025-68735, CVE-2025-68738, CVE-2025-68739, CVE-2025-68740, CVE-2025-68741, CVE-2025-68742, CVE-2025-68743, CVE-2025-68744, CVE-2025-68746, CVE-2025-68747, CVE-2025-68748, CVE-2025-68749, CVE-2025-68751, CVE-2025-68752, CVE-2025-68753, CVE-2025-68754, CVE-2025-68755, CVE-2025-68756, CVE-2025-68757, CVE-2025-68758, CVE-2025-68759, CVE-2025-68760, CVE-2025-68762, CVE-2025-68763, CVE-2025-68764, CVE-2025-68765, CVE-2025-68766, CVE-2025-71128, CVE-2026-23060, CVE-2026-23074, CVE-2026-23111, CVE-2026-23268, CVE-2026-23269, CVE-2026-23403, CVE-2026-23404, CVE-2026-23405, CVE-2026-23406, CVE-2026-23407, CVE-2026-23408, CVE-2026-23409, CVE-2026-23410, CVE-2026-23411 Package Information: https://launchpad.net/ubuntu/+source/linux-oem-6.17/6.17.0-1017.17
[USN-8145-3] Linux kernel (GCP) vulnerabilities
========================================================================== Ubuntu Security Notice USN-8145-3 April 06, 2026 linux-gcp, linux-gcp-4.15, linux-gcp-fips vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-gcp-4.15: Linux kernel for Google Cloud Platform (GCP) systems - linux-gcp-fips: Linux kernel for Google Cloud Platform (GCP) systems with FIPS - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - UDF file system; - NFC subsystem; - Network traffic control; (CVE-2024-46777, CVE-2025-21735, CVE-2025-37849, CVE-2026-23060, CVE-2026-23074) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS linux-image-4.15.0-1183-gcp 4.15.0-1183.200 Available with Ubuntu Pro linux-image-4.15.0-2091-gcp-fips 4.15.0-2091.97 Available with Ubuntu Pro linux-image-gcp-4.15 4.15.0.1183.196 Available with Ubuntu Pro linux-image-gcp-fips 4.15.0.2091.89 Available with Ubuntu Pro linux-image-gcp-fips-4.15 4.15.0.2091.89 Available with Ubuntu Pro linux-image-gcp-lts-18.04 4.15.0.1183.196 Available with Ubuntu Pro Ubuntu 16.04 LTS linux-image-4.15.0-1183-gcp 4.15.0-1183.200~16.04.2 Available with Ubuntu Pro linux-image-gcp 4.15.0.1183.200~16.04.2 Available with Ubuntu Pro linux-image-gke 4.15.0.1183.200~16.04.2 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8145-3 https://ubuntu.com/security/notices/USN-8145-2 https://ubuntu.com/security/notices/USN-8145-1 CVE-2024-46777, CVE-2025-21735, CVE-2025-37849, CVE-2026-23060, CVE-2026-23074