==========================================================================
Ubuntu Security Notice USN-7530-1
May 29, 2025
libphp-adodb vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.10
Summary:
ADOdb could be made to crash or run programs if it received
specially crafted input.
Software Description:
- libphp-adodb: PHP database abstraction layer library
Details:
It was discovered that ADOdb incorrectly handled SQL input. A remote
attacker could use this issue to execute arbitrary SQL commands.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
libphp-adodb 5.22.8-0.1ubuntu0.1
Ubuntu 24.10
libphp-adodb 5.22.7-0.1ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7530-1
CVE-2025-46337
Package Information:
https://launchpad.net/ubuntu/+source/libphp-adodb/5.22.8-0.1ubuntu0.1
https://launchpad.net/ubuntu/+source/libphp-adodb/5.22.7-0.1ubuntu0.1
Friday, May 30, 2025
[USN-7545-1] Apport vulnerability
==========================================================================
Ubuntu Security Notice USN-7545-1
May 29, 2025
apport vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Apport could be made to leak sensitive information.
Software Description:
- apport: automatically generate crash reports for debugging
Details:
Qualys discovered that Apport incorrectly handled metadata when
processing application crashes. An attacker could possibly use this issue
to leak sensitive information.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
apport 2.32.0-0ubuntu5.1
python3-apport 2.32.0-0ubuntu5.1
Ubuntu 24.10
apport 2.30.0-0ubuntu4.3
python3-apport 2.30.0-0ubuntu4.3
Ubuntu 24.04 LTS
apport 2.28.1-0ubuntu3.6
python3-apport 2.28.1-0ubuntu3.6
Ubuntu 22.04 LTS
apport 2.20.11-0ubuntu82.7
python3-apport 2.20.11-0ubuntu82.7
Ubuntu 20.04 LTS
apport 2.20.11-0ubuntu27.28
python3-apport 2.20.11-0ubuntu27.28
Ubuntu 18.04 LTS
apport 2.20.9-0ubuntu7.29+esm1
Available with Ubuntu Pro
python-apport 2.20.9-0ubuntu7.29+esm1
Available with Ubuntu Pro
python3-apport 2.20.9-0ubuntu7.29+esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
apport 2.20.1-0ubuntu2.30+esm5
Available with Ubuntu Pro
python-apport 2.20.1-0ubuntu2.30+esm5
Available with Ubuntu Pro
python3-apport 2.20.1-0ubuntu2.30+esm5
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7545-1
CVE-2025-5054
Package Information:
https://launchpad.net/ubuntu/+source/apport/2.32.0-0ubuntu5.1
https://launchpad.net/ubuntu/+source/apport/2.30.0-0ubuntu4.3
https://launchpad.net/ubuntu/+source/apport/2.28.1-0ubuntu3.6
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu82.7
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.28
Ubuntu Security Notice USN-7545-1
May 29, 2025
apport vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Apport could be made to leak sensitive information.
Software Description:
- apport: automatically generate crash reports for debugging
Details:
Qualys discovered that Apport incorrectly handled metadata when
processing application crashes. An attacker could possibly use this issue
to leak sensitive information.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
apport 2.32.0-0ubuntu5.1
python3-apport 2.32.0-0ubuntu5.1
Ubuntu 24.10
apport 2.30.0-0ubuntu4.3
python3-apport 2.30.0-0ubuntu4.3
Ubuntu 24.04 LTS
apport 2.28.1-0ubuntu3.6
python3-apport 2.28.1-0ubuntu3.6
Ubuntu 22.04 LTS
apport 2.20.11-0ubuntu82.7
python3-apport 2.20.11-0ubuntu82.7
Ubuntu 20.04 LTS
apport 2.20.11-0ubuntu27.28
python3-apport 2.20.11-0ubuntu27.28
Ubuntu 18.04 LTS
apport 2.20.9-0ubuntu7.29+esm1
Available with Ubuntu Pro
python-apport 2.20.9-0ubuntu7.29+esm1
Available with Ubuntu Pro
python3-apport 2.20.9-0ubuntu7.29+esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
apport 2.20.1-0ubuntu2.30+esm5
Available with Ubuntu Pro
python-apport 2.20.1-0ubuntu2.30+esm5
Available with Ubuntu Pro
python3-apport 2.20.1-0ubuntu2.30+esm5
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7545-1
CVE-2025-5054
Package Information:
https://launchpad.net/ubuntu/+source/apport/2.32.0-0ubuntu5.1
https://launchpad.net/ubuntu/+source/apport/2.30.0-0ubuntu4.3
https://launchpad.net/ubuntu/+source/apport/2.28.1-0ubuntu3.6
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu82.7
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.28
Thursday, May 29, 2025
Extended Security Maintenance for Ubuntu 20.04 (Focal Fossa) began on May 29, 2025
Hello,
This is a follow-up to the Extended Support warning sent one month ago
to confirm that as of May 29, 2025, Ubuntu 20.04 LTS standard support
has ended. No more package updates are planned to be accepted to the
primary archive of Ubuntu 20.04 LTS.
Remember that if you can't upgrade to 22.04 LTS or later immediately,
Canonical provides Extended Security Maintenance for Ubuntu 20.04 LTS
to users with Ubuntu Pro. You can find more info about Ubuntu Pro
here:
https://ubuntu.com/blog/20.04-end-of-standard-support
https://ubuntu.com/esm
The original Extended Support warning follows, with upgrade instructions:
Ubuntu released its 20.04 (Focal Fossa) release 5 years ago, on March
23, 2020. As with the earlier LTS releases, Ubuntu committed to
ongoing security and critical fixes for a period of 5 years. The
standard support period is now nearing its end and Ubuntu 20.04 LTS
will transition to Extended Security Maintenance (ESM) on May 29,
2025.
Users are encouraged to evaluate and upgrade to our latest 24.04 LTS
release via 22.04 LTS. The supported upgrade path from Ubuntu 20.04
LTS is via Ubuntu 22.04 LTS. Instructions and caveats for the upgrades
may be found at:
https://help.ubuntu.com/community/JammyUpgrades for Ubuntu 22.04 LTS
https://help.ubuntu.com/community/NobleUpgrades for Ubuntu 24.04 LTS
Ubuntu 22.04 LTS and 24.04 LTS continue to be actively supported with
security updates and bug fixes. All announcements of official security
updates for Ubuntu releases are sent to the ubuntu-security-announce
mailing list, information about which may be found here:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Canonical provides Extended Security Maintenance for Ubuntu 20.04 LTS
to customers through Ubuntu Pro. Further information can be found here:
https://ubuntu.com/blog/focal-fossa-end-of-standard-support
https://www.ubuntu.com/esm
Since its launch in October 2004, Ubuntu has become one of the most
highly regarded Linux distributions with millions of users in homes,
schools, businesses and governments around the world. Ubuntu is Open
Source software, costs nothing to download, and users are free to
customize or alter their software in order to meet their needs.
On behalf of the Ubuntu Release team,
Ural
--
ubuntu-announce mailing list
ubuntu-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-announce
[USN-7516-9] Linux kernel (AWS) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7516-9
May 29, 2025
linux-aws vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- Block layer subsystem;
- Drivers core;
- Network block device driver;
- Character device driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- Network drivers;
- PPS (Pulse Per Second) driver;
- PTP clock framework;
- RapidIO drivers;
- Real Time Clock drivers;
- SCSI subsystem;
- SLIMbus drivers;
- QCOM SoC drivers;
- Trusted Execution Environment drivers;
- USB DSL drivers;
- USB Device Class drivers;
- USB core drivers;
- USB Gadget drivers;
- USB Host Controller drivers;
- Renesas USBHS Controller drivers;
- File systems infrastructure;
- BTRFS file system;
- NILFS2 file system;
- UBI file system;
- KVM subsystem;
- L3 Master device support module;
- Process Accounting mechanism;
- printk logging mechanism;
- Scheduler infrastructure;
- Tracing infrastructure;
- Memory management;
- 802.1Q VLAN protocol;
- B.A.T.M.A.N. meshing protocol;
- Bluetooth subsystem;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- Logical Link layer;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- Network traffic control;
- Wireless networking;
- Tomoyo security module;
(CVE-2025-21835, CVE-2025-21760, CVE-2025-21914, CVE-2025-21744,
CVE-2024-57977, CVE-2024-58001, CVE-2025-21848, CVE-2024-57981,
CVE-2024-58055, CVE-2025-21721, CVE-2025-21925, CVE-2025-21764,
CVE-2025-21909, CVE-2024-26996, CVE-2024-56599, CVE-2025-21728,
CVE-2025-21782, CVE-2025-21866, CVE-2024-58069, CVE-2025-21859,
CVE-2024-58007, CVE-2024-58009, CVE-2025-21904, CVE-2024-58085,
CVE-2025-21920, CVE-2024-58058, CVE-2025-21811, CVE-2025-21922,
CVE-2025-21948, CVE-2024-58090, CVE-2024-57980, CVE-2025-21823,
CVE-2024-58052, CVE-2025-21736, CVE-2025-21917, CVE-2021-47191,
CVE-2024-58051, CVE-2024-58017, CVE-2025-21846, CVE-2025-21862,
CVE-2025-21722, CVE-2024-57986, CVE-2025-21871, CVE-2025-21865,
CVE-2023-52741, CVE-2025-21971, CVE-2025-21718, CVE-2025-21814,
CVE-2025-21704, CVE-2025-21934, CVE-2025-21781, CVE-2025-21791,
CVE-2025-21708, CVE-2025-21935, CVE-2025-21761, CVE-2025-21719,
CVE-2025-21763, CVE-2025-21772, CVE-2025-21905, CVE-2025-21731,
CVE-2024-58002, CVE-2024-58083, CVE-2025-21858, CVE-2025-21776,
CVE-2025-21762, CVE-2025-21928, CVE-2025-21877, CVE-2025-21910,
CVE-2024-58010, CVE-2025-21735, CVE-2024-50055, CVE-2025-21785,
CVE-2024-57973, CVE-2025-21806, CVE-2025-21749, CVE-2024-58063,
CVE-2024-57979, CVE-2025-21753, CVE-2024-26982, CVE-2025-21647,
CVE-2025-21898, CVE-2024-58020, CVE-2024-58071, CVE-2025-21926,
CVE-2025-21715, CVE-2025-21765, CVE-2025-21787, CVE-2025-21916,
CVE-2024-58014, CVE-2024-58072)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.4.0-1146-aws 5.4.0-1146.156
linux-image-aws-lts-20.04 5.4.0.1146.143
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7516-9
https://ubuntu.com/security/notices/USN-7516-8
https://ubuntu.com/security/notices/USN-7516-7
https://ubuntu.com/security/notices/USN-7516-6
https://ubuntu.com/security/notices/USN-7516-5
https://ubuntu.com/security/notices/USN-7516-4
https://ubuntu.com/security/notices/USN-7516-3
https://ubuntu.com/security/notices/USN-7516-2
https://ubuntu.com/security/notices/USN-7516-1
CVE-2021-47191, CVE-2023-52741, CVE-2024-26982, CVE-2024-26996,
CVE-2024-50055, CVE-2024-56599, CVE-2024-57973, CVE-2024-57977,
CVE-2024-57979, CVE-2024-57980, CVE-2024-57981, CVE-2024-57986,
CVE-2024-58001, CVE-2024-58002, CVE-2024-58007, CVE-2024-58009,
CVE-2024-58010, CVE-2024-58014, CVE-2024-58017, CVE-2024-58020,
CVE-2024-58051, CVE-2024-58052, CVE-2024-58055, CVE-2024-58058,
CVE-2024-58063, CVE-2024-58069, CVE-2024-58071, CVE-2024-58072,
CVE-2024-58083, CVE-2024-58085, CVE-2024-58090, CVE-2025-21647,
CVE-2025-21704, CVE-2025-21708, CVE-2025-21715, CVE-2025-21718,
CVE-2025-21719, CVE-2025-21721, CVE-2025-21722, CVE-2025-21728,
CVE-2025-21731, CVE-2025-21735, CVE-2025-21736, CVE-2025-21744,
CVE-2025-21749, CVE-2025-21753, CVE-2025-21760, CVE-2025-21761,
CVE-2025-21762, CVE-2025-21763, CVE-2025-21764, CVE-2025-21765,
CVE-2025-21772, CVE-2025-21776, CVE-2025-21781, CVE-2025-21782,
CVE-2025-21785, CVE-2025-21787, CVE-2025-21791, CVE-2025-21806,
CVE-2025-21811, CVE-2025-21814, CVE-2025-21823, CVE-2025-21835,
CVE-2025-21846, CVE-2025-21848, CVE-2025-21858, CVE-2025-21859,
CVE-2025-21862, CVE-2025-21865, CVE-2025-21866, CVE-2025-21871,
CVE-2025-21877, CVE-2025-21898, CVE-2025-21904, CVE-2025-21905,
CVE-2025-21909, CVE-2025-21910, CVE-2025-21914, CVE-2025-21916,
CVE-2025-21917, CVE-2025-21920, CVE-2025-21922, CVE-2025-21925,
CVE-2025-21926, CVE-2025-21928, CVE-2025-21934, CVE-2025-21935,
CVE-2025-21948, CVE-2025-21971
Package Information:
https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1146.156
Ubuntu Security Notice USN-7516-9
May 29, 2025
linux-aws vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- Block layer subsystem;
- Drivers core;
- Network block device driver;
- Character device driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- Network drivers;
- PPS (Pulse Per Second) driver;
- PTP clock framework;
- RapidIO drivers;
- Real Time Clock drivers;
- SCSI subsystem;
- SLIMbus drivers;
- QCOM SoC drivers;
- Trusted Execution Environment drivers;
- USB DSL drivers;
- USB Device Class drivers;
- USB core drivers;
- USB Gadget drivers;
- USB Host Controller drivers;
- Renesas USBHS Controller drivers;
- File systems infrastructure;
- BTRFS file system;
- NILFS2 file system;
- UBI file system;
- KVM subsystem;
- L3 Master device support module;
- Process Accounting mechanism;
- printk logging mechanism;
- Scheduler infrastructure;
- Tracing infrastructure;
- Memory management;
- 802.1Q VLAN protocol;
- B.A.T.M.A.N. meshing protocol;
- Bluetooth subsystem;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- Logical Link layer;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- Network traffic control;
- Wireless networking;
- Tomoyo security module;
(CVE-2025-21835, CVE-2025-21760, CVE-2025-21914, CVE-2025-21744,
CVE-2024-57977, CVE-2024-58001, CVE-2025-21848, CVE-2024-57981,
CVE-2024-58055, CVE-2025-21721, CVE-2025-21925, CVE-2025-21764,
CVE-2025-21909, CVE-2024-26996, CVE-2024-56599, CVE-2025-21728,
CVE-2025-21782, CVE-2025-21866, CVE-2024-58069, CVE-2025-21859,
CVE-2024-58007, CVE-2024-58009, CVE-2025-21904, CVE-2024-58085,
CVE-2025-21920, CVE-2024-58058, CVE-2025-21811, CVE-2025-21922,
CVE-2025-21948, CVE-2024-58090, CVE-2024-57980, CVE-2025-21823,
CVE-2024-58052, CVE-2025-21736, CVE-2025-21917, CVE-2021-47191,
CVE-2024-58051, CVE-2024-58017, CVE-2025-21846, CVE-2025-21862,
CVE-2025-21722, CVE-2024-57986, CVE-2025-21871, CVE-2025-21865,
CVE-2023-52741, CVE-2025-21971, CVE-2025-21718, CVE-2025-21814,
CVE-2025-21704, CVE-2025-21934, CVE-2025-21781, CVE-2025-21791,
CVE-2025-21708, CVE-2025-21935, CVE-2025-21761, CVE-2025-21719,
CVE-2025-21763, CVE-2025-21772, CVE-2025-21905, CVE-2025-21731,
CVE-2024-58002, CVE-2024-58083, CVE-2025-21858, CVE-2025-21776,
CVE-2025-21762, CVE-2025-21928, CVE-2025-21877, CVE-2025-21910,
CVE-2024-58010, CVE-2025-21735, CVE-2024-50055, CVE-2025-21785,
CVE-2024-57973, CVE-2025-21806, CVE-2025-21749, CVE-2024-58063,
CVE-2024-57979, CVE-2025-21753, CVE-2024-26982, CVE-2025-21647,
CVE-2025-21898, CVE-2024-58020, CVE-2024-58071, CVE-2025-21926,
CVE-2025-21715, CVE-2025-21765, CVE-2025-21787, CVE-2025-21916,
CVE-2024-58014, CVE-2024-58072)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.4.0-1146-aws 5.4.0-1146.156
linux-image-aws-lts-20.04 5.4.0.1146.143
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7516-9
https://ubuntu.com/security/notices/USN-7516-8
https://ubuntu.com/security/notices/USN-7516-7
https://ubuntu.com/security/notices/USN-7516-6
https://ubuntu.com/security/notices/USN-7516-5
https://ubuntu.com/security/notices/USN-7516-4
https://ubuntu.com/security/notices/USN-7516-3
https://ubuntu.com/security/notices/USN-7516-2
https://ubuntu.com/security/notices/USN-7516-1
CVE-2021-47191, CVE-2023-52741, CVE-2024-26982, CVE-2024-26996,
CVE-2024-50055, CVE-2024-56599, CVE-2024-57973, CVE-2024-57977,
CVE-2024-57979, CVE-2024-57980, CVE-2024-57981, CVE-2024-57986,
CVE-2024-58001, CVE-2024-58002, CVE-2024-58007, CVE-2024-58009,
CVE-2024-58010, CVE-2024-58014, CVE-2024-58017, CVE-2024-58020,
CVE-2024-58051, CVE-2024-58052, CVE-2024-58055, CVE-2024-58058,
CVE-2024-58063, CVE-2024-58069, CVE-2024-58071, CVE-2024-58072,
CVE-2024-58083, CVE-2024-58085, CVE-2024-58090, CVE-2025-21647,
CVE-2025-21704, CVE-2025-21708, CVE-2025-21715, CVE-2025-21718,
CVE-2025-21719, CVE-2025-21721, CVE-2025-21722, CVE-2025-21728,
CVE-2025-21731, CVE-2025-21735, CVE-2025-21736, CVE-2025-21744,
CVE-2025-21749, CVE-2025-21753, CVE-2025-21760, CVE-2025-21761,
CVE-2025-21762, CVE-2025-21763, CVE-2025-21764, CVE-2025-21765,
CVE-2025-21772, CVE-2025-21776, CVE-2025-21781, CVE-2025-21782,
CVE-2025-21785, CVE-2025-21787, CVE-2025-21791, CVE-2025-21806,
CVE-2025-21811, CVE-2025-21814, CVE-2025-21823, CVE-2025-21835,
CVE-2025-21846, CVE-2025-21848, CVE-2025-21858, CVE-2025-21859,
CVE-2025-21862, CVE-2025-21865, CVE-2025-21866, CVE-2025-21871,
CVE-2025-21877, CVE-2025-21898, CVE-2025-21904, CVE-2025-21905,
CVE-2025-21909, CVE-2025-21910, CVE-2025-21914, CVE-2025-21916,
CVE-2025-21917, CVE-2025-21920, CVE-2025-21922, CVE-2025-21925,
CVE-2025-21926, CVE-2025-21928, CVE-2025-21934, CVE-2025-21935,
CVE-2025-21948, CVE-2025-21971
Package Information:
https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1146.156
[USN-7510-8] Linux kernel (AWS) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7510-8
May 29, 2025
linux-aws-5.15 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws-5.15: Linux kernel for Amazon Web Services (AWS) systems
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Network block device driver;
- Bus devices;
- Character device driver;
- TPM device driver;
- Clock framework and drivers;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- I2C subsystem;
- InfiniBand drivers;
- Media drivers;
- NVIDIA Tegra memory controller driver;
- Network drivers;
- PCI subsystem;
- PPS (Pulse Per Second) driver;
- PTP clock framework;
- RapidIO drivers;
- Real Time Clock drivers;
- SLIMbus drivers;
- QCOM SoC drivers;
- Trusted Execution Environment drivers;
- TTY drivers;
- USB DSL drivers;
- USB Device Class drivers;
- USB core drivers;
- USB Gadget drivers;
- USB Host Controller drivers;
- Renesas USBHS Controller drivers;
- ACRN Hypervisor Service Module driver;
- File systems infrastructure;
- BTRFS file system;
- F2FS file system;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- Overlay file system;
- SMB network file system;
- UBI file system;
- KVM subsystem;
- L3 Master device support module;
- Process Accounting mechanism;
- Padata parallel execution mechanism;
- printk logging mechanism;
- Scheduler infrastructure;
- Timer subsystem;
- Tracing infrastructure;
- Memory management;
- 802.1Q VLAN protocol;
- B.A.T.M.A.N. meshing protocol;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- Logical Link layer;
- Multipath TCP;
- Netfilter;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- Network traffic control;
- Wireless networking;
- Landlock security;
- Linux Security Modules (LSM) Framework;
- Tomoyo security module;
(CVE-2025-21804, CVE-2025-21779, CVE-2025-21878, CVE-2025-21735,
CVE-2024-57977, CVE-2025-21951, CVE-2025-21704, CVE-2025-21859,
CVE-2025-21760, CVE-2025-21862, CVE-2024-57834, CVE-2025-21745,
CVE-2025-21762, CVE-2024-58005, CVE-2025-21846, CVE-2025-21914,
CVE-2025-21736, CVE-2025-21928, CVE-2024-57986, CVE-2025-21761,
CVE-2024-58086, CVE-2025-21731, CVE-2025-21766, CVE-2025-21844,
CVE-2024-58072, CVE-2024-58069, CVE-2025-21924, CVE-2025-21848,
CVE-2025-21950, CVE-2025-21934, CVE-2025-21647, CVE-2024-58076,
CVE-2025-21726, CVE-2025-21791, CVE-2025-21722, CVE-2025-21971,
CVE-2025-21719, CVE-2025-21904, CVE-2025-21875, CVE-2025-21877,
CVE-2025-21758, CVE-2024-58001, CVE-2024-58007, CVE-2024-58010,
CVE-2025-21787, CVE-2025-21905, CVE-2024-58055, CVE-2025-21782,
CVE-2024-58090, CVE-2025-21910, CVE-2025-21708, CVE-2025-21826,
CVE-2024-57980, CVE-2024-58051, CVE-2024-56721, CVE-2025-21909,
CVE-2025-21802, CVE-2025-21744, CVE-2024-58058, CVE-2025-21728,
CVE-2024-47726, CVE-2024-58079, CVE-2024-58002, CVE-2024-58014,
CVE-2025-21898, CVE-2025-21811, CVE-2024-57979, CVE-2025-21865,
CVE-2025-21748, CVE-2025-21749, CVE-2025-21920, CVE-2025-21763,
CVE-2025-21764, CVE-2025-21887, CVE-2025-21858, CVE-2024-58034,
CVE-2025-21820, CVE-2024-57978, CVE-2025-21866, CVE-2025-21922,
CVE-2025-21926, CVE-2025-21753, CVE-2024-58052, CVE-2025-21684,
CVE-2025-21823, CVE-2024-58016, CVE-2025-21835, CVE-2025-21925,
CVE-2025-21707, CVE-2025-21785, CVE-2025-21795, CVE-2025-21718,
CVE-2025-21935, CVE-2025-21765, CVE-2025-21715, CVE-2025-21916,
CVE-2025-21727, CVE-2025-21912, CVE-2024-58071, CVE-2024-58083,
CVE-2025-21948, CVE-2024-56599, CVE-2025-21721, CVE-2024-58063,
CVE-2025-21806, CVE-2025-21772, CVE-2025-21776, CVE-2025-21830,
CVE-2025-21917, CVE-2024-58020, CVE-2025-21871, CVE-2025-21796,
CVE-2025-21711, CVE-2024-58017, CVE-2024-58085, CVE-2024-57981,
CVE-2024-57973, CVE-2025-21919, CVE-2025-21814, CVE-2024-26982,
CVE-2025-21781, CVE-2025-21943, CVE-2025-21799, CVE-2025-21767)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.15.0-1084-aws 5.15.0-1084.91~20.04.1
linux-image-aws 5.15.0.1084.91~20.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7510-8
https://ubuntu.com/security/notices/USN-7510-7
https://ubuntu.com/security/notices/USN-7510-6
https://ubuntu.com/security/notices/USN-7510-5
https://ubuntu.com/security/notices/USN-7510-4
https://ubuntu.com/security/notices/USN-7510-3
https://ubuntu.com/security/notices/USN-7510-2
https://ubuntu.com/security/notices/USN-7510-1
CVE-2024-26982, CVE-2024-47726, CVE-2024-56599, CVE-2024-56721,
CVE-2024-57834, CVE-2024-57973, CVE-2024-57977, CVE-2024-57978,
CVE-2024-57979, CVE-2024-57980, CVE-2024-57981, CVE-2024-57986,
CVE-2024-58001, CVE-2024-58002, CVE-2024-58005, CVE-2024-58007,
CVE-2024-58010, CVE-2024-58014, CVE-2024-58016, CVE-2024-58017,
CVE-2024-58020, CVE-2024-58034, CVE-2024-58051, CVE-2024-58052,
CVE-2024-58055, CVE-2024-58058, CVE-2024-58063, CVE-2024-58069,
CVE-2024-58071, CVE-2024-58072, CVE-2024-58076, CVE-2024-58079,
CVE-2024-58083, CVE-2024-58085, CVE-2024-58086, CVE-2024-58090,
CVE-2025-21647, CVE-2025-21684, CVE-2025-21704, CVE-2025-21707,
CVE-2025-21708, CVE-2025-21711, CVE-2025-21715, CVE-2025-21718,
CVE-2025-21719, CVE-2025-21721, CVE-2025-21722, CVE-2025-21726,
CVE-2025-21727, CVE-2025-21728, CVE-2025-21731, CVE-2025-21735,
CVE-2025-21736, CVE-2025-21744, CVE-2025-21745, CVE-2025-21748,
CVE-2025-21749, CVE-2025-21753, CVE-2025-21758, CVE-2025-21760,
CVE-2025-21761, CVE-2025-21762, CVE-2025-21763, CVE-2025-21764,
CVE-2025-21765, CVE-2025-21766, CVE-2025-21767, CVE-2025-21772,
CVE-2025-21776, CVE-2025-21779, CVE-2025-21781, CVE-2025-21782,
CVE-2025-21785, CVE-2025-21787, CVE-2025-21791, CVE-2025-21795,
CVE-2025-21796, CVE-2025-21799, CVE-2025-21802, CVE-2025-21804,
CVE-2025-21806, CVE-2025-21811, CVE-2025-21814, CVE-2025-21820,
CVE-2025-21823, CVE-2025-21826, CVE-2025-21830, CVE-2025-21835,
CVE-2025-21844, CVE-2025-21846, CVE-2025-21848, CVE-2025-21858,
CVE-2025-21859, CVE-2025-21862, CVE-2025-21865, CVE-2025-21866,
CVE-2025-21871, CVE-2025-21875, CVE-2025-21877, CVE-2025-21878,
CVE-2025-21887, CVE-2025-21898, CVE-2025-21904, CVE-2025-21905,
CVE-2025-21909, CVE-2025-21910, CVE-2025-21912, CVE-2025-21914,
CVE-2025-21916, CVE-2025-21917, CVE-2025-21919, CVE-2025-21920,
CVE-2025-21922, CVE-2025-21924, CVE-2025-21925, CVE-2025-21926,
CVE-2025-21928, CVE-2025-21934, CVE-2025-21935, CVE-2025-21943,
CVE-2025-21948, CVE-2025-21950, CVE-2025-21951, CVE-2025-21971
Package Information:
https://launchpad.net/ubuntu/+source/linux-aws-5.15/5.15.0-1084.91~20.04.1
Ubuntu Security Notice USN-7510-8
May 29, 2025
linux-aws-5.15 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws-5.15: Linux kernel for Amazon Web Services (AWS) systems
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Network block device driver;
- Bus devices;
- Character device driver;
- TPM device driver;
- Clock framework and drivers;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- I2C subsystem;
- InfiniBand drivers;
- Media drivers;
- NVIDIA Tegra memory controller driver;
- Network drivers;
- PCI subsystem;
- PPS (Pulse Per Second) driver;
- PTP clock framework;
- RapidIO drivers;
- Real Time Clock drivers;
- SLIMbus drivers;
- QCOM SoC drivers;
- Trusted Execution Environment drivers;
- TTY drivers;
- USB DSL drivers;
- USB Device Class drivers;
- USB core drivers;
- USB Gadget drivers;
- USB Host Controller drivers;
- Renesas USBHS Controller drivers;
- ACRN Hypervisor Service Module driver;
- File systems infrastructure;
- BTRFS file system;
- F2FS file system;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- Overlay file system;
- SMB network file system;
- UBI file system;
- KVM subsystem;
- L3 Master device support module;
- Process Accounting mechanism;
- Padata parallel execution mechanism;
- printk logging mechanism;
- Scheduler infrastructure;
- Timer subsystem;
- Tracing infrastructure;
- Memory management;
- 802.1Q VLAN protocol;
- B.A.T.M.A.N. meshing protocol;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- Logical Link layer;
- Multipath TCP;
- Netfilter;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- Network traffic control;
- Wireless networking;
- Landlock security;
- Linux Security Modules (LSM) Framework;
- Tomoyo security module;
(CVE-2025-21804, CVE-2025-21779, CVE-2025-21878, CVE-2025-21735,
CVE-2024-57977, CVE-2025-21951, CVE-2025-21704, CVE-2025-21859,
CVE-2025-21760, CVE-2025-21862, CVE-2024-57834, CVE-2025-21745,
CVE-2025-21762, CVE-2024-58005, CVE-2025-21846, CVE-2025-21914,
CVE-2025-21736, CVE-2025-21928, CVE-2024-57986, CVE-2025-21761,
CVE-2024-58086, CVE-2025-21731, CVE-2025-21766, CVE-2025-21844,
CVE-2024-58072, CVE-2024-58069, CVE-2025-21924, CVE-2025-21848,
CVE-2025-21950, CVE-2025-21934, CVE-2025-21647, CVE-2024-58076,
CVE-2025-21726, CVE-2025-21791, CVE-2025-21722, CVE-2025-21971,
CVE-2025-21719, CVE-2025-21904, CVE-2025-21875, CVE-2025-21877,
CVE-2025-21758, CVE-2024-58001, CVE-2024-58007, CVE-2024-58010,
CVE-2025-21787, CVE-2025-21905, CVE-2024-58055, CVE-2025-21782,
CVE-2024-58090, CVE-2025-21910, CVE-2025-21708, CVE-2025-21826,
CVE-2024-57980, CVE-2024-58051, CVE-2024-56721, CVE-2025-21909,
CVE-2025-21802, CVE-2025-21744, CVE-2024-58058, CVE-2025-21728,
CVE-2024-47726, CVE-2024-58079, CVE-2024-58002, CVE-2024-58014,
CVE-2025-21898, CVE-2025-21811, CVE-2024-57979, CVE-2025-21865,
CVE-2025-21748, CVE-2025-21749, CVE-2025-21920, CVE-2025-21763,
CVE-2025-21764, CVE-2025-21887, CVE-2025-21858, CVE-2024-58034,
CVE-2025-21820, CVE-2024-57978, CVE-2025-21866, CVE-2025-21922,
CVE-2025-21926, CVE-2025-21753, CVE-2024-58052, CVE-2025-21684,
CVE-2025-21823, CVE-2024-58016, CVE-2025-21835, CVE-2025-21925,
CVE-2025-21707, CVE-2025-21785, CVE-2025-21795, CVE-2025-21718,
CVE-2025-21935, CVE-2025-21765, CVE-2025-21715, CVE-2025-21916,
CVE-2025-21727, CVE-2025-21912, CVE-2024-58071, CVE-2024-58083,
CVE-2025-21948, CVE-2024-56599, CVE-2025-21721, CVE-2024-58063,
CVE-2025-21806, CVE-2025-21772, CVE-2025-21776, CVE-2025-21830,
CVE-2025-21917, CVE-2024-58020, CVE-2025-21871, CVE-2025-21796,
CVE-2025-21711, CVE-2024-58017, CVE-2024-58085, CVE-2024-57981,
CVE-2024-57973, CVE-2025-21919, CVE-2025-21814, CVE-2024-26982,
CVE-2025-21781, CVE-2025-21943, CVE-2025-21799, CVE-2025-21767)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.15.0-1084-aws 5.15.0-1084.91~20.04.1
linux-image-aws 5.15.0.1084.91~20.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7510-8
https://ubuntu.com/security/notices/USN-7510-7
https://ubuntu.com/security/notices/USN-7510-6
https://ubuntu.com/security/notices/USN-7510-5
https://ubuntu.com/security/notices/USN-7510-4
https://ubuntu.com/security/notices/USN-7510-3
https://ubuntu.com/security/notices/USN-7510-2
https://ubuntu.com/security/notices/USN-7510-1
CVE-2024-26982, CVE-2024-47726, CVE-2024-56599, CVE-2024-56721,
CVE-2024-57834, CVE-2024-57973, CVE-2024-57977, CVE-2024-57978,
CVE-2024-57979, CVE-2024-57980, CVE-2024-57981, CVE-2024-57986,
CVE-2024-58001, CVE-2024-58002, CVE-2024-58005, CVE-2024-58007,
CVE-2024-58010, CVE-2024-58014, CVE-2024-58016, CVE-2024-58017,
CVE-2024-58020, CVE-2024-58034, CVE-2024-58051, CVE-2024-58052,
CVE-2024-58055, CVE-2024-58058, CVE-2024-58063, CVE-2024-58069,
CVE-2024-58071, CVE-2024-58072, CVE-2024-58076, CVE-2024-58079,
CVE-2024-58083, CVE-2024-58085, CVE-2024-58086, CVE-2024-58090,
CVE-2025-21647, CVE-2025-21684, CVE-2025-21704, CVE-2025-21707,
CVE-2025-21708, CVE-2025-21711, CVE-2025-21715, CVE-2025-21718,
CVE-2025-21719, CVE-2025-21721, CVE-2025-21722, CVE-2025-21726,
CVE-2025-21727, CVE-2025-21728, CVE-2025-21731, CVE-2025-21735,
CVE-2025-21736, CVE-2025-21744, CVE-2025-21745, CVE-2025-21748,
CVE-2025-21749, CVE-2025-21753, CVE-2025-21758, CVE-2025-21760,
CVE-2025-21761, CVE-2025-21762, CVE-2025-21763, CVE-2025-21764,
CVE-2025-21765, CVE-2025-21766, CVE-2025-21767, CVE-2025-21772,
CVE-2025-21776, CVE-2025-21779, CVE-2025-21781, CVE-2025-21782,
CVE-2025-21785, CVE-2025-21787, CVE-2025-21791, CVE-2025-21795,
CVE-2025-21796, CVE-2025-21799, CVE-2025-21802, CVE-2025-21804,
CVE-2025-21806, CVE-2025-21811, CVE-2025-21814, CVE-2025-21820,
CVE-2025-21823, CVE-2025-21826, CVE-2025-21830, CVE-2025-21835,
CVE-2025-21844, CVE-2025-21846, CVE-2025-21848, CVE-2025-21858,
CVE-2025-21859, CVE-2025-21862, CVE-2025-21865, CVE-2025-21866,
CVE-2025-21871, CVE-2025-21875, CVE-2025-21877, CVE-2025-21878,
CVE-2025-21887, CVE-2025-21898, CVE-2025-21904, CVE-2025-21905,
CVE-2025-21909, CVE-2025-21910, CVE-2025-21912, CVE-2025-21914,
CVE-2025-21916, CVE-2025-21917, CVE-2025-21919, CVE-2025-21920,
CVE-2025-21922, CVE-2025-21924, CVE-2025-21925, CVE-2025-21926,
CVE-2025-21928, CVE-2025-21934, CVE-2025-21935, CVE-2025-21943,
CVE-2025-21948, CVE-2025-21950, CVE-2025-21951, CVE-2025-21971
Package Information:
https://launchpad.net/ubuntu/+source/linux-aws-5.15/5.15.0-1084.91~20.04.1
[LSN-0112-1] Linux kernel vulnerabilities
Linux kernel vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 22.04 LTS
Summary
Several security issues were fixed in the kernel.
Software Description
- linux - Linux kernel
- linux-aws - Linux kernel for Amazon Web Services (AWS) systems
- linux-azure - Linux kernel for Microsoft Azure Cloud systems
- linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
- linux-gke - Linux kernel for Google Container Engine (GKE) systems
- linux-gkeop - Linux kernel for Google Container Engine (GKE) systems
- linux-ibm - Linux kernel for IBM cloud systems
- linux-oracle - Linux kernel for Oracle Cloud systems
Details
In the Linux kernel, the following vulnerability has been resolved:
nfsd: fix use-after-free due to delegation race A delegation break could
arrive as soon as we've called vfs_setlease. A delegation break runs a
callback which immediately (in nfsd4_cb_recall_prepare) adds the
delegation to del_recall_lru. If we then exit nfs4_set_delegation
without hashing the delegation, it will be freed as soon as the callback
is done with it, without ever being removed from del_recall_lru.
Symptoms show up later as use-after-free or list corruption warnings,
usually in the laundromat thread. I suspect aba2072f4523 "nfsd: grant
read delegations to clients holding writes" made this bug easier to hit,
but I looked as far back as v3.0 and it looks to me it already had the
same problem. So I'm not sure where the bug was introduced; it may have
been there from the beginning. (CVE-2021-47506)
Jann Horn discovered that the watch_queue event notification subsystem
in the Linux kernel contained an out-of-bounds write vulnerability. A
local attacker could use this to cause a denial of service (system
crash) or escalate their privileges. (CVE-2022-0995)
In the Linux kernel, the following vulnerability has been resolved: net:
atlantic: eliminate double free in error handling logic Driver has a
logic leak in ring data allocation/free, where aq_ring_free could be
called multiple times on same ring, if system is under stress and got
memory allocation error. Ring pointer was used as an indicator of
failure, but this is not correct since only ring data is
allocated/deallocated. Ring itself is an array member. Changing ring
allocation functions to return error code directly. This simplifies
error handling and eliminates aq_ring_free on higher layer.
(CVE-2023-52664)
In the Linux kernel, the following vulnerability has been resolved:
ceph: prevent use-after-free in encode_cap_msg() In fs/ceph/caps.c, in
encode_cap_msg(), "use after free" error was caught by KASAN at this
line - 'ceph_buffer_get(arg->xattr_buf);'. This implies before the
refcount could be increment here, it was freed. In same file, in
"handle_cap_grant()" refcount is decremented by this line -
'ceph_buffer_put(ci->i_xattrs.blob);'. It appears that a race occurred
and resource was freed by the latter line before the former line could
increment it. encode_cap_msg() is called by __send_cap() and
__send_cap() is called by ceph_check_caps() after calling __prep_cap().
__prep_cap() is where arg->xattr_buf is assigned to ci->i_xattrs.blob.
This is the spot where the refcount must be increased to prevent "use
after free" error. (CVE-2024-26689)
In the Linux kernel, the following vulnerability has been resolved: smb:
client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions
that are being teared down (status == SES_EXITING) to avoid UAF.
(CVE-2024-35864)
In the Linux kernel, the following vulnerability has been resolved: HID:
core: zero-initialize the report buffer Since the report buffer is used
by all kinds of drivers in various ways, let's zero- initialize it
during allocation to make sure that it can't be ever used to leak kernel
memory via specially-crafted report. (CVE-2024-50302)
In the Linux kernel, the following vulnerability has been resolved:
media: dvbdev: prevent the risk of out of memory access The dvbdev
contains a static variable used to store dvb minors. The behavior of it
depends if CONFIG_DVB_DYNAMIC_MINORS is set or not. When not set,
dvb_register_device() won't check for boundaries, as it will rely that a
previous call to dvb_register_adapter() would already be enforcing it.
On a similar way, dvb_device_open() uses the assumption that the
register functions already did the needed checks. This can be fragile if
some device ends using different calls. This also generate warnings on
static check analysers like Coverity. So, add explicit guards to prevent
potential risk of OOM issues. (CVE-2024-53063)
In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-audio: Fix out of bounds reads when finding clock sources The
current USB-audio driver code doesn't check bLength of each descriptor
at traversing for clock descriptors. That is, when a device provides a
bogus descriptor with a shorter bLength, the driver might hit
out-of-bounds reads. For addressing it, this patch adds sanity checks to
the validator functions for the clock descriptor traversal. When the
descriptor length is shorter than expected, it's skipped in the loop.
For the clock source and clock multiplier descriptors, we can just check
bLength against the sizeof() of each descriptor type. OTOH, the clock
selector descriptor of UAC2 and UAC3 has an array of bNrInPins elements
and two more fields at its tail, hence those have to be checked in
addition to the sizeof() check. (CVE-2024-53150)
In the Linux kernel, the following vulnerability has been resolved:
sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN:
slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0
(CVE-2024-53168)
In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox
devices A bogus device can provide a bNumConfigurations value that
exceeds the initial value used in usb_get_configuration for allocating
dev->config. This can lead to out-of-bounds accesses later, e.g. in
usb_destroy_configuration. (CVE-2024-53197)
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: fix usage slab after free [ +0.000021] BUG: KASAN:
slab-use-after-free in drm_sched_entity_flush+0x6cb/0x7a0 (CVE-2024-56551)
In the Linux kernel, the following vulnerability has been resolved:
wifi: brcmfmac: Fix oops due to NULL pointer dereference in
brcmf_sdiod_sglist_rw() This patch fixes a NULL pointer dereference bug
in brcmfmac that occurs when a high 'sd_sgentry_align' value applies
(e.g. 512) and a lot of queued SKBs are sent from the pkt queue. The
problem is the number of entries in the pre-allocated sgtable, it is
nents = max(rxglom_size, txglom_size) + max(rxglom_size, txglom_size) >>
4 + 1. Given the default [rt]xglom_size=32 it's actually 35 which is too
small. Worst case, the pkt queue can end up with 64 SKBs. This occurs
when a new SKB is added for each original SKB if tailroom isn't enough
to hold tail_pad. At least one sg entry is needed for each SKB. So,
eventually the "skb_queue_walk loop" in brcmf_sdiod_sglist_rw may run
out of sg entries. This makes sg_next return NULL and this causes the
oops. The patch sets nents to max(rxglom_size, txglom_size) * 2 to be
able handle the worst- case. Btw. this requires only 64-35=29 * 16 (or
20 if CONFIG_NEED_SG_DMA_LENGTH) = 464 additional bytes of memory.
(CVE-2024-56593)
In the Linux kernel, the following vulnerability has been resolved: jfs:
add a check to prevent array-index-out-of-bounds in dbAdjTree When the
value of lp is 0 at the beginning of the for loop, it will become
negative in the next assignment and we should bail out. (CVE-2024-56595)
In the Linux kernel, the following vulnerability has been resolved: jfs:
array-index-out-of-bounds fix in dtReadFirst The value of stbl can be
sometimes out of bounds due to a bad filesystem. Added a check with
appopriate return of error code in that case. (CVE-2024-56598)
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: btmtk: avoid UAF in btmtk_process_coredump hci_devcd_append
may lead to the release of the skb, so it cannot be accessed once it is
called. (CVE-2024-56653)
In the Linux kernel, the following vulnerability has been resolved:
drm/dp_mst: Ensure mst_primary pointer is valid in
drm_dp_mst_handle_up_req() While receiving an MST up request message
from one thread in drm_dp_mst_handle_up_req(), the MST topology could be
removed from another thread via drm_dp_mst_topology_mgr_set_mst(false),
freeing mst_primary and setting drm_dp_mst_topology_mgr::mst_primary to
NULL. This could lead to a NULL deref/use-after-free of mst_primary in
drm_dp_mst_handle_up_req(). Avoid the above by holding a reference for
mst_primary in drm_dp_mst_handle_up_req() while it's used. v2: Fix
kfreeing the request if getting an mst_primary reference fails.
(CVE-2024-57798)
Update instructions
The problem can be corrected by updating your kernel livepatch to the
following versions:
Ubuntu 20.04 LTS
aws - 112.1
aws - 112.2
azure - 112.1
azure - 112.2
gcp - 112.1
gcp - 112.2
generic - 112.1
generic - 112.2
gkeop - 112.1
ibm - 112.1
lowlatency - 112.1
lowlatency - 112.2
oracle - 112.1
Ubuntu 18.04 LTS
aws - 112.1
azure - 112.1
gcp - 112.1
generic - 112.1
lowlatency - 112.1
oracle - 112.1
Ubuntu 16.04 LTS
aws - 112.1
azure - 112.1
gcp - 112.1
generic - 112.1
lowlatency - 112.1
Ubuntu 22.04 LTS
aws - 112.1
aws - 112.2
azure - 112.1
azure - 112.2
gcp - 112.1
generic - 112.1
gke - 112.1
ibm - 112.1
oracle - 112.1
Support Information
Livepatches for supported LTS kernels will receive upgrades for a period
of up to 13 months after the build date of the kernel.
Livepatches for supported HWE kernels which are not based on an LTS
kernel version will receive upgrades for a period of up to 9 months
after the build date of the kernel, or until the end of support for that
kernel's non-LTS distro release version, whichever is sooner.
References
- CVE-2021-47506
- CVE-2022-0995
- CVE-2023-52664
- CVE-2024-26689
- CVE-2024-35864
- CVE-2024-50302
- CVE-2024-53063
- CVE-2024-53150
- CVE-2024-53168
- CVE-2024-53197
- CVE-2024-56551
- CVE-2024-56593
- CVE-2024-56595
- CVE-2024-56598
- CVE-2024-56653
- CVE-2024-57798
[USN-7516-8] Linux kernel (FIPS) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7516-8
May 29, 2025
linux-aws-fips, linux-fips vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws-fips: Linux kernel for Amazon Web Services (AWS) systems with FIPS
- linux-fips: Linux kernel with FIPS
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- Block layer subsystem;
- Drivers core;
- Network block device driver;
- Character device driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- Network drivers;
- PPS (Pulse Per Second) driver;
- PTP clock framework;
- RapidIO drivers;
- Real Time Clock drivers;
- SCSI subsystem;
- SLIMbus drivers;
- QCOM SoC drivers;
- Trusted Execution Environment drivers;
- USB DSL drivers;
- USB Device Class drivers;
- USB core drivers;
- USB Gadget drivers;
- USB Host Controller drivers;
- Renesas USBHS Controller drivers;
- File systems infrastructure;
- BTRFS file system;
- NILFS2 file system;
- UBI file system;
- KVM subsystem;
- L3 Master device support module;
- Process Accounting mechanism;
- printk logging mechanism;
- Scheduler infrastructure;
- Tracing infrastructure;
- Memory management;
- 802.1Q VLAN protocol;
- B.A.T.M.A.N. meshing protocol;
- Bluetooth subsystem;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- Logical Link layer;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- Network traffic control;
- Wireless networking;
- Tomoyo security module;
(CVE-2024-58072, CVE-2024-58051, CVE-2024-58058, CVE-2024-57977,
CVE-2024-58007, CVE-2025-21753, CVE-2025-21647, CVE-2025-21787,
CVE-2025-21791, CVE-2025-21782, CVE-2024-56599, CVE-2024-58063,
CVE-2025-21806, CVE-2021-47191, CVE-2025-21823, CVE-2025-21776,
CVE-2025-21948, CVE-2024-58017, CVE-2024-57981, CVE-2025-21925,
CVE-2024-58069, CVE-2024-58085, CVE-2025-21704, CVE-2025-21811,
CVE-2025-21858, CVE-2025-21862, CVE-2024-58010, CVE-2025-21926,
CVE-2025-21920, CVE-2025-21762, CVE-2025-21914, CVE-2025-21916,
CVE-2023-52741, CVE-2025-21835, CVE-2025-21761, CVE-2025-21905,
CVE-2024-50055, CVE-2024-57980, CVE-2025-21728, CVE-2025-21910,
CVE-2025-21785, CVE-2025-21848, CVE-2024-58090, CVE-2025-21971,
CVE-2024-58071, CVE-2025-21909, CVE-2025-21722, CVE-2025-21765,
CVE-2025-21859, CVE-2025-21744, CVE-2025-21781, CVE-2025-21922,
CVE-2024-57979, CVE-2024-58052, CVE-2025-21718, CVE-2024-58014,
CVE-2024-58020, CVE-2025-21772, CVE-2025-21904, CVE-2025-21708,
CVE-2025-21846, CVE-2025-21935, CVE-2025-21763, CVE-2025-21934,
CVE-2024-57973, CVE-2025-21877, CVE-2025-21760, CVE-2024-58002,
CVE-2025-21721, CVE-2025-21719, CVE-2024-58083, CVE-2025-21928,
CVE-2025-21871, CVE-2024-58009, CVE-2025-21749, CVE-2025-21866,
CVE-2024-58055, CVE-2025-21814, CVE-2024-26996, CVE-2025-21898,
CVE-2025-21715, CVE-2024-57986, CVE-2024-58001, CVE-2025-21731,
CVE-2025-21764, CVE-2025-21917, CVE-2024-26982, CVE-2025-21736,
CVE-2025-21865, CVE-2025-21735)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.4.0-1120-fips 5.4.0-1120.130
Available with Ubuntu Pro
linux-image-5.4.0-1146-aws-fips 5.4.0-1146.156+fips1
Available with Ubuntu Pro
linux-image-aws-fips 5.4.0.1146.93
Available with Ubuntu Pro
linux-image-fips 5.4.0.1120.117
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7516-8
https://ubuntu.com/security/notices/USN-7516-7
https://ubuntu.com/security/notices/USN-7516-6
https://ubuntu.com/security/notices/USN-7516-5
https://ubuntu.com/security/notices/USN-7516-4
https://ubuntu.com/security/notices/USN-7516-3
https://ubuntu.com/security/notices/USN-7516-2
https://ubuntu.com/security/notices/USN-7516-1
CVE-2021-47191, CVE-2023-52741, CVE-2024-26982, CVE-2024-26996,
CVE-2024-50055, CVE-2024-56599, CVE-2024-57973, CVE-2024-57977,
CVE-2024-57979, CVE-2024-57980, CVE-2024-57981, CVE-2024-57986,
CVE-2024-58001, CVE-2024-58002, CVE-2024-58007, CVE-2024-58009,
CVE-2024-58010, CVE-2024-58014, CVE-2024-58017, CVE-2024-58020,
CVE-2024-58051, CVE-2024-58052, CVE-2024-58055, CVE-2024-58058,
CVE-2024-58063, CVE-2024-58069, CVE-2024-58071, CVE-2024-58072,
CVE-2024-58083, CVE-2024-58085, CVE-2024-58090, CVE-2025-21647,
CVE-2025-21704, CVE-2025-21708, CVE-2025-21715, CVE-2025-21718,
CVE-2025-21719, CVE-2025-21721, CVE-2025-21722, CVE-2025-21728,
CVE-2025-21731, CVE-2025-21735, CVE-2025-21736, CVE-2025-21744,
CVE-2025-21749, CVE-2025-21753, CVE-2025-21760, CVE-2025-21761,
CVE-2025-21762, CVE-2025-21763, CVE-2025-21764, CVE-2025-21765,
CVE-2025-21772, CVE-2025-21776, CVE-2025-21781, CVE-2025-21782,
CVE-2025-21785, CVE-2025-21787, CVE-2025-21791, CVE-2025-21806,
CVE-2025-21811, CVE-2025-21814, CVE-2025-21823, CVE-2025-21835,
CVE-2025-21846, CVE-2025-21848, CVE-2025-21858, CVE-2025-21859,
CVE-2025-21862, CVE-2025-21865, CVE-2025-21866, CVE-2025-21871,
CVE-2025-21877, CVE-2025-21898, CVE-2025-21904, CVE-2025-21905,
CVE-2025-21909, CVE-2025-21910, CVE-2025-21914, CVE-2025-21916,
CVE-2025-21917, CVE-2025-21920, CVE-2025-21922, CVE-2025-21925,
CVE-2025-21926, CVE-2025-21928, CVE-2025-21934, CVE-2025-21935,
CVE-2025-21948, CVE-2025-21971
Package Information:
https://launchpad.net/ubuntu/+source/linux-aws-fips/5.4.0-1146.156+fips1
https://launchpad.net/ubuntu/+source/linux-fips/5.4.0-1120.130
Ubuntu Security Notice USN-7516-8
May 29, 2025
linux-aws-fips, linux-fips vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws-fips: Linux kernel for Amazon Web Services (AWS) systems with FIPS
- linux-fips: Linux kernel with FIPS
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- Block layer subsystem;
- Drivers core;
- Network block device driver;
- Character device driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- Network drivers;
- PPS (Pulse Per Second) driver;
- PTP clock framework;
- RapidIO drivers;
- Real Time Clock drivers;
- SCSI subsystem;
- SLIMbus drivers;
- QCOM SoC drivers;
- Trusted Execution Environment drivers;
- USB DSL drivers;
- USB Device Class drivers;
- USB core drivers;
- USB Gadget drivers;
- USB Host Controller drivers;
- Renesas USBHS Controller drivers;
- File systems infrastructure;
- BTRFS file system;
- NILFS2 file system;
- UBI file system;
- KVM subsystem;
- L3 Master device support module;
- Process Accounting mechanism;
- printk logging mechanism;
- Scheduler infrastructure;
- Tracing infrastructure;
- Memory management;
- 802.1Q VLAN protocol;
- B.A.T.M.A.N. meshing protocol;
- Bluetooth subsystem;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- Logical Link layer;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- Network traffic control;
- Wireless networking;
- Tomoyo security module;
(CVE-2024-58072, CVE-2024-58051, CVE-2024-58058, CVE-2024-57977,
CVE-2024-58007, CVE-2025-21753, CVE-2025-21647, CVE-2025-21787,
CVE-2025-21791, CVE-2025-21782, CVE-2024-56599, CVE-2024-58063,
CVE-2025-21806, CVE-2021-47191, CVE-2025-21823, CVE-2025-21776,
CVE-2025-21948, CVE-2024-58017, CVE-2024-57981, CVE-2025-21925,
CVE-2024-58069, CVE-2024-58085, CVE-2025-21704, CVE-2025-21811,
CVE-2025-21858, CVE-2025-21862, CVE-2024-58010, CVE-2025-21926,
CVE-2025-21920, CVE-2025-21762, CVE-2025-21914, CVE-2025-21916,
CVE-2023-52741, CVE-2025-21835, CVE-2025-21761, CVE-2025-21905,
CVE-2024-50055, CVE-2024-57980, CVE-2025-21728, CVE-2025-21910,
CVE-2025-21785, CVE-2025-21848, CVE-2024-58090, CVE-2025-21971,
CVE-2024-58071, CVE-2025-21909, CVE-2025-21722, CVE-2025-21765,
CVE-2025-21859, CVE-2025-21744, CVE-2025-21781, CVE-2025-21922,
CVE-2024-57979, CVE-2024-58052, CVE-2025-21718, CVE-2024-58014,
CVE-2024-58020, CVE-2025-21772, CVE-2025-21904, CVE-2025-21708,
CVE-2025-21846, CVE-2025-21935, CVE-2025-21763, CVE-2025-21934,
CVE-2024-57973, CVE-2025-21877, CVE-2025-21760, CVE-2024-58002,
CVE-2025-21721, CVE-2025-21719, CVE-2024-58083, CVE-2025-21928,
CVE-2025-21871, CVE-2024-58009, CVE-2025-21749, CVE-2025-21866,
CVE-2024-58055, CVE-2025-21814, CVE-2024-26996, CVE-2025-21898,
CVE-2025-21715, CVE-2024-57986, CVE-2024-58001, CVE-2025-21731,
CVE-2025-21764, CVE-2025-21917, CVE-2024-26982, CVE-2025-21736,
CVE-2025-21865, CVE-2025-21735)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.4.0-1120-fips 5.4.0-1120.130
Available with Ubuntu Pro
linux-image-5.4.0-1146-aws-fips 5.4.0-1146.156+fips1
Available with Ubuntu Pro
linux-image-aws-fips 5.4.0.1146.93
Available with Ubuntu Pro
linux-image-fips 5.4.0.1120.117
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7516-8
https://ubuntu.com/security/notices/USN-7516-7
https://ubuntu.com/security/notices/USN-7516-6
https://ubuntu.com/security/notices/USN-7516-5
https://ubuntu.com/security/notices/USN-7516-4
https://ubuntu.com/security/notices/USN-7516-3
https://ubuntu.com/security/notices/USN-7516-2
https://ubuntu.com/security/notices/USN-7516-1
CVE-2021-47191, CVE-2023-52741, CVE-2024-26982, CVE-2024-26996,
CVE-2024-50055, CVE-2024-56599, CVE-2024-57973, CVE-2024-57977,
CVE-2024-57979, CVE-2024-57980, CVE-2024-57981, CVE-2024-57986,
CVE-2024-58001, CVE-2024-58002, CVE-2024-58007, CVE-2024-58009,
CVE-2024-58010, CVE-2024-58014, CVE-2024-58017, CVE-2024-58020,
CVE-2024-58051, CVE-2024-58052, CVE-2024-58055, CVE-2024-58058,
CVE-2024-58063, CVE-2024-58069, CVE-2024-58071, CVE-2024-58072,
CVE-2024-58083, CVE-2024-58085, CVE-2024-58090, CVE-2025-21647,
CVE-2025-21704, CVE-2025-21708, CVE-2025-21715, CVE-2025-21718,
CVE-2025-21719, CVE-2025-21721, CVE-2025-21722, CVE-2025-21728,
CVE-2025-21731, CVE-2025-21735, CVE-2025-21736, CVE-2025-21744,
CVE-2025-21749, CVE-2025-21753, CVE-2025-21760, CVE-2025-21761,
CVE-2025-21762, CVE-2025-21763, CVE-2025-21764, CVE-2025-21765,
CVE-2025-21772, CVE-2025-21776, CVE-2025-21781, CVE-2025-21782,
CVE-2025-21785, CVE-2025-21787, CVE-2025-21791, CVE-2025-21806,
CVE-2025-21811, CVE-2025-21814, CVE-2025-21823, CVE-2025-21835,
CVE-2025-21846, CVE-2025-21848, CVE-2025-21858, CVE-2025-21859,
CVE-2025-21862, CVE-2025-21865, CVE-2025-21866, CVE-2025-21871,
CVE-2025-21877, CVE-2025-21898, CVE-2025-21904, CVE-2025-21905,
CVE-2025-21909, CVE-2025-21910, CVE-2025-21914, CVE-2025-21916,
CVE-2025-21917, CVE-2025-21920, CVE-2025-21922, CVE-2025-21925,
CVE-2025-21926, CVE-2025-21928, CVE-2025-21934, CVE-2025-21935,
CVE-2025-21948, CVE-2025-21971
Package Information:
https://launchpad.net/ubuntu/+source/linux-aws-fips/5.4.0-1146.156+fips1
https://launchpad.net/ubuntu/+source/linux-fips/5.4.0-1120.130
[USN-7516-7] Linux kernel (AWS) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7516-7
May 29, 2025
linux-aws-5.4 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws-5.4: Linux kernel for Amazon Web Services (AWS) systems
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- Block layer subsystem;
- Drivers core;
- Network block device driver;
- Character device driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- Network drivers;
- PPS (Pulse Per Second) driver;
- PTP clock framework;
- RapidIO drivers;
- Real Time Clock drivers;
- SCSI subsystem;
- SLIMbus drivers;
- QCOM SoC drivers;
- Trusted Execution Environment drivers;
- USB DSL drivers;
- USB Device Class drivers;
- USB core drivers;
- USB Gadget drivers;
- USB Host Controller drivers;
- Renesas USBHS Controller drivers;
- File systems infrastructure;
- BTRFS file system;
- NILFS2 file system;
- UBI file system;
- KVM subsystem;
- L3 Master device support module;
- Process Accounting mechanism;
- printk logging mechanism;
- Scheduler infrastructure;
- Tracing infrastructure;
- Memory management;
- 802.1Q VLAN protocol;
- B.A.T.M.A.N. meshing protocol;
- Bluetooth subsystem;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- Logical Link layer;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- Network traffic control;
- Wireless networking;
- Tomoyo security module;
(CVE-2025-21791, CVE-2024-58002, CVE-2024-57980, CVE-2025-21848,
CVE-2025-21846, CVE-2025-21859, CVE-2024-57981, CVE-2025-21735,
CVE-2025-21909, CVE-2025-21926, CVE-2025-21731, CVE-2025-21760,
CVE-2025-21806, CVE-2024-57979, CVE-2024-58009, CVE-2025-21866,
CVE-2025-21781, CVE-2025-21862, CVE-2024-58090, CVE-2024-58069,
CVE-2024-58014, CVE-2025-21763, CVE-2023-52741, CVE-2025-21776,
CVE-2024-58010, CVE-2025-21871, CVE-2021-47191, CVE-2024-58058,
CVE-2025-21721, CVE-2025-21715, CVE-2024-58052, CVE-2024-56599,
CVE-2025-21708, CVE-2024-58071, CVE-2025-21785, CVE-2024-50055,
CVE-2025-21925, CVE-2025-21904, CVE-2024-58007, CVE-2025-21905,
CVE-2025-21772, CVE-2025-21736, CVE-2025-21718, CVE-2025-21764,
CVE-2025-21920, CVE-2024-58017, CVE-2024-58020, CVE-2025-21761,
CVE-2024-58001, CVE-2025-21704, CVE-2025-21922, CVE-2025-21782,
CVE-2025-21728, CVE-2025-21719, CVE-2025-21835, CVE-2024-57977,
CVE-2024-57973, CVE-2025-21971, CVE-2025-21934, CVE-2025-21749,
CVE-2025-21916, CVE-2024-58063, CVE-2025-21898, CVE-2025-21877,
CVE-2024-58072, CVE-2025-21811, CVE-2025-21858, CVE-2025-21865,
CVE-2025-21744, CVE-2025-21753, CVE-2024-26996, CVE-2025-21814,
CVE-2024-57986, CVE-2025-21910, CVE-2025-21722, CVE-2024-58051,
CVE-2025-21787, CVE-2025-21935, CVE-2024-58055, CVE-2024-26982,
CVE-2025-21647, CVE-2025-21928, CVE-2024-58083, CVE-2025-21948,
CVE-2025-21914, CVE-2024-58085, CVE-2025-21765, CVE-2025-21762,
CVE-2025-21823, CVE-2025-21917)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
linux-image-5.4.0-1146-aws 5.4.0-1146.156~18.04.1
Available with Ubuntu Pro
linux-image-aws 5.4.0.1146.156~18.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7516-7
https://ubuntu.com/security/notices/USN-7516-6
https://ubuntu.com/security/notices/USN-7516-5
https://ubuntu.com/security/notices/USN-7516-4
https://ubuntu.com/security/notices/USN-7516-3
https://ubuntu.com/security/notices/USN-7516-2
https://ubuntu.com/security/notices/USN-7516-1
CVE-2021-47191, CVE-2023-52741, CVE-2024-26982, CVE-2024-26996,
CVE-2024-50055, CVE-2024-56599, CVE-2024-57973, CVE-2024-57977,
CVE-2024-57979, CVE-2024-57980, CVE-2024-57981, CVE-2024-57986,
CVE-2024-58001, CVE-2024-58002, CVE-2024-58007, CVE-2024-58009,
CVE-2024-58010, CVE-2024-58014, CVE-2024-58017, CVE-2024-58020,
CVE-2024-58051, CVE-2024-58052, CVE-2024-58055, CVE-2024-58058,
CVE-2024-58063, CVE-2024-58069, CVE-2024-58071, CVE-2024-58072,
CVE-2024-58083, CVE-2024-58085, CVE-2024-58090, CVE-2025-21647,
CVE-2025-21704, CVE-2025-21708, CVE-2025-21715, CVE-2025-21718,
CVE-2025-21719, CVE-2025-21721, CVE-2025-21722, CVE-2025-21728,
CVE-2025-21731, CVE-2025-21735, CVE-2025-21736, CVE-2025-21744,
CVE-2025-21749, CVE-2025-21753, CVE-2025-21760, CVE-2025-21761,
CVE-2025-21762, CVE-2025-21763, CVE-2025-21764, CVE-2025-21765,
CVE-2025-21772, CVE-2025-21776, CVE-2025-21781, CVE-2025-21782,
CVE-2025-21785, CVE-2025-21787, CVE-2025-21791, CVE-2025-21806,
CVE-2025-21811, CVE-2025-21814, CVE-2025-21823, CVE-2025-21835,
CVE-2025-21846, CVE-2025-21848, CVE-2025-21858, CVE-2025-21859,
CVE-2025-21862, CVE-2025-21865, CVE-2025-21866, CVE-2025-21871,
CVE-2025-21877, CVE-2025-21898, CVE-2025-21904, CVE-2025-21905,
CVE-2025-21909, CVE-2025-21910, CVE-2025-21914, CVE-2025-21916,
CVE-2025-21917, CVE-2025-21920, CVE-2025-21922, CVE-2025-21925,
CVE-2025-21926, CVE-2025-21928, CVE-2025-21934, CVE-2025-21935,
CVE-2025-21948, CVE-2025-21971
Ubuntu Security Notice USN-7516-7
May 29, 2025
linux-aws-5.4 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws-5.4: Linux kernel for Amazon Web Services (AWS) systems
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- Block layer subsystem;
- Drivers core;
- Network block device driver;
- Character device driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- Network drivers;
- PPS (Pulse Per Second) driver;
- PTP clock framework;
- RapidIO drivers;
- Real Time Clock drivers;
- SCSI subsystem;
- SLIMbus drivers;
- QCOM SoC drivers;
- Trusted Execution Environment drivers;
- USB DSL drivers;
- USB Device Class drivers;
- USB core drivers;
- USB Gadget drivers;
- USB Host Controller drivers;
- Renesas USBHS Controller drivers;
- File systems infrastructure;
- BTRFS file system;
- NILFS2 file system;
- UBI file system;
- KVM subsystem;
- L3 Master device support module;
- Process Accounting mechanism;
- printk logging mechanism;
- Scheduler infrastructure;
- Tracing infrastructure;
- Memory management;
- 802.1Q VLAN protocol;
- B.A.T.M.A.N. meshing protocol;
- Bluetooth subsystem;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- Logical Link layer;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- Network traffic control;
- Wireless networking;
- Tomoyo security module;
(CVE-2025-21791, CVE-2024-58002, CVE-2024-57980, CVE-2025-21848,
CVE-2025-21846, CVE-2025-21859, CVE-2024-57981, CVE-2025-21735,
CVE-2025-21909, CVE-2025-21926, CVE-2025-21731, CVE-2025-21760,
CVE-2025-21806, CVE-2024-57979, CVE-2024-58009, CVE-2025-21866,
CVE-2025-21781, CVE-2025-21862, CVE-2024-58090, CVE-2024-58069,
CVE-2024-58014, CVE-2025-21763, CVE-2023-52741, CVE-2025-21776,
CVE-2024-58010, CVE-2025-21871, CVE-2021-47191, CVE-2024-58058,
CVE-2025-21721, CVE-2025-21715, CVE-2024-58052, CVE-2024-56599,
CVE-2025-21708, CVE-2024-58071, CVE-2025-21785, CVE-2024-50055,
CVE-2025-21925, CVE-2025-21904, CVE-2024-58007, CVE-2025-21905,
CVE-2025-21772, CVE-2025-21736, CVE-2025-21718, CVE-2025-21764,
CVE-2025-21920, CVE-2024-58017, CVE-2024-58020, CVE-2025-21761,
CVE-2024-58001, CVE-2025-21704, CVE-2025-21922, CVE-2025-21782,
CVE-2025-21728, CVE-2025-21719, CVE-2025-21835, CVE-2024-57977,
CVE-2024-57973, CVE-2025-21971, CVE-2025-21934, CVE-2025-21749,
CVE-2025-21916, CVE-2024-58063, CVE-2025-21898, CVE-2025-21877,
CVE-2024-58072, CVE-2025-21811, CVE-2025-21858, CVE-2025-21865,
CVE-2025-21744, CVE-2025-21753, CVE-2024-26996, CVE-2025-21814,
CVE-2024-57986, CVE-2025-21910, CVE-2025-21722, CVE-2024-58051,
CVE-2025-21787, CVE-2025-21935, CVE-2024-58055, CVE-2024-26982,
CVE-2025-21647, CVE-2025-21928, CVE-2024-58083, CVE-2025-21948,
CVE-2025-21914, CVE-2024-58085, CVE-2025-21765, CVE-2025-21762,
CVE-2025-21823, CVE-2025-21917)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
linux-image-5.4.0-1146-aws 5.4.0-1146.156~18.04.1
Available with Ubuntu Pro
linux-image-aws 5.4.0.1146.156~18.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7516-7
https://ubuntu.com/security/notices/USN-7516-6
https://ubuntu.com/security/notices/USN-7516-5
https://ubuntu.com/security/notices/USN-7516-4
https://ubuntu.com/security/notices/USN-7516-3
https://ubuntu.com/security/notices/USN-7516-2
https://ubuntu.com/security/notices/USN-7516-1
CVE-2021-47191, CVE-2023-52741, CVE-2024-26982, CVE-2024-26996,
CVE-2024-50055, CVE-2024-56599, CVE-2024-57973, CVE-2024-57977,
CVE-2024-57979, CVE-2024-57980, CVE-2024-57981, CVE-2024-57986,
CVE-2024-58001, CVE-2024-58002, CVE-2024-58007, CVE-2024-58009,
CVE-2024-58010, CVE-2024-58014, CVE-2024-58017, CVE-2024-58020,
CVE-2024-58051, CVE-2024-58052, CVE-2024-58055, CVE-2024-58058,
CVE-2024-58063, CVE-2024-58069, CVE-2024-58071, CVE-2024-58072,
CVE-2024-58083, CVE-2024-58085, CVE-2024-58090, CVE-2025-21647,
CVE-2025-21704, CVE-2025-21708, CVE-2025-21715, CVE-2025-21718,
CVE-2025-21719, CVE-2025-21721, CVE-2025-21722, CVE-2025-21728,
CVE-2025-21731, CVE-2025-21735, CVE-2025-21736, CVE-2025-21744,
CVE-2025-21749, CVE-2025-21753, CVE-2025-21760, CVE-2025-21761,
CVE-2025-21762, CVE-2025-21763, CVE-2025-21764, CVE-2025-21765,
CVE-2025-21772, CVE-2025-21776, CVE-2025-21781, CVE-2025-21782,
CVE-2025-21785, CVE-2025-21787, CVE-2025-21791, CVE-2025-21806,
CVE-2025-21811, CVE-2025-21814, CVE-2025-21823, CVE-2025-21835,
CVE-2025-21846, CVE-2025-21848, CVE-2025-21858, CVE-2025-21859,
CVE-2025-21862, CVE-2025-21865, CVE-2025-21866, CVE-2025-21871,
CVE-2025-21877, CVE-2025-21898, CVE-2025-21904, CVE-2025-21905,
CVE-2025-21909, CVE-2025-21910, CVE-2025-21914, CVE-2025-21916,
CVE-2025-21917, CVE-2025-21920, CVE-2025-21922, CVE-2025-21925,
CVE-2025-21926, CVE-2025-21928, CVE-2025-21934, CVE-2025-21935,
CVE-2025-21948, CVE-2025-21971
[USN-7513-5] Linux kernel (Oracle) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7513-5
May 29, 2025
linux-oracle-6.8 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-oracle-6.8: Linux kernel for Oracle Cloud systems
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- RISC-V architecture;
- x86 architecture;
- Block layer subsystem;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- Ublk userspace block driver;
- Virtio block driver;
- DMA engine subsystem;
- GPU drivers;
- Microsoft Hyper-V drivers;
- Hardware monitoring drivers;
- IIO ADC drivers;
- IIO subsystem;
- InfiniBand drivers;
- Multiple devices driver;
- Media drivers;
- Microchip PCI driver;
- Network drivers;
- Mellanox network drivers;
- STMicroelectronics network drivers;
- PCI subsystem;
- Pin controllers subsystem;
- x86 platform drivers;
- Power supply drivers;
- SCSI subsystem;
- USB Gadget drivers;
- TDX Guest driver;
- AFS file system;
- BTRFS file system;
- Ceph distributed file system;
- EROFS file system;
- File systems infrastructure;
- Network file systems library;
- NILFS2 file system;
- Overlay file system;
- SMB network file system;
- VLANs driver;
- Memory management;
- LAPB network protocol;
- io_uring subsystem;
- BPF subsystem;
- Control group (cgroup);
- Tracing infrastructure;
- Workqueue subsystem;
- Bluetooth subsystem;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- Multipath TCP;
- Netfilter;
- NET/ROM layer;
- Packet sockets;
- RDS protocol;
- Network traffic control;
- SCTP protocol;
- SMC sockets;
- Wireless networking;
- SELinux security module;
- ALSA framework;
- SOF drivers;
(CVE-2024-57913, CVE-2024-47408, CVE-2024-57884, CVE-2024-57801,
CVE-2025-21664, CVE-2024-57912, CVE-2025-21634, CVE-2024-53125,
CVE-2024-57900, CVE-2024-57911, CVE-2024-56716, CVE-2024-56715,
CVE-2024-57892, CVE-2025-21640, CVE-2025-21646, CVE-2024-57889,
CVE-2024-56758, CVE-2024-56767, CVE-2024-57926, CVE-2024-56670,
CVE-2024-57940, CVE-2024-56717, CVE-2024-56759, CVE-2024-57887,
CVE-2025-21654, CVE-2024-57938, CVE-2024-57841, CVE-2024-39282,
CVE-2024-56761, CVE-2025-21649, CVE-2024-56652, CVE-2024-56665,
CVE-2024-57896, CVE-2024-56667, CVE-2024-57902, CVE-2024-54455,
CVE-2025-21656, CVE-2024-56709, CVE-2025-21635, CVE-2024-57792,
CVE-2025-21642, CVE-2025-21660, CVE-2024-53690, CVE-2024-57904,
CVE-2024-53685, CVE-2025-21938, CVE-2024-55881, CVE-2024-57793,
CVE-2024-56659, CVE-2025-21632, CVE-2024-56656, CVE-2025-21636,
CVE-2024-47736, CVE-2024-57899, CVE-2024-57916, CVE-2024-56664,
CVE-2025-21971, CVE-2025-21659, CVE-2024-57910, CVE-2024-57802,
CVE-2024-57806, CVE-2025-21655, CVE-2024-54193, CVE-2024-57885,
CVE-2025-21658, CVE-2024-57945, CVE-2025-21650, CVE-2024-58237,
CVE-2024-57804, CVE-2024-57888, CVE-2025-21637, CVE-2024-57882,
CVE-2024-57883, CVE-2024-56675, CVE-2025-21663, CVE-2024-49568,
CVE-2024-58087, CVE-2024-56764, CVE-2024-57903, CVE-2024-57917,
CVE-2024-57893, CVE-2025-21648, CVE-2025-21631, CVE-2024-57890,
CVE-2024-56718, CVE-2025-21638, CVE-2024-56372, CVE-2024-49571,
CVE-2025-21662, CVE-2024-56770, CVE-2024-57807, CVE-2024-57925,
CVE-2024-57898, CVE-2025-21653, CVE-2024-57895, CVE-2024-56657,
CVE-2024-54683, CVE-2024-56769, CVE-2024-38608, CVE-2024-57931,
CVE-2025-21652, CVE-2024-57908, CVE-2024-56760, CVE-2024-57929,
CVE-2024-36476, CVE-2024-55639, CVE-2025-21645, CVE-2024-57907,
CVE-2024-54460, CVE-2025-21643, CVE-2024-56660, CVE-2024-53687,
CVE-2025-21639, CVE-2024-57932, CVE-2024-56654, CVE-2024-57805,
CVE-2024-56662, CVE-2025-21647, CVE-2024-56710, CVE-2024-57901,
CVE-2024-56369, CVE-2024-57897, CVE-2024-57939, CVE-2024-57791,
CVE-2024-57879, CVE-2024-57946, CVE-2024-55916, CVE-2024-41013,
CVE-2025-21651, CVE-2024-53179, CVE-2024-57933, CVE-2024-56763,
CVE-2024-57906)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
linux-image-6.8.0-1026-oracle 6.8.0-1026.27~22.04.1
linux-image-6.8.0-1026-oracle-64k 6.8.0-1026.27~22.04.1
linux-image-oracle 6.8.0-1026.27~22.04.1
linux-image-oracle-64k 6.8.0-1026.27~22.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7513-5
https://ubuntu.com/security/notices/USN-7513-4
https://ubuntu.com/security/notices/USN-7513-3
https://ubuntu.com/security/notices/USN-7513-2
https://ubuntu.com/security/notices/USN-7513-1
CVE-2024-36476, CVE-2024-38608, CVE-2024-39282, CVE-2024-41013,
CVE-2024-47408, CVE-2024-47736, CVE-2024-49568, CVE-2024-49571,
CVE-2024-53125, CVE-2024-53179, CVE-2024-53685, CVE-2024-53687,
CVE-2024-53690, CVE-2024-54193, CVE-2024-54455, CVE-2024-54460,
CVE-2024-54683, CVE-2024-55639, CVE-2024-55881, CVE-2024-55916,
CVE-2024-56369, CVE-2024-56372, CVE-2024-56652, CVE-2024-56654,
CVE-2024-56656, CVE-2024-56657, CVE-2024-56659, CVE-2024-56660,
CVE-2024-56662, CVE-2024-56664, CVE-2024-56665, CVE-2024-56667,
CVE-2024-56670, CVE-2024-56675, CVE-2024-56709, CVE-2024-56710,
CVE-2024-56715, CVE-2024-56716, CVE-2024-56717, CVE-2024-56718,
CVE-2024-56758, CVE-2024-56759, CVE-2024-56760, CVE-2024-56761,
CVE-2024-56763, CVE-2024-56764, CVE-2024-56767, CVE-2024-56769,
CVE-2024-56770, CVE-2024-57791, CVE-2024-57792, CVE-2024-57793,
CVE-2024-57801, CVE-2024-57802, CVE-2024-57804, CVE-2024-57805,
CVE-2024-57806, CVE-2024-57807, CVE-2024-57841, CVE-2024-57879,
CVE-2024-57882, CVE-2024-57883, CVE-2024-57884, CVE-2024-57885,
CVE-2024-57887, CVE-2024-57888, CVE-2024-57889, CVE-2024-57890,
CVE-2024-57892, CVE-2024-57893, CVE-2024-57895, CVE-2024-57896,
CVE-2024-57897, CVE-2024-57898, CVE-2024-57899, CVE-2024-57900,
CVE-2024-57901, CVE-2024-57902, CVE-2024-57903, CVE-2024-57904,
CVE-2024-57906, CVE-2024-57907, CVE-2024-57908, CVE-2024-57910,
CVE-2024-57911, CVE-2024-57912, CVE-2024-57913, CVE-2024-57916,
CVE-2024-57917, CVE-2024-57925, CVE-2024-57926, CVE-2024-57929,
CVE-2024-57931, CVE-2024-57932, CVE-2024-57933, CVE-2024-57938,
CVE-2024-57939, CVE-2024-57940, CVE-2024-57945, CVE-2024-57946,
CVE-2024-58087, CVE-2024-58237, CVE-2025-21631, CVE-2025-21632,
CVE-2025-21634, CVE-2025-21635, CVE-2025-21636, CVE-2025-21637,
CVE-2025-21638, CVE-2025-21639, CVE-2025-21640, CVE-2025-21642,
CVE-2025-21643, CVE-2025-21645, CVE-2025-21646, CVE-2025-21647,
CVE-2025-21648, CVE-2025-21649, CVE-2025-21650, CVE-2025-21651,
CVE-2025-21652, CVE-2025-21653, CVE-2025-21654, CVE-2025-21655,
CVE-2025-21656, CVE-2025-21658, CVE-2025-21659, CVE-2025-21660,
CVE-2025-21662, CVE-2025-21663, CVE-2025-21664, CVE-2025-21938,
CVE-2025-21971
Package Information:
https://launchpad.net/ubuntu/+source/linux-oracle-6.8/6.8.0-1026.27~22.04.1
Ubuntu Security Notice USN-7513-5
May 29, 2025
linux-oracle-6.8 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-oracle-6.8: Linux kernel for Oracle Cloud systems
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- RISC-V architecture;
- x86 architecture;
- Block layer subsystem;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- Ublk userspace block driver;
- Virtio block driver;
- DMA engine subsystem;
- GPU drivers;
- Microsoft Hyper-V drivers;
- Hardware monitoring drivers;
- IIO ADC drivers;
- IIO subsystem;
- InfiniBand drivers;
- Multiple devices driver;
- Media drivers;
- Microchip PCI driver;
- Network drivers;
- Mellanox network drivers;
- STMicroelectronics network drivers;
- PCI subsystem;
- Pin controllers subsystem;
- x86 platform drivers;
- Power supply drivers;
- SCSI subsystem;
- USB Gadget drivers;
- TDX Guest driver;
- AFS file system;
- BTRFS file system;
- Ceph distributed file system;
- EROFS file system;
- File systems infrastructure;
- Network file systems library;
- NILFS2 file system;
- Overlay file system;
- SMB network file system;
- VLANs driver;
- Memory management;
- LAPB network protocol;
- io_uring subsystem;
- BPF subsystem;
- Control group (cgroup);
- Tracing infrastructure;
- Workqueue subsystem;
- Bluetooth subsystem;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- Multipath TCP;
- Netfilter;
- NET/ROM layer;
- Packet sockets;
- RDS protocol;
- Network traffic control;
- SCTP protocol;
- SMC sockets;
- Wireless networking;
- SELinux security module;
- ALSA framework;
- SOF drivers;
(CVE-2024-57913, CVE-2024-47408, CVE-2024-57884, CVE-2024-57801,
CVE-2025-21664, CVE-2024-57912, CVE-2025-21634, CVE-2024-53125,
CVE-2024-57900, CVE-2024-57911, CVE-2024-56716, CVE-2024-56715,
CVE-2024-57892, CVE-2025-21640, CVE-2025-21646, CVE-2024-57889,
CVE-2024-56758, CVE-2024-56767, CVE-2024-57926, CVE-2024-56670,
CVE-2024-57940, CVE-2024-56717, CVE-2024-56759, CVE-2024-57887,
CVE-2025-21654, CVE-2024-57938, CVE-2024-57841, CVE-2024-39282,
CVE-2024-56761, CVE-2025-21649, CVE-2024-56652, CVE-2024-56665,
CVE-2024-57896, CVE-2024-56667, CVE-2024-57902, CVE-2024-54455,
CVE-2025-21656, CVE-2024-56709, CVE-2025-21635, CVE-2024-57792,
CVE-2025-21642, CVE-2025-21660, CVE-2024-53690, CVE-2024-57904,
CVE-2024-53685, CVE-2025-21938, CVE-2024-55881, CVE-2024-57793,
CVE-2024-56659, CVE-2025-21632, CVE-2024-56656, CVE-2025-21636,
CVE-2024-47736, CVE-2024-57899, CVE-2024-57916, CVE-2024-56664,
CVE-2025-21971, CVE-2025-21659, CVE-2024-57910, CVE-2024-57802,
CVE-2024-57806, CVE-2025-21655, CVE-2024-54193, CVE-2024-57885,
CVE-2025-21658, CVE-2024-57945, CVE-2025-21650, CVE-2024-58237,
CVE-2024-57804, CVE-2024-57888, CVE-2025-21637, CVE-2024-57882,
CVE-2024-57883, CVE-2024-56675, CVE-2025-21663, CVE-2024-49568,
CVE-2024-58087, CVE-2024-56764, CVE-2024-57903, CVE-2024-57917,
CVE-2024-57893, CVE-2025-21648, CVE-2025-21631, CVE-2024-57890,
CVE-2024-56718, CVE-2025-21638, CVE-2024-56372, CVE-2024-49571,
CVE-2025-21662, CVE-2024-56770, CVE-2024-57807, CVE-2024-57925,
CVE-2024-57898, CVE-2025-21653, CVE-2024-57895, CVE-2024-56657,
CVE-2024-54683, CVE-2024-56769, CVE-2024-38608, CVE-2024-57931,
CVE-2025-21652, CVE-2024-57908, CVE-2024-56760, CVE-2024-57929,
CVE-2024-36476, CVE-2024-55639, CVE-2025-21645, CVE-2024-57907,
CVE-2024-54460, CVE-2025-21643, CVE-2024-56660, CVE-2024-53687,
CVE-2025-21639, CVE-2024-57932, CVE-2024-56654, CVE-2024-57805,
CVE-2024-56662, CVE-2025-21647, CVE-2024-56710, CVE-2024-57901,
CVE-2024-56369, CVE-2024-57897, CVE-2024-57939, CVE-2024-57791,
CVE-2024-57879, CVE-2024-57946, CVE-2024-55916, CVE-2024-41013,
CVE-2025-21651, CVE-2024-53179, CVE-2024-57933, CVE-2024-56763,
CVE-2024-57906)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
linux-image-6.8.0-1026-oracle 6.8.0-1026.27~22.04.1
linux-image-6.8.0-1026-oracle-64k 6.8.0-1026.27~22.04.1
linux-image-oracle 6.8.0-1026.27~22.04.1
linux-image-oracle-64k 6.8.0-1026.27~22.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7513-5
https://ubuntu.com/security/notices/USN-7513-4
https://ubuntu.com/security/notices/USN-7513-3
https://ubuntu.com/security/notices/USN-7513-2
https://ubuntu.com/security/notices/USN-7513-1
CVE-2024-36476, CVE-2024-38608, CVE-2024-39282, CVE-2024-41013,
CVE-2024-47408, CVE-2024-47736, CVE-2024-49568, CVE-2024-49571,
CVE-2024-53125, CVE-2024-53179, CVE-2024-53685, CVE-2024-53687,
CVE-2024-53690, CVE-2024-54193, CVE-2024-54455, CVE-2024-54460,
CVE-2024-54683, CVE-2024-55639, CVE-2024-55881, CVE-2024-55916,
CVE-2024-56369, CVE-2024-56372, CVE-2024-56652, CVE-2024-56654,
CVE-2024-56656, CVE-2024-56657, CVE-2024-56659, CVE-2024-56660,
CVE-2024-56662, CVE-2024-56664, CVE-2024-56665, CVE-2024-56667,
CVE-2024-56670, CVE-2024-56675, CVE-2024-56709, CVE-2024-56710,
CVE-2024-56715, CVE-2024-56716, CVE-2024-56717, CVE-2024-56718,
CVE-2024-56758, CVE-2024-56759, CVE-2024-56760, CVE-2024-56761,
CVE-2024-56763, CVE-2024-56764, CVE-2024-56767, CVE-2024-56769,
CVE-2024-56770, CVE-2024-57791, CVE-2024-57792, CVE-2024-57793,
CVE-2024-57801, CVE-2024-57802, CVE-2024-57804, CVE-2024-57805,
CVE-2024-57806, CVE-2024-57807, CVE-2024-57841, CVE-2024-57879,
CVE-2024-57882, CVE-2024-57883, CVE-2024-57884, CVE-2024-57885,
CVE-2024-57887, CVE-2024-57888, CVE-2024-57889, CVE-2024-57890,
CVE-2024-57892, CVE-2024-57893, CVE-2024-57895, CVE-2024-57896,
CVE-2024-57897, CVE-2024-57898, CVE-2024-57899, CVE-2024-57900,
CVE-2024-57901, CVE-2024-57902, CVE-2024-57903, CVE-2024-57904,
CVE-2024-57906, CVE-2024-57907, CVE-2024-57908, CVE-2024-57910,
CVE-2024-57911, CVE-2024-57912, CVE-2024-57913, CVE-2024-57916,
CVE-2024-57917, CVE-2024-57925, CVE-2024-57926, CVE-2024-57929,
CVE-2024-57931, CVE-2024-57932, CVE-2024-57933, CVE-2024-57938,
CVE-2024-57939, CVE-2024-57940, CVE-2024-57945, CVE-2024-57946,
CVE-2024-58087, CVE-2024-58237, CVE-2025-21631, CVE-2025-21632,
CVE-2025-21634, CVE-2025-21635, CVE-2025-21636, CVE-2025-21637,
CVE-2025-21638, CVE-2025-21639, CVE-2025-21640, CVE-2025-21642,
CVE-2025-21643, CVE-2025-21645, CVE-2025-21646, CVE-2025-21647,
CVE-2025-21648, CVE-2025-21649, CVE-2025-21650, CVE-2025-21651,
CVE-2025-21652, CVE-2025-21653, CVE-2025-21654, CVE-2025-21655,
CVE-2025-21656, CVE-2025-21658, CVE-2025-21659, CVE-2025-21660,
CVE-2025-21662, CVE-2025-21663, CVE-2025-21664, CVE-2025-21938,
CVE-2025-21971
Package Information:
https://launchpad.net/ubuntu/+source/linux-oracle-6.8/6.8.0-1026.27~22.04.1
[USN-7537-2] net-tools regression
==========================================================================
Ubuntu Security Notice USN-7537-2
May 28, 2025
net-tools regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
USN-7537-1 caused a regression in net-tools.
Software Description:
- net-tools: NET-3 networking toolkit
Details:
USN-7537-1 fixed a vulnerability in net-tools that caused a regression.
This update fixes the problem.
Original advisory details:
It was discovered that net-tools incorrectly handled certain inputs.
An attacker could possible use this issue to cause a crash or execute
arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
net-tools 2.10-1.1ubuntu1.25.04.4
Ubuntu 24.10
net-tools 2.10-1.1ubuntu1.24.10.4
Ubuntu 24.04 LTS
net-tools 2.10-0.1ubuntu4.4
Ubuntu 22.04 LTS
net-tools 1.60+git20181103.0eebece-1ubuntu5.4
Ubuntu 20.04 LTS
net-tools 1.60+git20180626.aebd88e-1ubuntu1.3
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7537-2
https://ubuntu.com/security/notices/USN-7537-1
https://launchpad.net/bugs/2111912
Package Information:
https://launchpad.net/ubuntu/+source/net-tools/2.10-1.1ubuntu1.25.04.4
https://launchpad.net/ubuntu/+source/net-tools/2.10-1.1ubuntu1.24.10.4
https://launchpad.net/ubuntu/+source/net-tools/2.10-0.1ubuntu4.4
https://launchpad.net/ubuntu/+source/net-tools/1.60+git20181103.0eebece-1ubuntu5.4
https://launchpad.net/ubuntu/+source/net-tools/1.60+git20180626.aebd88e-1ubuntu1.3
Ubuntu Security Notice USN-7537-2
May 28, 2025
net-tools regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
USN-7537-1 caused a regression in net-tools.
Software Description:
- net-tools: NET-3 networking toolkit
Details:
USN-7537-1 fixed a vulnerability in net-tools that caused a regression.
This update fixes the problem.
Original advisory details:
It was discovered that net-tools incorrectly handled certain inputs.
An attacker could possible use this issue to cause a crash or execute
arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
net-tools 2.10-1.1ubuntu1.25.04.4
Ubuntu 24.10
net-tools 2.10-1.1ubuntu1.24.10.4
Ubuntu 24.04 LTS
net-tools 2.10-0.1ubuntu4.4
Ubuntu 22.04 LTS
net-tools 1.60+git20181103.0eebece-1ubuntu5.4
Ubuntu 20.04 LTS
net-tools 1.60+git20180626.aebd88e-1ubuntu1.3
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7537-2
https://ubuntu.com/security/notices/USN-7537-1
https://launchpad.net/bugs/2111912
Package Information:
https://launchpad.net/ubuntu/+source/net-tools/2.10-1.1ubuntu1.25.04.4
https://launchpad.net/ubuntu/+source/net-tools/2.10-1.1ubuntu1.24.10.4
https://launchpad.net/ubuntu/+source/net-tools/2.10-0.1ubuntu4.4
https://launchpad.net/ubuntu/+source/net-tools/1.60+git20181103.0eebece-1ubuntu5.4
https://launchpad.net/ubuntu/+source/net-tools/1.60+git20180626.aebd88e-1ubuntu1.3
Wednesday, May 28, 2025
[USN-7538-1] FFmpeg vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7538-1
May 28, 2025
ffmpeg vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in FFmpeg.
Software Description:
- ffmpeg: Tools for transcoding, streaming and playing of multimedia files
Details:
Simcha Kosman discovered that FFmpeg did not correctly handle certain
return values. An attacker could possibly use this issue to leak
sensitive information. This issue only affected Ubuntu 16.04 LTS,
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS
and Ubuntu 24.10. (CVE-2025-0518)
It was discovered that FFmpeg did not correctly handle certain memory
operations. A remote attacker could possibly use this issue to cause a
denial of service or execute arbitrary code. This issue only affected
Ubuntu 24.10. (CVE-2025-1816)
It was discovered that FFmpeg contained a reachable assertion, which
could lead to a failure when processing certain AAC files. If a user or
automated system were tricked into opening a specially crafted AAC file,
an attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10.
(CVE-2025-22919)
It was discovered that FFmpeg did not correctly handle certain memory
operations. An attacker could possibly use this issue to cause a denial
of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS,
Ubuntu 24.10 and Ubuntu 25.04. (CVE-2025-22921)
It was discovered that FFmpeg did not correctly handle certain memory
operations. An attacker could possibly use this issue to cause a denial
of service or execute arbitrary code. This issue only affected
Ubuntu 24.04 LTS, Ubuntu 24.10 and Ubuntu 25.04. (CVE-2025-25473)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
ffmpeg 7:7.1.1-1ubuntu1.1
libavcodec-extra61 7:7.1.1-1ubuntu1.1
libavcodec61 7:7.1.1-1ubuntu1.1
libavdevice61 7:7.1.1-1ubuntu1.1
libavfilter-extra10 7:7.1.1-1ubuntu1.1
libavfilter10 7:7.1.1-1ubuntu1.1
libavformat-extra61 7:7.1.1-1ubuntu1.1
libavformat61 7:7.1.1-1ubuntu1.1
libavutil59 7:7.1.1-1ubuntu1.1
libpostproc58 7:7.1.1-1ubuntu1.1
libswresample5 7:7.1.1-1ubuntu1.1
libswscale8 7:7.1.1-1ubuntu1.1
Ubuntu 24.10
ffmpeg 7:7.0.2-3ubuntu1.1
libavcodec-extra61 7:7.0.2-3ubuntu1.1
libavcodec61 7:7.0.2-3ubuntu1.1
libavdevice61 7:7.0.2-3ubuntu1.1
libavfilter-extra10 7:7.0.2-3ubuntu1.1
libavfilter10 7:7.0.2-3ubuntu1.1
libavformat-extra61 7:7.0.2-3ubuntu1.1
libavformat61 7:7.0.2-3ubuntu1.1
libavutil59 7:7.0.2-3ubuntu1.1
libpostproc58 7:7.0.2-3ubuntu1.1
libswresample5 7:7.0.2-3ubuntu1.1
libswscale8 7:7.0.2-3ubuntu1.1
Ubuntu 24.04 LTS
ffmpeg 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavcodec-extra60 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavcodec60 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavdevice60 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavfilter-extra9 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavfilter9 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavformat-extra60 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavformat60 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavutil58 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libpostproc57 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libswresample4 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libswscale7 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
Ubuntu 22.04 LTS
ffmpeg 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavcodec-extra58 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavcodec58 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavdevice58 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavfilter-extra7 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavfilter7 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavformat-extra58 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavformat58 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavutil56 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libpostproc55 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libswresample3 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libswscale5 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
Ubuntu 20.04 LTS
ffmpeg 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavcodec-extra58 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavcodec58 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavdevice58 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavfilter-extra7 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavfilter7 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavformat58 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavresample4 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavutil56 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libpostproc55 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libswresample3 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libswscale5 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
Ubuntu 18.04 LTS
ffmpeg 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavcodec-extra57 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavcodec57 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavdevice57 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavfilter-extra6 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavfilter6 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavformat57 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavresample3 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavutil55 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libpostproc54 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libswresample2 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libswscale4 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
Ubuntu 16.04 LTS
ffmpeg 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libav-tools 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavcodec-ffmpeg-extra56 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavcodec-ffmpeg56 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavdevice-ffmpeg56 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavfilter-ffmpeg5 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavformat-ffmpeg56 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavresample-ffmpeg2 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavutil-ffmpeg54 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libpostproc-ffmpeg53 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libswresample-ffmpeg1 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libswscale-ffmpeg3 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
After a standard system update you need to restart FFmpeg to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7538-1
CVE-2025-0518, CVE-2025-1816, CVE-2025-22919, CVE-2025-22921,
CVE-2025-25473
Package Information:
https://launchpad.net/ubuntu/+source/ffmpeg/7:7.1.1-1ubuntu1.1
https://launchpad.net/ubuntu/+source/ffmpeg/7:7.0.2-3ubuntu1.1
Ubuntu Security Notice USN-7538-1
May 28, 2025
ffmpeg vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in FFmpeg.
Software Description:
- ffmpeg: Tools for transcoding, streaming and playing of multimedia files
Details:
Simcha Kosman discovered that FFmpeg did not correctly handle certain
return values. An attacker could possibly use this issue to leak
sensitive information. This issue only affected Ubuntu 16.04 LTS,
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS
and Ubuntu 24.10. (CVE-2025-0518)
It was discovered that FFmpeg did not correctly handle certain memory
operations. A remote attacker could possibly use this issue to cause a
denial of service or execute arbitrary code. This issue only affected
Ubuntu 24.10. (CVE-2025-1816)
It was discovered that FFmpeg contained a reachable assertion, which
could lead to a failure when processing certain AAC files. If a user or
automated system were tricked into opening a specially crafted AAC file,
an attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10.
(CVE-2025-22919)
It was discovered that FFmpeg did not correctly handle certain memory
operations. An attacker could possibly use this issue to cause a denial
of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS,
Ubuntu 24.10 and Ubuntu 25.04. (CVE-2025-22921)
It was discovered that FFmpeg did not correctly handle certain memory
operations. An attacker could possibly use this issue to cause a denial
of service or execute arbitrary code. This issue only affected
Ubuntu 24.04 LTS, Ubuntu 24.10 and Ubuntu 25.04. (CVE-2025-25473)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
ffmpeg 7:7.1.1-1ubuntu1.1
libavcodec-extra61 7:7.1.1-1ubuntu1.1
libavcodec61 7:7.1.1-1ubuntu1.1
libavdevice61 7:7.1.1-1ubuntu1.1
libavfilter-extra10 7:7.1.1-1ubuntu1.1
libavfilter10 7:7.1.1-1ubuntu1.1
libavformat-extra61 7:7.1.1-1ubuntu1.1
libavformat61 7:7.1.1-1ubuntu1.1
libavutil59 7:7.1.1-1ubuntu1.1
libpostproc58 7:7.1.1-1ubuntu1.1
libswresample5 7:7.1.1-1ubuntu1.1
libswscale8 7:7.1.1-1ubuntu1.1
Ubuntu 24.10
ffmpeg 7:7.0.2-3ubuntu1.1
libavcodec-extra61 7:7.0.2-3ubuntu1.1
libavcodec61 7:7.0.2-3ubuntu1.1
libavdevice61 7:7.0.2-3ubuntu1.1
libavfilter-extra10 7:7.0.2-3ubuntu1.1
libavfilter10 7:7.0.2-3ubuntu1.1
libavformat-extra61 7:7.0.2-3ubuntu1.1
libavformat61 7:7.0.2-3ubuntu1.1
libavutil59 7:7.0.2-3ubuntu1.1
libpostproc58 7:7.0.2-3ubuntu1.1
libswresample5 7:7.0.2-3ubuntu1.1
libswscale8 7:7.0.2-3ubuntu1.1
Ubuntu 24.04 LTS
ffmpeg 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavcodec-extra60 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavcodec60 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavdevice60 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavfilter-extra9 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavfilter9 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavformat-extra60 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavformat60 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavutil58 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libpostproc57 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libswresample4 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libswscale7 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
Ubuntu 22.04 LTS
ffmpeg 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavcodec-extra58 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavcodec58 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavdevice58 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavfilter-extra7 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavfilter7 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavformat-extra58 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavformat58 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavutil56 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libpostproc55 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libswresample3 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libswscale5 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
Ubuntu 20.04 LTS
ffmpeg 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavcodec-extra58 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavcodec58 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavdevice58 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavfilter-extra7 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavfilter7 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavformat58 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavresample4 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavutil56 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libpostproc55 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libswresample3 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libswscale5 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
Ubuntu 18.04 LTS
ffmpeg 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavcodec-extra57 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavcodec57 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavdevice57 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavfilter-extra6 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavfilter6 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavformat57 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavresample3 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavutil55 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libpostproc54 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libswresample2 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libswscale4 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
Ubuntu 16.04 LTS
ffmpeg 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libav-tools 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavcodec-ffmpeg-extra56 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavcodec-ffmpeg56 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavdevice-ffmpeg56 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavfilter-ffmpeg5 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavformat-ffmpeg56 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavresample-ffmpeg2 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavutil-ffmpeg54 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libpostproc-ffmpeg53 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libswresample-ffmpeg1 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libswscale-ffmpeg3 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
After a standard system update you need to restart FFmpeg to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7538-1
CVE-2025-0518, CVE-2025-1816, CVE-2025-22919, CVE-2025-22921,
CVE-2025-25473
Package Information:
https://launchpad.net/ubuntu/+source/ffmpeg/7:7.1.1-1ubuntu1.1
https://launchpad.net/ubuntu/+source/ffmpeg/7:7.0.2-3ubuntu1.1
[USN-7544-1] Setuptools vulnerability
-----BEGIN PGP SIGNATURE-----
wsF5BAABCAAjFiEE2WgtvmwmcgaEBLlnCAvK1QvD6SAFAmg3ZrcFAwAAAAAACgkQCAvK1QvD6SCI
exAAn8Yn0RjXydpiBBIK59eFDNMPs8zDPxMITjjfGqFnGI2MugZlu9r80/Ru+KLgKGjaJJ70JVwj
i3hmo4G9wQ3A7usStGrcV/SFXYZ/3GHiwFhb0+UR4aoK95KocVc3zG/Ds+aJNy3ZmbNJyVB7A+Ip
zWn+LuUz6u5+6g2aGyyr41rlfES73EzEmQN28Rw1m987MxN/u5oVGwE7x6vh4EmbNOkZ18/W1xPt
1Ba2z59ken1dIhMOzFMOXCPw/06pAdnynPMWMD6/dLaXDaNMxXOwRFH7a/Kfbte64joA4aXqAkyI
6k91NrkIh1lbQ/Ty5djehaP2yZBkxsmW6r7G5/HURU8R5Qe0fSCfmDLppzmwlVgjaJEGsMGrOCqd
eghznjXhnj3xnYaS8c1DuhnAXFgMiheEE9TR/13hASbb5+grTDlNPaWHVsBuCG6jkloZwtQjrFuQ
MDjfwEuKX7m0fi5eQ5YP30AHh74WHcFk5oZFBuk7KDwySG6oUA5NaMZDudHV/NJ5ZM/GqKtqpih2
us1zi5xXze0teoZ1xLUQRL30vbzKXqQ7IwOo9CfAfMdrg16eBPVdyT51M1x8vAJj17K6SYUSPBQO
hlbQhV8bFsCTK1w+Gvbhd5shedef7IpOnGdBM7GDol7w0k5tovrGWXL7IPB59CjCe/WqkahbtPlE
PAI=
=OgTS
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7544-1
May 28, 2025
python-setuptools, setuptools vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Setuptools could be made to write files to arbitrary locations on the
filesystem.
Software Description:
- setuptools: Python Distutils Enhancements (documentation)
- python-setuptools: Python Distutils Enhancements
Details:
It was discovered that setuptools did not properly sanitize paths. An
attacker could possibly use this issue to write files to arbitrary
locations on the filesystem.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
python3-setuptools 75.8.0-1ubuntu1
Ubuntu 24.10
python3-setuptools 74.1.2-1ubuntu0.1
Ubuntu 24.04 LTS
python3-setuptools 68.1.2-2ubuntu1.2
Ubuntu 22.04 LTS
pypy-setuptools 44.1.1-1.2ubuntu0.22.04.1+esm2
Available with Ubuntu Pro
python-setuptools 44.1.1-1.2ubuntu0.22.04.1+esm2
Available with Ubuntu Pro
python3-setuptools 59.6.0-1.2ubuntu0.22.04.3
Ubuntu 20.04 LTS
pypy-setuptools 44.0.0-2ubuntu0.1+esm2
Available with Ubuntu Pro
python-setuptools 44.0.0-2ubuntu0.1+esm2
Available with Ubuntu Pro
python3-setuptools 45.2.0-1ubuntu0.3
Ubuntu 18.04 LTS
pypy-setuptools 39.0.1-2ubuntu0.1+esm2
Available with Ubuntu Pro
python-setuptools 39.0.1-2ubuntu0.1+esm2
Available with Ubuntu Pro
python3-setuptools 39.0.1-2ubuntu0.1+esm2
Available with Ubuntu Pro
Ubuntu 16.04 LTS
pypy-setuptools 20.7.0-1ubuntu0.1~esm3
Available with Ubuntu Pro
python-setuptools 20.7.0-1ubuntu0.1~esm3
Available with Ubuntu Pro
python3-setuptools 20.7.0-1ubuntu0.1~esm3
Available with Ubuntu Pro
Ubuntu 14.04 LTS
python-setuptools 3.3-1ubuntu2+esm3
Available with Ubuntu Pro
python3-setuptools 3.3-1ubuntu2+esm3
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7544-1
CVE-2025-47273
Package Information:
https://launchpad.net/ubuntu/+source/setuptools/75.8.0-1ubuntu1
https://launchpad.net/ubuntu/+source/setuptools/74.1.2-1ubuntu0.1
https://launchpad.net/ubuntu/+source/setuptools/68.1.2-2ubuntu1.2
wsF5BAABCAAjFiEE2WgtvmwmcgaEBLlnCAvK1QvD6SAFAmg3ZrcFAwAAAAAACgkQCAvK1QvD6SCI
exAAn8Yn0RjXydpiBBIK59eFDNMPs8zDPxMITjjfGqFnGI2MugZlu9r80/Ru+KLgKGjaJJ70JVwj
i3hmo4G9wQ3A7usStGrcV/SFXYZ/3GHiwFhb0+UR4aoK95KocVc3zG/Ds+aJNy3ZmbNJyVB7A+Ip
zWn+LuUz6u5+6g2aGyyr41rlfES73EzEmQN28Rw1m987MxN/u5oVGwE7x6vh4EmbNOkZ18/W1xPt
1Ba2z59ken1dIhMOzFMOXCPw/06pAdnynPMWMD6/dLaXDaNMxXOwRFH7a/Kfbte64joA4aXqAkyI
6k91NrkIh1lbQ/Ty5djehaP2yZBkxsmW6r7G5/HURU8R5Qe0fSCfmDLppzmwlVgjaJEGsMGrOCqd
eghznjXhnj3xnYaS8c1DuhnAXFgMiheEE9TR/13hASbb5+grTDlNPaWHVsBuCG6jkloZwtQjrFuQ
MDjfwEuKX7m0fi5eQ5YP30AHh74WHcFk5oZFBuk7KDwySG6oUA5NaMZDudHV/NJ5ZM/GqKtqpih2
us1zi5xXze0teoZ1xLUQRL30vbzKXqQ7IwOo9CfAfMdrg16eBPVdyT51M1x8vAJj17K6SYUSPBQO
hlbQhV8bFsCTK1w+Gvbhd5shedef7IpOnGdBM7GDol7w0k5tovrGWXL7IPB59CjCe/WqkahbtPlE
PAI=
=OgTS
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7544-1
May 28, 2025
python-setuptools, setuptools vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Setuptools could be made to write files to arbitrary locations on the
filesystem.
Software Description:
- setuptools: Python Distutils Enhancements (documentation)
- python-setuptools: Python Distutils Enhancements
Details:
It was discovered that setuptools did not properly sanitize paths. An
attacker could possibly use this issue to write files to arbitrary
locations on the filesystem.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
python3-setuptools 75.8.0-1ubuntu1
Ubuntu 24.10
python3-setuptools 74.1.2-1ubuntu0.1
Ubuntu 24.04 LTS
python3-setuptools 68.1.2-2ubuntu1.2
Ubuntu 22.04 LTS
pypy-setuptools 44.1.1-1.2ubuntu0.22.04.1+esm2
Available with Ubuntu Pro
python-setuptools 44.1.1-1.2ubuntu0.22.04.1+esm2
Available with Ubuntu Pro
python3-setuptools 59.6.0-1.2ubuntu0.22.04.3
Ubuntu 20.04 LTS
pypy-setuptools 44.0.0-2ubuntu0.1+esm2
Available with Ubuntu Pro
python-setuptools 44.0.0-2ubuntu0.1+esm2
Available with Ubuntu Pro
python3-setuptools 45.2.0-1ubuntu0.3
Ubuntu 18.04 LTS
pypy-setuptools 39.0.1-2ubuntu0.1+esm2
Available with Ubuntu Pro
python-setuptools 39.0.1-2ubuntu0.1+esm2
Available with Ubuntu Pro
python3-setuptools 39.0.1-2ubuntu0.1+esm2
Available with Ubuntu Pro
Ubuntu 16.04 LTS
pypy-setuptools 20.7.0-1ubuntu0.1~esm3
Available with Ubuntu Pro
python-setuptools 20.7.0-1ubuntu0.1~esm3
Available with Ubuntu Pro
python3-setuptools 20.7.0-1ubuntu0.1~esm3
Available with Ubuntu Pro
Ubuntu 14.04 LTS
python-setuptools 3.3-1ubuntu2+esm3
Available with Ubuntu Pro
python3-setuptools 3.3-1ubuntu2+esm3
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7544-1
CVE-2025-47273
Package Information:
https://launchpad.net/ubuntu/+source/setuptools/75.8.0-1ubuntu1
https://launchpad.net/ubuntu/+source/setuptools/74.1.2-1ubuntu0.1
https://launchpad.net/ubuntu/+source/setuptools/68.1.2-2ubuntu1.2
[USN-7542-1] Kerberos vulnerability
==========================================================================
Ubuntu Security Notice USN-7542-1
May 28, 2025
krb5 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Kerberos could be made to expose sensitive information over the network.
Software Description:
- krb5: MIT Kerberos Network Authentication Protocol
Details:
It was discovered that Kerberos allowed the usage of weak cryptographic
standards. An attacker could possibly use this issue to expose sensitive
information.
This update introduces the allow_rc4 and allow_des3 configuration options,
and disables the usage of RC4 and 3DES ciphers by default. Users are
advised to discontinue their usage and upgrade to stronger encryption
protocols. If the use of the insecure RC4 and 3DES algorithms is necessary,
they can be enabled with the aforementioned configuration options.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
libk5crypto3 1.20.1-6ubuntu2.6
libkrb5-3 1.20.1-6ubuntu2.6
Ubuntu 22.04 LTS
libk5crypto3 1.19.2-2ubuntu0.7
libkrb5-3 1.19.2-2ubuntu0.7
Ubuntu 20.04 LTS
libk5crypto3 1.17-6ubuntu4.11
libkrb5-3 1.17-6ubuntu4.11
Ubuntu 18.04 LTS
libk5crypto3 1.16-2ubuntu0.4+esm5
Available with Ubuntu Pro
libkrb5-3 1.16-2ubuntu0.4+esm5
Available with Ubuntu Pro
Ubuntu 16.04 LTS
libk5crypto3 1.13.2+dfsg-5ubuntu2.2+esm7
Available with Ubuntu Pro
libkrb5-3 1.13.2+dfsg-5ubuntu2.2+esm7
Available with Ubuntu Pro
Ubuntu 14.04 LTS
libk5crypto3 1.12+dfsg-2ubuntu5.4+esm7
Available with Ubuntu Pro
libkrb5-3 1.12+dfsg-2ubuntu5.4+esm7
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7542-1
CVE-2025-3576
Package Information:
https://launchpad.net/ubuntu/+source/krb5/1.20.1-6ubuntu2.6
https://launchpad.net/ubuntu/+source/krb5/1.19.2-2ubuntu0.7
https://launchpad.net/ubuntu/+source/krb5/1.17-6ubuntu4.11
Ubuntu Security Notice USN-7542-1
May 28, 2025
krb5 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Kerberos could be made to expose sensitive information over the network.
Software Description:
- krb5: MIT Kerberos Network Authentication Protocol
Details:
It was discovered that Kerberos allowed the usage of weak cryptographic
standards. An attacker could possibly use this issue to expose sensitive
information.
This update introduces the allow_rc4 and allow_des3 configuration options,
and disables the usage of RC4 and 3DES ciphers by default. Users are
advised to discontinue their usage and upgrade to stronger encryption
protocols. If the use of the insecure RC4 and 3DES algorithms is necessary,
they can be enabled with the aforementioned configuration options.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
libk5crypto3 1.20.1-6ubuntu2.6
libkrb5-3 1.20.1-6ubuntu2.6
Ubuntu 22.04 LTS
libk5crypto3 1.19.2-2ubuntu0.7
libkrb5-3 1.19.2-2ubuntu0.7
Ubuntu 20.04 LTS
libk5crypto3 1.17-6ubuntu4.11
libkrb5-3 1.17-6ubuntu4.11
Ubuntu 18.04 LTS
libk5crypto3 1.16-2ubuntu0.4+esm5
Available with Ubuntu Pro
libkrb5-3 1.16-2ubuntu0.4+esm5
Available with Ubuntu Pro
Ubuntu 16.04 LTS
libk5crypto3 1.13.2+dfsg-5ubuntu2.2+esm7
Available with Ubuntu Pro
libkrb5-3 1.13.2+dfsg-5ubuntu2.2+esm7
Available with Ubuntu Pro
Ubuntu 14.04 LTS
libk5crypto3 1.12+dfsg-2ubuntu5.4+esm7
Available with Ubuntu Pro
libkrb5-3 1.12+dfsg-2ubuntu5.4+esm7
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7542-1
CVE-2025-3576
Package Information:
https://launchpad.net/ubuntu/+source/krb5/1.20.1-6ubuntu2.6
https://launchpad.net/ubuntu/+source/krb5/1.19.2-2ubuntu0.7
https://launchpad.net/ubuntu/+source/krb5/1.17-6ubuntu4.11
[USN-7543-1] libsoup vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7543-1
May 28, 2025
libsoup3, libsoup2.4 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
libsoup could be made to crash if it received specially crafted network
traffic.
Software Description:
- libsoup2.4: HTTP client/server library for GNOME
- libsoup3: HTTP client/server library for GNOME
Details:
Jan Różański discovered that libsoup incorrectly handled certain headers
when sending HTTP/2 requests over TLS. An attacker could possibly use this
issue to cause a denial of service. This issue only affected libsoup3 in
Ubuntu 24.04 LTS, Ubuntu 24.10, and Ubuntu 25.04. (CVE-2025-32908)
Jan Różański discovered that libsoup incorrectly parsed certain response
headers. An attacker could possibly use this issue to cause a denial of
service. (CVE-2025-4476)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
libsoup-2.4-1 2.74.3-10ubuntu0.3
libsoup-3.0-0 3.6.5-1ubuntu0.1
Ubuntu 24.10
libsoup-2.4-1 2.74.3-7ubuntu0.5
libsoup-3.0-0 3.6.0-2ubuntu0.4
Ubuntu 24.04 LTS
libsoup-2.4-1 2.74.3-6ubuntu1.5
libsoup-3.0-0 3.4.4-5ubuntu0.4
Ubuntu 22.04 LTS
libsoup-3.0-0 3.0.7-0ubuntu1+esm4
Available with Ubuntu Pro
libsoup2.4-1 2.74.2-3ubuntu0.5
Ubuntu 20.04 LTS
libsoup2.4-1 2.70.0-1ubuntu0.5
Ubuntu 18.04 LTS
libsoup2.4-1 2.62.1-1ubuntu0.4+esm4
Available with Ubuntu Pro
Ubuntu 16.04 LTS
libsoup2.4-1 2.52.2-1ubuntu0.3+esm3
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7543-1
CVE-2025-32908, CVE-2025-4476
Package Information:
https://launchpad.net/ubuntu/+source/libsoup2.4/2.74.3-10ubuntu0.3
https://launchpad.net/ubuntu/+source/libsoup3/3.6.5-1ubuntu0.1
https://launchpad.net/ubuntu/+source/libsoup2.4/2.74.3-7ubuntu0.5
https://launchpad.net/ubuntu/+source/libsoup3/3.6.0-2ubuntu0.4
https://launchpad.net/ubuntu/+source/libsoup2.4/2.74.3-6ubuntu1.5
https://launchpad.net/ubuntu/+source/libsoup3/3.4.4-5ubuntu0.4
https://launchpad.net/ubuntu/+source/libsoup2.4/2.70.0-1ubuntu0.5
Ubuntu Security Notice USN-7543-1
May 28, 2025
libsoup3, libsoup2.4 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
libsoup could be made to crash if it received specially crafted network
traffic.
Software Description:
- libsoup2.4: HTTP client/server library for GNOME
- libsoup3: HTTP client/server library for GNOME
Details:
Jan Różański discovered that libsoup incorrectly handled certain headers
when sending HTTP/2 requests over TLS. An attacker could possibly use this
issue to cause a denial of service. This issue only affected libsoup3 in
Ubuntu 24.04 LTS, Ubuntu 24.10, and Ubuntu 25.04. (CVE-2025-32908)
Jan Różański discovered that libsoup incorrectly parsed certain response
headers. An attacker could possibly use this issue to cause a denial of
service. (CVE-2025-4476)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
libsoup-2.4-1 2.74.3-10ubuntu0.3
libsoup-3.0-0 3.6.5-1ubuntu0.1
Ubuntu 24.10
libsoup-2.4-1 2.74.3-7ubuntu0.5
libsoup-3.0-0 3.6.0-2ubuntu0.4
Ubuntu 24.04 LTS
libsoup-2.4-1 2.74.3-6ubuntu1.5
libsoup-3.0-0 3.4.4-5ubuntu0.4
Ubuntu 22.04 LTS
libsoup-3.0-0 3.0.7-0ubuntu1+esm4
Available with Ubuntu Pro
libsoup2.4-1 2.74.2-3ubuntu0.5
Ubuntu 20.04 LTS
libsoup2.4-1 2.70.0-1ubuntu0.5
Ubuntu 18.04 LTS
libsoup2.4-1 2.62.1-1ubuntu0.4+esm4
Available with Ubuntu Pro
Ubuntu 16.04 LTS
libsoup2.4-1 2.52.2-1ubuntu0.3+esm3
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7543-1
CVE-2025-32908, CVE-2025-4476
Package Information:
https://launchpad.net/ubuntu/+source/libsoup2.4/2.74.3-10ubuntu0.3
https://launchpad.net/ubuntu/+source/libsoup3/3.6.5-1ubuntu0.1
https://launchpad.net/ubuntu/+source/libsoup2.4/2.74.3-7ubuntu0.5
https://launchpad.net/ubuntu/+source/libsoup3/3.6.0-2ubuntu0.4
https://launchpad.net/ubuntu/+source/libsoup2.4/2.74.3-6ubuntu1.5
https://launchpad.net/ubuntu/+source/libsoup3/3.4.4-5ubuntu0.4
https://launchpad.net/ubuntu/+source/libsoup2.4/2.70.0-1ubuntu0.5
[USN-7541-1] GNU C Library vulnerability
==========================================================================
Ubuntu Security Notice USN-7541-1
May 28, 2025
glibc vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
GNU C Library could be made to crash or run programs if it processed
specially crafted dynamically shared library.
Software Description:
- glibc: GNU C Library
Details:
It was discovered that the GNU C Library incorrectly search LD_LIBRARY_PATH
to determine which library to load when statically linked setuid binary
calls dlopen. A local attacker could possibly use this issue to cause a
denial of service or execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
libc6 2.35-0ubuntu3.10
Ubuntu 20.04 LTS
libc6 2.31-0ubuntu9.18
Ubuntu 18.04 LTS
libc6 2.27-3ubuntu1.6+esm5
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7541-1
CVE-2025-4802
Package Information:
https://launchpad.net/ubuntu/+source/glibc/2.35-0ubuntu3.10
https://launchpad.net/ubuntu/+source/glibc/2.31-0ubuntu9.18
Ubuntu Security Notice USN-7541-1
May 28, 2025
glibc vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
GNU C Library could be made to crash or run programs if it processed
specially crafted dynamically shared library.
Software Description:
- glibc: GNU C Library
Details:
It was discovered that the GNU C Library incorrectly search LD_LIBRARY_PATH
to determine which library to load when statically linked setuid binary
calls dlopen. A local attacker could possibly use this issue to cause a
denial of service or execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
libc6 2.35-0ubuntu3.10
Ubuntu 20.04 LTS
libc6 2.31-0ubuntu9.18
Ubuntu 18.04 LTS
libc6 2.27-3ubuntu1.6+esm5
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7541-1
CVE-2025-4802
Package Information:
https://launchpad.net/ubuntu/+source/glibc/2.35-0ubuntu3.10
https://launchpad.net/ubuntu/+source/glibc/2.31-0ubuntu9.18
[HEADS UP] Fedora 43 Python 3.14 rebuilds to start in a side tag (hopefully) next week
Hello,
To deliver Python 3.14 with Fedora Linux 43, we will run a coordinated
rebuild in a side tag.
https://fedoraproject.org/wiki/Changes/Python3.14
Python 3.14.0b2 has been released on Monday, May 26th, 2025 and shipped
in all Fedoras.
We hope to start the mass rebuild beginning next week.
TL;DR: If you can, for the period of the mass rebuild just don't build
your packages in rawhide.
We will let you know when the side tag rebuild actually starts and when
it is merged and it's safe to build in rawhide with Python 3.14.
Details:
If you see a "Rebuilt for Python 3.14" (or similar) commit in your package,
please don't rebuild it in regular rawhide or another rawhide side tag.
If you need to, please let us know, so we can coordinate.
If you'd like to build a package after we already rebuilt it, you should
be able to build it in the side tag via:
on branch rawhide:
$ fedpkg build --target=f43-python
$ koji wait-repo f43-python --build <nvr> --request
It takes time to build all the essential packages,
so don't expect all your dependencies to be available right away.
Any attempts to build your packages in the side tag before we do will
likely fail due to missing dependencies.
When in trouble, ask here or on Fedora's Matrix - Fedora Python room
(https://matrix.to/#/#python:fedoraproject.org)
Ping me (ksurma) or Miro (mhroncok) if you need to talk to us.
Builds will appear here:
https://koji.fedoraproject.org/koji/builds?latest=0&tagID=f43-python&inherited=0
Please avoid any potentially disturbing or major changes in Python
packages until the rebuild is over.
Thanks!
Karolina
--
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
To deliver Python 3.14 with Fedora Linux 43, we will run a coordinated
rebuild in a side tag.
https://fedoraproject.org/wiki/Changes/Python3.14
Python 3.14.0b2 has been released on Monday, May 26th, 2025 and shipped
in all Fedoras.
We hope to start the mass rebuild beginning next week.
TL;DR: If you can, for the period of the mass rebuild just don't build
your packages in rawhide.
We will let you know when the side tag rebuild actually starts and when
it is merged and it's safe to build in rawhide with Python 3.14.
Details:
If you see a "Rebuilt for Python 3.14" (or similar) commit in your package,
please don't rebuild it in regular rawhide or another rawhide side tag.
If you need to, please let us know, so we can coordinate.
If you'd like to build a package after we already rebuilt it, you should
be able to build it in the side tag via:
on branch rawhide:
$ fedpkg build --target=f43-python
$ koji wait-repo f43-python --build <nvr> --request
It takes time to build all the essential packages,
so don't expect all your dependencies to be available right away.
Any attempts to build your packages in the side tag before we do will
likely fail due to missing dependencies.
When in trouble, ask here or on Fedora's Matrix - Fedora Python room
(https://matrix.to/#/#python:fedoraproject.org)
Ping me (ksurma) or Miro (mhroncok) if you need to talk to us.
Builds will appear here:
https://koji.fedoraproject.org/koji/builds?latest=0&tagID=f43-python&inherited=0
Please avoid any potentially disturbing or major changes in Python
packages until the rebuild is over.
Thanks!
Karolina
--
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[USN-7540-1] Linux kernel (Raspberry Pi) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7540-1
May 28, 2025
linux-raspi-5.4 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-raspi-5.4: Linux kernel for Raspberry Pi systems
Details:
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Virtio block driver;
- Character device driver;
- TPM device driver;
- Data acquisition framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- ARM SCPI message protocol;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Microsoft Hyper-V drivers;
- I2C subsystem;
- I3C subsystem;
- IIO ADC drivers;
- IIO subsystem;
- InfiniBand drivers;
- LED subsystem;
- Mailbox framework;
- Multiple devices driver;
- Media drivers;
- Multifunction device drivers;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Mellanox network drivers;
- NTB driver;
- Virtio pmem driver;
- NVME drivers;
- Parport drivers;
- PCI subsystem;
- Pin controllers subsystem;
- x86 platform drivers;
- PPS (Pulse Per Second) driver;
- PTP clock framework;
- RapidIO drivers;
- Real Time Clock drivers;
- SCSI subsystem;
- SuperH / SH-Mobile drivers;
- SLIMbus drivers;
- QCOM SoC drivers;
- SPI subsystem;
- Direct Digital Synthesis drivers;
- Trusted Execution Environment drivers;
- USB DSL drivers;
- USB Device Class drivers;
- USB core drivers;
- USB Gadget drivers;
- USB Host Controller drivers;
- USB Dual Role (OTG-ready) Controller drivers;
- Renesas USBHS Controller drivers;
- USB Serial drivers;
- USB Type-C support driver;
- USB Type-C Port Controller Manager driver;
- VFIO drivers;
- Framebuffer layer;
- Xen hypervisor drivers;
- File systems infrastructure;
- BTRFS file system;
- Ceph distributed file system;
- Ext4 file system;
- F2FS file system;
- GFS2 file system;
- JFFS2 file system;
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- Overlay file system;
- Proc file system;
- Diskquota system;
- SMB network file system;
- UBI file system;
- Timer subsystem;
- VLANs driver;
- KVM subsystem;
- L3 Master device support module;
- LAPB network protocol;
- Network namespace;
- Netfilter;
- Network traffic control;
- Network sockets;
- TCP network protocol;
- Kernel init infrastructure;
- Process Accounting mechanism;
- BPF subsystem;
- Kernel CPU control infrastructure;
- Perf events;
- printk logging mechanism;
- Arbitrary resource management;
- Scheduler infrastructure;
- Tracing infrastructure;
- Closures library;
- Memory management;
- 802.1Q VLAN protocol;
- 9P file system network protocol;
- Amateur Radio drivers;
- B.A.T.M.A.N. meshing protocol;
- Bluetooth subsystem;
- Ethernet bridge;
- CAN network layer;
- Networking core;
- DCCP (Datagram Congestion Control Protocol);
- IEEE802154.4 network protocol;
- IPv4 networking;
- IPv6 networking;
- Logical Link layer;
- MAC80211 subsystem;
- IEEE 802.15.4 subsystem;
- Netlink;
- NET/ROM layer;
- NFC subsystem;
- Open vSwitch;
- Packet sockets;
- Rose network layer;
- SCTP protocol;
- Sun RPC protocol;
- TIPC protocol;
- Wireless networking;
- eXpress Data Path;
- XFRM subsystem;
- Key management;
- SELinux security module;
- Tomoyo security module;
- FireWire sound drivers;
- AudioScience HPI driver;
- Amlogic Meson SoC drivers;
- USB sound devices;
(CVE-2024-41066, CVE-2025-21935, CVE-2024-47684, CVE-2024-57986,
CVE-2024-35896, CVE-2024-50202, CVE-2024-50184, CVE-2024-44938,
CVE-2025-21722, CVE-2024-50008, CVE-2023-52927, CVE-2024-57951,
CVE-2024-53112, CVE-2024-56723, CVE-2024-50195, CVE-2024-56748,
CVE-2024-53131, CVE-2024-50302, CVE-2025-21697, CVE-2024-53146,
CVE-2025-21814, CVE-2024-49962, CVE-2024-56594, CVE-2024-47671,
CVE-2024-57904, CVE-2024-50127, CVE-2025-21694, CVE-2024-57900,
CVE-2024-58071, CVE-2024-50273, CVE-2024-56593, CVE-2024-50044,
CVE-2024-49879, CVE-2023-52664, CVE-2024-49949, CVE-2024-50151,
CVE-2024-58063, CVE-2024-49944, CVE-2025-21871, CVE-2024-57980,
CVE-2025-21948, CVE-2024-49882, CVE-2025-21678, CVE-2024-47679,
CVE-2024-46853, CVE-2024-58002, CVE-2024-58020, CVE-2024-52332,
CVE-2024-47747, CVE-2024-49973, CVE-2024-50096, CVE-2024-49894,
CVE-2024-50055, CVE-2024-57973, CVE-2024-47696, CVE-2024-56615,
CVE-2024-57979, CVE-2024-56643, CVE-2024-49892, CVE-2024-56598,
CVE-2024-56569, CVE-2024-53181, CVE-2024-53063, CVE-2024-57892,
CVE-2024-56631, CVE-2025-21763, CVE-2024-58052, CVE-2025-21910,
CVE-2024-56531, CVE-2024-56780, CVE-2024-50179, CVE-2024-56746,
CVE-2024-50134, CVE-2024-56629, CVE-2024-49878, CVE-2024-50287,
CVE-2024-50074, CVE-2024-56558, CVE-2024-50265, CVE-2024-50205,
CVE-2025-21846, CVE-2024-49985, CVE-2025-21640, CVE-2024-50279,
CVE-2024-26915, CVE-2024-47701, CVE-2025-21806, CVE-2024-57977,
CVE-2025-21700, CVE-2024-56567, CVE-2024-49996, CVE-2024-49925,
CVE-2025-21647, CVE-2025-21926, CVE-2024-58090, CVE-2024-57902,
CVE-2025-21791, CVE-2025-21862, CVE-2024-49997, CVE-2024-47707,
CVE-2024-56572, CVE-2024-47692, CVE-2024-58055, CVE-2024-53061,
CVE-2024-56539, CVE-2024-47710, CVE-2025-21687, CVE-2024-56691,
CVE-2024-56606, CVE-2024-49963, CVE-2024-58007, CVE-2024-57807,
CVE-2025-21761, CVE-2024-53059, CVE-2024-53121, CVE-2024-56633,
CVE-2024-49981, CVE-2024-49903, CVE-2024-50035, CVE-2024-56659,
CVE-2024-40911, CVE-2024-57889, CVE-2024-58083, CVE-2024-57913,
CVE-2024-26982, CVE-2024-53198, CVE-2024-53227, CVE-2024-47698,
CVE-2024-57931, CVE-2024-53104, CVE-2024-50282, CVE-2024-56619,
CVE-2024-56597, CVE-2024-49900, CVE-2024-57890, CVE-2024-56562,
CVE-2024-50082, CVE-2024-53101, CVE-2024-53173, CVE-2024-58051,
CVE-2024-50040, CVE-2024-56581, CVE-2024-56694, CVE-2024-50167,
CVE-2024-49938, CVE-2024-50290, CVE-2024-53142, CVE-2024-50116,
CVE-2025-21760, CVE-2024-55916, CVE-2024-50199, CVE-2025-21753,
CVE-2024-53197, CVE-2024-47672, CVE-2024-50237, CVE-2024-57910,
CVE-2024-56601, CVE-2024-49860, CVE-2025-21866, CVE-2024-50251,
CVE-2024-50230, CVE-2024-49959, CVE-2024-50006, CVE-2025-21904,
CVE-2025-21922, CVE-2024-50236, CVE-2024-49924, CVE-2025-21772,
CVE-2025-21728, CVE-2024-56651, CVE-2024-49884, CVE-2024-56779,
CVE-2025-21914, CVE-2025-21971, CVE-2024-58014, CVE-2024-53127,
CVE-2024-56769, CVE-2024-53165, CVE-2024-50131, CVE-2024-49868,
CVE-2025-21744, CVE-2025-21653, CVE-2024-53157, CVE-2025-21934,
CVE-2025-21689, CVE-2024-56595, CVE-2024-50256, CVE-2024-50143,
CVE-2024-50171, CVE-2024-50117, CVE-2024-47742, CVE-2024-56781,
CVE-2024-53124, CVE-2024-57908, CVE-2024-56747, CVE-2024-57929,
CVE-2024-43900, CVE-2025-21704, CVE-2025-21858, CVE-2024-53130,
CVE-2024-44931, CVE-2025-21925, CVE-2024-53239, CVE-2024-53150,
CVE-2024-53172, CVE-2024-56614, CVE-2025-21787, CVE-2025-21877,
CVE-2024-56681, CVE-2024-53174, CVE-2024-56570, CVE-2024-49896,
CVE-2024-56576, CVE-2025-21859, CVE-2024-57946, CVE-2024-50024,
CVE-2025-21920, CVE-2024-50296, CVE-2024-56599, CVE-2024-56602,
CVE-2025-21762, CVE-2024-53680, CVE-2024-56670, CVE-2024-53171,
CVE-2025-21718, CVE-2024-58069, CVE-2025-21735, CVE-2024-57884,
CVE-2024-50007, CVE-2024-40965, CVE-2024-53214, CVE-2024-47674,
CVE-2024-43098, CVE-2024-58001, CVE-2024-56739, CVE-2023-52741,
CVE-2024-53237, CVE-2024-49952, CVE-2025-21835, CVE-2025-21848,
CVE-2025-21916, CVE-2024-26996, CVE-2024-50194, CVE-2025-21721,
CVE-2024-46731, CVE-2024-53148, CVE-2024-50262, CVE-2024-47749,
CVE-2024-49974, CVE-2024-49975, CVE-2025-21781, CVE-2024-56658,
CVE-2022-49034, CVE-2024-56688, CVE-2024-47699, CVE-2025-21664,
CVE-2024-57849, CVE-2024-57912, CVE-2024-56724, CVE-2024-56630,
CVE-2024-50180, CVE-2024-47723, CVE-2024-47737, CVE-2025-21639,
CVE-2024-56645, CVE-2024-46849, CVE-2024-49948, CVE-2024-43863,
CVE-2024-56532, CVE-2024-50148, CVE-2024-38544, CVE-2024-53183,
CVE-2024-57922, CVE-2024-50051, CVE-2024-50278, CVE-2024-56700,
CVE-2024-35887, CVE-2024-56756, CVE-2025-21764, CVE-2024-46826,
CVE-2024-56603, CVE-2025-21731, CVE-2024-56644, CVE-2024-49877,
CVE-2024-26689, CVE-2024-56587, CVE-2024-50269, CVE-2025-21917,
CVE-2024-56548, CVE-2021-47119, CVE-2024-56637, CVE-2024-50299,
CVE-2024-56690, CVE-2024-47740, CVE-2024-50233, CVE-2025-21811,
CVE-2024-50229, CVE-2024-49902, CVE-2025-21708, CVE-2024-57802,
CVE-2025-21702, CVE-2024-53194, CVE-2024-58058, CVE-2024-49867,
CVE-2024-47756, CVE-2021-47191, CVE-2024-57906, CVE-2024-47709,
CVE-2024-56596, CVE-2024-56634, CVE-2024-57850, CVE-2025-21909,
CVE-2024-53066, CVE-2025-21638, CVE-2024-57938, CVE-2025-21776,
CVE-2024-50059, CVE-2024-56704, CVE-2025-21928, CVE-2024-49966,
CVE-2024-49883, CVE-2024-49936, CVE-2024-49965, CVE-2025-21905,
CVE-2024-35864, CVE-2024-47706, CVE-2024-40953, CVE-2024-53161,
CVE-2024-49957, CVE-2024-26928, CVE-2024-57948, CVE-2024-49955,
CVE-2024-47685, CVE-2024-50301, CVE-2024-48881, CVE-2024-56642,
CVE-2024-50218, CVE-2024-49982, CVE-2024-50267, CVE-2024-53158,
CVE-2025-21736, CVE-2024-50039, CVE-2024-53217, CVE-2025-21782,
CVE-2024-50150, CVE-2024-50099, CVE-2025-21898, CVE-2024-58072,
CVE-2024-53155, CVE-2024-53138, CVE-2024-47670, CVE-2021-47219,
CVE-2024-41016, CVE-2024-35958, CVE-2024-49958, CVE-2025-21699,
CVE-2024-50142, CVE-2024-47712, CVE-2024-57911, CVE-2024-58017,
CVE-2024-56605, CVE-2024-58085, CVE-2025-21715, CVE-2024-53140,
CVE-2024-56574, CVE-2024-56600, CVE-2024-42252, CVE-2024-50033,
CVE-2024-46854, CVE-2024-47697, CVE-2024-47757, CVE-2025-21785,
CVE-2024-47713, CVE-2024-50045, CVE-2024-56767, CVE-2025-21749,
CVE-2024-53690, CVE-2024-53145, CVE-2024-53135, CVE-2023-52458,
CVE-2024-57901, CVE-2024-56650, CVE-2025-21719, CVE-2025-21823,
CVE-2024-38588, CVE-2024-53156, CVE-2024-49851, CVE-2024-57981,
CVE-2025-21765, CVE-2024-56586, CVE-2024-53184, CVE-2024-56770,
CVE-2024-50234, CVE-2024-56720, CVE-2024-58010)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
linux-image-5.4.0-1129-raspi 5.4.0-1129.142~18.04.1
Available with Ubuntu Pro
linux-image-raspi-hwe-18.04 5.4.0.1129.142~18.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7540-1
CVE-2021-47119, CVE-2021-47191, CVE-2021-47219, CVE-2021-47469,
CVE-2022-49034, CVE-2023-52458, CVE-2023-52664, CVE-2023-52741,
CVE-2023-52927, CVE-2024-23848, CVE-2024-26689, CVE-2024-26915,
CVE-2024-26928, CVE-2024-26982, CVE-2024-26996, CVE-2024-35864,
CVE-2024-35887, CVE-2024-35896, CVE-2024-35958, CVE-2024-38544,
CVE-2024-38588, CVE-2024-40911, CVE-2024-40953, CVE-2024-40965,
CVE-2024-41016, CVE-2024-41066, CVE-2024-42252, CVE-2024-43098,
CVE-2024-43863, CVE-2024-43900, CVE-2024-44931, CVE-2024-44938,
CVE-2024-46731, CVE-2024-46826, CVE-2024-46849, CVE-2024-46853,
CVE-2024-46854, CVE-2024-47670, CVE-2024-47671, CVE-2024-47672,
CVE-2024-47674, CVE-2024-47679, CVE-2024-47684, CVE-2024-47685,
CVE-2024-47692, CVE-2024-47696, CVE-2024-47697, CVE-2024-47698,
CVE-2024-47699, CVE-2024-47701, CVE-2024-47706, CVE-2024-47707,
CVE-2024-47709, CVE-2024-47710, CVE-2024-47712, CVE-2024-47713,
CVE-2024-47723, CVE-2024-47737, CVE-2024-47740, CVE-2024-47742,
CVE-2024-47747, CVE-2024-47749, CVE-2024-47756, CVE-2024-47757,
CVE-2024-48881, CVE-2024-49851, CVE-2024-49860, CVE-2024-49867,
CVE-2024-49868, CVE-2024-49877, CVE-2024-49878, CVE-2024-49879,
CVE-2024-49882, CVE-2024-49883, CVE-2024-49884, CVE-2024-49892,
CVE-2024-49894, CVE-2024-49896, CVE-2024-49900, CVE-2024-49902,
CVE-2024-49903, CVE-2024-49924, CVE-2024-49925, CVE-2024-49936,
CVE-2024-49938, CVE-2024-49944, CVE-2024-49948, CVE-2024-49949,
CVE-2024-49952, CVE-2024-49955, CVE-2024-49957, CVE-2024-49958,
CVE-2024-49959, CVE-2024-49962, CVE-2024-49963, CVE-2024-49965,
CVE-2024-49966, CVE-2024-49973, CVE-2024-49974, CVE-2024-49975,
CVE-2024-49981, CVE-2024-49982, CVE-2024-49985, CVE-2024-49996,
CVE-2024-49997, CVE-2024-50006, CVE-2024-50007, CVE-2024-50008,
CVE-2024-50024, CVE-2024-50033, CVE-2024-50035, CVE-2024-50039,
CVE-2024-50040, CVE-2024-50044, CVE-2024-50045, CVE-2024-50051,
CVE-2024-50055, CVE-2024-50059, CVE-2024-50074, CVE-2024-50082,
CVE-2024-50096, CVE-2024-50099, CVE-2024-50116, CVE-2024-50117,
CVE-2024-50127, CVE-2024-50131, CVE-2024-50134, CVE-2024-50142,
CVE-2024-50143, CVE-2024-50148, CVE-2024-50150, CVE-2024-50151,
CVE-2024-50167, CVE-2024-50171, CVE-2024-50179, CVE-2024-50180,
CVE-2024-50184, CVE-2024-50194, CVE-2024-50195, CVE-2024-50199,
CVE-2024-50202, CVE-2024-50205, CVE-2024-50218, CVE-2024-50229,
CVE-2024-50230, CVE-2024-50233, CVE-2024-50234, CVE-2024-50236,
CVE-2024-50237, CVE-2024-50251, CVE-2024-50256, CVE-2024-50262,
CVE-2024-50265, CVE-2024-50267, CVE-2024-50269, CVE-2024-50273,
CVE-2024-50278, CVE-2024-50279, CVE-2024-50282, CVE-2024-50287,
CVE-2024-50290, CVE-2024-50296, CVE-2024-50299, CVE-2024-50301,
CVE-2024-50302, CVE-2024-52332, CVE-2024-53059, CVE-2024-53061,
CVE-2024-53063, CVE-2024-53066, CVE-2024-53101, CVE-2024-53104,
CVE-2024-53112, CVE-2024-53121, CVE-2024-53124, CVE-2024-53127,
CVE-2024-53130, CVE-2024-53131, CVE-2024-53135, CVE-2024-53138,
CVE-2024-53140, CVE-2024-53142, CVE-2024-53145, CVE-2024-53146,
CVE-2024-53148, CVE-2024-53150, CVE-2024-53155, CVE-2024-53156,
CVE-2024-53157, CVE-2024-53158, CVE-2024-53161, CVE-2024-53165,
CVE-2024-53171, CVE-2024-53172, CVE-2024-53173, CVE-2024-53174,
CVE-2024-53181, CVE-2024-53183, CVE-2024-53184, CVE-2024-53194,
CVE-2024-53197, CVE-2024-53198, CVE-2024-53214, CVE-2024-53217,
CVE-2024-53227, CVE-2024-53237, CVE-2024-53239, CVE-2024-53680,
CVE-2024-53690, CVE-2024-55916, CVE-2024-56531, CVE-2024-56532,
CVE-2024-56539, CVE-2024-56548, CVE-2024-56558, CVE-2024-56562,
CVE-2024-56567, CVE-2024-56569, CVE-2024-56570, CVE-2024-56572,
CVE-2024-56574, CVE-2024-56576, CVE-2024-56581, CVE-2024-56586,
CVE-2024-56587, CVE-2024-56593, CVE-2024-56594, CVE-2024-56595,
CVE-2024-56596, CVE-2024-56597, CVE-2024-56598, CVE-2024-56599,
CVE-2024-56600, CVE-2024-56601, CVE-2024-56602, CVE-2024-56603,
CVE-2024-56605, CVE-2024-56606, CVE-2024-56614, CVE-2024-56615,
CVE-2024-56619, CVE-2024-56629, CVE-2024-56630, CVE-2024-56631,
CVE-2024-56633, CVE-2024-56634, CVE-2024-56637, CVE-2024-56642,
CVE-2024-56643, CVE-2024-56644, CVE-2024-56645, CVE-2024-56650,
CVE-2024-56651, CVE-2024-56658, CVE-2024-56659, CVE-2024-56670,
CVE-2024-56681, CVE-2024-56688, CVE-2024-56690, CVE-2024-56691,
CVE-2024-56694, CVE-2024-56700, CVE-2024-56704, CVE-2024-56720,
CVE-2024-56723, CVE-2024-56724, CVE-2024-56739, CVE-2024-56746,
CVE-2024-56747, CVE-2024-56748, CVE-2024-56756, CVE-2024-56767,
CVE-2024-56769, CVE-2024-56770, CVE-2024-56779, CVE-2024-56780,
CVE-2024-56781, CVE-2024-57802, CVE-2024-57807, CVE-2024-57849,
CVE-2024-57850, CVE-2024-57884, CVE-2024-57889, CVE-2024-57890,
CVE-2024-57892, CVE-2024-57900, CVE-2024-57901, CVE-2024-57902,
CVE-2024-57904, CVE-2024-57906, CVE-2024-57908, CVE-2024-57910,
CVE-2024-57911, CVE-2024-57912, CVE-2024-57913, CVE-2024-57922,
CVE-2024-57929, CVE-2024-57931, CVE-2024-57938, CVE-2024-57946,
CVE-2024-57948, CVE-2024-57951, CVE-2024-57973, CVE-2024-57977,
CVE-2024-57979, CVE-2024-57980, CVE-2024-57981, CVE-2024-57986,
CVE-2024-58001, CVE-2024-58002, CVE-2024-58007, CVE-2024-58010,
CVE-2024-58014, CVE-2024-58017, CVE-2024-58020, CVE-2024-58051,
CVE-2024-58052, CVE-2024-58055, CVE-2024-58058, CVE-2024-58063,
CVE-2024-58069, CVE-2024-58071, CVE-2024-58072, CVE-2024-58083,
CVE-2024-58085, CVE-2024-58090, CVE-2025-0927, CVE-2025-21638,
CVE-2025-21639, CVE-2025-21640, CVE-2025-21647, CVE-2025-21653,
CVE-2025-21664, CVE-2025-21678, CVE-2025-21687, CVE-2025-21689,
CVE-2025-21694, CVE-2025-21697, CVE-2025-21699, CVE-2025-21700,
CVE-2025-21702, CVE-2025-21704, CVE-2025-21708, CVE-2025-21715,
CVE-2025-21718, CVE-2025-21719, CVE-2025-21721, CVE-2025-21722,
CVE-2025-21728, CVE-2025-21731, CVE-2025-21735, CVE-2025-21736,
CVE-2025-21744, CVE-2025-21749, CVE-2025-21753, CVE-2025-21760,
CVE-2025-21761, CVE-2025-21762, CVE-2025-21763, CVE-2025-21764,
CVE-2025-21765, CVE-2025-21772, CVE-2025-21776, CVE-2025-21781,
CVE-2025-21782, CVE-2025-21785, CVE-2025-21787, CVE-2025-21791,
CVE-2025-21806, CVE-2025-21811, CVE-2025-21814, CVE-2025-21823,
CVE-2025-21835, CVE-2025-21846, CVE-2025-21848, CVE-2025-21858,
CVE-2025-21859, CVE-2025-21862, CVE-2025-21866, CVE-2025-21871,
CVE-2025-21877, CVE-2025-21898, CVE-2025-21904, CVE-2025-21905,
CVE-2025-21909, CVE-2025-21910, CVE-2025-21914, CVE-2025-21916,
CVE-2025-21917, CVE-2025-21920, CVE-2025-21922, CVE-2025-21925,
CVE-2025-21926, CVE-2025-21928, CVE-2025-21934, CVE-2025-21935,
CVE-2025-21948, CVE-2025-21971
Ubuntu Security Notice USN-7540-1
May 28, 2025
linux-raspi-5.4 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-raspi-5.4: Linux kernel for Raspberry Pi systems
Details:
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Virtio block driver;
- Character device driver;
- TPM device driver;
- Data acquisition framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- ARM SCPI message protocol;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Microsoft Hyper-V drivers;
- I2C subsystem;
- I3C subsystem;
- IIO ADC drivers;
- IIO subsystem;
- InfiniBand drivers;
- LED subsystem;
- Mailbox framework;
- Multiple devices driver;
- Media drivers;
- Multifunction device drivers;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Mellanox network drivers;
- NTB driver;
- Virtio pmem driver;
- NVME drivers;
- Parport drivers;
- PCI subsystem;
- Pin controllers subsystem;
- x86 platform drivers;
- PPS (Pulse Per Second) driver;
- PTP clock framework;
- RapidIO drivers;
- Real Time Clock drivers;
- SCSI subsystem;
- SuperH / SH-Mobile drivers;
- SLIMbus drivers;
- QCOM SoC drivers;
- SPI subsystem;
- Direct Digital Synthesis drivers;
- Trusted Execution Environment drivers;
- USB DSL drivers;
- USB Device Class drivers;
- USB core drivers;
- USB Gadget drivers;
- USB Host Controller drivers;
- USB Dual Role (OTG-ready) Controller drivers;
- Renesas USBHS Controller drivers;
- USB Serial drivers;
- USB Type-C support driver;
- USB Type-C Port Controller Manager driver;
- VFIO drivers;
- Framebuffer layer;
- Xen hypervisor drivers;
- File systems infrastructure;
- BTRFS file system;
- Ceph distributed file system;
- Ext4 file system;
- F2FS file system;
- GFS2 file system;
- JFFS2 file system;
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- Overlay file system;
- Proc file system;
- Diskquota system;
- SMB network file system;
- UBI file system;
- Timer subsystem;
- VLANs driver;
- KVM subsystem;
- L3 Master device support module;
- LAPB network protocol;
- Network namespace;
- Netfilter;
- Network traffic control;
- Network sockets;
- TCP network protocol;
- Kernel init infrastructure;
- Process Accounting mechanism;
- BPF subsystem;
- Kernel CPU control infrastructure;
- Perf events;
- printk logging mechanism;
- Arbitrary resource management;
- Scheduler infrastructure;
- Tracing infrastructure;
- Closures library;
- Memory management;
- 802.1Q VLAN protocol;
- 9P file system network protocol;
- Amateur Radio drivers;
- B.A.T.M.A.N. meshing protocol;
- Bluetooth subsystem;
- Ethernet bridge;
- CAN network layer;
- Networking core;
- DCCP (Datagram Congestion Control Protocol);
- IEEE802154.4 network protocol;
- IPv4 networking;
- IPv6 networking;
- Logical Link layer;
- MAC80211 subsystem;
- IEEE 802.15.4 subsystem;
- Netlink;
- NET/ROM layer;
- NFC subsystem;
- Open vSwitch;
- Packet sockets;
- Rose network layer;
- SCTP protocol;
- Sun RPC protocol;
- TIPC protocol;
- Wireless networking;
- eXpress Data Path;
- XFRM subsystem;
- Key management;
- SELinux security module;
- Tomoyo security module;
- FireWire sound drivers;
- AudioScience HPI driver;
- Amlogic Meson SoC drivers;
- USB sound devices;
(CVE-2024-41066, CVE-2025-21935, CVE-2024-47684, CVE-2024-57986,
CVE-2024-35896, CVE-2024-50202, CVE-2024-50184, CVE-2024-44938,
CVE-2025-21722, CVE-2024-50008, CVE-2023-52927, CVE-2024-57951,
CVE-2024-53112, CVE-2024-56723, CVE-2024-50195, CVE-2024-56748,
CVE-2024-53131, CVE-2024-50302, CVE-2025-21697, CVE-2024-53146,
CVE-2025-21814, CVE-2024-49962, CVE-2024-56594, CVE-2024-47671,
CVE-2024-57904, CVE-2024-50127, CVE-2025-21694, CVE-2024-57900,
CVE-2024-58071, CVE-2024-50273, CVE-2024-56593, CVE-2024-50044,
CVE-2024-49879, CVE-2023-52664, CVE-2024-49949, CVE-2024-50151,
CVE-2024-58063, CVE-2024-49944, CVE-2025-21871, CVE-2024-57980,
CVE-2025-21948, CVE-2024-49882, CVE-2025-21678, CVE-2024-47679,
CVE-2024-46853, CVE-2024-58002, CVE-2024-58020, CVE-2024-52332,
CVE-2024-47747, CVE-2024-49973, CVE-2024-50096, CVE-2024-49894,
CVE-2024-50055, CVE-2024-57973, CVE-2024-47696, CVE-2024-56615,
CVE-2024-57979, CVE-2024-56643, CVE-2024-49892, CVE-2024-56598,
CVE-2024-56569, CVE-2024-53181, CVE-2024-53063, CVE-2024-57892,
CVE-2024-56631, CVE-2025-21763, CVE-2024-58052, CVE-2025-21910,
CVE-2024-56531, CVE-2024-56780, CVE-2024-50179, CVE-2024-56746,
CVE-2024-50134, CVE-2024-56629, CVE-2024-49878, CVE-2024-50287,
CVE-2024-50074, CVE-2024-56558, CVE-2024-50265, CVE-2024-50205,
CVE-2025-21846, CVE-2024-49985, CVE-2025-21640, CVE-2024-50279,
CVE-2024-26915, CVE-2024-47701, CVE-2025-21806, CVE-2024-57977,
CVE-2025-21700, CVE-2024-56567, CVE-2024-49996, CVE-2024-49925,
CVE-2025-21647, CVE-2025-21926, CVE-2024-58090, CVE-2024-57902,
CVE-2025-21791, CVE-2025-21862, CVE-2024-49997, CVE-2024-47707,
CVE-2024-56572, CVE-2024-47692, CVE-2024-58055, CVE-2024-53061,
CVE-2024-56539, CVE-2024-47710, CVE-2025-21687, CVE-2024-56691,
CVE-2024-56606, CVE-2024-49963, CVE-2024-58007, CVE-2024-57807,
CVE-2025-21761, CVE-2024-53059, CVE-2024-53121, CVE-2024-56633,
CVE-2024-49981, CVE-2024-49903, CVE-2024-50035, CVE-2024-56659,
CVE-2024-40911, CVE-2024-57889, CVE-2024-58083, CVE-2024-57913,
CVE-2024-26982, CVE-2024-53198, CVE-2024-53227, CVE-2024-47698,
CVE-2024-57931, CVE-2024-53104, CVE-2024-50282, CVE-2024-56619,
CVE-2024-56597, CVE-2024-49900, CVE-2024-57890, CVE-2024-56562,
CVE-2024-50082, CVE-2024-53101, CVE-2024-53173, CVE-2024-58051,
CVE-2024-50040, CVE-2024-56581, CVE-2024-56694, CVE-2024-50167,
CVE-2024-49938, CVE-2024-50290, CVE-2024-53142, CVE-2024-50116,
CVE-2025-21760, CVE-2024-55916, CVE-2024-50199, CVE-2025-21753,
CVE-2024-53197, CVE-2024-47672, CVE-2024-50237, CVE-2024-57910,
CVE-2024-56601, CVE-2024-49860, CVE-2025-21866, CVE-2024-50251,
CVE-2024-50230, CVE-2024-49959, CVE-2024-50006, CVE-2025-21904,
CVE-2025-21922, CVE-2024-50236, CVE-2024-49924, CVE-2025-21772,
CVE-2025-21728, CVE-2024-56651, CVE-2024-49884, CVE-2024-56779,
CVE-2025-21914, CVE-2025-21971, CVE-2024-58014, CVE-2024-53127,
CVE-2024-56769, CVE-2024-53165, CVE-2024-50131, CVE-2024-49868,
CVE-2025-21744, CVE-2025-21653, CVE-2024-53157, CVE-2025-21934,
CVE-2025-21689, CVE-2024-56595, CVE-2024-50256, CVE-2024-50143,
CVE-2024-50171, CVE-2024-50117, CVE-2024-47742, CVE-2024-56781,
CVE-2024-53124, CVE-2024-57908, CVE-2024-56747, CVE-2024-57929,
CVE-2024-43900, CVE-2025-21704, CVE-2025-21858, CVE-2024-53130,
CVE-2024-44931, CVE-2025-21925, CVE-2024-53239, CVE-2024-53150,
CVE-2024-53172, CVE-2024-56614, CVE-2025-21787, CVE-2025-21877,
CVE-2024-56681, CVE-2024-53174, CVE-2024-56570, CVE-2024-49896,
CVE-2024-56576, CVE-2025-21859, CVE-2024-57946, CVE-2024-50024,
CVE-2025-21920, CVE-2024-50296, CVE-2024-56599, CVE-2024-56602,
CVE-2025-21762, CVE-2024-53680, CVE-2024-56670, CVE-2024-53171,
CVE-2025-21718, CVE-2024-58069, CVE-2025-21735, CVE-2024-57884,
CVE-2024-50007, CVE-2024-40965, CVE-2024-53214, CVE-2024-47674,
CVE-2024-43098, CVE-2024-58001, CVE-2024-56739, CVE-2023-52741,
CVE-2024-53237, CVE-2024-49952, CVE-2025-21835, CVE-2025-21848,
CVE-2025-21916, CVE-2024-26996, CVE-2024-50194, CVE-2025-21721,
CVE-2024-46731, CVE-2024-53148, CVE-2024-50262, CVE-2024-47749,
CVE-2024-49974, CVE-2024-49975, CVE-2025-21781, CVE-2024-56658,
CVE-2022-49034, CVE-2024-56688, CVE-2024-47699, CVE-2025-21664,
CVE-2024-57849, CVE-2024-57912, CVE-2024-56724, CVE-2024-56630,
CVE-2024-50180, CVE-2024-47723, CVE-2024-47737, CVE-2025-21639,
CVE-2024-56645, CVE-2024-46849, CVE-2024-49948, CVE-2024-43863,
CVE-2024-56532, CVE-2024-50148, CVE-2024-38544, CVE-2024-53183,
CVE-2024-57922, CVE-2024-50051, CVE-2024-50278, CVE-2024-56700,
CVE-2024-35887, CVE-2024-56756, CVE-2025-21764, CVE-2024-46826,
CVE-2024-56603, CVE-2025-21731, CVE-2024-56644, CVE-2024-49877,
CVE-2024-26689, CVE-2024-56587, CVE-2024-50269, CVE-2025-21917,
CVE-2024-56548, CVE-2021-47119, CVE-2024-56637, CVE-2024-50299,
CVE-2024-56690, CVE-2024-47740, CVE-2024-50233, CVE-2025-21811,
CVE-2024-50229, CVE-2024-49902, CVE-2025-21708, CVE-2024-57802,
CVE-2025-21702, CVE-2024-53194, CVE-2024-58058, CVE-2024-49867,
CVE-2024-47756, CVE-2021-47191, CVE-2024-57906, CVE-2024-47709,
CVE-2024-56596, CVE-2024-56634, CVE-2024-57850, CVE-2025-21909,
CVE-2024-53066, CVE-2025-21638, CVE-2024-57938, CVE-2025-21776,
CVE-2024-50059, CVE-2024-56704, CVE-2025-21928, CVE-2024-49966,
CVE-2024-49883, CVE-2024-49936, CVE-2024-49965, CVE-2025-21905,
CVE-2024-35864, CVE-2024-47706, CVE-2024-40953, CVE-2024-53161,
CVE-2024-49957, CVE-2024-26928, CVE-2024-57948, CVE-2024-49955,
CVE-2024-47685, CVE-2024-50301, CVE-2024-48881, CVE-2024-56642,
CVE-2024-50218, CVE-2024-49982, CVE-2024-50267, CVE-2024-53158,
CVE-2025-21736, CVE-2024-50039, CVE-2024-53217, CVE-2025-21782,
CVE-2024-50150, CVE-2024-50099, CVE-2025-21898, CVE-2024-58072,
CVE-2024-53155, CVE-2024-53138, CVE-2024-47670, CVE-2021-47219,
CVE-2024-41016, CVE-2024-35958, CVE-2024-49958, CVE-2025-21699,
CVE-2024-50142, CVE-2024-47712, CVE-2024-57911, CVE-2024-58017,
CVE-2024-56605, CVE-2024-58085, CVE-2025-21715, CVE-2024-53140,
CVE-2024-56574, CVE-2024-56600, CVE-2024-42252, CVE-2024-50033,
CVE-2024-46854, CVE-2024-47697, CVE-2024-47757, CVE-2025-21785,
CVE-2024-47713, CVE-2024-50045, CVE-2024-56767, CVE-2025-21749,
CVE-2024-53690, CVE-2024-53145, CVE-2024-53135, CVE-2023-52458,
CVE-2024-57901, CVE-2024-56650, CVE-2025-21719, CVE-2025-21823,
CVE-2024-38588, CVE-2024-53156, CVE-2024-49851, CVE-2024-57981,
CVE-2025-21765, CVE-2024-56586, CVE-2024-53184, CVE-2024-56770,
CVE-2024-50234, CVE-2024-56720, CVE-2024-58010)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
linux-image-5.4.0-1129-raspi 5.4.0-1129.142~18.04.1
Available with Ubuntu Pro
linux-image-raspi-hwe-18.04 5.4.0.1129.142~18.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7540-1
CVE-2021-47119, CVE-2021-47191, CVE-2021-47219, CVE-2021-47469,
CVE-2022-49034, CVE-2023-52458, CVE-2023-52664, CVE-2023-52741,
CVE-2023-52927, CVE-2024-23848, CVE-2024-26689, CVE-2024-26915,
CVE-2024-26928, CVE-2024-26982, CVE-2024-26996, CVE-2024-35864,
CVE-2024-35887, CVE-2024-35896, CVE-2024-35958, CVE-2024-38544,
CVE-2024-38588, CVE-2024-40911, CVE-2024-40953, CVE-2024-40965,
CVE-2024-41016, CVE-2024-41066, CVE-2024-42252, CVE-2024-43098,
CVE-2024-43863, CVE-2024-43900, CVE-2024-44931, CVE-2024-44938,
CVE-2024-46731, CVE-2024-46826, CVE-2024-46849, CVE-2024-46853,
CVE-2024-46854, CVE-2024-47670, CVE-2024-47671, CVE-2024-47672,
CVE-2024-47674, CVE-2024-47679, CVE-2024-47684, CVE-2024-47685,
CVE-2024-47692, CVE-2024-47696, CVE-2024-47697, CVE-2024-47698,
CVE-2024-47699, CVE-2024-47701, CVE-2024-47706, CVE-2024-47707,
CVE-2024-47709, CVE-2024-47710, CVE-2024-47712, CVE-2024-47713,
CVE-2024-47723, CVE-2024-47737, CVE-2024-47740, CVE-2024-47742,
CVE-2024-47747, CVE-2024-47749, CVE-2024-47756, CVE-2024-47757,
CVE-2024-48881, CVE-2024-49851, CVE-2024-49860, CVE-2024-49867,
CVE-2024-49868, CVE-2024-49877, CVE-2024-49878, CVE-2024-49879,
CVE-2024-49882, CVE-2024-49883, CVE-2024-49884, CVE-2024-49892,
CVE-2024-49894, CVE-2024-49896, CVE-2024-49900, CVE-2024-49902,
CVE-2024-49903, CVE-2024-49924, CVE-2024-49925, CVE-2024-49936,
CVE-2024-49938, CVE-2024-49944, CVE-2024-49948, CVE-2024-49949,
CVE-2024-49952, CVE-2024-49955, CVE-2024-49957, CVE-2024-49958,
CVE-2024-49959, CVE-2024-49962, CVE-2024-49963, CVE-2024-49965,
CVE-2024-49966, CVE-2024-49973, CVE-2024-49974, CVE-2024-49975,
CVE-2024-49981, CVE-2024-49982, CVE-2024-49985, CVE-2024-49996,
CVE-2024-49997, CVE-2024-50006, CVE-2024-50007, CVE-2024-50008,
CVE-2024-50024, CVE-2024-50033, CVE-2024-50035, CVE-2024-50039,
CVE-2024-50040, CVE-2024-50044, CVE-2024-50045, CVE-2024-50051,
CVE-2024-50055, CVE-2024-50059, CVE-2024-50074, CVE-2024-50082,
CVE-2024-50096, CVE-2024-50099, CVE-2024-50116, CVE-2024-50117,
CVE-2024-50127, CVE-2024-50131, CVE-2024-50134, CVE-2024-50142,
CVE-2024-50143, CVE-2024-50148, CVE-2024-50150, CVE-2024-50151,
CVE-2024-50167, CVE-2024-50171, CVE-2024-50179, CVE-2024-50180,
CVE-2024-50184, CVE-2024-50194, CVE-2024-50195, CVE-2024-50199,
CVE-2024-50202, CVE-2024-50205, CVE-2024-50218, CVE-2024-50229,
CVE-2024-50230, CVE-2024-50233, CVE-2024-50234, CVE-2024-50236,
CVE-2024-50237, CVE-2024-50251, CVE-2024-50256, CVE-2024-50262,
CVE-2024-50265, CVE-2024-50267, CVE-2024-50269, CVE-2024-50273,
CVE-2024-50278, CVE-2024-50279, CVE-2024-50282, CVE-2024-50287,
CVE-2024-50290, CVE-2024-50296, CVE-2024-50299, CVE-2024-50301,
CVE-2024-50302, CVE-2024-52332, CVE-2024-53059, CVE-2024-53061,
CVE-2024-53063, CVE-2024-53066, CVE-2024-53101, CVE-2024-53104,
CVE-2024-53112, CVE-2024-53121, CVE-2024-53124, CVE-2024-53127,
CVE-2024-53130, CVE-2024-53131, CVE-2024-53135, CVE-2024-53138,
CVE-2024-53140, CVE-2024-53142, CVE-2024-53145, CVE-2024-53146,
CVE-2024-53148, CVE-2024-53150, CVE-2024-53155, CVE-2024-53156,
CVE-2024-53157, CVE-2024-53158, CVE-2024-53161, CVE-2024-53165,
CVE-2024-53171, CVE-2024-53172, CVE-2024-53173, CVE-2024-53174,
CVE-2024-53181, CVE-2024-53183, CVE-2024-53184, CVE-2024-53194,
CVE-2024-53197, CVE-2024-53198, CVE-2024-53214, CVE-2024-53217,
CVE-2024-53227, CVE-2024-53237, CVE-2024-53239, CVE-2024-53680,
CVE-2024-53690, CVE-2024-55916, CVE-2024-56531, CVE-2024-56532,
CVE-2024-56539, CVE-2024-56548, CVE-2024-56558, CVE-2024-56562,
CVE-2024-56567, CVE-2024-56569, CVE-2024-56570, CVE-2024-56572,
CVE-2024-56574, CVE-2024-56576, CVE-2024-56581, CVE-2024-56586,
CVE-2024-56587, CVE-2024-56593, CVE-2024-56594, CVE-2024-56595,
CVE-2024-56596, CVE-2024-56597, CVE-2024-56598, CVE-2024-56599,
CVE-2024-56600, CVE-2024-56601, CVE-2024-56602, CVE-2024-56603,
CVE-2024-56605, CVE-2024-56606, CVE-2024-56614, CVE-2024-56615,
CVE-2024-56619, CVE-2024-56629, CVE-2024-56630, CVE-2024-56631,
CVE-2024-56633, CVE-2024-56634, CVE-2024-56637, CVE-2024-56642,
CVE-2024-56643, CVE-2024-56644, CVE-2024-56645, CVE-2024-56650,
CVE-2024-56651, CVE-2024-56658, CVE-2024-56659, CVE-2024-56670,
CVE-2024-56681, CVE-2024-56688, CVE-2024-56690, CVE-2024-56691,
CVE-2024-56694, CVE-2024-56700, CVE-2024-56704, CVE-2024-56720,
CVE-2024-56723, CVE-2024-56724, CVE-2024-56739, CVE-2024-56746,
CVE-2024-56747, CVE-2024-56748, CVE-2024-56756, CVE-2024-56767,
CVE-2024-56769, CVE-2024-56770, CVE-2024-56779, CVE-2024-56780,
CVE-2024-56781, CVE-2024-57802, CVE-2024-57807, CVE-2024-57849,
CVE-2024-57850, CVE-2024-57884, CVE-2024-57889, CVE-2024-57890,
CVE-2024-57892, CVE-2024-57900, CVE-2024-57901, CVE-2024-57902,
CVE-2024-57904, CVE-2024-57906, CVE-2024-57908, CVE-2024-57910,
CVE-2024-57911, CVE-2024-57912, CVE-2024-57913, CVE-2024-57922,
CVE-2024-57929, CVE-2024-57931, CVE-2024-57938, CVE-2024-57946,
CVE-2024-57948, CVE-2024-57951, CVE-2024-57973, CVE-2024-57977,
CVE-2024-57979, CVE-2024-57980, CVE-2024-57981, CVE-2024-57986,
CVE-2024-58001, CVE-2024-58002, CVE-2024-58007, CVE-2024-58010,
CVE-2024-58014, CVE-2024-58017, CVE-2024-58020, CVE-2024-58051,
CVE-2024-58052, CVE-2024-58055, CVE-2024-58058, CVE-2024-58063,
CVE-2024-58069, CVE-2024-58071, CVE-2024-58072, CVE-2024-58083,
CVE-2024-58085, CVE-2024-58090, CVE-2025-0927, CVE-2025-21638,
CVE-2025-21639, CVE-2025-21640, CVE-2025-21647, CVE-2025-21653,
CVE-2025-21664, CVE-2025-21678, CVE-2025-21687, CVE-2025-21689,
CVE-2025-21694, CVE-2025-21697, CVE-2025-21699, CVE-2025-21700,
CVE-2025-21702, CVE-2025-21704, CVE-2025-21708, CVE-2025-21715,
CVE-2025-21718, CVE-2025-21719, CVE-2025-21721, CVE-2025-21722,
CVE-2025-21728, CVE-2025-21731, CVE-2025-21735, CVE-2025-21736,
CVE-2025-21744, CVE-2025-21749, CVE-2025-21753, CVE-2025-21760,
CVE-2025-21761, CVE-2025-21762, CVE-2025-21763, CVE-2025-21764,
CVE-2025-21765, CVE-2025-21772, CVE-2025-21776, CVE-2025-21781,
CVE-2025-21782, CVE-2025-21785, CVE-2025-21787, CVE-2025-21791,
CVE-2025-21806, CVE-2025-21811, CVE-2025-21814, CVE-2025-21823,
CVE-2025-21835, CVE-2025-21846, CVE-2025-21848, CVE-2025-21858,
CVE-2025-21859, CVE-2025-21862, CVE-2025-21866, CVE-2025-21871,
CVE-2025-21877, CVE-2025-21898, CVE-2025-21904, CVE-2025-21905,
CVE-2025-21909, CVE-2025-21910, CVE-2025-21914, CVE-2025-21916,
CVE-2025-21917, CVE-2025-21920, CVE-2025-21922, CVE-2025-21925,
CVE-2025-21926, CVE-2025-21928, CVE-2025-21934, CVE-2025-21935,
CVE-2025-21948, CVE-2025-21971
Subscribe to:
Posts (Atom)