Tuesday, July 1, 2025

[USN-7611-1] Linux kernel vulnerabilities

-----BEGIN PGP SIGNATURE-----

wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmhket0FAwAAAAAACgkQZ0GeRcM5nt29
LwgAnc2Yvb5TeImdApFyhASTh6oHy43AlzxLmm5TKCaEepOwKi/ngDbwgfwAKqkS10sma2U/DiL6
jrbAxCmhWqWosS9cCtR0e/B8hOneGmhk2esQs2jNbp3MzxKYMIOARmnlXbXIEpdiQ0cSLwrAmPYl
gBip4QE71zEZrvWvpbz8I9fFEBt7eZr1BlslNjNShrh3P2xLftWTSxcD9DZuuXuDa5sXwMZ+3gtb
HC2wlZMoVpmI/cOCfKphe/ar3rhAFu5QHXWg2ypuv4sXWwapvF1lAJeBKRjanXfi7lMS4quw2Q0a
7OJs7c5n1Z9O1pV+w8D/684bFD1XL6BgKl/xDk+gkg==
=b75j
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7611-1
July 02, 2025

linux, linux-gcp, linux-raspi, linux-realtime vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-raspi: Linux kernel for Raspberry Pi systems
- linux-realtime: Linux kernel for Real-time systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Netfilter;
- Network traffic control;
(CVE-2025-38000, CVE-2025-37890, CVE-2025-38001, CVE-2025-37997,
CVE-2025-37932)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
linux-image-6.14.0-1005-realtime 6.14.0-1005.5
linux-image-6.14.0-1008-raspi 6.14.0-1008.8
linux-image-6.14.0-1009-gcp 6.14.0-1009.9
linux-image-6.14.0-1009-gcp-64k 6.14.0-1009.9
linux-image-6.14.0-23-generic 6.14.0-23.23
linux-image-6.14.0-23-generic-64k 6.14.0-23.23
linux-image-gcp 6.14.0-1009.9
linux-image-gcp-6.14 6.14.0-1009.9
linux-image-gcp-64k 6.14.0-1009.9
linux-image-gcp-64k-6.14 6.14.0-1009.9
linux-image-generic 6.14.0-23.23
linux-image-generic-6.14 6.14.0-23.23
linux-image-generic-64k 6.14.0-23.23
linux-image-generic-64k-6.14 6.14.0-23.23
linux-image-raspi 6.14.0-1008.8
linux-image-raspi-6.14 6.14.0-1008.8
linux-image-realtime 6.14.0-1005.5
linux-image-realtime-6.14 6.14.0-1005.5
linux-image-virtual 6.14.0-23.23
linux-image-virtual-6.14 6.14.0-23.23

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7611-1
CVE-2025-37890, CVE-2025-37932, CVE-2025-37997, CVE-2025-38000,
CVE-2025-38001

Package Information:
https://launchpad.net/ubuntu/+source/linux/6.14.0-23.23
https://launchpad.net/ubuntu/+source/linux-gcp/6.14.0-1009.9
https://launchpad.net/ubuntu/+source/linux-raspi/6.14.0-1008.8
https://launchpad.net/ubuntu/+source/linux-realtime/6.14.0-1005.5
No comments:

[USN-7610-1] Linux kernel vulnerabilities

-----BEGIN PGP SIGNATURE-----

wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmhkemkFAwAAAAAACgkQZ0GeRcM5nt2e
8gf/b1heVLpCyD7B2r2mwH/OV3kdfn45bUDEPwHK7vV1bBl/Tfbs+aL15j/DnNbTbI6gFk4qqf+W
oy/er02Y0+ZumHu4WLrJry/M5QZpERchxZf4RCQjpm2OnsOS570+5ezOUuzISakOo/rac916PISk
Xk6R/IKXdZJD+vbfkPJiWXeGv+S5qou7WsnjQWndi5rypFo0Qsz3aeN2iJTZncB6mHNkwHbfHYZJ
GzXD868FbSr6m46r5IOezVOf4T+U3rIdtm+lSwYs9dkWYYPZsIHgTuNgvnL0nkHiXZBpmksfGo60
lQHBX16CX3CGPkZryzleh0M+PQjmoHxXBInaU7q7qA==
=sHAY
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7610-1
July 01, 2025

linux, linux-aws, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-oracle,
linux-raspi, linux-realtime vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10
- Ubuntu 24.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-raspi: Linux kernel for Raspberry Pi systems
- linux-realtime: Linux kernel for Real-time systems
- linux-gcp-6.11: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe-6.11: Linux hardware enablement (HWE) kernel

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Netfilter;
- Network traffic control;
(CVE-2025-38001, CVE-2025-37997, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-37890)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
linux-image-6.11.0-1012-realtime 6.11.0-1012.12
linux-image-6.11.0-1015-raspi 6.11.0-1015.15
linux-image-6.11.0-1016-aws 6.11.0-1016.17
linux-image-6.11.0-1017-gcp 6.11.0-1017.17
linux-image-6.11.0-1017-gcp-64k 6.11.0-1017.17
linux-image-6.11.0-1018-oracle 6.11.0-1018.19
linux-image-6.11.0-1018-oracle-64k 6.11.0-1018.19
linux-image-6.11.0-29-generic 6.11.0-29.29
linux-image-6.11.0-29-generic-64k 6.11.0-29.29
linux-image-aws 6.11.0-1016.17
linux-image-aws-6.11 6.11.0-1016.17
linux-image-gcp 6.11.0-1017.17
linux-image-gcp-6.11 6.11.0-1017.17
linux-image-gcp-64k 6.11.0-1017.17
linux-image-gcp-64k-6.11 6.11.0-1017.17
linux-image-generic 6.11.0-29.29
linux-image-generic-6.11 6.11.0-29.29
linux-image-generic-64k 6.11.0-29.29
linux-image-generic-64k-6.11 6.11.0-29.29
linux-image-oracle 6.11.0-1018.19
linux-image-oracle-6.11 6.11.0-1018.19
linux-image-oracle-64k 6.11.0-1018.19
linux-image-oracle-64k-6.11 6.11.0-1018.19
linux-image-raspi 6.11.0-1015.15
linux-image-raspi-6.11 6.11.0-1015.15
linux-image-realtime 6.11.0-1012.12
linux-image-realtime-6.11 6.11.0-1012.12
linux-image-virtual 6.11.0-29.29
linux-image-virtual-6.11 6.11.0-29.29

Ubuntu 24.04 LTS
linux-image-6.11.0-1017-gcp 6.11.0-1017.17~24.04.1
linux-image-6.11.0-1017-gcp-64k 6.11.0-1017.17~24.04.1
linux-image-6.11.0-29-generic 6.11.0-29.29~24.04.1
linux-image-6.11.0-29-generic-64k 6.11.0-29.29~24.04.1
linux-image-gcp 6.11.0-1017.17~24.04.1
linux-image-gcp-6.11 6.11.0-1017.17~24.04.1
linux-image-gcp-64k 6.11.0-1017.17~24.04.1
linux-image-gcp-64k-6.11 6.11.0-1017.17~24.04.1
linux-image-generic-6.11 6.11.0-29.29~24.04.1
linux-image-generic-64k-6.11 6.11.0-29.29~24.04.1
linux-image-generic-64k-hwe-24.04 6.11.0-29.29~24.04.1
linux-image-generic-hwe-24.04 6.11.0-29.29~24.04.1
linux-image-virtual-6.11 6.11.0-29.29~24.04.1
linux-image-virtual-hwe-24.04 6.11.0-29.29~24.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7610-1
CVE-2025-37798, CVE-2025-37890, CVE-2025-37932, CVE-2025-37997,
CVE-2025-38000, CVE-2025-38001

Package Information:
https://launchpad.net/ubuntu/+source/linux/6.11.0-29.29
https://launchpad.net/ubuntu/+source/linux-aws/6.11.0-1016.17
https://launchpad.net/ubuntu/+source/linux-gcp/6.11.0-1017.17
https://launchpad.net/ubuntu/+source/linux-oracle/6.11.0-1018.19
https://launchpad.net/ubuntu/+source/linux-raspi/6.11.0-1015.15
https://launchpad.net/ubuntu/+source/linux-realtime/6.11.0-1012.12
https://launchpad.net/ubuntu/+source/linux-gcp-6.11/6.11.0-1017.17~24.04.1
https://launchpad.net/ubuntu/+source/linux-hwe-6.11/6.11.0-29.29~24.04.1
No comments:

[USN-7609-2] Linux kernel (Real-time) vulnerabilities

-----BEGIN PGP SIGNATURE-----

wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmhkekAFAwAAAAAACgkQZ0GeRcM5nt3X
EQgArwMSkITeK1GD/XBadMVcr09yQVhL+SRgNAcghSmDFk6oL3igFnJ4eRfbmxyfYuD2fw8aRj/G
tHwTK86rSTGjgW7HDOJIoJ/2rbf/nLBLG74uyU13C8TfoIChiHcEZbrRa7rzXNbAIN4mZMluVzJp
5Vuw/om5WaLk2MYOD0w0l4DA4uPxZYLFlEhghPqosulLSTdFKdoRKZQlXKLLJlI6GlX/Zvb1H/VJ
XU26qaiT+9ZLcmtgFj1Qptdd/I5goqmjpcYx60UO7BVfd72tZaaGzEy+QurRBP1KYk53O4XN98Ez
urp9sKduIm/wQmmZbxdxpv+W3iCprshjy8rfcqGlhg==
=y+R+
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7609-2
July 01, 2025

linux-realtime, linux-raspi-realtime vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-raspi-realtime: Linux kernel for Raspberry Pi Real-time systems
- linux-realtime: Linux kernel for Real-time systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- InfiniBand drivers;
- Netfilter;
- Network traffic control;
(CVE-2025-38001, CVE-2025-37798, CVE-2025-37932, CVE-2025-37997,
CVE-2025-38000, CVE-2025-22088, CVE-2025-37890)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
linux-image-6.8.0-2025-raspi-realtime 6.8.0-2025.26
Available with Ubuntu Pro
linux-image-6.8.1-1024-realtime 6.8.1-1024.25
Available with Ubuntu Pro
linux-image-raspi-realtime 6.8.0-2025.26
Available with Ubuntu Pro
linux-image-raspi-realtime-6.8 6.8.0-2025.26
Available with Ubuntu Pro
linux-image-realtime 6.8.1-1024.25
Available with Ubuntu Pro
linux-image-realtime-6.8.1 6.8.1-1024.25
Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7609-2
https://ubuntu.com/security/notices/USN-7609-1
CVE-2025-22088, CVE-2025-37798, CVE-2025-37890, CVE-2025-37932,
CVE-2025-37997, CVE-2025-38000, CVE-2025-38001

Package Information:
https://launchpad.net/ubuntu/+source/linux-raspi-realtime/6.8.0-2025.26
https://launchpad.net/ubuntu/+source/linux-realtime/6.8.1-1024.25
No comments:

[USN-7609-1] Linux kernel vulnerabilities

-----BEGIN PGP SIGNATURE-----

wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmhkeioFAwAAAAAACgkQZ0GeRcM5nt2h
7wf+PFiKYtXvkVsc0lzuLllNJbquhldGiZuVSmxF26y99LPVjD4A8PBSGq4H5lvdzPjvNt0660NM
h9MqcnkhWjyftxyQmU5C49c6XqFBi7F5VcKKyCUsycsurQKVmfyalhhC80WU8pfpb3BOBlhibUEm
+WsxhEDtgHk6VJ3ovLvKEOZJPmAGGWmrGyREs/XSokf3FPcG33Gvr3PHc/FnvacdjVSk3DKcimMi
z0ytfp/11AqPkBCBkKetbdYZ3QoGvxNeD0C1iEUIBmDUZ5A1FLn88xCQ+eJCWG/eCT1fFB9VAJpJ
/41S5hwNFG4wOQY+FvWHVg/cZWPTbjOudaop/keigQ==
=Mfcc
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7609-1
July 01, 2025

linux, linux-aws, linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-gke,
linux-gkeop, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia,
linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle,
linux-oracle-6.8, linux-raspi vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gke: Linux kernel for Google Container Engine (GKE) systems
- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems
- linux-lowlatency: Linux low latency kernel
- linux-nvidia: Linux kernel for NVIDIA systems
- linux-nvidia-lowlatency: Linux low latency kernel for NVIDIA systems
- linux-oem-6.8: Linux kernel for OEM systems
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-raspi: Linux kernel for Raspberry Pi systems
- linux-aws-6.8: Linux kernel for Amazon Web Services (AWS) systems
- linux-gcp-6.8: Linux kernel for Google Cloud Platform (GCP) systems
- linux-lowlatency-hwe-6.8: Linux low latency kernel
- linux-nvidia-6.8: Linux kernel for NVIDIA systems
- linux-oracle-6.8: Linux kernel for Oracle Cloud systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- InfiniBand drivers;
- Netfilter;
- Network traffic control;
(CVE-2025-38001, CVE-2025-37798, CVE-2025-37932, CVE-2025-37997,
CVE-2025-38000, CVE-2025-22088, CVE-2025-37890)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
linux-image-6.8.0-1014-gkeop 6.8.0-1014.16
linux-image-6.8.0-1027-gke 6.8.0-1027.31
linux-image-6.8.0-1028-oracle 6.8.0-1028.29
linux-image-6.8.0-1028-oracle-64k 6.8.0-1028.29
linux-image-6.8.0-1030-nvidia 6.8.0-1030.33
linux-image-6.8.0-1030-nvidia-64k 6.8.0-1030.33
linux-image-6.8.0-1030-nvidia-lowlatency 6.8.0-1030.33.1
linux-image-6.8.0-1030-nvidia-lowlatency-64k 6.8.0-1030.33.1
linux-image-6.8.0-1030-oem 6.8.0-1030.30
linux-image-6.8.0-1030-raspi 6.8.0-1030.34
linux-image-6.8.0-1031-aws 6.8.0-1031.33
linux-image-6.8.0-1031-aws-64k 6.8.0-1031.33
linux-image-6.8.0-1032-gcp 6.8.0-1032.34
linux-image-6.8.0-1032-gcp-64k 6.8.0-1032.34
linux-image-6.8.0-63-generic 6.8.0-63.66
linux-image-6.8.0-63-generic-64k 6.8.0-63.66
linux-image-6.8.0-63-lowlatency 6.8.0-63.66.1
linux-image-6.8.0-63-lowlatency-64k 6.8.0-63.66.1
linux-image-aws 6.8.0-1031.33
linux-image-aws-6.8 6.8.0-1031.33
linux-image-aws-64k 6.8.0-1031.33
linux-image-aws-64k-6.8 6.8.0-1031.33
linux-image-aws-64k-lts-24.04 6.8.0-1031.33
linux-image-aws-lts-24.04 6.8.0-1031.33
linux-image-gcp-6.8 6.8.0-1032.34
linux-image-gcp-64k-6.8 6.8.0-1032.34
linux-image-gcp-64k-lts-24.04 6.8.0-1032.34
linux-image-gcp-lts-24.04 6.8.0-1032.34
linux-image-generic 6.8.0-63.66
linux-image-generic-6.8 6.8.0-63.66
linux-image-generic-64k 6.8.0-63.66
linux-image-generic-64k-6.8 6.8.0-63.66
linux-image-generic-lpae 6.8.0-63.66
linux-image-gke 6.8.0-1027.31
linux-image-gke-6.8 6.8.0-1027.31
linux-image-gkeop 6.8.0-1014.16
linux-image-gkeop-6.8 6.8.0-1014.16
linux-image-kvm 6.8.0-63.66
linux-image-lowlatency 6.8.0-63.66.1
linux-image-lowlatency-6.8 6.8.0-63.66.1
linux-image-lowlatency-64k 6.8.0-63.66.1
linux-image-lowlatency-64k-6.8 6.8.0-63.66.1
linux-image-nvidia 6.8.0-1030.33
linux-image-nvidia-6.8 6.8.0-1030.33
linux-image-nvidia-64k 6.8.0-1030.33
linux-image-nvidia-64k-6.8 6.8.0-1030.33
linux-image-nvidia-lowlatency 6.8.0-1030.33.1
linux-image-nvidia-lowlatency-6.8 6.8.0-1030.33.1
linux-image-nvidia-lowlatency-64k 6.8.0-1030.33.1
linux-image-nvidia-lowlatency-64k-6.8 6.8.0-1030.33.1
linux-image-oem-24.04 6.8.0-1030.30
linux-image-oem-24.04a 6.8.0-1030.30
linux-image-oem-6.8 6.8.0-1030.30
linux-image-oracle 6.8.0-1028.29
linux-image-oracle-6.8 6.8.0-1028.29
linux-image-oracle-64k 6.8.0-1028.29
linux-image-oracle-64k-6.8 6.8.0-1028.29
linux-image-oracle-64k-lts-24.04 6.8.0-1028.29
linux-image-oracle-lts-24.04 6.8.0-1028.29
linux-image-raspi 6.8.0-1030.34
linux-image-virtual 6.8.0-63.66
linux-image-virtual-6.8 6.8.0-63.66

Ubuntu 22.04 LTS
linux-image-6.8.0-1028-oracle 6.8.0-1028.29~22.04.1
linux-image-6.8.0-1028-oracle-64k 6.8.0-1028.29~22.04.1
linux-image-6.8.0-1030-nvidia 6.8.0-1030.33~22.04.1
linux-image-6.8.0-1030-nvidia-64k 6.8.0-1030.33~22.04.1
linux-image-6.8.0-1031-aws 6.8.0-1031.33~22.04.1
linux-image-6.8.0-1031-aws-64k 6.8.0-1031.33~22.04.1
linux-image-6.8.0-1032-gcp 6.8.0-1032.34~22.04.1
linux-image-6.8.0-1032-gcp-64k 6.8.0-1032.34~22.04.1
linux-image-6.8.0-63-lowlatency 6.8.0-63.66.1~22.04.1
linux-image-6.8.0-63-lowlatency-64k 6.8.0-63.66.1~22.04.1
linux-image-aws 6.8.0-1031.33~22.04.1
linux-image-aws-6.8 6.8.0-1031.33~22.04.1
linux-image-aws-64k 6.8.0-1031.33~22.04.1
linux-image-aws-64k-6.8 6.8.0-1031.33~22.04.1
linux-image-gcp 6.8.0-1032.34~22.04.1
linux-image-gcp-6.8 6.8.0-1032.34~22.04.1
linux-image-gcp-64k 6.8.0-1032.34~22.04.1
linux-image-gcp-64k-6.8 6.8.0-1032.34~22.04.1
linux-image-lowlatency-6.8 6.8.0-63.66.1~22.04.1
linux-image-lowlatency-64k-6.8 6.8.0-63.66.1~22.04.1
linux-image-lowlatency-64k-hwe-22.04 6.8.0-63.66.1~22.04.1
linux-image-lowlatency-hwe-22.04 6.8.0-63.66.1~22.04.1
linux-image-nvidia-6.8 6.8.0-1030.33~22.04.1
linux-image-nvidia-64k-6.8 6.8.0-1030.33~22.04.1
linux-image-nvidia-64k-hwe-22.04 6.8.0-1030.33~22.04.1
linux-image-nvidia-hwe-22.04 6.8.0-1030.33~22.04.1
linux-image-oracle 6.8.0-1028.29~22.04.1
linux-image-oracle-6.8 6.8.0-1028.29~22.04.1
linux-image-oracle-64k 6.8.0-1028.29~22.04.1
linux-image-oracle-64k-6.8 6.8.0-1028.29~22.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7609-1
CVE-2025-22088, CVE-2025-37798, CVE-2025-37890, CVE-2025-37932,
CVE-2025-37997, CVE-2025-38000, CVE-2025-38001

Package Information:
https://launchpad.net/ubuntu/+source/linux/6.8.0-63.66
https://launchpad.net/ubuntu/+source/linux-aws/6.8.0-1031.33
https://launchpad.net/ubuntu/+source/linux-gcp/6.8.0-1032.34
https://launchpad.net/ubuntu/+source/linux-gke/6.8.0-1027.31
https://launchpad.net/ubuntu/+source/linux-gkeop/6.8.0-1014.16
https://launchpad.net/ubuntu/+source/linux-lowlatency/6.8.0-63.66.1
https://launchpad.net/ubuntu/+source/linux-nvidia/6.8.0-1030.33
https://launchpad.net/ubuntu/+source/linux-nvidia-lowlatency/6.8.0-1030.33.1
https://launchpad.net/ubuntu/+source/linux-oem-6.8/6.8.0-1030.30
https://launchpad.net/ubuntu/+source/linux-oracle/6.8.0-1028.29
https://launchpad.net/ubuntu/+source/linux-raspi/6.8.0-1030.34
https://launchpad.net/ubuntu/+source/linux-aws-6.8/6.8.0-1031.33~22.04.1
https://launchpad.net/ubuntu/+source/linux-gcp-6.8/6.8.0-1032.34~22.04.1

https://launchpad.net/ubuntu/+source/linux-lowlatency-hwe-6.8/6.8.0-63.66.1~22.04.1
https://launchpad.net/ubuntu/+source/linux-nvidia-6.8/6.8.0-1030.33~22.04.1
https://launchpad.net/ubuntu/+source/linux-oracle-6.8/6.8.0-1028.29~22.04.1
No comments:

[USN-7608-2] Linux kernel (FIPS) vulnerabilities

-----BEGIN PGP SIGNATURE-----

wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmhked4FAwAAAAAACgkQZ0GeRcM5nt1S
BAf+O6DWyFJGcdgl1RLtDUq7+NZ3FIxAi5xL4O7e3GlYIdv+Pth8hewyV0xdI+kfiYxeYo+1/Wwo
4KKATK9wzXxW3dfQzKBW8Il6wowrLuh73q1NuOjkIpB7s8cdtMBNVoJU+IYTBsJcIUjXk8T7dUgB
t6H3naj+/TFxanwKYZWZDHtjRU7a3VHBLtjx/V0eXXEsxrp7vh0kAtPm2/pqeiIjCWvLyCvFlSMf
P6o734SpeWg/l4kLXw/0dXvrZJALaaXmEaHzB/LBDw3WVemc+FhtGDEBLKJ15TvhLEL8mX0CAX3q
cmhTO6RTKJjd0f9eWUtAb/V3yd1vSUMt5jhe5xUmtg==
=RqZw
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7608-2
July 01, 2025

linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-aws-fips: Linux kernel for Amazon Web Services (AWS) systems with FIPS
- linux-fips: Linux kernel with FIPS
- linux-gcp-fips: Linux kernel for Google Cloud Platform (GCP) systems with
FIPS

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2024-46787, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-38001, CVE-2025-37997, CVE-2024-50047,
CVE-2024-53051)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
linux-image-5.15.0-1086-gcp-fips 5.15.0-1086.95+fips1
Available with Ubuntu Pro
linux-image-5.15.0-1087-aws-fips 5.15.0-1087.94+fips1
Available with Ubuntu Pro
linux-image-5.15.0-143-fips 5.15.0-143.153+fips1
Available with Ubuntu Pro
linux-image-aws-fips 5.15.0.1087.83
Available with Ubuntu Pro
linux-image-aws-fips-5.15 5.15.0.1087.83
Available with Ubuntu Pro
linux-image-fips 5.15.0.143.83
Available with Ubuntu Pro
linux-image-fips-5.15 5.15.0.143.83
Available with Ubuntu Pro
linux-image-gcp-fips 5.15.0.1086.76
Available with Ubuntu Pro
linux-image-gcp-fips-5.15 5.15.0.1086.76
Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7608-2
https://ubuntu.com/security/notices/USN-7608-1
CVE-2024-46787, CVE-2024-50047, CVE-2024-53051, CVE-2025-37798,
CVE-2025-37890, CVE-2025-37932, CVE-2025-37997, CVE-2025-38000,
CVE-2025-38001

Package Information:
https://launchpad.net/ubuntu/+source/linux-aws-fips/5.15.0-1087.94+fips1
https://launchpad.net/ubuntu/+source/linux-fips/5.15.0-143.153+fips1
https://launchpad.net/ubuntu/+source/linux-gcp-fips/5.15.0-1086.95+fips1
No comments:

[USN-7608-3] Linux kernel (Real-time) vulnerabilities

-----BEGIN PGP SIGNATURE-----

wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmhkegAFAwAAAAAACgkQZ0GeRcM5nt0V
TAf+MoNlgmEq1Cii3XYsWettQTczYa9zsaBYPcc4aIWZUHuSI62fgi+ekeSal+dvXzStF/ljmdlh
W0J6GXr8aid6Lnyn7Av44HWD+tOqAINtQpClruewBZWojfTKkNuBthmmgTyTttXDGC7qaZVW4m8i
zx0/GUJx06IkhYeBg32Qkhp7a3R38ceTbiltyKc1idtKQM+9AfKfDvXzOyxrUimFegnoNJWwk9sX
QeN1tEmmt0npXSdCVSIhpyhPylUIiREHTC/DC/5u8pSCanNnEOC88NvgbAq+djkZk73ztpg6O9Af
px7gCgFcir2cMEQ91CEf0QJxfyRWqNgClUMjFWtPqA==
=9lM9
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7608-3
July 01, 2025

linux-realtime vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-realtime: Linux kernel for Real-time systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2024-46787, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-38001, CVE-2025-37997, CVE-2024-50047,
CVE-2024-53051)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
linux-image-5.15.0-1087-realtime 5.15.0-1087.96
Available with Ubuntu Pro
linux-image-realtime 5.15.0.1087.91
Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7608-3
https://ubuntu.com/security/notices/USN-7608-2
https://ubuntu.com/security/notices/USN-7608-1
CVE-2024-46787, CVE-2024-50047, CVE-2024-53051, CVE-2025-37798,
CVE-2025-37890, CVE-2025-37932, CVE-2025-37997, CVE-2025-38000,
CVE-2025-38001

Package Information:
https://launchpad.net/ubuntu/+source/linux-realtime/5.15.0-1087.96
No comments:

[USN-7608-1] Linux kernel vulnerabilities

-----BEGIN PGP SIGNATURE-----

wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmhkeawFAwAAAAAACgkQZ0GeRcM5nt1W
1gf/VnMdchsuJ7JZcmybTSQ/c28M1DyboHpVb2oZPkL72pX3gNRW+qvCfarWXWlF0/HMUchAeIFE
Q/ByywbKJsWKt5WcibzNGxudtLiS3UEZ9AOuC4mSro0it0WZDAIH1hQttvYgfETWiKuUSeSpmirS
y/sFKb0k8wwEZ9GBrNyxO5DNX4/CKJLdFRxZQtTcsEYn2Lx6KB39ddKA5GE/N8Dzw3M02P5jLGvs
jNGJc6Wds0Hsmrfdmht0lFQwL/e8xrZq46FcOmyZb4C7U6cR9CfEAbmKRfLEj1vgHnE4IPETeSjJ
U0sthkKzrJOewvwhs5Wu1OaISFpnZqE8aBM5UkXW0w==
=MweX
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7608-1
July 01, 2025

linux, linux-aws, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop,
linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency,
linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15
vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gke: Linux kernel for Google Container Engine (GKE) systems
- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems
- linux-ibm: Linux kernel for IBM cloud systems
- linux-kvm: Linux kernel for cloud environments
- linux-lowlatency: Linux low latency kernel
- linux-nvidia: Linux kernel for NVIDIA systems
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-gcp-5.15: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe-5.15: Linux hardware enablement (HWE) kernel
- linux-lowlatency-hwe-5.15: Linux low latency kernel
- linux-oracle-5.15: Linux kernel for Oracle Cloud systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2024-46787, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-38001, CVE-2025-37997, CVE-2024-50047,
CVE-2024-53051)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
linux-image-5.15.0-1069-gkeop 5.15.0-1069.77
linux-image-5.15.0-1079-ibm 5.15.0-1079.82
linux-image-5.15.0-1081-nvidia 5.15.0-1081.82
linux-image-5.15.0-1081-nvidia-lowlatency 5.15.0-1081.82
linux-image-5.15.0-1083-kvm 5.15.0-1083.88
linux-image-5.15.0-1084-gke 5.15.0-1084.90
linux-image-5.15.0-1084-oracle 5.15.0-1084.90
linux-image-5.15.0-1086-gcp 5.15.0-1086.95
linux-image-5.15.0-1087-aws 5.15.0-1087.94
linux-image-5.15.0-1087-aws-64k 5.15.0-1087.94
linux-image-5.15.0-143-generic 5.15.0-143.153
linux-image-5.15.0-143-generic-64k 5.15.0-143.153
linux-image-5.15.0-143-generic-lpae 5.15.0-143.153
linux-image-5.15.0-143-lowlatency 5.15.0-143.153
linux-image-5.15.0-143-lowlatency-64k 5.15.0-143.153
linux-image-aws-5.15 5.15.0.1087.90
linux-image-aws-64k-5.15 5.15.0.1087.90
linux-image-aws-64k-lts-22.04 5.15.0.1087.90
linux-image-aws-lts-22.04 5.15.0.1087.90
linux-image-gcp-5.15 5.15.0.1086.82
linux-image-gcp-lts-22.04 5.15.0.1086.82
linux-image-generic 5.15.0.143.138
linux-image-generic-5.15 5.15.0.143.138
linux-image-generic-64k 5.15.0.143.138
linux-image-generic-64k-5.15 5.15.0.143.138
linux-image-generic-lpae 5.15.0.143.138
linux-image-generic-lpae-5.15 5.15.0.143.138
linux-image-gke 5.15.0.1084.83
linux-image-gke-5.15 5.15.0.1084.83
linux-image-gkeop 5.15.0.1069.68
linux-image-gkeop-5.15 5.15.0.1069.68
linux-image-ibm 5.15.0.1079.75
linux-image-kvm 5.15.0.1083.79
linux-image-kvm-5.15 5.15.0.1083.79
linux-image-lowlatency 5.15.0.143.129
linux-image-lowlatency-5.15 5.15.0.143.129
linux-image-lowlatency-64k 5.15.0.143.129
linux-image-lowlatency-64k-5.15 5.15.0.143.129
linux-image-nvidia 5.15.0.1081.81
linux-image-nvidia-5.15 5.15.0.1081.81
linux-image-nvidia-lowlatency 5.15.0.1081.81
linux-image-nvidia-lowlatency-5.15 5.15.0.1081.81
linux-image-oracle-5.15 5.15.0.1084.80
linux-image-oracle-lts-22.04 5.15.0.1084.80
linux-image-virtual 5.15.0.143.138
linux-image-virtual-5.15 5.15.0.143.138

Ubuntu 20.04 LTS
linux-image-5.15.0-1084-oracle 5.15.0-1084.90~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-1086-gcp 5.15.0-1086.95~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-143-generic 5.15.0-143.153~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-143-generic-64k 5.15.0-143.153~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-143-generic-lpae 5.15.0-143.153~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-143-lowlatency 5.15.0-143.153~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-143-lowlatency-64k 5.15.0-143.153~20.04.1
Available with Ubuntu Pro
linux-image-gcp 5.15.0.1086.95~20.04.1
Available with Ubuntu Pro
linux-image-gcp-5.15 5.15.0.1086.95~20.04.1
Available with Ubuntu Pro
linux-image-generic-5.15 5.15.0.143.153~20.04.1
Available with Ubuntu Pro
linux-image-generic-64k-5.15 5.15.0.143.153~20.04.1
Available with Ubuntu Pro
linux-image-generic-64k-hwe-20.04 5.15.0.143.153~20.04.1
Available with Ubuntu Pro
linux-image-generic-hwe-20.04 5.15.0.143.153~20.04.1
Available with Ubuntu Pro
linux-image-generic-lpae-5.15 5.15.0.143.153~20.04.1
Available with Ubuntu Pro
linux-image-generic-lpae-hwe-20.04 5.15.0.143.153~20.04.1
Available with Ubuntu Pro
linux-image-lowlatency-5.15 5.15.0.143.153~20.04.1
Available with Ubuntu Pro
linux-image-lowlatency-64k-5.15 5.15.0.143.153~20.04.1
Available with Ubuntu Pro
linux-image-lowlatency-64k-hwe-20.04 5.15.0.143.153~20.04.1
Available with Ubuntu Pro
linux-image-lowlatency-hwe-20.04 5.15.0.143.153~20.04.1
Available with Ubuntu Pro
linux-image-oem-20.04 5.15.0.143.153~20.04.1
Available with Ubuntu Pro
linux-image-oem-20.04b 5.15.0.143.153~20.04.1
Available with Ubuntu Pro
linux-image-oem-20.04c 5.15.0.143.153~20.04.1
Available with Ubuntu Pro
linux-image-oem-20.04d 5.15.0.143.153~20.04.1
Available with Ubuntu Pro
linux-image-oracle 5.15.0.1084.90~20.04.1
Available with Ubuntu Pro
linux-image-oracle-5.15 5.15.0.1084.90~20.04.1
Available with Ubuntu Pro
linux-image-virtual-5.15 5.15.0.143.153~20.04.1
Available with Ubuntu Pro
linux-image-virtual-hwe-20.04 5.15.0.143.153~20.04.1
Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7608-1
CVE-2024-46787, CVE-2024-50047, CVE-2024-53051, CVE-2025-37798,
CVE-2025-37890, CVE-2025-37932, CVE-2025-37997, CVE-2025-38000,
CVE-2025-38001

Package Information:
https://launchpad.net/ubuntu/+source/linux/5.15.0-143.153
https://launchpad.net/ubuntu/+source/linux-aws/5.15.0-1087.94
https://launchpad.net/ubuntu/+source/linux-gcp/5.15.0-1086.95
https://launchpad.net/ubuntu/+source/linux-gke/5.15.0-1084.90
https://launchpad.net/ubuntu/+source/linux-gkeop/5.15.0-1069.77
https://launchpad.net/ubuntu/+source/linux-ibm/5.15.0-1079.82
https://launchpad.net/ubuntu/+source/linux-kvm/5.15.0-1083.88
https://launchpad.net/ubuntu/+source/linux-lowlatency/5.15.0-143.153
https://launchpad.net/ubuntu/+source/linux-nvidia/5.15.0-1081.82
https://launchpad.net/ubuntu/+source/linux-oracle/5.15.0-1084.90
No comments:

[USN-7607-2] Linux kernel (FIPS) vulnerabilities

-----BEGIN PGP SIGNATURE-----

wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmhkeZUFAwAAAAAACgkQZ0GeRcM5nt3a
Rgf+MnTa/ahZjbrllHg3m/OzPVi0T+gMV34CYikBs6NiyqPhVOS4wyhyUfjU3BETPHThE53JKgfB
WEXk5k4IpC6/7iORdtEK3dstKBebe3kr/vCvbZTbTd9IKFtr+QX8gXFgCru4XsKZWSqqOra73WOp
1+UcJTx32H0Lji9ioysCAGN/OyWYPomRMVwwb1x876Mqk8Tb4meUcLXngGU0wghnEi641pswh7g9
pnOF/2I1e3TvgIyo1ckBHiiIdyDYI+9dEC5JYR/p8CKkLWAHIrv7y4HfSgpSHimx+hUkexAFu7ZU
urwY3kmwx6sLyMGGbkDmPnlJcefcn2DSDjB40VWS9Q==
=UgPf
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7607-2
July 01, 2025

linux-fips vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-fips: Linux kernel with FIPS

Details:

It was discovered that a use-after-free vulnerability existed in the
Bluetooth stack in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3640)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SCSI subsystem;
- Network file system (NFS) client;
- NILFS2 file system;
- File systems infrastructure;
- Memory management;
- Bluetooth subsystem;
- Network traffic control;
- USB sound devices;
(CVE-2024-50116, CVE-2021-47576, CVE-2024-53197, CVE-2024-46787,
CVE-2025-37798, CVE-2024-49958, CVE-2021-47260, CVE-2025-37932,
CVE-2022-49909)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS
linux-image-4.4.0-1115-fips 4.4.0-1115.122
Available with Ubuntu Pro
linux-image-fips 4.4.0.1115.116
Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7607-2
https://ubuntu.com/security/notices/USN-7607-1
CVE-2021-47260, CVE-2021-47576, CVE-2022-3640, CVE-2022-49909,
CVE-2024-46787, CVE-2024-49958, CVE-2024-50116, CVE-2024-53197,
CVE-2025-37798, CVE-2025-37932

Package Information:
https://launchpad.net/ubuntu/+source/linux-fips/4.4.0-1115.122
No comments:

[USN-7607-1] Linux kernel vulnerabilities

-----BEGIN PGP SIGNATURE-----

wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmhkeSIFAwAAAAAACgkQZ0GeRcM5nt1Z
JwgApD/1X8/7pE07pjnfGpp6yvUYhTEj9hInLjua/TD1NyUQQSBSHLz+XAY78vfKYIIrsP6N5+A8
PqcCfs5fc3UDb8fp7dg0gMZKBcV96bXqCgxkuK6jt4ZfGHb7HAaSaKbz1lZUMfj72p+IzzqGaAr9
JrBiFk371RLnorPjBgw0XBuYS3XutbMISzqSjkEv3HAUWWaN+nH6hjSH6OnWmOcP673L7/1XXcq4
pkKW99hMYqrTt5Gt+7qyulEHKcjrc8WcKo0Op/YerZemJdRYcrnaGCUai+CeNapLX9CLcS0YEVtC
gaY+J4/7dKLu8UjkCPGl/PzDuX6mqOcPtdL5m+hwZQ==
=uncX
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7607-1
July 01, 2025

linux, linux-aws, linux-lts-xenial vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty

Details:

It was discovered that a use-after-free vulnerability existed in the
Bluetooth stack in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3640)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SCSI subsystem;
- Network file system (NFS) client;
- NILFS2 file system;
- File systems infrastructure;
- Memory management;
- Bluetooth subsystem;
- Network traffic control;
- USB sound devices;
(CVE-2024-50116, CVE-2021-47576, CVE-2024-53197, CVE-2024-46787,
CVE-2025-37798, CVE-2024-49958, CVE-2021-47260, CVE-2025-37932,
CVE-2022-49909)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS
linux-image-4.4.0-1183-aws 4.4.0-1183.198
Available with Ubuntu Pro
linux-image-4.4.0-270-generic 4.4.0-270.304
Available with Ubuntu Pro
linux-image-4.4.0-270-lowlatency 4.4.0-270.304
Available with Ubuntu Pro
linux-image-aws 4.4.0.1183.187
Available with Ubuntu Pro
linux-image-generic 4.4.0.270.276
Available with Ubuntu Pro
linux-image-generic-lts-xenial 4.4.0.270.276
Available with Ubuntu Pro
linux-image-lowlatency 4.4.0.270.276
Available with Ubuntu Pro
linux-image-lowlatency-lts-xenial 4.4.0.270.276
Available with Ubuntu Pro
linux-image-virtual 4.4.0.270.276
Available with Ubuntu Pro
linux-image-virtual-lts-xenial 4.4.0.270.276
Available with Ubuntu Pro

Ubuntu 14.04 LTS
linux-image-4.4.0-1145-aws 4.4.0-1145.151
Available with Ubuntu Pro
linux-image-4.4.0-270-generic 4.4.0-270.304~14.04.1
Available with Ubuntu Pro
linux-image-4.4.0-270-lowlatency 4.4.0-270.304~14.04.1
Available with Ubuntu Pro
linux-image-aws 4.4.0.1145.142
Available with Ubuntu Pro
linux-image-generic-lts-xenial 4.4.0.270.304~14.04.1
Available with Ubuntu Pro
linux-image-lowlatency-lts-xenial 4.4.0.270.304~14.04.1
Available with Ubuntu Pro
linux-image-virtual-lts-xenial 4.4.0.270.304~14.04.1
Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7607-1
CVE-2021-47260, CVE-2021-47576, CVE-2022-3640, CVE-2022-49909,
CVE-2024-46787, CVE-2024-49958, CVE-2024-50116, CVE-2024-53197,
CVE-2025-37798, CVE-2025-37932
No comments:

[USN-7603-1] Composer vulnerabilities

==========================================================================
Ubuntu Security Notice USN-7603-1
June 30, 2025

composer vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in Composer.

Software Description:
- composer: Dependency Manager for PHP

Details:

Thomas Chauchefoin discovered that Composer did not correctly handle
certain arguments. An attacker could possibly use this issue to execute
arbitrary code. This issue only affected Ubuntu 16.04 LTS,
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
(CVE-2022-24828, CVE-2023-43655)

Ed Cradock discovered that Composer did not correctly handle the exclusion
of certain files. An attacker could possibly use this issue to execute
arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2024-24821)

Martin Haunschmid discovered that Composer did not correctly handle git
branch names. An attacker could possibly use this issue to execute
arbitrary code. (CVE-2024-35241)

Maciej Piechota discovered that Composer did not correctly handle VCS
branch names. An attacker could possibly use this issue to execute
arbitrary code. (CVE-2024-35242)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
composer 2.7.1-2ubuntu0.1~esm1
Available with Ubuntu Pro

Ubuntu 22.04 LTS
composer 2.2.6-2ubuntu4+esm1
Available with Ubuntu Pro

Ubuntu 20.04 LTS
composer 1.10.1-1ubuntu0.1~esm2
Available with Ubuntu Pro

Ubuntu 18.04 LTS
composer 1.6.3-1ubuntu0.1~esm2
Available with Ubuntu Pro

Ubuntu 16.04 LTS
composer 1.0.0~beta2-1ubuntu0.1~esm2
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7603-1
CVE-2022-24828, CVE-2023-43655, CVE-2024-24821, CVE-2024-35241,
CVE-2024-35242
No comments:

FreeBSD 13.4 end-of-life

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Dear FreeBSD community,

As of July 1st, 2025, FreeBSD 13.4 has reached end-of-life (EoL) and will no
longer be supported by the FreeBSD Security Team. Users of FreeBSD 13.4 are
strongly encouraged to upgrade to a newer release as soon as possible.

The currently supported branches and releases and their expected end-of-life
dates are:

+--------------------------------------------------------------------------+
| Branch | Release | Release Date | Expected EoL |
+-------------+--------------+--------------------+------------------------+
| stable/14 | N/A | N/A | November 30, 2028 |
+-------------+--------------+--------------------+------------------------+
| releng/14.3 | 14.3-RELEASE | June 10, 2025 | June 30, 2026 |
+-------------+--------------+--------------------+------------------------+
| releng/14.2 | 14.2-RELEASE | December 3, 2024 | September 30, 2025 |
+-------------+--------------+--------------------+------------------------+
| stable/13 | N/A | N/A | April 30, 2026 |
+-------------+--------------+--------------------+------------------------+
| releng/13.5 | 13.5-RELEASE | March 11, 2025 | April 30, 2026 |
+--------------------------------------------------------------------------+

Please refer to https://security.freebsd.org/ for an up-to-date list of
supported releases and the latest security advisories.

- --
The FreeBSD Security Team
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEthUnfoEIffdcgYM7bljekB8AGu8FAmhkFIMACgkQbljekB8A
Gu/KTw/8Cca6EwiMCfSf+heU9yGr4NgSp4I8CRsbUt2c2o7SU6vXKsrNllQLbVEW
eLA6TwikWnRYh2M+psbAlj+6gnmiJ57DDC2eTABuzmTxahtWvPXINUbToqzNtKFa
sKFQt4ZM0g4VwoO9VRBGMU1Y3A+wuZb9FUdOjc53Xrqujz5/rIiBgQBevhV+1hjy
gdATJza3quJzJsrJlv1vfcUwN2TlFZaCbC7GZSSOZAO6zOLIBRsSjkCCgUsL8N6y
uk9LKskVsR74vkaUY83CXGQDbhWc21BaWLIwdG1n6reMK5H/vYmep1T/0gt8xTum
ZwfkG4bui74S5hAk/LF6dSGwPyXZlpdj83nzojoQdzO7kkGcO6pL1oaVrh8xAE5w
hElpy1QlGRqkzQY5togcWGkbzsKATSztlf2cCI7WoepKXzW7oHxf4mK7o9P7f7a/
IJuCgz3Vp20xDvHRAC8Qao21mKbPauSUczOiBrBmGH2xJVIx8d0U5hvyKpaTkmqZ
mM7yXr+6hOfhVHf3KLNSx23TfSVN3auR71QrFXA8eWKFMMtO2fNrnbmpgNL87zz8
Hvgk8PLN28Af4Sr7TCv0Ekd65lbrdbK8Q7lDd/74CFPwlqsgbFlvPsQcSbmbe3QD
yBBBf8PuFQSlnJI1GqESKnr8g5auTUy3LpU3szZPFuFymZUvTRY=
=Ynyc
-----END PGP SIGNATURE-----
No comments:
Subscribe to: Posts (Atom)