The dovecot 2.4 release branch has made breaking changes which result
in it being incompatible with any <= 2.3 configuration file.
Thus, the dovecot service will no longer be able to start until the
configuration file was migrated, requiring manual intervention.
For guidance on the 2.3-to-2.4 migration, please refer to the
following upstream documentation:
[Upgrading Dovecot CE from 2.3 to 2.4](https://doc.dovecot.org/latest/installation/upgrade/2.3-to-2.4.html)
Furthermore, the dovecot 2.4 branch no longer supports their
replication feature, it was removed.
For users relying on the replication feature or who are unable to
perform the 2.4 migration right now, we provide alternative packages
available in [extra]:
- dovecot23
- pigeonhole23
- dovecot23-fts-elastic
- dovecot23-fts-xapian
The dovecot 2.3 release branch is going to [receive critical security
fixes](https://dovecot.org/mailman3/archives/list/dovecot@dovecot.org/thread/3P45L76DOC3NKUNSSPIXQNKINGOCYH5K/)
from upstream until stated otherwise.
URL: https://archlinux.org/news/dovecot-24-requires-manual-intervention/
Friday, October 31, 2025
[USN-7835-4] Linux kernel (HWE) vulnerabilities
-----BEGIN PGP SIGNATURE-----
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmkE9UIFAwAAAAAACgkQZ0GeRcM5nt20
YwgAnqe94315J5UzDvRiBUeiJtb0KVdCxMIUNRzvSJoZkFJ/fwoNUb8abhAmaA5upk7RGc6RVVVp
aCjmQ7hJcVyo/ClOcWomqoQiqtEMoFXzZMduXcQDH2WSssXtFvTmxskzsyeHRC1saZjepKdXB+m4
/n/85NihQWFX1IgJujLuLmfxZiZOxWxfcqkcfAcRtDJqOFgZo/biS5IMxlr/RAi2kWofHfWOxn18
1qp5H0QzZMmBtjmFppoCZfDagPLp3+JyyqQPM+CEg4nQpb0zq5lrVSPcem3DzpMVfFIXNrfwfSRr
la9EIJPjrkhfnadTlHsPWkNCxHIMC+SdtsSicXyL3g==
=U6JO
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7835-4
October 31, 2025
linux-hwe-6.8 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-hwe-6.8: Linux hardware enablement (HWE) kernel
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Ublk userspace block driver;
- Clock framework and drivers;
- GPU drivers;
- IIO subsystem;
- InfiniBand drivers;
- Media drivers;
- MemoryStick subsystem;
- Network drivers;
- NTB driver;
- PCI subsystem;
- Remote Processor subsystem;
- Thermal drivers;
- Virtio Host (VHOST) subsystem;
- 9P distributed file system;
- File systems infrastructure;
- JFS file system;
- Network file system (NFS) server daemon;
- NTFS3 file system;
- SMB network file system;
- Memory management;
- RDMA verbs API;
- Kernel fork() syscall;
- Tracing infrastructure;
- Watch queue notification mechanism;
- Asynchronous Transfer Mode (ATM) subsystem;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- Netfilter;
- Network traffic control;
- SCTP protocol;
- TLS protocol;
- SoC Audio for Freescale CPUs drivers;
(CVE-2025-39728, CVE-2025-23136, CVE-2025-22062, CVE-2025-22035,
CVE-2025-22020, CVE-2025-22083, CVE-2025-22071, CVE-2025-22060,
CVE-2025-22073, CVE-2025-22044, CVE-2025-22063, CVE-2025-22079,
CVE-2025-22057, CVE-2025-22095, CVE-2025-39735, CVE-2025-39682,
CVE-2025-22058, CVE-2025-22021, CVE-2025-22018, CVE-2025-22056,
CVE-2025-22054, CVE-2025-22080, CVE-2025-22039, CVE-2025-22019,
CVE-2025-22038, CVE-2025-22028, CVE-2023-53034, CVE-2024-58092,
CVE-2025-38637, CVE-2025-22089, CVE-2025-40114, CVE-2025-22068,
CVE-2025-37937, CVE-2025-22070, CVE-2025-22072, CVE-2025-22086,
CVE-2025-22050, CVE-2025-22040, CVE-2025-22065, CVE-2025-38575,
CVE-2025-22064, CVE-2025-22033, CVE-2025-22041, CVE-2025-22090,
CVE-2025-22036, CVE-2025-23138, CVE-2025-22047, CVE-2025-38240,
CVE-2025-22066, CVE-2025-22042, CVE-2025-38152, CVE-2025-22055,
CVE-2025-22081, CVE-2025-22045, CVE-2025-22053, CVE-2025-22075,
CVE-2025-22027, CVE-2025-22025, CVE-2025-22097)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
linux-image-6.8.0-86-generic 6.8.0-86.87~22.04.1
linux-image-6.8.0-86-generic-64k 6.8.0-86.87~22.04.1
linux-image-generic-6.8 6.8.0-86.87~22.04.1
linux-image-generic-64k-6.8 6.8.0-86.87~22.04.1
linux-image-generic-64k-hwe-22.04 6.8.0-86.87~22.04.1
linux-image-generic-hwe-22.04 6.8.0-86.87~22.04.1
linux-image-oem-22.04 6.8.0-86.87~22.04.1
linux-image-oem-22.04a 6.8.0-86.87~22.04.1
linux-image-oem-22.04b 6.8.0-86.87~22.04.1
linux-image-oem-22.04c 6.8.0-86.87~22.04.1
linux-image-oem-22.04d 6.8.0-86.87~22.04.1
linux-image-virtual-6.8 6.8.0-86.87~22.04.1
linux-image-virtual-hwe-22.04 6.8.0-86.87~22.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7835-4
https://ubuntu.com/security/notices/USN-7835-3
https://ubuntu.com/security/notices/USN-7835-2
https://ubuntu.com/security/notices/USN-7835-1
CVE-2023-53034, CVE-2024-58092, CVE-2025-22018, CVE-2025-22019,
CVE-2025-22020, CVE-2025-22021, CVE-2025-22025, CVE-2025-22027,
CVE-2025-22028, CVE-2025-22033, CVE-2025-22035, CVE-2025-22036,
CVE-2025-22038, CVE-2025-22039, CVE-2025-22040, CVE-2025-22041,
CVE-2025-22042, CVE-2025-22044, CVE-2025-22045, CVE-2025-22047,
CVE-2025-22050, CVE-2025-22053, CVE-2025-22054, CVE-2025-22055,
CVE-2025-22056, CVE-2025-22057, CVE-2025-22058, CVE-2025-22060,
CVE-2025-22062, CVE-2025-22063, CVE-2025-22064, CVE-2025-22065,
CVE-2025-22066, CVE-2025-22068, CVE-2025-22070, CVE-2025-22071,
CVE-2025-22072, CVE-2025-22073, CVE-2025-22075, CVE-2025-22079,
CVE-2025-22080, CVE-2025-22081, CVE-2025-22083, CVE-2025-22086,
CVE-2025-22089, CVE-2025-22090, CVE-2025-22095, CVE-2025-22097,
CVE-2025-23136, CVE-2025-23138, CVE-2025-37937, CVE-2025-38152,
CVE-2025-38240, CVE-2025-38575, CVE-2025-38637, CVE-2025-39682,
CVE-2025-39728, CVE-2025-39735, CVE-2025-40114
Package Information:
https://launchpad.net/ubuntu/+source/linux-hwe-6.8/6.8.0-86.87~22.04.1
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmkE9UIFAwAAAAAACgkQZ0GeRcM5nt20
YwgAnqe94315J5UzDvRiBUeiJtb0KVdCxMIUNRzvSJoZkFJ/fwoNUb8abhAmaA5upk7RGc6RVVVp
aCjmQ7hJcVyo/ClOcWomqoQiqtEMoFXzZMduXcQDH2WSssXtFvTmxskzsyeHRC1saZjepKdXB+m4
/n/85NihQWFX1IgJujLuLmfxZiZOxWxfcqkcfAcRtDJqOFgZo/biS5IMxlr/RAi2kWofHfWOxn18
1qp5H0QzZMmBtjmFppoCZfDagPLp3+JyyqQPM+CEg4nQpb0zq5lrVSPcem3DzpMVfFIXNrfwfSRr
la9EIJPjrkhfnadTlHsPWkNCxHIMC+SdtsSicXyL3g==
=U6JO
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7835-4
October 31, 2025
linux-hwe-6.8 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-hwe-6.8: Linux hardware enablement (HWE) kernel
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Ublk userspace block driver;
- Clock framework and drivers;
- GPU drivers;
- IIO subsystem;
- InfiniBand drivers;
- Media drivers;
- MemoryStick subsystem;
- Network drivers;
- NTB driver;
- PCI subsystem;
- Remote Processor subsystem;
- Thermal drivers;
- Virtio Host (VHOST) subsystem;
- 9P distributed file system;
- File systems infrastructure;
- JFS file system;
- Network file system (NFS) server daemon;
- NTFS3 file system;
- SMB network file system;
- Memory management;
- RDMA verbs API;
- Kernel fork() syscall;
- Tracing infrastructure;
- Watch queue notification mechanism;
- Asynchronous Transfer Mode (ATM) subsystem;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- Netfilter;
- Network traffic control;
- SCTP protocol;
- TLS protocol;
- SoC Audio for Freescale CPUs drivers;
(CVE-2025-39728, CVE-2025-23136, CVE-2025-22062, CVE-2025-22035,
CVE-2025-22020, CVE-2025-22083, CVE-2025-22071, CVE-2025-22060,
CVE-2025-22073, CVE-2025-22044, CVE-2025-22063, CVE-2025-22079,
CVE-2025-22057, CVE-2025-22095, CVE-2025-39735, CVE-2025-39682,
CVE-2025-22058, CVE-2025-22021, CVE-2025-22018, CVE-2025-22056,
CVE-2025-22054, CVE-2025-22080, CVE-2025-22039, CVE-2025-22019,
CVE-2025-22038, CVE-2025-22028, CVE-2023-53034, CVE-2024-58092,
CVE-2025-38637, CVE-2025-22089, CVE-2025-40114, CVE-2025-22068,
CVE-2025-37937, CVE-2025-22070, CVE-2025-22072, CVE-2025-22086,
CVE-2025-22050, CVE-2025-22040, CVE-2025-22065, CVE-2025-38575,
CVE-2025-22064, CVE-2025-22033, CVE-2025-22041, CVE-2025-22090,
CVE-2025-22036, CVE-2025-23138, CVE-2025-22047, CVE-2025-38240,
CVE-2025-22066, CVE-2025-22042, CVE-2025-38152, CVE-2025-22055,
CVE-2025-22081, CVE-2025-22045, CVE-2025-22053, CVE-2025-22075,
CVE-2025-22027, CVE-2025-22025, CVE-2025-22097)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
linux-image-6.8.0-86-generic 6.8.0-86.87~22.04.1
linux-image-6.8.0-86-generic-64k 6.8.0-86.87~22.04.1
linux-image-generic-6.8 6.8.0-86.87~22.04.1
linux-image-generic-64k-6.8 6.8.0-86.87~22.04.1
linux-image-generic-64k-hwe-22.04 6.8.0-86.87~22.04.1
linux-image-generic-hwe-22.04 6.8.0-86.87~22.04.1
linux-image-oem-22.04 6.8.0-86.87~22.04.1
linux-image-oem-22.04a 6.8.0-86.87~22.04.1
linux-image-oem-22.04b 6.8.0-86.87~22.04.1
linux-image-oem-22.04c 6.8.0-86.87~22.04.1
linux-image-oem-22.04d 6.8.0-86.87~22.04.1
linux-image-virtual-6.8 6.8.0-86.87~22.04.1
linux-image-virtual-hwe-22.04 6.8.0-86.87~22.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7835-4
https://ubuntu.com/security/notices/USN-7835-3
https://ubuntu.com/security/notices/USN-7835-2
https://ubuntu.com/security/notices/USN-7835-1
CVE-2023-53034, CVE-2024-58092, CVE-2025-22018, CVE-2025-22019,
CVE-2025-22020, CVE-2025-22021, CVE-2025-22025, CVE-2025-22027,
CVE-2025-22028, CVE-2025-22033, CVE-2025-22035, CVE-2025-22036,
CVE-2025-22038, CVE-2025-22039, CVE-2025-22040, CVE-2025-22041,
CVE-2025-22042, CVE-2025-22044, CVE-2025-22045, CVE-2025-22047,
CVE-2025-22050, CVE-2025-22053, CVE-2025-22054, CVE-2025-22055,
CVE-2025-22056, CVE-2025-22057, CVE-2025-22058, CVE-2025-22060,
CVE-2025-22062, CVE-2025-22063, CVE-2025-22064, CVE-2025-22065,
CVE-2025-22066, CVE-2025-22068, CVE-2025-22070, CVE-2025-22071,
CVE-2025-22072, CVE-2025-22073, CVE-2025-22075, CVE-2025-22079,
CVE-2025-22080, CVE-2025-22081, CVE-2025-22083, CVE-2025-22086,
CVE-2025-22089, CVE-2025-22090, CVE-2025-22095, CVE-2025-22097,
CVE-2025-23136, CVE-2025-23138, CVE-2025-37937, CVE-2025-38152,
CVE-2025-38240, CVE-2025-38575, CVE-2025-38637, CVE-2025-39682,
CVE-2025-39728, CVE-2025-39735, CVE-2025-40114
Package Information:
https://launchpad.net/ubuntu/+source/linux-hwe-6.8/6.8.0-86.87~22.04.1
[USN-7833-4] Linux kernel (GCP) vulnerabilities
-----BEGIN PGP SIGNATURE-----
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmkEy5kFAwAAAAAACgkQZ0GeRcM5nt1I
+Af/Tn1pdLsjCYxdxFQ9uRvSnO7pfZWLN9rzaPzo+HMIp26z5sWjEEhD63GsZd/aJDSxO0kJgNin
EYcmAZUq1olzDWuIOfrxN1g5xgC/6CGeFvCXd8zbcc4Dti+fqqLbkoRLq5+38x3O4JW80BIpU/z4
5WQcAw3AIiYPZThjMylu3hoFJU6HYAQ9NYiy/Qj1BTG59df8b1EzY/gMUA2kFFLUUHVTb3yawSa6
ym321Xw8+zLCFGuGbFJFhho+l8XFs2mYMAgQGULzFC+yxDH38CWeUx4Sq2Mmy25LdBxffYVx6qsV
ImpuD+2ngAroARHNE8+LvmWrbGrgbPwqJQIf+uPPxw==
=3M/a
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7833-4
October 31, 2025
linux-gcp-6.14 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-gcp-6.14: Linux kernel for Google Cloud Platform (GCP) systems
Details:
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Ublk userspace block driver;
- Bus devices;
- DMA engine subsystem;
- Arm Firmware Framework for ARMv8-A(FFA);
- Cirrus firmware drivers;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- I2C subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- TI TPS6594 PFSM driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- NVME drivers;
- x86 platform drivers;
- RapidIO drivers;
- Voltage and Current Regulator drivers;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI subsystem;
- TCM subsystem;
- Trusted Execution Environment drivers;
- TTY drivers;
- ChipIdea USB driver;
- USB Type-C support driver;
- Framebuffer layer;
- TSM Common Guest driver;
- File systems infrastructure;
- BTRFS file system;
- Ceph distributed file system;
- Ext4 file system;
- F2FS file system;
- JFFS2 file system;
- JFS file system;
- Network file systems library;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- SMB network file system;
- Memory Management;
- Bluetooth subsystem;
- Tracing infrastructure;
- io_uring subsystem;
- IPC subsystem;
- BPF subsystem;
- Perf events;
- Kernel exit() syscall;
- IRQ subsystem;
- Scheduler infrastructure;
- Maple Tree data structure library;
- Memory management;
- Asynchronous Transfer Mode (ATM) subsystem;
- Ethernet bridge;
- Networking core;
- IPv6 networking;
- MultiProtocol Label Switching driver;
- Netfilter;
- NFC subsystem;
- Rose network layer;
- Network traffic control;
- Sun RPC protocol;
- TIPC protocol;
- TLS protocol;
- Unix domain sockets;
- VMware vSockets driver;
- WCD audio codecs;
- USB sound devices;
(CVE-2025-38339, CVE-2025-38391, CVE-2025-38262, CVE-2025-38345,
CVE-2025-38387, CVE-2025-38373, CVE-2025-38395, CVE-2025-38330,
CVE-2025-38425, CVE-2025-38210, CVE-2025-38206, CVE-2025-38219,
CVE-2025-38245, CVE-2025-38253, CVE-2025-38401, CVE-2025-38410,
CVE-2025-38086, CVE-2025-38340, CVE-2025-38368, CVE-2025-38385,
CVE-2025-38384, CVE-2025-38326, CVE-2025-38224, CVE-2025-38338,
CVE-2025-38191, CVE-2025-39682, CVE-2025-38343, CVE-2025-38090,
CVE-2025-38228, CVE-2025-38182, CVE-2025-38231, CVE-2025-38183,
CVE-2025-38184, CVE-2025-38237, CVE-2025-38413, CVE-2025-38356,
CVE-2025-38246, CVE-2025-38202, CVE-2025-38248, CVE-2025-38254,
CVE-2025-38426, CVE-2025-38429, CVE-2025-38364, CVE-2025-38388,
CVE-2025-38435, CVE-2025-38403, CVE-2025-38186, CVE-2025-38199,
CVE-2025-38402, CVE-2025-38181, CVE-2025-38264, CVE-2025-38362,
CVE-2025-38341, CVE-2025-38422, CVE-2025-38331, CVE-2025-38423,
CVE-2025-38233, CVE-2025-38337, CVE-2025-38328, CVE-2025-38196,
CVE-2025-38412, CVE-2025-38205, CVE-2025-38242, CVE-2025-38324,
CVE-2025-38354, CVE-2025-38347, CVE-2025-38217, CVE-2025-38393,
CVE-2025-38392, CVE-2025-38390, CVE-2025-38321, CVE-2025-38541,
CVE-2025-38363, CVE-2025-38203, CVE-2025-38250, CVE-2025-38418,
CVE-2025-38336, CVE-2025-38333, CVE-2025-38194, CVE-2025-38372,
CVE-2025-38348, CVE-2025-38370, CVE-2025-38411, CVE-2025-38188,
CVE-2025-38365, CVE-2025-38241, CVE-2025-38201, CVE-2025-38259,
CVE-2025-38355, CVE-2025-38227, CVE-2025-38225, CVE-2025-38405,
CVE-2025-38329, CVE-2025-38232, CVE-2025-38344, CVE-2025-38238,
CVE-2025-38239, CVE-2025-38260, CVE-2025-38257, CVE-2025-38399,
CVE-2025-38419, CVE-2025-38430, CVE-2025-38251, CVE-2025-38332,
CVE-2025-38220, CVE-2025-38417, CVE-2025-38396, CVE-2025-38234,
CVE-2025-38434, CVE-2025-38197, CVE-2025-38436, CVE-2025-38408,
CVE-2025-38204, CVE-2025-38222, CVE-2025-38361, CVE-2025-38218,
CVE-2025-38212, CVE-2025-38198, CVE-2025-38255, CVE-2025-38389,
CVE-2025-38085, CVE-2025-38244, CVE-2025-38089, CVE-2025-38428,
CVE-2025-38369, CVE-2025-38189, CVE-2025-38084, CVE-2025-38400,
CVE-2025-38382, CVE-2025-38223, CVE-2025-38325, CVE-2025-38263,
CVE-2025-38249, CVE-2025-38346, CVE-2025-38320, CVE-2025-38409,
CVE-2025-38374, CVE-2025-38208, CVE-2025-38256, CVE-2025-38371,
CVE-2025-38192, CVE-2025-38406, CVE-2025-38360, CVE-2025-38258,
CVE-2025-38226, CVE-2025-38376, CVE-2025-38375, CVE-2025-38200,
CVE-2025-38523, CVE-2025-38334, CVE-2025-38236, CVE-2025-38386,
CVE-2025-38421, CVE-2025-38087, CVE-2025-38416, CVE-2025-38179,
CVE-2025-38420, CVE-2025-38424, CVE-2025-38377, CVE-2025-38359,
CVE-2025-38342, CVE-2025-38431, CVE-2025-38407, CVE-2025-38427,
CVE-2025-38229, CVE-2025-38353, CVE-2025-38383, CVE-2025-38211,
CVE-2025-38322, CVE-2025-38381, CVE-2025-38261)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
linux-image-6.14.0-1018-gcp 6.14.0-1018.19~24.04.1
linux-image-6.14.0-1018-gcp-64k 6.14.0-1018.19~24.04.1
linux-image-gcp 6.14.0-1018.19~24.04.1
linux-image-gcp-6.14 6.14.0-1018.19~24.04.1
linux-image-gcp-64k 6.14.0-1018.19~24.04.1
linux-image-gcp-64k-6.14 6.14.0-1018.19~24.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7833-4
https://ubuntu.com/security/notices/USN-7833-3
https://ubuntu.com/security/notices/USN-7833-2
https://ubuntu.com/security/notices/USN-7833-1
CVE-2024-36350, CVE-2024-36357, CVE-2025-38084, CVE-2025-38085,
CVE-2025-38086, CVE-2025-38087, CVE-2025-38089, CVE-2025-38090,
CVE-2025-38179, CVE-2025-38181, CVE-2025-38182, CVE-2025-38183,
CVE-2025-38184, CVE-2025-38186, CVE-2025-38188, CVE-2025-38189,
CVE-2025-38191, CVE-2025-38192, CVE-2025-38194, CVE-2025-38196,
CVE-2025-38197, CVE-2025-38198, CVE-2025-38199, CVE-2025-38200,
CVE-2025-38201, CVE-2025-38202, CVE-2025-38203, CVE-2025-38204,
CVE-2025-38205, CVE-2025-38206, CVE-2025-38208, CVE-2025-38210,
CVE-2025-38211, CVE-2025-38212, CVE-2025-38217, CVE-2025-38218,
CVE-2025-38219, CVE-2025-38220, CVE-2025-38222, CVE-2025-38223,
CVE-2025-38224, CVE-2025-38225, CVE-2025-38226, CVE-2025-38227,
CVE-2025-38228, CVE-2025-38229, CVE-2025-38231, CVE-2025-38232,
CVE-2025-38233, CVE-2025-38234, CVE-2025-38236, CVE-2025-38237,
CVE-2025-38238, CVE-2025-38239, CVE-2025-38241, CVE-2025-38242,
CVE-2025-38244, CVE-2025-38245, CVE-2025-38246, CVE-2025-38248,
CVE-2025-38249, CVE-2025-38250, CVE-2025-38251, CVE-2025-38253,
CVE-2025-38254, CVE-2025-38255, CVE-2025-38256, CVE-2025-38257,
CVE-2025-38258, CVE-2025-38259, CVE-2025-38260, CVE-2025-38261,
CVE-2025-38262, CVE-2025-38263, CVE-2025-38264, CVE-2025-38320,
CVE-2025-38321, CVE-2025-38322, CVE-2025-38324, CVE-2025-38325,
CVE-2025-38326, CVE-2025-38328, CVE-2025-38329, CVE-2025-38330,
CVE-2025-38331, CVE-2025-38332, CVE-2025-38333, CVE-2025-38334,
CVE-2025-38336, CVE-2025-38337, CVE-2025-38338, CVE-2025-38339,
CVE-2025-38340, CVE-2025-38341, CVE-2025-38342, CVE-2025-38343,
CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38347,
CVE-2025-38348, CVE-2025-38353, CVE-2025-38354, CVE-2025-38355,
CVE-2025-38356, CVE-2025-38359, CVE-2025-38360, CVE-2025-38361,
CVE-2025-38362, CVE-2025-38363, CVE-2025-38364, CVE-2025-38365,
CVE-2025-38368, CVE-2025-38369, CVE-2025-38370, CVE-2025-38371,
CVE-2025-38372, CVE-2025-38373, CVE-2025-38374, CVE-2025-38375,
CVE-2025-38376, CVE-2025-38377, CVE-2025-38381, CVE-2025-38382,
CVE-2025-38383, CVE-2025-38384, CVE-2025-38385, CVE-2025-38386,
CVE-2025-38387, CVE-2025-38388, CVE-2025-38389, CVE-2025-38390,
CVE-2025-38391, CVE-2025-38392, CVE-2025-38393, CVE-2025-38395,
CVE-2025-38396, CVE-2025-38399, CVE-2025-38400, CVE-2025-38401,
CVE-2025-38402, CVE-2025-38403, CVE-2025-38405, CVE-2025-38406,
CVE-2025-38407, CVE-2025-38408, CVE-2025-38409, CVE-2025-38410,
CVE-2025-38411, CVE-2025-38412, CVE-2025-38413, CVE-2025-38416,
CVE-2025-38417, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420,
CVE-2025-38421, CVE-2025-38422, CVE-2025-38423, CVE-2025-38424,
CVE-2025-38425, CVE-2025-38426, CVE-2025-38427, CVE-2025-38428,
CVE-2025-38429, CVE-2025-38430, CVE-2025-38431, CVE-2025-38434,
CVE-2025-38435, CVE-2025-38436, CVE-2025-38523, CVE-2025-38541,
CVE-2025-39682
Package Information:
https://launchpad.net/ubuntu/+source/linux-gcp-6.14/6.14.0-1018.19~24.04.1
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmkEy5kFAwAAAAAACgkQZ0GeRcM5nt1I
+Af/Tn1pdLsjCYxdxFQ9uRvSnO7pfZWLN9rzaPzo+HMIp26z5sWjEEhD63GsZd/aJDSxO0kJgNin
EYcmAZUq1olzDWuIOfrxN1g5xgC/6CGeFvCXd8zbcc4Dti+fqqLbkoRLq5+38x3O4JW80BIpU/z4
5WQcAw3AIiYPZThjMylu3hoFJU6HYAQ9NYiy/Qj1BTG59df8b1EzY/gMUA2kFFLUUHVTb3yawSa6
ym321Xw8+zLCFGuGbFJFhho+l8XFs2mYMAgQGULzFC+yxDH38CWeUx4Sq2Mmy25LdBxffYVx6qsV
ImpuD+2ngAroARHNE8+LvmWrbGrgbPwqJQIf+uPPxw==
=3M/a
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7833-4
October 31, 2025
linux-gcp-6.14 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-gcp-6.14: Linux kernel for Google Cloud Platform (GCP) systems
Details:
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Ublk userspace block driver;
- Bus devices;
- DMA engine subsystem;
- Arm Firmware Framework for ARMv8-A(FFA);
- Cirrus firmware drivers;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- I2C subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- TI TPS6594 PFSM driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- NVME drivers;
- x86 platform drivers;
- RapidIO drivers;
- Voltage and Current Regulator drivers;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI subsystem;
- TCM subsystem;
- Trusted Execution Environment drivers;
- TTY drivers;
- ChipIdea USB driver;
- USB Type-C support driver;
- Framebuffer layer;
- TSM Common Guest driver;
- File systems infrastructure;
- BTRFS file system;
- Ceph distributed file system;
- Ext4 file system;
- F2FS file system;
- JFFS2 file system;
- JFS file system;
- Network file systems library;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- SMB network file system;
- Memory Management;
- Bluetooth subsystem;
- Tracing infrastructure;
- io_uring subsystem;
- IPC subsystem;
- BPF subsystem;
- Perf events;
- Kernel exit() syscall;
- IRQ subsystem;
- Scheduler infrastructure;
- Maple Tree data structure library;
- Memory management;
- Asynchronous Transfer Mode (ATM) subsystem;
- Ethernet bridge;
- Networking core;
- IPv6 networking;
- MultiProtocol Label Switching driver;
- Netfilter;
- NFC subsystem;
- Rose network layer;
- Network traffic control;
- Sun RPC protocol;
- TIPC protocol;
- TLS protocol;
- Unix domain sockets;
- VMware vSockets driver;
- WCD audio codecs;
- USB sound devices;
(CVE-2025-38339, CVE-2025-38391, CVE-2025-38262, CVE-2025-38345,
CVE-2025-38387, CVE-2025-38373, CVE-2025-38395, CVE-2025-38330,
CVE-2025-38425, CVE-2025-38210, CVE-2025-38206, CVE-2025-38219,
CVE-2025-38245, CVE-2025-38253, CVE-2025-38401, CVE-2025-38410,
CVE-2025-38086, CVE-2025-38340, CVE-2025-38368, CVE-2025-38385,
CVE-2025-38384, CVE-2025-38326, CVE-2025-38224, CVE-2025-38338,
CVE-2025-38191, CVE-2025-39682, CVE-2025-38343, CVE-2025-38090,
CVE-2025-38228, CVE-2025-38182, CVE-2025-38231, CVE-2025-38183,
CVE-2025-38184, CVE-2025-38237, CVE-2025-38413, CVE-2025-38356,
CVE-2025-38246, CVE-2025-38202, CVE-2025-38248, CVE-2025-38254,
CVE-2025-38426, CVE-2025-38429, CVE-2025-38364, CVE-2025-38388,
CVE-2025-38435, CVE-2025-38403, CVE-2025-38186, CVE-2025-38199,
CVE-2025-38402, CVE-2025-38181, CVE-2025-38264, CVE-2025-38362,
CVE-2025-38341, CVE-2025-38422, CVE-2025-38331, CVE-2025-38423,
CVE-2025-38233, CVE-2025-38337, CVE-2025-38328, CVE-2025-38196,
CVE-2025-38412, CVE-2025-38205, CVE-2025-38242, CVE-2025-38324,
CVE-2025-38354, CVE-2025-38347, CVE-2025-38217, CVE-2025-38393,
CVE-2025-38392, CVE-2025-38390, CVE-2025-38321, CVE-2025-38541,
CVE-2025-38363, CVE-2025-38203, CVE-2025-38250, CVE-2025-38418,
CVE-2025-38336, CVE-2025-38333, CVE-2025-38194, CVE-2025-38372,
CVE-2025-38348, CVE-2025-38370, CVE-2025-38411, CVE-2025-38188,
CVE-2025-38365, CVE-2025-38241, CVE-2025-38201, CVE-2025-38259,
CVE-2025-38355, CVE-2025-38227, CVE-2025-38225, CVE-2025-38405,
CVE-2025-38329, CVE-2025-38232, CVE-2025-38344, CVE-2025-38238,
CVE-2025-38239, CVE-2025-38260, CVE-2025-38257, CVE-2025-38399,
CVE-2025-38419, CVE-2025-38430, CVE-2025-38251, CVE-2025-38332,
CVE-2025-38220, CVE-2025-38417, CVE-2025-38396, CVE-2025-38234,
CVE-2025-38434, CVE-2025-38197, CVE-2025-38436, CVE-2025-38408,
CVE-2025-38204, CVE-2025-38222, CVE-2025-38361, CVE-2025-38218,
CVE-2025-38212, CVE-2025-38198, CVE-2025-38255, CVE-2025-38389,
CVE-2025-38085, CVE-2025-38244, CVE-2025-38089, CVE-2025-38428,
CVE-2025-38369, CVE-2025-38189, CVE-2025-38084, CVE-2025-38400,
CVE-2025-38382, CVE-2025-38223, CVE-2025-38325, CVE-2025-38263,
CVE-2025-38249, CVE-2025-38346, CVE-2025-38320, CVE-2025-38409,
CVE-2025-38374, CVE-2025-38208, CVE-2025-38256, CVE-2025-38371,
CVE-2025-38192, CVE-2025-38406, CVE-2025-38360, CVE-2025-38258,
CVE-2025-38226, CVE-2025-38376, CVE-2025-38375, CVE-2025-38200,
CVE-2025-38523, CVE-2025-38334, CVE-2025-38236, CVE-2025-38386,
CVE-2025-38421, CVE-2025-38087, CVE-2025-38416, CVE-2025-38179,
CVE-2025-38420, CVE-2025-38424, CVE-2025-38377, CVE-2025-38359,
CVE-2025-38342, CVE-2025-38431, CVE-2025-38407, CVE-2025-38427,
CVE-2025-38229, CVE-2025-38353, CVE-2025-38383, CVE-2025-38211,
CVE-2025-38322, CVE-2025-38381, CVE-2025-38261)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
linux-image-6.14.0-1018-gcp 6.14.0-1018.19~24.04.1
linux-image-6.14.0-1018-gcp-64k 6.14.0-1018.19~24.04.1
linux-image-gcp 6.14.0-1018.19~24.04.1
linux-image-gcp-6.14 6.14.0-1018.19~24.04.1
linux-image-gcp-64k 6.14.0-1018.19~24.04.1
linux-image-gcp-64k-6.14 6.14.0-1018.19~24.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7833-4
https://ubuntu.com/security/notices/USN-7833-3
https://ubuntu.com/security/notices/USN-7833-2
https://ubuntu.com/security/notices/USN-7833-1
CVE-2024-36350, CVE-2024-36357, CVE-2025-38084, CVE-2025-38085,
CVE-2025-38086, CVE-2025-38087, CVE-2025-38089, CVE-2025-38090,
CVE-2025-38179, CVE-2025-38181, CVE-2025-38182, CVE-2025-38183,
CVE-2025-38184, CVE-2025-38186, CVE-2025-38188, CVE-2025-38189,
CVE-2025-38191, CVE-2025-38192, CVE-2025-38194, CVE-2025-38196,
CVE-2025-38197, CVE-2025-38198, CVE-2025-38199, CVE-2025-38200,
CVE-2025-38201, CVE-2025-38202, CVE-2025-38203, CVE-2025-38204,
CVE-2025-38205, CVE-2025-38206, CVE-2025-38208, CVE-2025-38210,
CVE-2025-38211, CVE-2025-38212, CVE-2025-38217, CVE-2025-38218,
CVE-2025-38219, CVE-2025-38220, CVE-2025-38222, CVE-2025-38223,
CVE-2025-38224, CVE-2025-38225, CVE-2025-38226, CVE-2025-38227,
CVE-2025-38228, CVE-2025-38229, CVE-2025-38231, CVE-2025-38232,
CVE-2025-38233, CVE-2025-38234, CVE-2025-38236, CVE-2025-38237,
CVE-2025-38238, CVE-2025-38239, CVE-2025-38241, CVE-2025-38242,
CVE-2025-38244, CVE-2025-38245, CVE-2025-38246, CVE-2025-38248,
CVE-2025-38249, CVE-2025-38250, CVE-2025-38251, CVE-2025-38253,
CVE-2025-38254, CVE-2025-38255, CVE-2025-38256, CVE-2025-38257,
CVE-2025-38258, CVE-2025-38259, CVE-2025-38260, CVE-2025-38261,
CVE-2025-38262, CVE-2025-38263, CVE-2025-38264, CVE-2025-38320,
CVE-2025-38321, CVE-2025-38322, CVE-2025-38324, CVE-2025-38325,
CVE-2025-38326, CVE-2025-38328, CVE-2025-38329, CVE-2025-38330,
CVE-2025-38331, CVE-2025-38332, CVE-2025-38333, CVE-2025-38334,
CVE-2025-38336, CVE-2025-38337, CVE-2025-38338, CVE-2025-38339,
CVE-2025-38340, CVE-2025-38341, CVE-2025-38342, CVE-2025-38343,
CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38347,
CVE-2025-38348, CVE-2025-38353, CVE-2025-38354, CVE-2025-38355,
CVE-2025-38356, CVE-2025-38359, CVE-2025-38360, CVE-2025-38361,
CVE-2025-38362, CVE-2025-38363, CVE-2025-38364, CVE-2025-38365,
CVE-2025-38368, CVE-2025-38369, CVE-2025-38370, CVE-2025-38371,
CVE-2025-38372, CVE-2025-38373, CVE-2025-38374, CVE-2025-38375,
CVE-2025-38376, CVE-2025-38377, CVE-2025-38381, CVE-2025-38382,
CVE-2025-38383, CVE-2025-38384, CVE-2025-38385, CVE-2025-38386,
CVE-2025-38387, CVE-2025-38388, CVE-2025-38389, CVE-2025-38390,
CVE-2025-38391, CVE-2025-38392, CVE-2025-38393, CVE-2025-38395,
CVE-2025-38396, CVE-2025-38399, CVE-2025-38400, CVE-2025-38401,
CVE-2025-38402, CVE-2025-38403, CVE-2025-38405, CVE-2025-38406,
CVE-2025-38407, CVE-2025-38408, CVE-2025-38409, CVE-2025-38410,
CVE-2025-38411, CVE-2025-38412, CVE-2025-38413, CVE-2025-38416,
CVE-2025-38417, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420,
CVE-2025-38421, CVE-2025-38422, CVE-2025-38423, CVE-2025-38424,
CVE-2025-38425, CVE-2025-38426, CVE-2025-38427, CVE-2025-38428,
CVE-2025-38429, CVE-2025-38430, CVE-2025-38431, CVE-2025-38434,
CVE-2025-38435, CVE-2025-38436, CVE-2025-38523, CVE-2025-38541,
CVE-2025-39682
Package Information:
https://launchpad.net/ubuntu/+source/linux-gcp-6.14/6.14.0-1018.19~24.04.1
OpenSMTPD 7.8.0p0
OpenSMTPD is a FREE implementation of the SMTP protocol with some common
extensions. It allows ordinary machines to exchange e-mails with systems
speaking the SMTP protocol. It implements a fairly large part of RFC5321
and can already cover a large range of use-cases.
It runs on OpenBSD, NetBSD, FreeBSD, DragonFlyBSD, Linux and macOS.
The archives are now available from the main site at www.OpenSMTPD.org
We would like to thank the OpenSMTPD community for their help in testing
the snapshots, reporting bugs, contributing code and packaging for other
systems.
Dependencies note:
==================
This release builds with LibreSSL, or OpenSSL >= 1.1.
It's preferable to depend on LibreSSL as OpenSMTPD is written and tested
with that dependency. OpenSSL library is considered as a best effort
target TLS library and provided as a commodity, LibreSSL has become our
target TLS library.
Changes in this release:
========================
- Don't reject single character AUTH PLAIN passwords.
- Fix address family typo (PF_INET->PF_INET6).
- Various documentation improvements.
- Removed support for world-writable mail spools.
- Updated contrib mail.local and lockspool.
- Don't die if garbage is being sent on the local socket.
This release includes the OpenBSD errata 005 which fixes CVE-2025-62875.
Checksums:
==========
SHA256 (opensmtpd-7.8.0p0.tar.gz) =
4034de2e92c61fa83eedadb1d8d8bdfe65e57eb50ce9679e0140950e34ca4ab7
Verify:
=======
Starting with version 5.7.1, releases are signed with signify(1).
You can obtain the public key from our website, check with our community
that it has not been altered on its way to your machine.
$ wget https://www.opensmtpd.org/archives/opensmtpd-20181026.pub
Once you are confident the key is correct, you can verify the release as
described below:
1. download both release tarball and matching signature file to same directory:
$ wget https://www.opensmtpd.org/archives/opensmtpd-7.8.0p0.sum.sig
$ wget https://www.opensmtpd.org/archives/opensmtpd-7.8.0p0.tar.gz
2. use `signify` to verify that signature file is properly signed and that the
checksum matches the release tarball you downloaded:
$ signify -C -e -p opensmtpd-20181026.pub -x opensmtpd-7.8.0p0.sum.sig
Signature Verified
opensmtpd-7.8.0p0.tar.gz: OK
If you don't get an OK message, then something is not right and you should not
install without first understanding why it failed.
Support:
========
You are encouraged to register to our general purpose mailing-list:
http://www.opensmtpd.org/list.html
The "Official" IRC channel for the project is at:
#opensmtpd @ irc.libera.chat
Support us:
===========
The project is maintained by volunteers, you can support us by:
- donating time to help test development branch during development cycle
- donating money to either one of the OpenBSD or OpenSMTPD project
- sponsoring developers through direct donations or patreon
- sponsoring developers through contracts to write features
Get in touch with us by e-mail or on IRC for more informations.
Reporting Bugs:
===============
Please read http://www.opensmtpd.org/report.html
Security bugs should be reported directly to security@opensmtpd.org
Other bugs may be reported to bugs@opensmtpd.org
extensions. It allows ordinary machines to exchange e-mails with systems
speaking the SMTP protocol. It implements a fairly large part of RFC5321
and can already cover a large range of use-cases.
It runs on OpenBSD, NetBSD, FreeBSD, DragonFlyBSD, Linux and macOS.
The archives are now available from the main site at www.OpenSMTPD.org
We would like to thank the OpenSMTPD community for their help in testing
the snapshots, reporting bugs, contributing code and packaging for other
systems.
Dependencies note:
==================
This release builds with LibreSSL, or OpenSSL >= 1.1.
It's preferable to depend on LibreSSL as OpenSMTPD is written and tested
with that dependency. OpenSSL library is considered as a best effort
target TLS library and provided as a commodity, LibreSSL has become our
target TLS library.
Changes in this release:
========================
- Don't reject single character AUTH PLAIN passwords.
- Fix address family typo (PF_INET->PF_INET6).
- Various documentation improvements.
- Removed support for world-writable mail spools.
- Updated contrib mail.local and lockspool.
- Don't die if garbage is being sent on the local socket.
This release includes the OpenBSD errata 005 which fixes CVE-2025-62875.
Checksums:
==========
SHA256 (opensmtpd-7.8.0p0.tar.gz) =
4034de2e92c61fa83eedadb1d8d8bdfe65e57eb50ce9679e0140950e34ca4ab7
Verify:
=======
Starting with version 5.7.1, releases are signed with signify(1).
You can obtain the public key from our website, check with our community
that it has not been altered on its way to your machine.
$ wget https://www.opensmtpd.org/archives/opensmtpd-20181026.pub
Once you are confident the key is correct, you can verify the release as
described below:
1. download both release tarball and matching signature file to same directory:
$ wget https://www.opensmtpd.org/archives/opensmtpd-7.8.0p0.sum.sig
$ wget https://www.opensmtpd.org/archives/opensmtpd-7.8.0p0.tar.gz
2. use `signify` to verify that signature file is properly signed and that the
checksum matches the release tarball you downloaded:
$ signify -C -e -p opensmtpd-20181026.pub -x opensmtpd-7.8.0p0.sum.sig
Signature Verified
opensmtpd-7.8.0p0.tar.gz: OK
If you don't get an OK message, then something is not right and you should not
install without first understanding why it failed.
Support:
========
You are encouraged to register to our general purpose mailing-list:
http://www.opensmtpd.org/list.html
The "Official" IRC channel for the project is at:
#opensmtpd @ irc.libera.chat
Support us:
===========
The project is maintained by volunteers, you can support us by:
- donating time to help test development branch during development cycle
- donating money to either one of the OpenBSD or OpenSMTPD project
- sponsoring developers through direct donations or patreon
- sponsoring developers through contracts to write features
Get in touch with us by e-mail or on IRC for more informations.
Reporting Bugs:
===============
Please read http://www.opensmtpd.org/report.html
Security bugs should be reported directly to security@opensmtpd.org
Other bugs may be reported to bugs@opensmtpd.org
Thursday, October 30, 2025
LibreSSL 4.1.2 and 4.2.1 released
We have released LibreSSL 4.2.1 and 4.1.2, which are available in the
LibreSSL directory of your local OpenBSD mirror.
They include the following change from the previous release:
* Reliability fix
- Ensure the group selected by a TLSv1.3 server for a
HelloRetryRequest is not one for which the client has
already sent a key share.
Thanks to dzwdz for identifying and reporting the issue.
LibreSSL 4.2.1 also includes:
* Portable changes
- Add missing files for Windows to the release tarball
Thanks to Markus Friedl and Tess Gauthier.
The LibreSSL project continues improvement of the codebase to reflect modern,
safe programming practices. We welcome feedback and improvements from the
broader community. Thanks to all of the contributors who helped make this
release possible.
LibreSSL directory of your local OpenBSD mirror.
They include the following change from the previous release:
* Reliability fix
- Ensure the group selected by a TLSv1.3 server for a
HelloRetryRequest is not one for which the client has
already sent a key share.
Thanks to dzwdz for identifying and reporting the issue.
LibreSSL 4.2.1 also includes:
* Portable changes
- Add missing files for Windows to the release tarball
Thanks to Markus Friedl and Tess Gauthier.
The LibreSSL project continues improvement of the codebase to reflect modern,
safe programming practices. We welcome feedback and improvements from the
broader community. Thanks to all of the contributors who helped make this
release possible.
[USN-7852-1] libxml2 vulnerability
==========================================================================
Ubuntu Security Notice USN-7852-1
October 30, 2025
libxml2 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
libxml2 could be made to crash or run programs if it opened a specially
crafted file.
Software Description:
- libxml2: GNOME XML library
Details:
It was discovered that libxslt, used by libxml2, incorrectly handled
certain attributes. An attacker could use this issue to cause a crash,
resulting in a denial of service, or possibly execute arbitrary code. This
update adds a fix to libxml2 to mitigate the libxslt vulnerability.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
libxml2 2.12.7+dfsg+really2.9.14-0.4ubuntu0.4
python3-libxml2 2.12.7+dfsg+really2.9.14-0.4ubuntu0.4
Ubuntu 24.04 LTS
libxml2 2.9.14+dfsg-1.3ubuntu3.6
python3-libxml2 2.9.14+dfsg-1.3ubuntu3.6
Ubuntu 22.04 LTS
libxml2 2.9.13+dfsg-1ubuntu0.10
python3-libxml2 2.9.13+dfsg-1ubuntu0.10
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7852-1
CVE-2025-7425
Package Information:
https://launchpad.net/ubuntu/+source/libxml2/2.12.7+dfsg+really2.9.14-0.4ubuntu0.4
https://launchpad.net/ubuntu/+source/libxml2/2.9.14+dfsg-1.3ubuntu3.6
https://launchpad.net/ubuntu/+source/libxml2/2.9.13+dfsg-1ubuntu0.10
Ubuntu Security Notice USN-7852-1
October 30, 2025
libxml2 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
libxml2 could be made to crash or run programs if it opened a specially
crafted file.
Software Description:
- libxml2: GNOME XML library
Details:
It was discovered that libxslt, used by libxml2, incorrectly handled
certain attributes. An attacker could use this issue to cause a crash,
resulting in a denial of service, or possibly execute arbitrary code. This
update adds a fix to libxml2 to mitigate the libxslt vulnerability.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
libxml2 2.12.7+dfsg+really2.9.14-0.4ubuntu0.4
python3-libxml2 2.12.7+dfsg+really2.9.14-0.4ubuntu0.4
Ubuntu 24.04 LTS
libxml2 2.9.14+dfsg-1.3ubuntu3.6
python3-libxml2 2.9.14+dfsg-1.3ubuntu3.6
Ubuntu 22.04 LTS
libxml2 2.9.13+dfsg-1ubuntu0.10
python3-libxml2 2.9.13+dfsg-1ubuntu0.10
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7852-1
CVE-2025-7425
Package Information:
https://launchpad.net/ubuntu/+source/libxml2/2.12.7+dfsg+really2.9.14-0.4ubuntu0.4
https://launchpad.net/ubuntu/+source/libxml2/2.9.14+dfsg-1.3ubuntu3.6
https://launchpad.net/ubuntu/+source/libxml2/2.9.13+dfsg-1ubuntu0.10
[USN-7854-1] Linux kernel (KVM) vulnerabilities
-----BEGIN PGP SIGNATURE-----
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmkDxrQFAwAAAAAACgkQZ0GeRcM5nt2n
oggArzKql5i5OC/Vse63KXxM8PzW5xcocRGBY93uJH+jxrYieO2YJl/Vbg6Fe/OoIdPmQtqSME/r
IalHq/Fdba45P6wjFNDVWprQ+aoutD+OlkKIehl3mhCqUxwXg0JzWVxVwp1LjHftLjK++Nuv+hXp
BKPFroDYSmndS0d0T9eDSwvl94jJn7Oc23R3LcvE2m/rEKzq71FuZ9nVRFmvkDoK6Caxkrsg7KeV
vSnvPnWndpa4JkyAT7J6hjnhMcQM1iva6XisHnzi+QADDtLOeBfDIwefS80my2jRs1x8FfdayEr5
2krbmT1PyrgmOWw/mjVtSorylwtmP9ztuLEG4Txy0g==
=5fkx
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7854-1
October 30, 2025
linux-kvm vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-kvm: Linux kernel for cloud environments
Details:
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain processors. This
flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this
to expose sensitive information from the host OS. (CVE-2025-40300)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- DMA engine subsystem;
- GPU drivers;
- HSI subsystem;
- Ethernet team driver;
- Framebuffer layer;
- BTRFS file system;
- Ext4 file system;
- Network file system (NFS) server daemon;
- Timer subsystem;
- DCCP (Datagram Congestion Control Protocol);
- IPv6 networking;
- NET/ROM layer;
- Packet sockets;
- Network traffic control;
- SCTP protocol;
- VMware vSockets driver;
- USB sound devices;
(CVE-2023-52574, CVE-2023-52650, CVE-2024-35849, CVE-2024-41006,
CVE-2024-49924, CVE-2024-50006, CVE-2024-50299, CVE-2024-53124,
CVE-2024-53150, CVE-2024-56767, CVE-2025-21796, CVE-2025-37785,
CVE-2025-37838, CVE-2025-38352, CVE-2025-38477, CVE-2025-38617,
CVE-2025-38618)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
linux-image-4.15.0-1168-kvm 4.15.0-1168.173
Available with Ubuntu Pro
linux-image-kvm 4.15.0.1168.159
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7854-1
CVE-2023-52574, CVE-2023-52650, CVE-2024-35849, CVE-2024-41006,
CVE-2024-49924, CVE-2024-50006, CVE-2024-50299, CVE-2024-53124,
CVE-2024-53150, CVE-2024-56767, CVE-2025-21796, CVE-2025-37785,
CVE-2025-37838, CVE-2025-38352, CVE-2025-38477, CVE-2025-38617,
CVE-2025-38618, CVE-2025-40300
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmkDxrQFAwAAAAAACgkQZ0GeRcM5nt2n
oggArzKql5i5OC/Vse63KXxM8PzW5xcocRGBY93uJH+jxrYieO2YJl/Vbg6Fe/OoIdPmQtqSME/r
IalHq/Fdba45P6wjFNDVWprQ+aoutD+OlkKIehl3mhCqUxwXg0JzWVxVwp1LjHftLjK++Nuv+hXp
BKPFroDYSmndS0d0T9eDSwvl94jJn7Oc23R3LcvE2m/rEKzq71FuZ9nVRFmvkDoK6Caxkrsg7KeV
vSnvPnWndpa4JkyAT7J6hjnhMcQM1iva6XisHnzi+QADDtLOeBfDIwefS80my2jRs1x8FfdayEr5
2krbmT1PyrgmOWw/mjVtSorylwtmP9ztuLEG4Txy0g==
=5fkx
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7854-1
October 30, 2025
linux-kvm vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-kvm: Linux kernel for cloud environments
Details:
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain processors. This
flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this
to expose sensitive information from the host OS. (CVE-2025-40300)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- DMA engine subsystem;
- GPU drivers;
- HSI subsystem;
- Ethernet team driver;
- Framebuffer layer;
- BTRFS file system;
- Ext4 file system;
- Network file system (NFS) server daemon;
- Timer subsystem;
- DCCP (Datagram Congestion Control Protocol);
- IPv6 networking;
- NET/ROM layer;
- Packet sockets;
- Network traffic control;
- SCTP protocol;
- VMware vSockets driver;
- USB sound devices;
(CVE-2023-52574, CVE-2023-52650, CVE-2024-35849, CVE-2024-41006,
CVE-2024-49924, CVE-2024-50006, CVE-2024-50299, CVE-2024-53124,
CVE-2024-53150, CVE-2024-56767, CVE-2025-21796, CVE-2025-37785,
CVE-2025-37838, CVE-2025-38352, CVE-2025-38477, CVE-2025-38617,
CVE-2025-38618)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
linux-image-4.15.0-1168-kvm 4.15.0-1168.173
Available with Ubuntu Pro
linux-image-kvm 4.15.0.1168.159
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7854-1
CVE-2023-52574, CVE-2023-52650, CVE-2024-35849, CVE-2024-41006,
CVE-2024-49924, CVE-2024-50006, CVE-2024-50299, CVE-2024-53124,
CVE-2024-53150, CVE-2024-56767, CVE-2025-21796, CVE-2025-37785,
CVE-2025-37838, CVE-2025-38352, CVE-2025-38477, CVE-2025-38617,
CVE-2025-38618, CVE-2025-40300
[USN-7853-2] Linux kernel (FIPS) vulnerabilities
-----BEGIN PGP SIGNATURE-----
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmkDxp8FAwAAAAAACgkQZ0GeRcM5nt3R
VggAjGMBTtufZ0FNN65JwH2usfEAEdxM7vl725ZtynMH9DoWFd/kx44+hHWri1+zOv/wfz163pGJ
0479d53LKMS0+S9WBJpPgixNrbtdzX9y1P/eRxwdA3c/rJBGBGFUogdBlaelHwin+l0IS3wns8Eb
kzQ7VscPZ2Zrt565UDfCeB/3TFSd/MdjJ/qbCM2zja3S+57dqRgcfQPnAjJQX803cFzjGeiG3x8V
em9Ef9DUj7jjkjYCP48bnqYiR+1fd14vUvgwpd4qMyBKRo8oJVlfEME8lrKgjFhrKfEFfIR53UmH
05eBsMJRJbiEOk38WdAz/nydI5YbP1MflMPvw0MgoA==
=sDYq
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7853-2
October 30, 2025
linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws-fips: Linux kernel for Amazon Web Services (AWS) systems with FIPS
- linux-fips: Linux kernel with FIPS
- linux-gcp-fips: Linux kernel for Google Cloud Platform (GCP) systems with
FIPS
Details:
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain processors. This
flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this
to expose sensitive information from the host OS. (CVE-2025-40300)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- DMA engine subsystem;
- GPU drivers;
- HSI subsystem;
- Ethernet team driver;
- Ext4 file system;
- Timer subsystem;
- DCCP (Datagram Congestion Control Protocol);
- IPv6 networking;
- NET/ROM layer;
- SCTP protocol;
- USB sound devices;
(CVE-2023-52574, CVE-2023-52650, CVE-2024-41006, CVE-2024-50006,
CVE-2024-50299, CVE-2024-53124, CVE-2024-53150, CVE-2024-56767,
CVE-2025-37838, CVE-2025-38352)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
linux-image-4.15.0-1141-fips 4.15.0-1141.153
Available with Ubuntu Pro
linux-image-4.15.0-2087-gcp-fips 4.15.0-2087.93
Available with Ubuntu Pro
linux-image-4.15.0-2124-aws-fips 4.15.0-2124.130
Available with Ubuntu Pro
linux-image-aws-fips 4.15.0.2124.118
Available with Ubuntu Pro
linux-image-aws-fips-4.15 4.15.0.2124.118
Available with Ubuntu Pro
linux-image-fips 4.15.0.1141.138
Available with Ubuntu Pro
linux-image-gcp-fips 4.15.0.2087.85
Available with Ubuntu Pro
linux-image-gcp-fips-4.15 4.15.0.2087.85
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7853-2
https://ubuntu.com/security/notices/USN-7853-1
CVE-2023-52574, CVE-2023-52650, CVE-2024-41006, CVE-2024-50006,
CVE-2024-50299, CVE-2024-53124, CVE-2024-53150, CVE-2024-56767,
CVE-2025-37838, CVE-2025-38352, CVE-2025-40300
Package Information:
https://launchpad.net/ubuntu/+source/linux-aws-fips/4.15.0-2124.130
https://launchpad.net/ubuntu/+source/linux-fips/4.15.0-1141.153
https://launchpad.net/ubuntu/+source/linux-gcp-fips/4.15.0-2087.93
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmkDxp8FAwAAAAAACgkQZ0GeRcM5nt3R
VggAjGMBTtufZ0FNN65JwH2usfEAEdxM7vl725ZtynMH9DoWFd/kx44+hHWri1+zOv/wfz163pGJ
0479d53LKMS0+S9WBJpPgixNrbtdzX9y1P/eRxwdA3c/rJBGBGFUogdBlaelHwin+l0IS3wns8Eb
kzQ7VscPZ2Zrt565UDfCeB/3TFSd/MdjJ/qbCM2zja3S+57dqRgcfQPnAjJQX803cFzjGeiG3x8V
em9Ef9DUj7jjkjYCP48bnqYiR+1fd14vUvgwpd4qMyBKRo8oJVlfEME8lrKgjFhrKfEFfIR53UmH
05eBsMJRJbiEOk38WdAz/nydI5YbP1MflMPvw0MgoA==
=sDYq
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7853-2
October 30, 2025
linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws-fips: Linux kernel for Amazon Web Services (AWS) systems with FIPS
- linux-fips: Linux kernel with FIPS
- linux-gcp-fips: Linux kernel for Google Cloud Platform (GCP) systems with
FIPS
Details:
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain processors. This
flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this
to expose sensitive information from the host OS. (CVE-2025-40300)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- DMA engine subsystem;
- GPU drivers;
- HSI subsystem;
- Ethernet team driver;
- Ext4 file system;
- Timer subsystem;
- DCCP (Datagram Congestion Control Protocol);
- IPv6 networking;
- NET/ROM layer;
- SCTP protocol;
- USB sound devices;
(CVE-2023-52574, CVE-2023-52650, CVE-2024-41006, CVE-2024-50006,
CVE-2024-50299, CVE-2024-53124, CVE-2024-53150, CVE-2024-56767,
CVE-2025-37838, CVE-2025-38352)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
linux-image-4.15.0-1141-fips 4.15.0-1141.153
Available with Ubuntu Pro
linux-image-4.15.0-2087-gcp-fips 4.15.0-2087.93
Available with Ubuntu Pro
linux-image-4.15.0-2124-aws-fips 4.15.0-2124.130
Available with Ubuntu Pro
linux-image-aws-fips 4.15.0.2124.118
Available with Ubuntu Pro
linux-image-aws-fips-4.15 4.15.0.2124.118
Available with Ubuntu Pro
linux-image-fips 4.15.0.1141.138
Available with Ubuntu Pro
linux-image-gcp-fips 4.15.0.2087.85
Available with Ubuntu Pro
linux-image-gcp-fips-4.15 4.15.0.2087.85
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7853-2
https://ubuntu.com/security/notices/USN-7853-1
CVE-2023-52574, CVE-2023-52650, CVE-2024-41006, CVE-2024-50006,
CVE-2024-50299, CVE-2024-53124, CVE-2024-53150, CVE-2024-56767,
CVE-2025-37838, CVE-2025-38352, CVE-2025-40300
Package Information:
https://launchpad.net/ubuntu/+source/linux-aws-fips/4.15.0-2124.130
https://launchpad.net/ubuntu/+source/linux-fips/4.15.0-1141.153
https://launchpad.net/ubuntu/+source/linux-gcp-fips/4.15.0-2087.93
[USN-7850-1] Linux kernel vulnerabilities
-----BEGIN PGP SIGNATURE-----
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmkDxmYFAwAAAAAACgkQZ0GeRcM5nt3N
5wf9FpJ4DeiuM0oC+RFrTJbpvLKmFmOlNpZtymoIFOsCbCDMLc/QbDjNmfWHZyAtpLg8sAIm9Pbv
doEpO3mHg5vETJumVA4UPfssX4gf1FFBqIUso8lrfoJEx1njniBzCT2McwPSwRoUTisn4sCmolK+
s95fKL/IknRNoxPMkCOBFtn4bLK2tuetaL9lUNOMbn3qAPCAr4rYuRY3Y27Gnr/KdZXdQJUDcsUG
v7rYoO7h5rGJGyQ+89uYX7Je7Ydiu0LbqqmEaHPWoJSQu7ZD/iRrcFT0LDrSIrlUiiyWnZOPWgms
qFovwzTymQIs35E2U7bFp97a1+6hI1741W67WOa22Q==
=0AoB
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7850-1
October 30, 2025
linux vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
Details:
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain processors. This
flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this
to expose sensitive information from the host OS. (CVE-2025-40300)
A security issues was discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystem:
- USB sound devices;
(CVE-2024-53150)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS
linux-image-3.13.0-208-generic 3.13.0-208.259
Available with Ubuntu Pro
linux-image-3.13.0-208-lowlatency 3.13.0-208.259
Available with Ubuntu Pro
linux-image-generic 3.13.0.208.218
Available with Ubuntu Pro
linux-image-generic-lts-trusty 3.13.0.208.218
Available with Ubuntu Pro
linux-image-lowlatency 3.13.0.208.218
Available with Ubuntu Pro
linux-image-server 3.13.0.208.218
Available with Ubuntu Pro
linux-image-virtual 3.13.0.208.218
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7850-1
CVE-2024-53150, CVE-2025-40300
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmkDxmYFAwAAAAAACgkQZ0GeRcM5nt3N
5wf9FpJ4DeiuM0oC+RFrTJbpvLKmFmOlNpZtymoIFOsCbCDMLc/QbDjNmfWHZyAtpLg8sAIm9Pbv
doEpO3mHg5vETJumVA4UPfssX4gf1FFBqIUso8lrfoJEx1njniBzCT2McwPSwRoUTisn4sCmolK+
s95fKL/IknRNoxPMkCOBFtn4bLK2tuetaL9lUNOMbn3qAPCAr4rYuRY3Y27Gnr/KdZXdQJUDcsUG
v7rYoO7h5rGJGyQ+89uYX7Je7Ydiu0LbqqmEaHPWoJSQu7ZD/iRrcFT0LDrSIrlUiiyWnZOPWgms
qFovwzTymQIs35E2U7bFp97a1+6hI1741W67WOa22Q==
=0AoB
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7850-1
October 30, 2025
linux vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
Details:
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain processors. This
flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this
to expose sensitive information from the host OS. (CVE-2025-40300)
A security issues was discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystem:
- USB sound devices;
(CVE-2024-53150)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS
linux-image-3.13.0-208-generic 3.13.0-208.259
Available with Ubuntu Pro
linux-image-3.13.0-208-lowlatency 3.13.0-208.259
Available with Ubuntu Pro
linux-image-generic 3.13.0.208.218
Available with Ubuntu Pro
linux-image-generic-lts-trusty 3.13.0.208.218
Available with Ubuntu Pro
linux-image-lowlatency 3.13.0.208.218
Available with Ubuntu Pro
linux-image-server 3.13.0.208.218
Available with Ubuntu Pro
linux-image-virtual 3.13.0.208.218
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7850-1
CVE-2024-53150, CVE-2025-40300
[USN-7853-1] Linux kernel vulnerabilities
-----BEGIN PGP SIGNATURE-----
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmkDxoUFAwAAAAAACgkQZ0GeRcM5nt2D
XggAhGg9SP73DbQxBB/yeDfIWwF2o0XJLQ+SHY1546wdenqqwUHaAdX/qky9RdKnrSRDfmF2EPKx
TpfGdPIhoSVy25S844Ki8DdfztVeCEFg3Kjlmx+ponaLQqHp5cvJOVygGJWTcH7VQ5LMUZr9fYbG
KzEVON1FqEbHfB+ufR+m9MYR21SkXSTypwQdzefexKTS+4tDRJTsboJO9mHbW7+VFYoh5tvnfnMh
KivmZZM1+8gQHx3hrFJBrW26GiUBtFrBcZNZnF/Gcrf3sijOJ1vpgeKx2a8U4uAI0J3nuEDyhv9Z
cANDH/V7e5TngKq/b35kxHkJK+iqIegp4UjfWIRHcA==
=ht8X
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7853-1
October 30, 2025
linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe,
linux-oracle vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-gcp-4.15: Linux kernel for Google Cloud Platform (GCP) systems
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-aws-hwe: Linux kernel for Amazon Web Services (AWS-HWE) systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe: Linux hardware enablement (HWE) kernel
Details:
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain processors. This
flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this
to expose sensitive information from the host OS. (CVE-2025-40300)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- DMA engine subsystem;
- GPU drivers;
- HSI subsystem;
- Ethernet team driver;
- Ext4 file system;
- Timer subsystem;
- DCCP (Datagram Congestion Control Protocol);
- IPv6 networking;
- NET/ROM layer;
- SCTP protocol;
- USB sound devices;
(CVE-2023-52574, CVE-2023-52650, CVE-2024-41006, CVE-2024-50006,
CVE-2024-50299, CVE-2024-53124, CVE-2024-53150, CVE-2024-56767,
CVE-2025-37838, CVE-2025-38352)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
linux-image-4.15.0-1148-oracle 4.15.0-1148.159
Available with Ubuntu Pro
linux-image-4.15.0-1179-gcp 4.15.0-1179.196
Available with Ubuntu Pro
linux-image-4.15.0-1186-aws 4.15.0-1186.199
Available with Ubuntu Pro
linux-image-4.15.0-243-generic 4.15.0-243.255
Available with Ubuntu Pro
linux-image-4.15.0-243-lowlatency 4.15.0-243.255
Available with Ubuntu Pro
linux-image-aws-4.15 4.15.0.1186.184
Available with Ubuntu Pro
linux-image-aws-lts-18.04 4.15.0.1186.184
Available with Ubuntu Pro
linux-image-gcp-4.15 4.15.0.1179.192
Available with Ubuntu Pro
linux-image-gcp-lts-18.04 4.15.0.1179.192
Available with Ubuntu Pro
linux-image-generic 4.15.0.243.227
Available with Ubuntu Pro
linux-image-lowlatency 4.15.0.243.227
Available with Ubuntu Pro
linux-image-oracle-4.15 4.15.0.1148.153
Available with Ubuntu Pro
linux-image-oracle-lts-18.04 4.15.0.1148.153
Available with Ubuntu Pro
linux-image-virtual 4.15.0.243.227
Available with Ubuntu Pro
Ubuntu 16.04 LTS
linux-image-4.15.0-1179-gcp 4.15.0-1179.196~16.04.1
Available with Ubuntu Pro
linux-image-4.15.0-1186-aws 4.15.0-1186.199~16.04.1
Available with Ubuntu Pro
linux-image-4.15.0-243-generic 4.15.0-243.255~16.04.1
Available with Ubuntu Pro
linux-image-4.15.0-243-lowlatency 4.15.0-243.255~16.04.1
Available with Ubuntu Pro
linux-image-aws-hwe 4.15.0.1186.199~16.04.1
Available with Ubuntu Pro
linux-image-gcp 4.15.0.1179.196~16.04.1
Available with Ubuntu Pro
linux-image-generic-hwe-16.04 4.15.0.243.255~16.04.1
Available with Ubuntu Pro
linux-image-gke 4.15.0.1179.196~16.04.1
Available with Ubuntu Pro
linux-image-lowlatency-hwe-16.04 4.15.0.243.255~16.04.1
Available with Ubuntu Pro
linux-image-oem 4.15.0.243.255~16.04.1
Available with Ubuntu Pro
linux-image-virtual-hwe-16.04 4.15.0.243.255~16.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7853-1
CVE-2023-52574, CVE-2023-52650, CVE-2024-41006, CVE-2024-50006,
CVE-2024-50299, CVE-2024-53124, CVE-2024-53150, CVE-2024-56767,
CVE-2025-37838, CVE-2025-38352, CVE-2025-40300
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmkDxoUFAwAAAAAACgkQZ0GeRcM5nt2D
XggAhGg9SP73DbQxBB/yeDfIWwF2o0XJLQ+SHY1546wdenqqwUHaAdX/qky9RdKnrSRDfmF2EPKx
TpfGdPIhoSVy25S844Ki8DdfztVeCEFg3Kjlmx+ponaLQqHp5cvJOVygGJWTcH7VQ5LMUZr9fYbG
KzEVON1FqEbHfB+ufR+m9MYR21SkXSTypwQdzefexKTS+4tDRJTsboJO9mHbW7+VFYoh5tvnfnMh
KivmZZM1+8gQHx3hrFJBrW26GiUBtFrBcZNZnF/Gcrf3sijOJ1vpgeKx2a8U4uAI0J3nuEDyhv9Z
cANDH/V7e5TngKq/b35kxHkJK+iqIegp4UjfWIRHcA==
=ht8X
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7853-1
October 30, 2025
linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe,
linux-oracle vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-gcp-4.15: Linux kernel for Google Cloud Platform (GCP) systems
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-aws-hwe: Linux kernel for Amazon Web Services (AWS-HWE) systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe: Linux hardware enablement (HWE) kernel
Details:
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain processors. This
flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this
to expose sensitive information from the host OS. (CVE-2025-40300)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- DMA engine subsystem;
- GPU drivers;
- HSI subsystem;
- Ethernet team driver;
- Ext4 file system;
- Timer subsystem;
- DCCP (Datagram Congestion Control Protocol);
- IPv6 networking;
- NET/ROM layer;
- SCTP protocol;
- USB sound devices;
(CVE-2023-52574, CVE-2023-52650, CVE-2024-41006, CVE-2024-50006,
CVE-2024-50299, CVE-2024-53124, CVE-2024-53150, CVE-2024-56767,
CVE-2025-37838, CVE-2025-38352)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
linux-image-4.15.0-1148-oracle 4.15.0-1148.159
Available with Ubuntu Pro
linux-image-4.15.0-1179-gcp 4.15.0-1179.196
Available with Ubuntu Pro
linux-image-4.15.0-1186-aws 4.15.0-1186.199
Available with Ubuntu Pro
linux-image-4.15.0-243-generic 4.15.0-243.255
Available with Ubuntu Pro
linux-image-4.15.0-243-lowlatency 4.15.0-243.255
Available with Ubuntu Pro
linux-image-aws-4.15 4.15.0.1186.184
Available with Ubuntu Pro
linux-image-aws-lts-18.04 4.15.0.1186.184
Available with Ubuntu Pro
linux-image-gcp-4.15 4.15.0.1179.192
Available with Ubuntu Pro
linux-image-gcp-lts-18.04 4.15.0.1179.192
Available with Ubuntu Pro
linux-image-generic 4.15.0.243.227
Available with Ubuntu Pro
linux-image-lowlatency 4.15.0.243.227
Available with Ubuntu Pro
linux-image-oracle-4.15 4.15.0.1148.153
Available with Ubuntu Pro
linux-image-oracle-lts-18.04 4.15.0.1148.153
Available with Ubuntu Pro
linux-image-virtual 4.15.0.243.227
Available with Ubuntu Pro
Ubuntu 16.04 LTS
linux-image-4.15.0-1179-gcp 4.15.0-1179.196~16.04.1
Available with Ubuntu Pro
linux-image-4.15.0-1186-aws 4.15.0-1186.199~16.04.1
Available with Ubuntu Pro
linux-image-4.15.0-243-generic 4.15.0-243.255~16.04.1
Available with Ubuntu Pro
linux-image-4.15.0-243-lowlatency 4.15.0-243.255~16.04.1
Available with Ubuntu Pro
linux-image-aws-hwe 4.15.0.1186.199~16.04.1
Available with Ubuntu Pro
linux-image-gcp 4.15.0.1179.196~16.04.1
Available with Ubuntu Pro
linux-image-generic-hwe-16.04 4.15.0.243.255~16.04.1
Available with Ubuntu Pro
linux-image-gke 4.15.0.1179.196~16.04.1
Available with Ubuntu Pro
linux-image-lowlatency-hwe-16.04 4.15.0.243.255~16.04.1
Available with Ubuntu Pro
linux-image-oem 4.15.0.243.255~16.04.1
Available with Ubuntu Pro
linux-image-virtual-hwe-16.04 4.15.0.243.255~16.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7853-1
CVE-2023-52574, CVE-2023-52650, CVE-2024-41006, CVE-2024-50006,
CVE-2024-50299, CVE-2024-53124, CVE-2024-53150, CVE-2024-56767,
CVE-2025-37838, CVE-2025-38352, CVE-2025-40300
OpenBSD Errata: October 31, 2025 (smtpd)
Errata patches for smtpd have been released for OpenBSD 7.7 and 7.8.
Binary updates for the amd64, arm64 and i386 platform are available
via the syspatch utility. Source code patches can be found on the
respective errata page:
https://www.openbsd.org/errata77.html
https://www.openbsd.org/errata78.html
Binary updates for the amd64, arm64 and i386 platform are available
via the syspatch utility. Source code patches can be found on the
respective errata page:
https://www.openbsd.org/errata77.html
https://www.openbsd.org/errata78.html
[USN-7844-1] YAML::Syck vulnerability
==========================================================================
Ubuntu Security Notice USN-7844-1
October 28, 2025
libyaml-syck-perl vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
The system could be made to expose sensitive information.
Software Description:
- libyaml-syck-perl: Perl module providing a fast, lightweight YAML loader and dumper
Details:
It was discovered that YAML::Syck did not properly handle parsing YAML
files. An attacker could possibly use this issue to expose sensitive
information.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
libyaml-syck-perl 1.34-3ubuntu0.1
Ubuntu 25.04
libyaml-syck-perl 1.34-2ubuntu0.25.04.1
Ubuntu 24.04 LTS
libyaml-syck-perl 1.34-2ubuntu0.24.04.1~esm1
Available with Ubuntu Pro
Ubuntu 22.04 LTS
libyaml-syck-perl 1.34-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 20.04 LTS
libyaml-syck-perl 1.31-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
libyaml-syck-perl 1.29-1ubuntu0.18.04.1~esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
libyaml-syck-perl 1.29-1ubuntu0.16.04.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7844-1
CVE-2025-11683
Package Information:
https://launchpad.net/ubuntu/+source/libyaml-syck-perl/1.34-3ubuntu0.1
https://launchpad.net/ubuntu/+source/libyaml-syck-perl/1.34-2ubuntu0.25.04.1
Ubuntu Security Notice USN-7844-1
October 28, 2025
libyaml-syck-perl vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
The system could be made to expose sensitive information.
Software Description:
- libyaml-syck-perl: Perl module providing a fast, lightweight YAML loader and dumper
Details:
It was discovered that YAML::Syck did not properly handle parsing YAML
files. An attacker could possibly use this issue to expose sensitive
information.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
libyaml-syck-perl 1.34-3ubuntu0.1
Ubuntu 25.04
libyaml-syck-perl 1.34-2ubuntu0.25.04.1
Ubuntu 24.04 LTS
libyaml-syck-perl 1.34-2ubuntu0.24.04.1~esm1
Available with Ubuntu Pro
Ubuntu 22.04 LTS
libyaml-syck-perl 1.34-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 20.04 LTS
libyaml-syck-perl 1.31-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
libyaml-syck-perl 1.29-1ubuntu0.18.04.1~esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
libyaml-syck-perl 1.29-1ubuntu0.16.04.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7844-1
CVE-2025-11683
Package Information:
https://launchpad.net/ubuntu/+source/libyaml-syck-perl/1.34-3ubuntu0.1
https://launchpad.net/ubuntu/+source/libyaml-syck-perl/1.34-2ubuntu0.25.04.1
[USN-7843-1] Netty vulnerability
==========================================================================
Ubuntu Security Notice USN-7843-1
October 28, 2025
netty vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Netty could be made to send emails as your login if it received specially
crafted input.
Software Description:
- netty: Java NIO client/server socket framework
Details:
It was discovered that Netty did not properly handle user input. A remote
attacker could possibly use this issue to forge arbitrary emails from a
trusted server.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
libnetty-java 1:4.1.48-10ubuntu0.25.10.1
Ubuntu 25.04
libnetty-java 1:4.1.48-10ubuntu0.25.04.1
Ubuntu 24.04 LTS
libnetty-java 1:4.1.48-9ubuntu0.1~esm2
Available with Ubuntu Pro
Ubuntu 22.04 LTS
libnetty-java 1:4.1.48-4+deb11u2ubuntu0.1~esm2
Available with Ubuntu Pro
Ubuntu 20.04 LTS
libnetty-java 1:4.1.45-1ubuntu0.1~esm3
Available with Ubuntu Pro
Ubuntu 18.04 LTS
libnetty-java 1:4.1.7-4ubuntu0.1+esm4
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7843-1
CVE-2025-59419
Package Information:
https://launchpad.net/ubuntu/+source/netty/1:4.1.48-10ubuntu0.25.10.1
https://launchpad.net/ubuntu/+source/netty/1:4.1.48-10ubuntu0.25.04.1
Ubuntu Security Notice USN-7843-1
October 28, 2025
netty vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Netty could be made to send emails as your login if it received specially
crafted input.
Software Description:
- netty: Java NIO client/server socket framework
Details:
It was discovered that Netty did not properly handle user input. A remote
attacker could possibly use this issue to forge arbitrary emails from a
trusted server.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
libnetty-java 1:4.1.48-10ubuntu0.25.10.1
Ubuntu 25.04
libnetty-java 1:4.1.48-10ubuntu0.25.04.1
Ubuntu 24.04 LTS
libnetty-java 1:4.1.48-9ubuntu0.1~esm2
Available with Ubuntu Pro
Ubuntu 22.04 LTS
libnetty-java 1:4.1.48-4+deb11u2ubuntu0.1~esm2
Available with Ubuntu Pro
Ubuntu 20.04 LTS
libnetty-java 1:4.1.45-1ubuntu0.1~esm3
Available with Ubuntu Pro
Ubuntu 18.04 LTS
libnetty-java 1:4.1.7-4ubuntu0.1+esm4
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7843-1
CVE-2025-59419
Package Information:
https://launchpad.net/ubuntu/+source/netty/1:4.1.48-10ubuntu0.25.10.1
https://launchpad.net/ubuntu/+source/netty/1:4.1.48-10ubuntu0.25.04.1
[USN-7848-1] AMD Microcode vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7848-1
October 29, 2025
amd64-microcode vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
Summary:
Several security issues were fixed in AMD Microcode.
Software Description:
- amd64-microcode: Platform firmware and microcode for AMD CPUs and SoCs
Details:
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores. A local attacker could possibly use
this issue to expose sensitive information. This update provides the
updated microcode mitigations required for the corresponding Linux kernel
update.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
amd64-microcode 3.20250708.0ubuntu0.25.04.2
After a standard system update you need to reboot your computer to make all
the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7848-1
CVE-2024-36350, CVE-2024-36357
Package Information:
https://launchpad.net/ubuntu/+source/amd64-microcode/3.20250708.0ubuntu0.25.04.2
Ubuntu Security Notice USN-7848-1
October 29, 2025
amd64-microcode vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
Summary:
Several security issues were fixed in AMD Microcode.
Software Description:
- amd64-microcode: Platform firmware and microcode for AMD CPUs and SoCs
Details:
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores. A local attacker could possibly use
this issue to expose sensitive information. This update provides the
updated microcode mitigations required for the corresponding Linux kernel
update.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
amd64-microcode 3.20250708.0ubuntu0.25.04.2
After a standard system update you need to reboot your computer to make all
the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7848-1
CVE-2024-36350, CVE-2024-36357
Package Information:
https://launchpad.net/ubuntu/+source/amd64-microcode/3.20250708.0ubuntu0.25.04.2
[USN-7847-1] GNU binutils vulnerabilities
-----BEGIN PGP SIGNATURE-----
wsD5BAABCAAjFiEEcxdv4gCCE8W9nrt5a1+PL+d1/EgFAmkDOLEFAwAAAAAACgkQa1+PL+d1/EhS
qQv+K6GaHSYATSELpOpnZyRjfxYeDvWftKHVMJIDavgY6KdAa3X4fkNUK+zbtavdOHeAYuTuj0yK
2AMlscbkPbfn5ng/952hS4XbfMQLEpJiW7zBi4vP0uucNZXjNknHzSlDaBsK9Tj+0h47Qt4QvSae
UwVEg/HbiVgJ65wzLFyYypzrd0ozWGQA3acApxyUv37HMaDye7VFBKN/xTjtQp6mgriQ9t+Cyl+p
/xIBB/pwiHlo4gSdr3PVSu52AcdEbv5f2Eud4t6XBcYzfbzsItW0HjdwRrbMWNz9GTCLwtB2r0u7
j9zJNU3dKG+BCEWrmqU+bKPoSqUIvmQCFJdVYw7EAaGk1Nz4+/XBWM4YFO7nAeeHrb1ZDtgfDlRL
ZdskaoGK7/JKeu28EdsCPEOJogAzxmgBfJyn1ou5OxrjKcifTaIX4drWqSttxNnv7QXajX84aa3h
C0DfzXO5UCErqWDDq4zSYQQrqO+5Gd1iuFc6WAFCAyM82lHe/ZK60T35pqKd
=E8QE
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7847-1
October 29, 2025
binutils vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in GNU binutils.
Software Description:
- binutils: GNU assembler, linker and binary utilities
Details:
It was discovered that GNU binutils incorrectly handled certain files.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. The attack is restricted to local execution.
(CVE-2025-11082)
It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or
execute arbitrary code. (CVE-2025-11083, CVE-2025-5244, CVE-2025-5245,
CVE-2025-7554)
It was discovered that GNU binutils incorrectly handled certain files.
An attacker could possibly use this issue to cause crash, execute
arbitrary code or expose sensitive information. (CVE-2025-1147)
It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2025-1148, CVE-2025-3198, CVE-2025-8225
It was discovered that GNU binutils incorrectly handled certain files.
An attacker could possibly use this issue to cause a crash. This issue only
affected Ubuntu 25.04. (CVE-2025-1182)
It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
This issue only affected Ubuntu 25.04 and Ubuntu 24.04 LTS.
(CVE-2025-7546)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
binutils 2.44-3ubuntu1.1
binutils-multiarch 2.44-3ubuntu1.1
Ubuntu 24.04 LTS
binutils 2.42-4ubuntu2.6
binutils-multiarch 2.42-4ubuntu2.6
Ubuntu 22.04 LTS
binutils 2.38-4ubuntu2.10
binutils-multiarch 2.38-4ubuntu2.10
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7847-1
CVE-2025-11082, CVE-2025-11083, CVE-2025-1147, CVE-2025-1148,
CVE-2025-1182, CVE-2025-3198, CVE-2025-5244, CVE-2025-5245,
CVE-2025-7545, CVE-2025-7546, CVE-2025-8225
Package Information:
https://launchpad.net/ubuntu/+source/binutils/2.44-3ubuntu1.1
https://launchpad.net/ubuntu/+source/binutils/2.42-4ubuntu2.6
https://launchpad.net/ubuntu/+source/binutils/2.38-4ubuntu2.10
wsD5BAABCAAjFiEEcxdv4gCCE8W9nrt5a1+PL+d1/EgFAmkDOLEFAwAAAAAACgkQa1+PL+d1/EhS
qQv+K6GaHSYATSELpOpnZyRjfxYeDvWftKHVMJIDavgY6KdAa3X4fkNUK+zbtavdOHeAYuTuj0yK
2AMlscbkPbfn5ng/952hS4XbfMQLEpJiW7zBi4vP0uucNZXjNknHzSlDaBsK9Tj+0h47Qt4QvSae
UwVEg/HbiVgJ65wzLFyYypzrd0ozWGQA3acApxyUv37HMaDye7VFBKN/xTjtQp6mgriQ9t+Cyl+p
/xIBB/pwiHlo4gSdr3PVSu52AcdEbv5f2Eud4t6XBcYzfbzsItW0HjdwRrbMWNz9GTCLwtB2r0u7
j9zJNU3dKG+BCEWrmqU+bKPoSqUIvmQCFJdVYw7EAaGk1Nz4+/XBWM4YFO7nAeeHrb1ZDtgfDlRL
ZdskaoGK7/JKeu28EdsCPEOJogAzxmgBfJyn1ou5OxrjKcifTaIX4drWqSttxNnv7QXajX84aa3h
C0DfzXO5UCErqWDDq4zSYQQrqO+5Gd1iuFc6WAFCAyM82lHe/ZK60T35pqKd
=E8QE
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7847-1
October 29, 2025
binutils vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in GNU binutils.
Software Description:
- binutils: GNU assembler, linker and binary utilities
Details:
It was discovered that GNU binutils incorrectly handled certain files.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. The attack is restricted to local execution.
(CVE-2025-11082)
It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or
execute arbitrary code. (CVE-2025-11083, CVE-2025-5244, CVE-2025-5245,
CVE-2025-7554)
It was discovered that GNU binutils incorrectly handled certain files.
An attacker could possibly use this issue to cause crash, execute
arbitrary code or expose sensitive information. (CVE-2025-1147)
It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2025-1148, CVE-2025-3198, CVE-2025-8225
It was discovered that GNU binutils incorrectly handled certain files.
An attacker could possibly use this issue to cause a crash. This issue only
affected Ubuntu 25.04. (CVE-2025-1182)
It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
This issue only affected Ubuntu 25.04 and Ubuntu 24.04 LTS.
(CVE-2025-7546)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
binutils 2.44-3ubuntu1.1
binutils-multiarch 2.44-3ubuntu1.1
Ubuntu 24.04 LTS
binutils 2.42-4ubuntu2.6
binutils-multiarch 2.42-4ubuntu2.6
Ubuntu 22.04 LTS
binutils 2.38-4ubuntu2.10
binutils-multiarch 2.38-4ubuntu2.10
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7847-1
CVE-2025-11082, CVE-2025-11083, CVE-2025-1147, CVE-2025-1148,
CVE-2025-1182, CVE-2025-3198, CVE-2025-5244, CVE-2025-5245,
CVE-2025-7545, CVE-2025-7546, CVE-2025-8225
Package Information:
https://launchpad.net/ubuntu/+source/binutils/2.44-3ubuntu1.1
https://launchpad.net/ubuntu/+source/binutils/2.42-4ubuntu2.6
https://launchpad.net/ubuntu/+source/binutils/2.38-4ubuntu2.10
Wednesday, October 29, 2025
[USN-7846-1] X.Org X Server vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7846-1
October 29, 2025
xorg-server, xwayland vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in X.Org X Server.
Software Description:
- xorg-server: X.Org X11 server
- xwayland: X server for running X clients under Wayland
Details:
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
certain memory operations. An attacker could use these issues to cause the
X Server to crash, leading to a denial of service, obtain sensitive
information, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
xserver-xorg-core 2:21.1.18-1ubuntu1.1
xwayland 2:24.1.6-1ubuntu1.1
Ubuntu 25.04
xserver-xorg-core 2:21.1.16-1ubuntu1.2
xwayland 2:24.1.6-1ubuntu0.2
Ubuntu 24.04 LTS
xserver-xorg-core 2:21.1.12-1ubuntu1.5
xwayland 2:23.2.6-1ubuntu0.7
Ubuntu 22.04 LTS
xserver-xorg-core 2:21.1.4-2ubuntu1.7~22.04.16
xwayland 2:22.1.1-1ubuntu0.20
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7846-1
CVE-2025-62229, CVE-2025-62230, CVE-2025-62231
Package Information:
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.18-1ubuntu1.1
https://launchpad.net/ubuntu/+source/xwayland/2:24.1.6-1ubuntu1.1
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.16-1ubuntu1.2
https://launchpad.net/ubuntu/+source/xwayland/2:24.1.6-1ubuntu0.2
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.12-1ubuntu1.5
https://launchpad.net/ubuntu/+source/xwayland/2:23.2.6-1ubuntu0.7
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.4-2ubuntu1.7~22.04.16
https://launchpad.net/ubuntu/+source/xwayland/2:22.1.1-1ubuntu0.20
Ubuntu Security Notice USN-7846-1
October 29, 2025
xorg-server, xwayland vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in X.Org X Server.
Software Description:
- xorg-server: X.Org X11 server
- xwayland: X server for running X clients under Wayland
Details:
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
certain memory operations. An attacker could use these issues to cause the
X Server to crash, leading to a denial of service, obtain sensitive
information, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
xserver-xorg-core 2:21.1.18-1ubuntu1.1
xwayland 2:24.1.6-1ubuntu1.1
Ubuntu 25.04
xserver-xorg-core 2:21.1.16-1ubuntu1.2
xwayland 2:24.1.6-1ubuntu0.2
Ubuntu 24.04 LTS
xserver-xorg-core 2:21.1.12-1ubuntu1.5
xwayland 2:23.2.6-1ubuntu0.7
Ubuntu 22.04 LTS
xserver-xorg-core 2:21.1.4-2ubuntu1.7~22.04.16
xwayland 2:22.1.1-1ubuntu0.20
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7846-1
CVE-2025-62229, CVE-2025-62230, CVE-2025-62231
Package Information:
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.18-1ubuntu1.1
https://launchpad.net/ubuntu/+source/xwayland/2:24.1.6-1ubuntu1.1
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.16-1ubuntu1.2
https://launchpad.net/ubuntu/+source/xwayland/2:24.1.6-1ubuntu0.2
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.12-1ubuntu1.5
https://launchpad.net/ubuntu/+source/xwayland/2:23.2.6-1ubuntu0.7
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.4-2ubuntu1.7~22.04.16
https://launchpad.net/ubuntu/+source/xwayland/2:22.1.1-1ubuntu0.20
Tuesday, October 28, 2025
[USN-7845-1] Squid vulnerability
==========================================================================
Ubuntu Security Notice USN-7845-1
October 28, 2025
squid, squid3 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Squid would allow unintended access to sensitive information over the
network.
Software Description:
- squid: Web proxy cache server
- squid3: Web proxy cache server
Details:
Leonardo Giovannini discovered that Squid failed to redact HTTP
Authentication credentials in a default configuration. An attacker could
possibly use this issue to obtain sensitive information.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
squid 6.13-1ubuntu4.1
Ubuntu 25.04
squid 6.13-1ubuntu1.2
Ubuntu 24.04 LTS
squid 6.13-0ubuntu0.24.04.3
Ubuntu 22.04 LTS
squid 5.9-0ubuntu0.22.04.4
Ubuntu 20.04 LTS
squid 4.10-1ubuntu1.13+esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
squid 3.5.27-1ubuntu1.14+esm4
Available with Ubuntu Pro
squid3 3.5.27-1ubuntu1.14+esm4
Available with Ubuntu Pro
Ubuntu 16.04 LTS
squid 3.5.12-1ubuntu7.16+esm5
Available with Ubuntu Pro
squid3 3.5.12-1ubuntu7.16+esm5
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7845-1
CVE-2025-62168
Package Information:
https://launchpad.net/ubuntu/+source/squid/6.13-1ubuntu4.1
https://launchpad.net/ubuntu/+source/squid/6.13-1ubuntu1.2
https://launchpad.net/ubuntu/+source/squid/6.13-0ubuntu0.24.04.3
https://launchpad.net/ubuntu/+source/squid/5.9-0ubuntu0.22.04.4
Ubuntu Security Notice USN-7845-1
October 28, 2025
squid, squid3 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Squid would allow unintended access to sensitive information over the
network.
Software Description:
- squid: Web proxy cache server
- squid3: Web proxy cache server
Details:
Leonardo Giovannini discovered that Squid failed to redact HTTP
Authentication credentials in a default configuration. An attacker could
possibly use this issue to obtain sensitive information.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
squid 6.13-1ubuntu4.1
Ubuntu 25.04
squid 6.13-1ubuntu1.2
Ubuntu 24.04 LTS
squid 6.13-0ubuntu0.24.04.3
Ubuntu 22.04 LTS
squid 5.9-0ubuntu0.22.04.4
Ubuntu 20.04 LTS
squid 4.10-1ubuntu1.13+esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
squid 3.5.27-1ubuntu1.14+esm4
Available with Ubuntu Pro
squid3 3.5.27-1ubuntu1.14+esm4
Available with Ubuntu Pro
Ubuntu 16.04 LTS
squid 3.5.12-1ubuntu7.16+esm5
Available with Ubuntu Pro
squid3 3.5.12-1ubuntu7.16+esm5
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7845-1
CVE-2025-62168
Package Information:
https://launchpad.net/ubuntu/+source/squid/6.13-1ubuntu4.1
https://launchpad.net/ubuntu/+source/squid/6.13-1ubuntu1.2
https://launchpad.net/ubuntu/+source/squid/6.13-0ubuntu0.24.04.3
https://launchpad.net/ubuntu/+source/squid/5.9-0ubuntu0.22.04.4
[USN-7829-5] Linux kernel (Intel IoTG) vulnerabilities
-----BEGIN PGP SIGNATURE-----
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmkA+VgFAwAAAAAACgkQZ0GeRcM5nt1P
7wgAkX1nCVy1WYl2pCAHgLZZI0abG/gBTuneyd5Tfy/i+98bAfRLIHdxmDDfwDSmQ6Oig2PeFObV
+nn3KlQFoIk6VTNTvKRwcj+I23hLTWSv/zLcuumLmV6KihN4PdoLgbijomLflDaAEiZ4uaOPgGX4
UWIayp+Na+QPY/KsnyajAG+nAE2j1quJRFQkg1AXdxpEPD5Tntk7jkiplH+6cw9AMXHYeH0Fkuhp
382CWHlRJT7YU8HNKEbXPu+R8PnG11sWEYt4DVons+dhOWbrU/tm3A7m00po2Q/R7wWlgIft0HY2
c8caaZNhFRtCqP5e1/Hv5ep7AMLdZ2zQcUow9PaDWA==
=pD/C
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7829-5
October 28, 2025
linux-intel-iotg, linux-intel-iotg-5.15 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-intel-iotg: Linux kernel for Intel IoT platforms
- linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- Network drivers;
- Netlink;
(CVE-2024-26700, CVE-2025-38727, CVE-2023-52593, CVE-2024-26896)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
linux-image-5.15.0-1090-intel-iotg 5.15.0-1090.96
linux-image-intel-iotg 5.15.0.1090.90
linux-image-intel-iotg-5.15 5.15.0.1090.90
Ubuntu 20.04 LTS
linux-image-5.15.0-1090-intel-iotg 5.15.0-1090.96~20.04.1
Available with Ubuntu Pro
linux-image-intel 5.15.0.1090.96~20.04.1
Available with Ubuntu Pro
linux-image-intel-iotg 5.15.0.1090.96~20.04.1
Available with Ubuntu Pro
linux-image-intel-iotg-5.15 5.15.0.1090.96~20.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7829-5
https://ubuntu.com/security/notices/USN-7829-4
https://ubuntu.com/security/notices/USN-7829-3
https://ubuntu.com/security/notices/USN-7829-2
https://ubuntu.com/security/notices/USN-7829-1
CVE-2023-52593, CVE-2024-26700, CVE-2024-26896, CVE-2025-38727
Package Information:
https://launchpad.net/ubuntu/+source/linux-intel-iotg/5.15.0-1090.96
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmkA+VgFAwAAAAAACgkQZ0GeRcM5nt1P
7wgAkX1nCVy1WYl2pCAHgLZZI0abG/gBTuneyd5Tfy/i+98bAfRLIHdxmDDfwDSmQ6Oig2PeFObV
+nn3KlQFoIk6VTNTvKRwcj+I23hLTWSv/zLcuumLmV6KihN4PdoLgbijomLflDaAEiZ4uaOPgGX4
UWIayp+Na+QPY/KsnyajAG+nAE2j1quJRFQkg1AXdxpEPD5Tntk7jkiplH+6cw9AMXHYeH0Fkuhp
382CWHlRJT7YU8HNKEbXPu+R8PnG11sWEYt4DVons+dhOWbrU/tm3A7m00po2Q/R7wWlgIft0HY2
c8caaZNhFRtCqP5e1/Hv5ep7AMLdZ2zQcUow9PaDWA==
=pD/C
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7829-5
October 28, 2025
linux-intel-iotg, linux-intel-iotg-5.15 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-intel-iotg: Linux kernel for Intel IoT platforms
- linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- Network drivers;
- Netlink;
(CVE-2024-26700, CVE-2025-38727, CVE-2023-52593, CVE-2024-26896)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
linux-image-5.15.0-1090-intel-iotg 5.15.0-1090.96
linux-image-intel-iotg 5.15.0.1090.90
linux-image-intel-iotg-5.15 5.15.0.1090.90
Ubuntu 20.04 LTS
linux-image-5.15.0-1090-intel-iotg 5.15.0-1090.96~20.04.1
Available with Ubuntu Pro
linux-image-intel 5.15.0.1090.96~20.04.1
Available with Ubuntu Pro
linux-image-intel-iotg 5.15.0.1090.96~20.04.1
Available with Ubuntu Pro
linux-image-intel-iotg-5.15 5.15.0.1090.96~20.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7829-5
https://ubuntu.com/security/notices/USN-7829-4
https://ubuntu.com/security/notices/USN-7829-3
https://ubuntu.com/security/notices/USN-7829-2
https://ubuntu.com/security/notices/USN-7829-1
CVE-2023-52593, CVE-2024-26700, CVE-2024-26896, CVE-2025-38727
Package Information:
https://launchpad.net/ubuntu/+source/linux-intel-iotg/5.15.0-1090.96
OpenBSD Errata: October 28, 2025 (xserver unbound libssl)
Errata patches for xserver, unbound and libssl have been released for
OpenBSD 7.7 and 7.8.
Binary updates for the amd64, arm64 and i386 platform are available
via the syspatch utility. Source code patches can be found on the
respective errata page:
https://www.openbsd.org/errata77.html
https://www.openbsd.org/errata78.html
OpenBSD 7.7 and 7.8.
Binary updates for the amd64, arm64 and i386 platform are available
via the syspatch utility. Source code patches can be found on the
respective errata page:
https://www.openbsd.org/errata77.html
https://www.openbsd.org/errata78.html
Fedora Linux 43 is now officially available!
Read the details in our Fedora Magazine article at:
* https://fedoramagazine.org/announcing-fedora-linux-43
You should be able to upgrade your already-installed systems, which shouldn't take much longer than enjoying a freshly brewed cup of coffee.
Or if you want to do a fresh install, you can download installer images from:
* https://fedoraproject.org/
If you run into any trouble or just have questions, you can find help at:
* https://ask.fedoraproject.org/
--
Jef Spaleta
jspaleta@fedoraproject.org
Fedora Project Leader
--
_______________________________________________
announce mailing list -- announce@lists.fedoraproject.org
To unsubscribe send an email to announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/announce@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
* https://fedoramagazine.org/announcing-fedora-linux-43
You should be able to upgrade your already-installed systems, which shouldn't take much longer than enjoying a freshly brewed cup of coffee.
Or if you want to do a fresh install, you can download installer images from:
* https://fedoraproject.org/
If you run into any trouble or just have questions, you can find help at:
* https://ask.fedoraproject.org/
--
Jef Spaleta
jspaleta@fedoraproject.org
Fedora Project Leader
--
_______________________________________________
announce mailing list -- announce@lists.fedoraproject.org
To unsubscribe send an email to announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/announce@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
F44 Change Proposal: Nix_package_tool [SelfContained]
Wiki: https://fedoraproject.org/wiki/Changes/Nix_package_tool
Discussion Thread: https://discussion.fedoraproject.org/t/170391
**This is a proposed Change for Fedora Linux.**
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.
== Summary ==
Add the [https://github.com/NixOS/nix/ nix] functional package manager developer tool to Fedora.
== Owner ==
* Name: [[User:Petersen| Jens Petersen]]
* Email: <petersen@redhat.com>
* Name: [[User:zbyszek| Zbigniew Jędrzejewski-Szmek]]
* Email: <zbyszek@in.waw.pl>
== Detailed Description ==
Nix is a cross-platform package manager for Unix-like systems with its own package ecosystem.
It is also the package manager for the NixOS Linux operating system.
The nix package tool provides access to the [https://github.com/NixOS/nixpkgs nixpkgs] ecosystem with over 100,000 [https://search.nixos.org/packages packages].
Packages and environments can be specified in nix's declarative functional programming language using so-called derivations. Nix [https://wiki.nixos.org/wiki/Flakes flakes] provide a newer way to specify these project development environments.
Nix has two main modes of installation/setup: multi-user mode (with nix-daemon) and single-user mode
(below these are abbreviated as "multiuser" and "singleuser" respectively). The Fedora package tries to support both of them, though multiuser mode setup where available is more seamless. It does this by providing `nix-daemon` and `nix-system` subpackages which both require `nix-filesystem`. The `/nix` toplevel directory is defined with tmpfiles.d and can be a Btrfs subvolume if setup.
== Feedback ==
== Benefit to Fedora ==
Some developers and upstream projects now prefer or use nix for development and reproducible build environments.
Just as we have apt packaged in Fedora, this change adds a nix package allowing access to its ecosystem from Fedora.
With the implementation of this Change, Fedora users will be able to install nix easily on their system and leverage it in development projects that may require nix. They will also be able to easily try out some of the many packages in nixpkgs for testing or experimenting, etc.
For some time I have maintained a nix [https://copr.fedorainfracloud.org/coprs/petersen/nix/ copr repo] which is quite popular (see the download numbers and note a number of other nix copr repos also exist), but it will be easier for Fedora users to have the nix package directly available from Fedora repos.
== Scope ==
* Proposal owners:
** prepare the [https://src.fedoraproject.org/rpms/nix package] of nix version 2.31 or later [[https://bugzilla.redhat.com/show_bug.cgi?id=2388768 pkgreview]]
* Policies and guidelines:
** We have received an [https://pagure.io/fesco/issue/3473 exception approval] from FESCO to allow the nix package to use /nix toplevel directory at runtime, as it is needed to make full use of nixpkgs and cachix binaries, etc.
** The approved exception still needs to be documented
** To be clear: nix and its subpackages will remain optional development packages that Fedora users can install manually if they wish, and in particular /nix is not to be used for Fedora Linux development.
* Trademark approval: N/A (not needed for this Change)
* Alignment with the Fedora Strategy:
== Upgrade/compatibility impact ==
== How To Test ==
Copr builds are available from https://copr.fedorainfracloud.org/coprs/petersen/nix/.
Installation/setup:
Either:
* Multiuser daemon mode:
** `sudo dnf install nix`
** `sudo systemctl enable --now nix-daemon`
or
* Singleuser mode
** `sudo dnf install nix --exclude nix-daemon`
** `sudo usermod -G nixbld -a $USER`
See also `/usr/share/doc/nix/README.fedora.md` or https://src.fedoraproject.org/rpms/nix.
Then try out the tool:
* `nix-shell -p hello`
* try the `*.nix` examples in https://src.fedoraproject.org/rpms/nix/blob/rawhide/f/examples
* `nix search nixpkgs <package-regexp>`
* try online documentation examples or projects
Notes:
* Upstream recommends using the nix-daemon and multiuser mode.
* However `/nix` is incompatible with ostree (it can probably be used in bootc Image Mode): so on ostree systems one should use it within a toolbox instead.
* Since containers and toolbox normally do not have functioning systemd: it is not possible to use nix-daemon inside containers by default
** instead install the nix-singleuser subpackage
* Be warned that nix can easily use up ''large amounts of diskspace''. You can use `nix-collect-garbage` to clean up or clear `/nix/store/`. In the worst case it should be safe to remove `rm -r /nix/store/*` completely. The `/nix` tree can also safely be removed after uninstalling nix.
* Please use nix and nixpkgs etc at your own risk, as you would other upstream package ecosystems.
== User Experience ==
Fedora users can now seamlessly install and use the Nix package manager for development or running its packages locally on their system.
== Dependencies ==
There are no blocking dependencies. However:
* newer boost library would allow shipping latest nix 2.32 [in progress]
* mdbook (rust-based documentation tool) would probably allow building the documentation (and manpages) [under review]
== Contingency Plan ==
== Documentation ==
See https://nix.dev/reference/nix-manual.html.
== Release Notes ==
* The Nix package manager developer tool has been packaged in Fedora for users.
Discussion Thread: https://discussion.fedoraproject.org/t/170391
**This is a proposed Change for Fedora Linux.**
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.
== Summary ==
Add the [https://github.com/NixOS/nix/ nix] functional package manager developer tool to Fedora.
== Owner ==
* Name: [[User:Petersen| Jens Petersen]]
* Email: <petersen@redhat.com>
* Name: [[User:zbyszek| Zbigniew Jędrzejewski-Szmek]]
* Email: <zbyszek@in.waw.pl>
== Detailed Description ==
Nix is a cross-platform package manager for Unix-like systems with its own package ecosystem.
It is also the package manager for the NixOS Linux operating system.
The nix package tool provides access to the [https://github.com/NixOS/nixpkgs nixpkgs] ecosystem with over 100,000 [https://search.nixos.org/packages packages].
Packages and environments can be specified in nix's declarative functional programming language using so-called derivations. Nix [https://wiki.nixos.org/wiki/Flakes flakes] provide a newer way to specify these project development environments.
Nix has two main modes of installation/setup: multi-user mode (with nix-daemon) and single-user mode
(below these are abbreviated as "multiuser" and "singleuser" respectively). The Fedora package tries to support both of them, though multiuser mode setup where available is more seamless. It does this by providing `nix-daemon` and `nix-system` subpackages which both require `nix-filesystem`. The `/nix` toplevel directory is defined with tmpfiles.d and can be a Btrfs subvolume if setup.
== Feedback ==
== Benefit to Fedora ==
Some developers and upstream projects now prefer or use nix for development and reproducible build environments.
Just as we have apt packaged in Fedora, this change adds a nix package allowing access to its ecosystem from Fedora.
With the implementation of this Change, Fedora users will be able to install nix easily on their system and leverage it in development projects that may require nix. They will also be able to easily try out some of the many packages in nixpkgs for testing or experimenting, etc.
For some time I have maintained a nix [https://copr.fedorainfracloud.org/coprs/petersen/nix/ copr repo] which is quite popular (see the download numbers and note a number of other nix copr repos also exist), but it will be easier for Fedora users to have the nix package directly available from Fedora repos.
== Scope ==
* Proposal owners:
** prepare the [https://src.fedoraproject.org/rpms/nix package] of nix version 2.31 or later [[https://bugzilla.redhat.com/show_bug.cgi?id=2388768 pkgreview]]
* Policies and guidelines:
** We have received an [https://pagure.io/fesco/issue/3473 exception approval] from FESCO to allow the nix package to use /nix toplevel directory at runtime, as it is needed to make full use of nixpkgs and cachix binaries, etc.
** The approved exception still needs to be documented
** To be clear: nix and its subpackages will remain optional development packages that Fedora users can install manually if they wish, and in particular /nix is not to be used for Fedora Linux development.
* Trademark approval: N/A (not needed for this Change)
* Alignment with the Fedora Strategy:
== Upgrade/compatibility impact ==
== How To Test ==
Copr builds are available from https://copr.fedorainfracloud.org/coprs/petersen/nix/.
Installation/setup:
Either:
* Multiuser daemon mode:
** `sudo dnf install nix`
** `sudo systemctl enable --now nix-daemon`
or
* Singleuser mode
** `sudo dnf install nix --exclude nix-daemon`
** `sudo usermod -G nixbld -a $USER`
See also `/usr/share/doc/nix/README.fedora.md` or https://src.fedoraproject.org/rpms/nix.
Then try out the tool:
* `nix-shell -p hello`
* try the `*.nix` examples in https://src.fedoraproject.org/rpms/nix/blob/rawhide/f/examples
* `nix search nixpkgs <package-regexp>`
* try online documentation examples or projects
Notes:
* Upstream recommends using the nix-daemon and multiuser mode.
* However `/nix` is incompatible with ostree (it can probably be used in bootc Image Mode): so on ostree systems one should use it within a toolbox instead.
* Since containers and toolbox normally do not have functioning systemd: it is not possible to use nix-daemon inside containers by default
** instead install the nix-singleuser subpackage
* Be warned that nix can easily use up ''large amounts of diskspace''. You can use `nix-collect-garbage` to clean up or clear `/nix/store/`. In the worst case it should be safe to remove `rm -r /nix/store/*` completely. The `/nix` tree can also safely be removed after uninstalling nix.
* Please use nix and nixpkgs etc at your own risk, as you would other upstream package ecosystems.
== User Experience ==
Fedora users can now seamlessly install and use the Nix package manager for development or running its packages locally on their system.
== Dependencies ==
There are no blocking dependencies. However:
* newer boost library would allow shipping latest nix 2.32 [in progress]
* mdbook (rust-based documentation tool) would probably allow building the documentation (and manpages) [under review]
== Contingency Plan ==
== Documentation ==
See https://nix.dev/reference/nix-manual.html.
== Release Notes ==
* The Nix package manager developer tool has been packaged in Fedora for users.
Monday, October 27, 2025
[USN-7837-1] GStreamer Good Plugins vulnerability
==========================================================================
Ubuntu Security Notice USN-7837-1
October 22, 2025
gst-plugins-good1.0 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
GStreamer Good Plugins could be made to crash as your login if it opened a
specially crafted file.
Software Description:
- gst-plugins-good1.0: GStreamer plugins
Details:
Shaun Mirani discovered that GStreamer Good Plugins incorrectly handled
certain malformed media files. An attacker could possibly use this issue to
cause GStreamer Good Plugins to crash, resulting in a denial of service, or
disclose sensitive information.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
gstreamer1.0-gtk3 1.16.3-0ubuntu1.3+esm1
Available with Ubuntu Pro
gstreamer1.0-plugins-good 1.16.3-0ubuntu1.3+esm1
Available with Ubuntu Pro
gstreamer1.0-pulseaudio 1.16.3-0ubuntu1.3+esm1
Available with Ubuntu Pro
gstreamer1.0-qt5 1.16.3-0ubuntu1.3+esm1
Available with Ubuntu Pro
libgstreamer-plugins-good1.0-0 1.16.3-0ubuntu1.3+esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
gstreamer1.0-gtk3 1.14.5-0ubuntu1~18.04.3+esm1
Available with Ubuntu Pro
gstreamer1.0-plugins-good 1.14.5-0ubuntu1~18.04.3+esm1
Available with Ubuntu Pro
gstreamer1.0-pulseaudio 1.14.5-0ubuntu1~18.04.3+esm1
Available with Ubuntu Pro
gstreamer1.0-qt5 1.14.5-0ubuntu1~18.04.3+esm1
Available with Ubuntu Pro
libgstreamer-plugins-good1.0-0 1.14.5-0ubuntu1~18.04.3+esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7837-1
CVE-2025-47219
Ubuntu Security Notice USN-7837-1
October 22, 2025
gst-plugins-good1.0 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
GStreamer Good Plugins could be made to crash as your login if it opened a
specially crafted file.
Software Description:
- gst-plugins-good1.0: GStreamer plugins
Details:
Shaun Mirani discovered that GStreamer Good Plugins incorrectly handled
certain malformed media files. An attacker could possibly use this issue to
cause GStreamer Good Plugins to crash, resulting in a denial of service, or
disclose sensitive information.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
gstreamer1.0-gtk3 1.16.3-0ubuntu1.3+esm1
Available with Ubuntu Pro
gstreamer1.0-plugins-good 1.16.3-0ubuntu1.3+esm1
Available with Ubuntu Pro
gstreamer1.0-pulseaudio 1.16.3-0ubuntu1.3+esm1
Available with Ubuntu Pro
gstreamer1.0-qt5 1.16.3-0ubuntu1.3+esm1
Available with Ubuntu Pro
libgstreamer-plugins-good1.0-0 1.16.3-0ubuntu1.3+esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
gstreamer1.0-gtk3 1.14.5-0ubuntu1~18.04.3+esm1
Available with Ubuntu Pro
gstreamer1.0-plugins-good 1.14.5-0ubuntu1~18.04.3+esm1
Available with Ubuntu Pro
gstreamer1.0-pulseaudio 1.14.5-0ubuntu1~18.04.3+esm1
Available with Ubuntu Pro
gstreamer1.0-qt5 1.14.5-0ubuntu1~18.04.3+esm1
Available with Ubuntu Pro
libgstreamer-plugins-good1.0-0 1.14.5-0ubuntu1~18.04.3+esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7837-1
CVE-2025-47219
[USN-7842-1] Radare2 vulnerability
-----BEGIN PGP PUBLIC KEY BLOCK-----
xsBNBGao8McBCAD/mTHpWpp0rMyhX+xQYmuj1DoCiadFZysyAyKIFXODXRSOAQ58
YTf6BEuhPtEamZq+aJEGOTBJmUZxvGMv0Fo5yBN+OGoMA2CJQwxWQCZCptfivOCI
D5p2eANebDVXpZHHgpNwCyFVZR/UfSLMqX/y2wEi1AC4CKc3ihFBWdMJVdDk6zz0
4g/x4w76CZczUpe17QWD1XuAWUxmaVGM/TiKjktq3Lp6yZrb0QSYjCovXAGwfBmz
beludDi+EMDmh76PeKWfqQ38QSPEvN+Lv6OTjPWDfilfuOPpDZA2gsjNj3TaBllL
k9YW98OrqsbegQ0BhPgoPYQ3S15ikv53M8o/ABEBAAHNKUp1bGlhIFNhcnJpcyA8
anVsaWEuc2FycmlzQGNhbm9uaWNhbC5jb20+wsCRBBMBCgA7FiEEOMd9M4Vpc6WH
Yvv+QB78vNoP8b0FAmao8McCGwMFCwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AA
CgkQQB78vNoP8b3fXQf6Awx8Nd5FkMMGdrWqBjIPZv1Ogkka2+PiIqwqcIeQGvam
V/bpIKOCb4QOS4kgQ+hNS1mmK+T/aWXRCYhiBIPAOIbo7jcMGxNz7V3+43RxlNVl
zt3feYM/QAJmgK8bjdCzI5ZQHiyX8pgOieCylRrcjroQHa9CxHej4aJGCaPGLFGo
81lYWJm21NP4LJTLk03ncJT8Ss64R28cOWUHujysxftAPHVYpPLdlwuJ3lgC8M5n
eq0qwsv22j62ldd/J7u2psRSczaU1ve/TfX71ZCyZZiw2Tm5HvaskD+CilXOaL2H
+KediuEtkQk5KKQikg2XtjbqCYyIxQT50v1TIu86ss7ATQRmqPDHAQgA5zGDufJq
9MhhDPJqM3Qz4kQXLKDXz2l5EovU5olrYerGmskpUBUSwfgAeBu9gMP5Y24spir3
eMm6O7m8EJsihMPCw4Iblzi9YZZX1TY3wegRXFIiaqW5kELnjhVnRpS9WQi9FDd9
gGPp7X3iQ8/B6+nyHitqhcj2A+Vpk5HaguY8zl3yEOwFnud5TEbSb/xYz7DhX5uv
B/FZ9rgn+j2N0hC/RVN1MpSRHZEbOCfpaYr/teiQexOWBlVVnZgCkHb9F0NiNImv
dXVZ18jY5wfgxemfgm8l4nDUlSMUIMiwGYekPMEuYvoDNPwfzzlYHKrVoqp54KMd
JALMUar1bVZtxQARAQABwsB2BBgBCgAgFiEEOMd9M4Vpc6WHYvv+QB78vNoP8b0F
Amao8McCGwwACgkQQB78vNoP8b10+ggA8nW+R2g9BDvkpurM0lwpaCtgKbaENIGg
lpxNXEEUEW7AaR4Mme+4PA/SdpWrFzVa0OGhqtZxkovUZXpgiLlx5/eR1Bl+TUuO
rjZkjGBy3r2Ce1JLwKilSZk7Bk45L7QDxA+NOLSFS7ADqzv37J2jhpfczqrYdpSj
kHgUvkapbuB0ONpQ/mhH9UDquY3eMGv3GSrvggVS0mKjR6bMl1plBWcfJ+Y//xQc
6S1bBdjbmwKMZjYbvhTpPbVeUOUdOg/0mYC/3rjSO+2OEn1Q+YIdfGqbLpDAbruG
m7XHtUOXesWorhDMzQGRpj7R+ed/9uJs0Nvg5FqAKTrzh+90ngEGuA==
=Qkbp
-----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
wsB5BAABCAAjFiEEOMd9M4Vpc6WHYvv+QB78vNoP8b0FAmj/xHIFAwAAAAAACgkQQB78vNoP8b1r
wgf9H0jUFeead5zERexFAb05gH4iN4f1F+/3xdYi4WgFSgVcIUCahWX2FPqBV1GEkjbbQOeYFUvW
KHB6iQ0DHlXxm2xv4v8bUiE6wjpTt7S+217J4d8cv/eWlyvHfdOsEJdhli6j+AY3hj3ZGetKczTj
y4ZSM3hCE+VD2aVy8rHPzGDDwF23r7N5S1dL9igikqallQEiw5Ijh4B2aYZZp+c7k+lifmUd7BIB
IQL1NkVs26PsC67UIowy+S8sLq588wDPBxK4UEXzDO4pzUayHOoj5dDBKpKOpwb8o9xVD9oJ0PUN
1xDngeG5mylIyTgDwCO5kG06ZyE+Y/4nkiSn9Zxt2A==
=H8qc
-----END PGP SIGNATURE-----
xsBNBGao8McBCAD/mTHpWpp0rMyhX+xQYmuj1DoCiadFZysyAyKIFXODXRSOAQ58
YTf6BEuhPtEamZq+aJEGOTBJmUZxvGMv0Fo5yBN+OGoMA2CJQwxWQCZCptfivOCI
D5p2eANebDVXpZHHgpNwCyFVZR/UfSLMqX/y2wEi1AC4CKc3ihFBWdMJVdDk6zz0
4g/x4w76CZczUpe17QWD1XuAWUxmaVGM/TiKjktq3Lp6yZrb0QSYjCovXAGwfBmz
beludDi+EMDmh76PeKWfqQ38QSPEvN+Lv6OTjPWDfilfuOPpDZA2gsjNj3TaBllL
k9YW98OrqsbegQ0BhPgoPYQ3S15ikv53M8o/ABEBAAHNKUp1bGlhIFNhcnJpcyA8
anVsaWEuc2FycmlzQGNhbm9uaWNhbC5jb20+wsCRBBMBCgA7FiEEOMd9M4Vpc6WH
Yvv+QB78vNoP8b0FAmao8McCGwMFCwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AA
CgkQQB78vNoP8b3fXQf6Awx8Nd5FkMMGdrWqBjIPZv1Ogkka2+PiIqwqcIeQGvam
V/bpIKOCb4QOS4kgQ+hNS1mmK+T/aWXRCYhiBIPAOIbo7jcMGxNz7V3+43RxlNVl
zt3feYM/QAJmgK8bjdCzI5ZQHiyX8pgOieCylRrcjroQHa9CxHej4aJGCaPGLFGo
81lYWJm21NP4LJTLk03ncJT8Ss64R28cOWUHujysxftAPHVYpPLdlwuJ3lgC8M5n
eq0qwsv22j62ldd/J7u2psRSczaU1ve/TfX71ZCyZZiw2Tm5HvaskD+CilXOaL2H
+KediuEtkQk5KKQikg2XtjbqCYyIxQT50v1TIu86ss7ATQRmqPDHAQgA5zGDufJq
9MhhDPJqM3Qz4kQXLKDXz2l5EovU5olrYerGmskpUBUSwfgAeBu9gMP5Y24spir3
eMm6O7m8EJsihMPCw4Iblzi9YZZX1TY3wegRXFIiaqW5kELnjhVnRpS9WQi9FDd9
gGPp7X3iQ8/B6+nyHitqhcj2A+Vpk5HaguY8zl3yEOwFnud5TEbSb/xYz7DhX5uv
B/FZ9rgn+j2N0hC/RVN1MpSRHZEbOCfpaYr/teiQexOWBlVVnZgCkHb9F0NiNImv
dXVZ18jY5wfgxemfgm8l4nDUlSMUIMiwGYekPMEuYvoDNPwfzzlYHKrVoqp54KMd
JALMUar1bVZtxQARAQABwsB2BBgBCgAgFiEEOMd9M4Vpc6WHYvv+QB78vNoP8b0F
Amao8McCGwwACgkQQB78vNoP8b10+ggA8nW+R2g9BDvkpurM0lwpaCtgKbaENIGg
lpxNXEEUEW7AaR4Mme+4PA/SdpWrFzVa0OGhqtZxkovUZXpgiLlx5/eR1Bl+TUuO
rjZkjGBy3r2Ce1JLwKilSZk7Bk45L7QDxA+NOLSFS7ADqzv37J2jhpfczqrYdpSj
kHgUvkapbuB0ONpQ/mhH9UDquY3eMGv3GSrvggVS0mKjR6bMl1plBWcfJ+Y//xQc
6S1bBdjbmwKMZjYbvhTpPbVeUOUdOg/0mYC/3rjSO+2OEn1Q+YIdfGqbLpDAbruG
m7XHtUOXesWorhDMzQGRpj7R+ed/9uJs0Nvg5FqAKTrzh+90ngEGuA==
=Qkbp
-----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
wsB5BAABCAAjFiEEOMd9M4Vpc6WHYvv+QB78vNoP8b0FAmj/xHIFAwAAAAAACgkQQB78vNoP8b1r
wgf9H0jUFeead5zERexFAb05gH4iN4f1F+/3xdYi4WgFSgVcIUCahWX2FPqBV1GEkjbbQOeYFUvW
KHB6iQ0DHlXxm2xv4v8bUiE6wjpTt7S+217J4d8cv/eWlyvHfdOsEJdhli6j+AY3hj3ZGetKczTj
y4ZSM3hCE+VD2aVy8rHPzGDDwF23r7N5S1dL9igikqallQEiw5Ijh4B2aYZZp+c7k+lifmUd7BIB
IQL1NkVs26PsC67UIowy+S8sLq588wDPBxK4UEXzDO4pzUayHOoj5dDBKpKOpwb8o9xVD9oJ0PUN
1xDngeG5mylIyTgDwCO5kG06ZyE+Y/4nkiSn9Zxt2A==
=H8qc
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7842-1
October 27, 2025
radare2 vulnerability
============================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 25.04
Summary:
Radare2 could be made to crash if it received specially crafted
input.
Software Description:
- radare2: free and advanced command line hexadecimal editor
Details:
It was discovered that Radare2 conntained a memory leak, resulting
in performance degradation. An attacker could possibly use this
issue to cause Radare2 to crash, resulting in a denial of
service. (CVE-2025-60358)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
libradare2-5.0.0t64 5.9.8+dfsg-2ubuntu0.25.10.1
libradare2-common 5.9.8+dfsg-2ubuntu0.25.10.1
Ubuntu 25.04
libradare2-5.0.0t64 5.9.8+dfsg-2ubuntu0.25.04.1
libradare2-common 5.9.8+dfsg-2ubuntu0.25.04.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/no
CVE-2025-60358
Package Information:
https://launchpad.net/ubuntu/+
https://launchpad.net/ubuntu/+
[USN-7841-1] strongSwan vulnerability
==========================================================================
Ubuntu Security Notice USN-7841-1
October 27, 2025
strongswan vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
strongSwan client could be made to crash or run programs if it received
specially crafted network traffic.
Software Description:
- strongswan: IPsec VPN solution
Details:
Xu Biang discovered that the strongSwan client incorrectly handled
EAP-MSCHAPv2 failure requests. If a user or automated system were tricked
into connecting to a malicious server, a remote attacker could use this
issue to cause strongSwan to crash, resulting in a denial of service, or
possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
libstrongswan 6.0.1-6ubuntu4.1
strongswan 6.0.1-6ubuntu4.1
Ubuntu 25.04
libstrongswan 5.9.13-2ubuntu4.25.04.1
strongswan 5.9.13-2ubuntu4.25.04.1
Ubuntu 24.04 LTS
libstrongswan 5.9.13-2ubuntu4.24.04.1
strongswan 5.9.13-2ubuntu4.24.04.1
Ubuntu 22.04 LTS
libstrongswan 5.9.5-2ubuntu2.4
strongswan 5.9.5-2ubuntu2.4
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7841-1
CVE-2025-62291
Package Information:
https://launchpad.net/ubuntu/+source/strongswan/6.0.1-6ubuntu4.1
https://launchpad.net/ubuntu/+source/strongswan/5.9.13-2ubuntu4.25.04.1
https://launchpad.net/ubuntu/+source/strongswan/5.9.13-2ubuntu4.24.04.1
https://launchpad.net/ubuntu/+source/strongswan/5.9.5-2ubuntu2.4
Ubuntu Security Notice USN-7841-1
October 27, 2025
strongswan vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
strongSwan client could be made to crash or run programs if it received
specially crafted network traffic.
Software Description:
- strongswan: IPsec VPN solution
Details:
Xu Biang discovered that the strongSwan client incorrectly handled
EAP-MSCHAPv2 failure requests. If a user or automated system were tricked
into connecting to a malicious server, a remote attacker could use this
issue to cause strongSwan to crash, resulting in a denial of service, or
possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
libstrongswan 6.0.1-6ubuntu4.1
strongswan 6.0.1-6ubuntu4.1
Ubuntu 25.04
libstrongswan 5.9.13-2ubuntu4.25.04.1
strongswan 5.9.13-2ubuntu4.25.04.1
Ubuntu 24.04 LTS
libstrongswan 5.9.13-2ubuntu4.24.04.1
strongswan 5.9.13-2ubuntu4.24.04.1
Ubuntu 22.04 LTS
libstrongswan 5.9.5-2ubuntu2.4
strongswan 5.9.5-2ubuntu2.4
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7841-1
CVE-2025-62291
Package Information:
https://launchpad.net/ubuntu/+source/strongswan/6.0.1-6ubuntu4.1
https://launchpad.net/ubuntu/+source/strongswan/5.9.13-2ubuntu4.25.04.1
https://launchpad.net/ubuntu/+source/strongswan/5.9.13-2ubuntu4.24.04.1
https://launchpad.net/ubuntu/+source/strongswan/5.9.5-2ubuntu2.4
Register today for the Fall 2025 FreeBSD Vendor Summit
We're one week away from the Fall 2025 FreeBSD Vendor Summit.
Join FreeBSD developers and industry partners at NetApp's headquarters
on November 6-7, for two days of direct collaboration, technical
discussion, and strategic planning. Register by Friday, Oct. 31, to
have a printed badge.
Check out the full schedule and register today!
https://freebsdfoundation.org/news-and-events/event-calendar/fall-2025-freebsd-summit/
--
Anne Dickison
Deputy Director
FreeBSD Foundation
510.332.8323
Join FreeBSD developers and industry partners at NetApp's headquarters
on November 6-7, for two days of direct collaboration, technical
discussion, and strategic planning. Register by Friday, Oct. 31, to
have a printed badge.
Check out the full schedule and register today!
https://freebsdfoundation.org/news-and-events/event-calendar/fall-2025-freebsd-summit/
--
Anne Dickison
Deputy Director
FreeBSD Foundation
510.332.8323
OpenBSD Errata: October 26, 2025 (syspatch)
Errata patch for syspatch has been released for OpenBSD 7.8.
syspatch(8) is confused by aliased /dev/*rootdisk nodes in the database
generated by dev_mkdb(8). If syspatch fails (probably because /usr
is not a seperate filesystem), perform these steps:
sed -e 's/.checkfs/#checkfs/g' /usr/sbin/syspatch > /root/syspatch
ksh /root/syspatch
syspatch # re-run new syspatch command as instructed
rm /root/syspatch
dev_mkdb
Binary updates for the amd64, arm64 and i386 platform are available
via the syspatch utility. Source code patches can be found on the
respective errata page:
https://www.openbsd.org/errata78.html
syspatch(8) is confused by aliased /dev/*rootdisk nodes in the database
generated by dev_mkdb(8). If syspatch fails (probably because /usr
is not a seperate filesystem), perform these steps:
sed -e 's/.checkfs/#checkfs/g' /usr/sbin/syspatch > /root/syspatch
ksh /root/syspatch
syspatch # re-run new syspatch command as instructed
rm /root/syspatch
dev_mkdb
Binary updates for the amd64, arm64 and i386 platform are available
via the syspatch utility. Source code patches can be found on the
respective errata page:
https://www.openbsd.org/errata78.html
[USN-7840-1] Ruby vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7840-1
October 27, 2025
ruby2.3, ruby2.5, ruby2.7 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in Ruby.
Software Description:
- ruby2.7: Object-oriented scripting language
- ruby2.5: Object-oriented scripting language
- ruby2.3: Object-oriented scripting language
Details:
It was discovered that the REXML module bunded into Ruby incorrectly
handled parsing XML documents with repeated instances of certain
characters. An attacker could possibly use this issue to cause REXML to
consume excessive resources, leading to a denial of service. Ubuntu 18.04
LTS and Ubuntu 20.04 LTS were previously addressed in USN-7256-1 and
USN-7734-1. This update addresses the issue in Ubuntu 16.04 LTS.
(CVE-2024-35176)
It was discovered that the REXML module bunded into Ruby incorrectly
handled parsing XML documents with repeated instances of certain
characters. An attacker could possibly use this issue to cause REXML to
consume excessive resources, leading to a denial of service. Ubuntu 20.04
LTS was previously addressed in USN-7256-1. This update addresses the issue
in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-39908, CVE-2024-41123)
It was discovered that the REXML module bunded into Ruby incorrectly
handled parsing XML documents with many entity expansions. An attacker
could possibly use this issue to cause REXML to consume excessive
resources, leading to a denial of service. Ubuntu 20.04 LTS was previously
addressed in USN-7091-2. This update addresses the issue in Ubuntu 16.04
LTS and Ubuntu 18.04 LTS. (CVE-2024-41946)
It was discovered that the WEBrick module bundled into Ruby incorrectly
handled having both a Content-Length header and a Transfer-Encoding header.
A remote attacker could possibly use this issue to perform a HTTP request
smuggling attack. (CVE-2024-47220)
It was discovered that the WEBrick module bundled into Ruby incorrectly
parsed HTTP headers. In configurations where the WEBrick module is placed
behind an HTTP proxy, a remote attacker could possibly use this issue to
perform an HTTP Request Smuggling attack. (CVE-2025-6442)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
libruby2.7 2.7.0-5ubuntu1.18+esm3
Available with Ubuntu Pro
Ubuntu 18.04 LTS
libruby2.5 2.5.1-1ubuntu1.16+esm6
Available with Ubuntu Pro
ruby2.5 2.5.1-1ubuntu1.16+esm6
Available with Ubuntu Pro
Ubuntu 16.04 LTS
libruby2.3 2.3.1-2~ubuntu16.04.16+esm11
Available with Ubuntu Pro
ruby2.3 2.3.1-2~ubuntu16.04.16+esm11
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7840-1
CVE-2024-35176, CVE-2024-39908, CVE-2024-41123, CVE-2024-41946,
CVE-2024-47220, CVE-2025-6442
Ubuntu Security Notice USN-7840-1
October 27, 2025
ruby2.3, ruby2.5, ruby2.7 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in Ruby.
Software Description:
- ruby2.7: Object-oriented scripting language
- ruby2.5: Object-oriented scripting language
- ruby2.3: Object-oriented scripting language
Details:
It was discovered that the REXML module bunded into Ruby incorrectly
handled parsing XML documents with repeated instances of certain
characters. An attacker could possibly use this issue to cause REXML to
consume excessive resources, leading to a denial of service. Ubuntu 18.04
LTS and Ubuntu 20.04 LTS were previously addressed in USN-7256-1 and
USN-7734-1. This update addresses the issue in Ubuntu 16.04 LTS.
(CVE-2024-35176)
It was discovered that the REXML module bunded into Ruby incorrectly
handled parsing XML documents with repeated instances of certain
characters. An attacker could possibly use this issue to cause REXML to
consume excessive resources, leading to a denial of service. Ubuntu 20.04
LTS was previously addressed in USN-7256-1. This update addresses the issue
in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-39908, CVE-2024-41123)
It was discovered that the REXML module bunded into Ruby incorrectly
handled parsing XML documents with many entity expansions. An attacker
could possibly use this issue to cause REXML to consume excessive
resources, leading to a denial of service. Ubuntu 20.04 LTS was previously
addressed in USN-7091-2. This update addresses the issue in Ubuntu 16.04
LTS and Ubuntu 18.04 LTS. (CVE-2024-41946)
It was discovered that the WEBrick module bundled into Ruby incorrectly
handled having both a Content-Length header and a Transfer-Encoding header.
A remote attacker could possibly use this issue to perform a HTTP request
smuggling attack. (CVE-2024-47220)
It was discovered that the WEBrick module bundled into Ruby incorrectly
parsed HTTP headers. In configurations where the WEBrick module is placed
behind an HTTP proxy, a remote attacker could possibly use this issue to
perform an HTTP Request Smuggling attack. (CVE-2025-6442)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
libruby2.7 2.7.0-5ubuntu1.18+esm3
Available with Ubuntu Pro
Ubuntu 18.04 LTS
libruby2.5 2.5.1-1ubuntu1.16+esm6
Available with Ubuntu Pro
ruby2.5 2.5.1-1ubuntu1.16+esm6
Available with Ubuntu Pro
Ubuntu 16.04 LTS
libruby2.3 2.3.1-2~ubuntu16.04.16+esm11
Available with Ubuntu Pro
ruby2.3 2.3.1-2~ubuntu16.04.16+esm11
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7840-1
CVE-2024-35176, CVE-2024-39908, CVE-2024-41123, CVE-2024-41946,
CVE-2024-47220, CVE-2025-6442
[USN-7829-4] Linux kernel (AWS) vulnerabilities
-----BEGIN PGP SIGNATURE-----
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmj/gCAFAwAAAAAACgkQZ0GeRcM5nt2g
eAgAs64dP7BW0rDhRyVzR2KiBiMuLHTwJn5s1fK2IjnHcxOHOMVfxdqmU8vw+IHZkT/f3O2jD4Km
UEUhvqvrsLu2LlEqwl87maOUxLqA2zPEAXwaK7B6TNiaKr8jflGpGOWiGAd7ejLgVMk0IiQh4XDA
tawRugJXbZ3uCaLKjCJQWe2Sg/oUfVXY0mee7RVRFASu+mmyF24QTuMvVrB1YxZDV0yfHB3KwLGM
3S5NHNUvZFdqVxXF8+c4yERBWRT5ZOH89lfBJUoI/xv5T+EhxyfErMQKdU00FLwy2WPRz+uF/PGz
ZF1kc5y+eekZNNxIPdm1aQd3GbpQBpoXToefVDjpBA==
=NswH
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7829-4
October 27, 2025
linux-aws-5.15 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws-5.15: Linux kernel for Amazon Web Services (AWS) systems
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- Network drivers;
- Netlink;
(CVE-2024-26700, CVE-2025-38727, CVE-2023-52593, CVE-2024-26896)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.15.0-1095-aws 5.15.0-1095.102~20.04.1
Available with Ubuntu Pro
linux-image-aws 5.15.0.1095.102~20.04.1
Available with Ubuntu Pro
linux-image-aws-5.15 5.15.0.1095.102~20.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7829-4
https://ubuntu.com/security/notices/USN-7829-3
https://ubuntu.com/security/notices/USN-7829-2
https://ubuntu.com/security/notices/USN-7829-1
CVE-2023-52593, CVE-2024-26700, CVE-2024-26896, CVE-2025-38727
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmj/gCAFAwAAAAAACgkQZ0GeRcM5nt2g
eAgAs64dP7BW0rDhRyVzR2KiBiMuLHTwJn5s1fK2IjnHcxOHOMVfxdqmU8vw+IHZkT/f3O2jD4Km
UEUhvqvrsLu2LlEqwl87maOUxLqA2zPEAXwaK7B6TNiaKr8jflGpGOWiGAd7ejLgVMk0IiQh4XDA
tawRugJXbZ3uCaLKjCJQWe2Sg/oUfVXY0mee7RVRFASu+mmyF24QTuMvVrB1YxZDV0yfHB3KwLGM
3S5NHNUvZFdqVxXF8+c4yERBWRT5ZOH89lfBJUoI/xv5T+EhxyfErMQKdU00FLwy2WPRz+uF/PGz
ZF1kc5y+eekZNNxIPdm1aQd3GbpQBpoXToefVDjpBA==
=NswH
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7829-4
October 27, 2025
linux-aws-5.15 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws-5.15: Linux kernel for Amazon Web Services (AWS) systems
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- Network drivers;
- Netlink;
(CVE-2024-26700, CVE-2025-38727, CVE-2023-52593, CVE-2024-26896)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.15.0-1095-aws 5.15.0-1095.102~20.04.1
Available with Ubuntu Pro
linux-image-aws 5.15.0.1095.102~20.04.1
Available with Ubuntu Pro
linux-image-aws-5.15 5.15.0.1095.102~20.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7829-4
https://ubuntu.com/security/notices/USN-7829-3
https://ubuntu.com/security/notices/USN-7829-2
https://ubuntu.com/security/notices/USN-7829-1
CVE-2023-52593, CVE-2024-26700, CVE-2024-26896, CVE-2025-38727
Friday, October 24, 2025
[USN-7833-3] Linux kernel (AWS) vulnerabilities
-----BEGIN PGP SIGNATURE-----
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmj74gYFAwAAAAAACgkQZ0GeRcM5nt1T
lgf8CmPbY2KSMXA9niG2elfWpyKsVLKvZYknD0HPUfMVy2QFJUqsOsHeP1TQp97xKgs3D+cXQVeg
UqORbg1+N3NjinxVOccAjwvUOHEdODzbYjdYwnmJ99x702IWNrlbmiMMseHLByUdUa/I5i6OHlYQ
yjvXiRLPY2OkwCklstgf19ACJdbcX9iLX6jxFFq3nRalUSQUSdYfIFwZzwpb606hHrUIzqCJCUG2
FJgfhaab+IQtiqAjZWy0I1a//gCR/5bGv+kcypsFgI5ej1/L+bvNuFThCbjvwaXxkehpPUHcA1L9
rRDHhROhDG5WMPwS9BKnuVz6GHlbYbAT1q+o3SYeQg==
=Eyeu
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7833-3
October 24, 2025
linux-aws-6.14 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws-6.14: Linux kernel for Amazon Web Services (AWS) systems
Details:
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Ublk userspace block driver;
- Bus devices;
- DMA engine subsystem;
- Arm Firmware Framework for ARMv8-A(FFA);
- Cirrus firmware drivers;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- I2C subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- TI TPS6594 PFSM driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- NVME drivers;
- x86 platform drivers;
- RapidIO drivers;
- Voltage and Current Regulator drivers;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI subsystem;
- TCM subsystem;
- Trusted Execution Environment drivers;
- TTY drivers;
- ChipIdea USB driver;
- USB Type-C support driver;
- Framebuffer layer;
- TSM Common Guest driver;
- File systems infrastructure;
- BTRFS file system;
- Ceph distributed file system;
- Ext4 file system;
- F2FS file system;
- JFFS2 file system;
- JFS file system;
- Network file systems library;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- SMB network file system;
- Memory Management;
- Bluetooth subsystem;
- Tracing infrastructure;
- io_uring subsystem;
- IPC subsystem;
- BPF subsystem;
- Perf events;
- Kernel exit() syscall;
- IRQ subsystem;
- Scheduler infrastructure;
- Maple Tree data structure library;
- Memory management;
- Asynchronous Transfer Mode (ATM) subsystem;
- Ethernet bridge;
- Networking core;
- IPv6 networking;
- MultiProtocol Label Switching driver;
- Netfilter;
- NFC subsystem;
- Rose network layer;
- Network traffic control;
- Sun RPC protocol;
- TIPC protocol;
- TLS protocol;
- Unix domain sockets;
- VMware vSockets driver;
- WCD audio codecs;
- USB sound devices;
(CVE-2025-38339, CVE-2025-38391, CVE-2025-38262, CVE-2025-38345,
CVE-2025-38387, CVE-2025-38373, CVE-2025-38395, CVE-2025-38330,
CVE-2025-38425, CVE-2025-38210, CVE-2025-38206, CVE-2025-38219,
CVE-2025-38245, CVE-2025-38253, CVE-2025-38401, CVE-2025-38410,
CVE-2025-38086, CVE-2025-38340, CVE-2025-38368, CVE-2025-38385,
CVE-2025-38384, CVE-2025-38326, CVE-2025-38224, CVE-2025-38338,
CVE-2025-38191, CVE-2025-39682, CVE-2025-38343, CVE-2025-38090,
CVE-2025-38228, CVE-2025-38182, CVE-2025-38231, CVE-2025-38183,
CVE-2025-38184, CVE-2025-38237, CVE-2025-38413, CVE-2025-38356,
CVE-2025-38246, CVE-2025-38202, CVE-2025-38248, CVE-2025-38254,
CVE-2025-38426, CVE-2025-38429, CVE-2025-38364, CVE-2025-38388,
CVE-2025-38435, CVE-2025-38403, CVE-2025-38186, CVE-2025-38199,
CVE-2025-38402, CVE-2025-38181, CVE-2025-38264, CVE-2025-38362,
CVE-2025-38341, CVE-2025-38422, CVE-2025-38331, CVE-2025-38423,
CVE-2025-38233, CVE-2025-38337, CVE-2025-38328, CVE-2025-38196,
CVE-2025-38412, CVE-2025-38205, CVE-2025-38242, CVE-2025-38324,
CVE-2025-38354, CVE-2025-38347, CVE-2025-38217, CVE-2025-38393,
CVE-2025-38392, CVE-2025-38390, CVE-2025-38321, CVE-2025-38541,
CVE-2025-38363, CVE-2025-38203, CVE-2025-38250, CVE-2025-38418,
CVE-2025-38336, CVE-2025-38333, CVE-2025-38194, CVE-2025-38372,
CVE-2025-38348, CVE-2025-38370, CVE-2025-38411, CVE-2025-38188,
CVE-2025-38365, CVE-2025-38241, CVE-2025-38201, CVE-2025-38259,
CVE-2025-38355, CVE-2025-38227, CVE-2025-38225, CVE-2025-38405,
CVE-2025-38329, CVE-2025-38232, CVE-2025-38344, CVE-2025-38238,
CVE-2025-38239, CVE-2025-38260, CVE-2025-38257, CVE-2025-38399,
CVE-2025-38419, CVE-2025-38430, CVE-2025-38251, CVE-2025-38332,
CVE-2025-38220, CVE-2025-38417, CVE-2025-38396, CVE-2025-38234,
CVE-2025-38434, CVE-2025-38197, CVE-2025-38436, CVE-2025-38408,
CVE-2025-38204, CVE-2025-38222, CVE-2025-38361, CVE-2025-38218,
CVE-2025-38212, CVE-2025-38198, CVE-2025-38255, CVE-2025-38389,
CVE-2025-38085, CVE-2025-38244, CVE-2025-38089, CVE-2025-38428,
CVE-2025-38369, CVE-2025-38189, CVE-2025-38084, CVE-2025-38400,
CVE-2025-38382, CVE-2025-38223, CVE-2025-38325, CVE-2025-38263,
CVE-2025-38249, CVE-2025-38346, CVE-2025-38320, CVE-2025-38409,
CVE-2025-38374, CVE-2025-38208, CVE-2025-38256, CVE-2025-38371,
CVE-2025-38192, CVE-2025-38406, CVE-2025-38360, CVE-2025-38258,
CVE-2025-38226, CVE-2025-38376, CVE-2025-38375, CVE-2025-38200,
CVE-2025-38523, CVE-2025-38334, CVE-2025-38236, CVE-2025-38386,
CVE-2025-38421, CVE-2025-38087, CVE-2025-38416, CVE-2025-38179,
CVE-2025-38420, CVE-2025-38424, CVE-2025-38377, CVE-2025-38359,
CVE-2025-38342, CVE-2025-38431, CVE-2025-38407, CVE-2025-38427,
CVE-2025-38229, CVE-2025-38353, CVE-2025-38383, CVE-2025-38211,
CVE-2025-38322, CVE-2025-38381, CVE-2025-38261)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
linux-image-6.14.0-1015-aws 6.14.0-1015.15~24.04.1
linux-image-6.14.0-1015-aws-64k 6.14.0-1015.15~24.04.1
linux-image-aws 6.14.0-1015.15~24.04.1
linux-image-aws-6.14 6.14.0-1015.15~24.04.1
linux-image-aws-64k 6.14.0-1015.15~24.04.1
linux-image-aws-64k-6.14 6.14.0-1015.15~24.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7833-3
https://ubuntu.com/security/notices/USN-7833-2
https://ubuntu.com/security/notices/USN-7833-1
CVE-2024-36350, CVE-2024-36357, CVE-2025-38084, CVE-2025-38085,
CVE-2025-38086, CVE-2025-38087, CVE-2025-38089, CVE-2025-38090,
CVE-2025-38179, CVE-2025-38181, CVE-2025-38182, CVE-2025-38183,
CVE-2025-38184, CVE-2025-38186, CVE-2025-38188, CVE-2025-38189,
CVE-2025-38191, CVE-2025-38192, CVE-2025-38194, CVE-2025-38196,
CVE-2025-38197, CVE-2025-38198, CVE-2025-38199, CVE-2025-38200,
CVE-2025-38201, CVE-2025-38202, CVE-2025-38203, CVE-2025-38204,
CVE-2025-38205, CVE-2025-38206, CVE-2025-38208, CVE-2025-38210,
CVE-2025-38211, CVE-2025-38212, CVE-2025-38217, CVE-2025-38218,
CVE-2025-38219, CVE-2025-38220, CVE-2025-38222, CVE-2025-38223,
CVE-2025-38224, CVE-2025-38225, CVE-2025-38226, CVE-2025-38227,
CVE-2025-38228, CVE-2025-38229, CVE-2025-38231, CVE-2025-38232,
CVE-2025-38233, CVE-2025-38234, CVE-2025-38236, CVE-2025-38237,
CVE-2025-38238, CVE-2025-38239, CVE-2025-38241, CVE-2025-38242,
CVE-2025-38244, CVE-2025-38245, CVE-2025-38246, CVE-2025-38248,
CVE-2025-38249, CVE-2025-38250, CVE-2025-38251, CVE-2025-38253,
CVE-2025-38254, CVE-2025-38255, CVE-2025-38256, CVE-2025-38257,
CVE-2025-38258, CVE-2025-38259, CVE-2025-38260, CVE-2025-38261,
CVE-2025-38262, CVE-2025-38263, CVE-2025-38264, CVE-2025-38320,
CVE-2025-38321, CVE-2025-38322, CVE-2025-38324, CVE-2025-38325,
CVE-2025-38326, CVE-2025-38328, CVE-2025-38329, CVE-2025-38330,
CVE-2025-38331, CVE-2025-38332, CVE-2025-38333, CVE-2025-38334,
CVE-2025-38336, CVE-2025-38337, CVE-2025-38338, CVE-2025-38339,
CVE-2025-38340, CVE-2025-38341, CVE-2025-38342, CVE-2025-38343,
CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38347,
CVE-2025-38348, CVE-2025-38353, CVE-2025-38354, CVE-2025-38355,
CVE-2025-38356, CVE-2025-38359, CVE-2025-38360, CVE-2025-38361,
CVE-2025-38362, CVE-2025-38363, CVE-2025-38364, CVE-2025-38365,
CVE-2025-38368, CVE-2025-38369, CVE-2025-38370, CVE-2025-38371,
CVE-2025-38372, CVE-2025-38373, CVE-2025-38374, CVE-2025-38375,
CVE-2025-38376, CVE-2025-38377, CVE-2025-38381, CVE-2025-38382,
CVE-2025-38383, CVE-2025-38384, CVE-2025-38385, CVE-2025-38386,
CVE-2025-38387, CVE-2025-38388, CVE-2025-38389, CVE-2025-38390,
CVE-2025-38391, CVE-2025-38392, CVE-2025-38393, CVE-2025-38395,
CVE-2025-38396, CVE-2025-38399, CVE-2025-38400, CVE-2025-38401,
CVE-2025-38402, CVE-2025-38403, CVE-2025-38405, CVE-2025-38406,
CVE-2025-38407, CVE-2025-38408, CVE-2025-38409, CVE-2025-38410,
CVE-2025-38411, CVE-2025-38412, CVE-2025-38413, CVE-2025-38416,
CVE-2025-38417, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420,
CVE-2025-38421, CVE-2025-38422, CVE-2025-38423, CVE-2025-38424,
CVE-2025-38425, CVE-2025-38426, CVE-2025-38427, CVE-2025-38428,
CVE-2025-38429, CVE-2025-38430, CVE-2025-38431, CVE-2025-38434,
CVE-2025-38435, CVE-2025-38436, CVE-2025-38523, CVE-2025-38541,
CVE-2025-39682
Package Information:
https://launchpad.net/ubuntu/+source/linux-aws-6.14/6.14.0-1015.15~24.04.1
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmj74gYFAwAAAAAACgkQZ0GeRcM5nt1T
lgf8CmPbY2KSMXA9niG2elfWpyKsVLKvZYknD0HPUfMVy2QFJUqsOsHeP1TQp97xKgs3D+cXQVeg
UqORbg1+N3NjinxVOccAjwvUOHEdODzbYjdYwnmJ99x702IWNrlbmiMMseHLByUdUa/I5i6OHlYQ
yjvXiRLPY2OkwCklstgf19ACJdbcX9iLX6jxFFq3nRalUSQUSdYfIFwZzwpb606hHrUIzqCJCUG2
FJgfhaab+IQtiqAjZWy0I1a//gCR/5bGv+kcypsFgI5ej1/L+bvNuFThCbjvwaXxkehpPUHcA1L9
rRDHhROhDG5WMPwS9BKnuVz6GHlbYbAT1q+o3SYeQg==
=Eyeu
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7833-3
October 24, 2025
linux-aws-6.14 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws-6.14: Linux kernel for Amazon Web Services (AWS) systems
Details:
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Ublk userspace block driver;
- Bus devices;
- DMA engine subsystem;
- Arm Firmware Framework for ARMv8-A(FFA);
- Cirrus firmware drivers;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- I2C subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- TI TPS6594 PFSM driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- NVME drivers;
- x86 platform drivers;
- RapidIO drivers;
- Voltage and Current Regulator drivers;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI subsystem;
- TCM subsystem;
- Trusted Execution Environment drivers;
- TTY drivers;
- ChipIdea USB driver;
- USB Type-C support driver;
- Framebuffer layer;
- TSM Common Guest driver;
- File systems infrastructure;
- BTRFS file system;
- Ceph distributed file system;
- Ext4 file system;
- F2FS file system;
- JFFS2 file system;
- JFS file system;
- Network file systems library;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- SMB network file system;
- Memory Management;
- Bluetooth subsystem;
- Tracing infrastructure;
- io_uring subsystem;
- IPC subsystem;
- BPF subsystem;
- Perf events;
- Kernel exit() syscall;
- IRQ subsystem;
- Scheduler infrastructure;
- Maple Tree data structure library;
- Memory management;
- Asynchronous Transfer Mode (ATM) subsystem;
- Ethernet bridge;
- Networking core;
- IPv6 networking;
- MultiProtocol Label Switching driver;
- Netfilter;
- NFC subsystem;
- Rose network layer;
- Network traffic control;
- Sun RPC protocol;
- TIPC protocol;
- TLS protocol;
- Unix domain sockets;
- VMware vSockets driver;
- WCD audio codecs;
- USB sound devices;
(CVE-2025-38339, CVE-2025-38391, CVE-2025-38262, CVE-2025-38345,
CVE-2025-38387, CVE-2025-38373, CVE-2025-38395, CVE-2025-38330,
CVE-2025-38425, CVE-2025-38210, CVE-2025-38206, CVE-2025-38219,
CVE-2025-38245, CVE-2025-38253, CVE-2025-38401, CVE-2025-38410,
CVE-2025-38086, CVE-2025-38340, CVE-2025-38368, CVE-2025-38385,
CVE-2025-38384, CVE-2025-38326, CVE-2025-38224, CVE-2025-38338,
CVE-2025-38191, CVE-2025-39682, CVE-2025-38343, CVE-2025-38090,
CVE-2025-38228, CVE-2025-38182, CVE-2025-38231, CVE-2025-38183,
CVE-2025-38184, CVE-2025-38237, CVE-2025-38413, CVE-2025-38356,
CVE-2025-38246, CVE-2025-38202, CVE-2025-38248, CVE-2025-38254,
CVE-2025-38426, CVE-2025-38429, CVE-2025-38364, CVE-2025-38388,
CVE-2025-38435, CVE-2025-38403, CVE-2025-38186, CVE-2025-38199,
CVE-2025-38402, CVE-2025-38181, CVE-2025-38264, CVE-2025-38362,
CVE-2025-38341, CVE-2025-38422, CVE-2025-38331, CVE-2025-38423,
CVE-2025-38233, CVE-2025-38337, CVE-2025-38328, CVE-2025-38196,
CVE-2025-38412, CVE-2025-38205, CVE-2025-38242, CVE-2025-38324,
CVE-2025-38354, CVE-2025-38347, CVE-2025-38217, CVE-2025-38393,
CVE-2025-38392, CVE-2025-38390, CVE-2025-38321, CVE-2025-38541,
CVE-2025-38363, CVE-2025-38203, CVE-2025-38250, CVE-2025-38418,
CVE-2025-38336, CVE-2025-38333, CVE-2025-38194, CVE-2025-38372,
CVE-2025-38348, CVE-2025-38370, CVE-2025-38411, CVE-2025-38188,
CVE-2025-38365, CVE-2025-38241, CVE-2025-38201, CVE-2025-38259,
CVE-2025-38355, CVE-2025-38227, CVE-2025-38225, CVE-2025-38405,
CVE-2025-38329, CVE-2025-38232, CVE-2025-38344, CVE-2025-38238,
CVE-2025-38239, CVE-2025-38260, CVE-2025-38257, CVE-2025-38399,
CVE-2025-38419, CVE-2025-38430, CVE-2025-38251, CVE-2025-38332,
CVE-2025-38220, CVE-2025-38417, CVE-2025-38396, CVE-2025-38234,
CVE-2025-38434, CVE-2025-38197, CVE-2025-38436, CVE-2025-38408,
CVE-2025-38204, CVE-2025-38222, CVE-2025-38361, CVE-2025-38218,
CVE-2025-38212, CVE-2025-38198, CVE-2025-38255, CVE-2025-38389,
CVE-2025-38085, CVE-2025-38244, CVE-2025-38089, CVE-2025-38428,
CVE-2025-38369, CVE-2025-38189, CVE-2025-38084, CVE-2025-38400,
CVE-2025-38382, CVE-2025-38223, CVE-2025-38325, CVE-2025-38263,
CVE-2025-38249, CVE-2025-38346, CVE-2025-38320, CVE-2025-38409,
CVE-2025-38374, CVE-2025-38208, CVE-2025-38256, CVE-2025-38371,
CVE-2025-38192, CVE-2025-38406, CVE-2025-38360, CVE-2025-38258,
CVE-2025-38226, CVE-2025-38376, CVE-2025-38375, CVE-2025-38200,
CVE-2025-38523, CVE-2025-38334, CVE-2025-38236, CVE-2025-38386,
CVE-2025-38421, CVE-2025-38087, CVE-2025-38416, CVE-2025-38179,
CVE-2025-38420, CVE-2025-38424, CVE-2025-38377, CVE-2025-38359,
CVE-2025-38342, CVE-2025-38431, CVE-2025-38407, CVE-2025-38427,
CVE-2025-38229, CVE-2025-38353, CVE-2025-38383, CVE-2025-38211,
CVE-2025-38322, CVE-2025-38381, CVE-2025-38261)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
linux-image-6.14.0-1015-aws 6.14.0-1015.15~24.04.1
linux-image-6.14.0-1015-aws-64k 6.14.0-1015.15~24.04.1
linux-image-aws 6.14.0-1015.15~24.04.1
linux-image-aws-6.14 6.14.0-1015.15~24.04.1
linux-image-aws-64k 6.14.0-1015.15~24.04.1
linux-image-aws-64k-6.14 6.14.0-1015.15~24.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7833-3
https://ubuntu.com/security/notices/USN-7833-2
https://ubuntu.com/security/notices/USN-7833-1
CVE-2024-36350, CVE-2024-36357, CVE-2025-38084, CVE-2025-38085,
CVE-2025-38086, CVE-2025-38087, CVE-2025-38089, CVE-2025-38090,
CVE-2025-38179, CVE-2025-38181, CVE-2025-38182, CVE-2025-38183,
CVE-2025-38184, CVE-2025-38186, CVE-2025-38188, CVE-2025-38189,
CVE-2025-38191, CVE-2025-38192, CVE-2025-38194, CVE-2025-38196,
CVE-2025-38197, CVE-2025-38198, CVE-2025-38199, CVE-2025-38200,
CVE-2025-38201, CVE-2025-38202, CVE-2025-38203, CVE-2025-38204,
CVE-2025-38205, CVE-2025-38206, CVE-2025-38208, CVE-2025-38210,
CVE-2025-38211, CVE-2025-38212, CVE-2025-38217, CVE-2025-38218,
CVE-2025-38219, CVE-2025-38220, CVE-2025-38222, CVE-2025-38223,
CVE-2025-38224, CVE-2025-38225, CVE-2025-38226, CVE-2025-38227,
CVE-2025-38228, CVE-2025-38229, CVE-2025-38231, CVE-2025-38232,
CVE-2025-38233, CVE-2025-38234, CVE-2025-38236, CVE-2025-38237,
CVE-2025-38238, CVE-2025-38239, CVE-2025-38241, CVE-2025-38242,
CVE-2025-38244, CVE-2025-38245, CVE-2025-38246, CVE-2025-38248,
CVE-2025-38249, CVE-2025-38250, CVE-2025-38251, CVE-2025-38253,
CVE-2025-38254, CVE-2025-38255, CVE-2025-38256, CVE-2025-38257,
CVE-2025-38258, CVE-2025-38259, CVE-2025-38260, CVE-2025-38261,
CVE-2025-38262, CVE-2025-38263, CVE-2025-38264, CVE-2025-38320,
CVE-2025-38321, CVE-2025-38322, CVE-2025-38324, CVE-2025-38325,
CVE-2025-38326, CVE-2025-38328, CVE-2025-38329, CVE-2025-38330,
CVE-2025-38331, CVE-2025-38332, CVE-2025-38333, CVE-2025-38334,
CVE-2025-38336, CVE-2025-38337, CVE-2025-38338, CVE-2025-38339,
CVE-2025-38340, CVE-2025-38341, CVE-2025-38342, CVE-2025-38343,
CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38347,
CVE-2025-38348, CVE-2025-38353, CVE-2025-38354, CVE-2025-38355,
CVE-2025-38356, CVE-2025-38359, CVE-2025-38360, CVE-2025-38361,
CVE-2025-38362, CVE-2025-38363, CVE-2025-38364, CVE-2025-38365,
CVE-2025-38368, CVE-2025-38369, CVE-2025-38370, CVE-2025-38371,
CVE-2025-38372, CVE-2025-38373, CVE-2025-38374, CVE-2025-38375,
CVE-2025-38376, CVE-2025-38377, CVE-2025-38381, CVE-2025-38382,
CVE-2025-38383, CVE-2025-38384, CVE-2025-38385, CVE-2025-38386,
CVE-2025-38387, CVE-2025-38388, CVE-2025-38389, CVE-2025-38390,
CVE-2025-38391, CVE-2025-38392, CVE-2025-38393, CVE-2025-38395,
CVE-2025-38396, CVE-2025-38399, CVE-2025-38400, CVE-2025-38401,
CVE-2025-38402, CVE-2025-38403, CVE-2025-38405, CVE-2025-38406,
CVE-2025-38407, CVE-2025-38408, CVE-2025-38409, CVE-2025-38410,
CVE-2025-38411, CVE-2025-38412, CVE-2025-38413, CVE-2025-38416,
CVE-2025-38417, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420,
CVE-2025-38421, CVE-2025-38422, CVE-2025-38423, CVE-2025-38424,
CVE-2025-38425, CVE-2025-38426, CVE-2025-38427, CVE-2025-38428,
CVE-2025-38429, CVE-2025-38430, CVE-2025-38431, CVE-2025-38434,
CVE-2025-38435, CVE-2025-38436, CVE-2025-38523, CVE-2025-38541,
CVE-2025-39682
Package Information:
https://launchpad.net/ubuntu/+source/linux-aws-6.14/6.14.0-1015.15~24.04.1
Subscribe to:
Comments (Atom)