Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7861-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7861-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor...

USN-7835-5: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

USN-7835-5 linux-oracle-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

USN-7863-1: Linux kernel vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7863-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7861-1 linux, linux-aws, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-lowlatency vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7861-1: Linux kernel vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990416)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990416 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: us122l: Use sndcardfreewhenclosed at disconnection The USB disconnect callback is supposed ...

CVE-2025-20725

In ims service, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

CVE-2025-47361

Memory corruption when triggering a subsystem crash with an out-of-range identifier...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989094)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989094 advisory. In the Linux kernel, the following vulnerability has been resolved: cfg80211: call cfg80211stopap when switch from P2PGO type If the userspace tools switch from...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988886)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988886 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM Do not call snddmafreepages when...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989381)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989381 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Fix error handling in mt8173max98090devprobe Call ofnodeputplatformnode to avoid...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989439)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989439 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: core: sysfs: Fix hang when device state is set via sysfs This fixes a regression added with...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989177)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989177 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Fix use-after-free in sndsocexit KASAN reports a use-after-free: BUG: KASAN:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989825)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989825 advisory. In the Linux kernel, the following vulnerability has been resolved: jffs2: fix use-after-free in jffs2clearxattrsubsystem When we mount a jffs2 image, assume that th...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990176)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990176 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Reject out of bounds values in sndsocputvolsw We don't currently validate that the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989936)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989936 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: samsung: Fix refcount leak in ariesaudioprobe ofparsephandle returns a node pointer with...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989138)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989138 advisory. In the Linux kernel, the following vulnerability has been resolved: configfs: fix a race in configfs,unregistersubsystem When configfsregistersubsystem or...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990018)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990018 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's...