1 week ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- Block layer subsystem;
- Cryptographic API;
- DMA engine subsystem;
- InfiniBand drivers;
- STMicroelectronics network drivers;
- Network drivers;
- NVME drivers;
- SCSI subsystem;
- USB over IP driver;
- File systems infrastructure;
- Ext4 file system;
- Network file system (NFS) server daemon;
- SMB network file system;
- Kernel thread helper (kthread);
- IPv6 networking;
- Tracing infrastructure;
- Kernel exit() syscall;
- Scatterlist API;
- B.A.T.M.A.N. meshing protocol;
- Ethernet bridge;
- Ceph Core library;
- IPv4 networking;
- Multipath TCP;
- Netfilter;
- RxRPC session sockets;
- SMC sockets;
- X.25 network layer;
(CVE-2026-22984, CVE-2026-23272, CVE-2026-23278, CVE-2026-23392,
CVE-2026-23427, CVE-2026-23428, CVE-2026-23450, CVE-2026-23455,
CVE-2026-31402, CVE-2026-31418, CVE-2026-31436, CVE-2026-31448,
CVE-2026-31478, CVE-2026-31607, CVE-2026-31635, CVE-2026-31637,
CVE-2026-31649, CVE-2026-31657, CVE-2026-31659, CVE-2026-31668,
CVE-2026-31669, CVE-2026-31682, CVE-2026-31685, CVE-2026-31718,
CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43071,
CVE-2026-43083, CVE-2026-43114, CVE-2026-43117, CVE-2026-43125,
CVE-2026-43186, CVE-2026-43197, CVE-2026-43304, CVE-2026-43341,
CVE-2026-43376, CVE-2026-43378, CVE-2026-43383, CVE-2026-43384,
CVE-2026-43402, CVE-2026-43406, CVE-2026-43407, CVE-2026-43414,
CVE-2026-43493, CVE-2026-43501, CVE-2026-45898, CVE-2026-45988,
CVE-2026-46039, CVE-2026-46043, CVE-2026-46115, CVE-2026-46119,
CVE-2026-46135, CVE-2026-46185, CVE-2026-46195, CVE-2026-46243,
CVE-2026-46244, CVE-2026-46266, CVE-2026-46289, CVE-2026-46316,
CVE-2026-46325)
1 week ago
It was discovered that the Linux kernel did not properly handle shared page
fragments during socket buffer operations, collectively known as Dirty
Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the
RxRPC networking subsystem when processing paged fragments. A local
attacker could use this to escalate privileges, or possibly escape a
container. (CVE-2026-43284, CVE-2026-43500, CVE-2026-45998, CVE-2026-46000)
It was discovered that a logic flaw existed in the XFRM ESP-in-TCP
subsystem in the Linux kernel when handling socket buffer fragments. This
flaw is known as Fragnesia. A local attacker could use this to escalate
privileges, or possibly escape a container. (CVE-2026-43503,
CVE-2026-46300)
Qualys discovered that a race condition existed in the ptrace subsystem of
the Linux kernel when privileged processes are exiting. An unprivileged
local attacker could use this issue to expose sensitive information.
(CVE-2026-46333)
Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0
contain a memory leak when handling AppArmor notifications. A local
attacker could use this to cause resource exhaustion. (CVE-2026-47326)
Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0
contain a NULL pointer dereference when handling AppArmor notifications. A
local attacker could use this to cause a kernel oops. (CVE-2026-47327)
Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0
contained an invalid free when handling AppArmor notifications. A local
attacker could use this to corrupt kernel memory. (CVE-2026-47328)
Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0
contained insufficient validation of AppArmor notification responses. A
local attacker could use this to allow crafted responses to be processed.
(CVE-2026-47329)
Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0 used
an uninitialized variable when handling AppArmor notifications. A local
attacker could use this to cause incorrect caching of data.
(CVE-2026-47330)
Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0
contained an out-of-bounds (OOB) read when handling AppArmor notifications.
A local attacker could use this to cause information disclosure of kernel
memory. (CVE-2026-47332)
Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0
contained a out-of-bounds (OOB) read when handling AppArmor notifications.
A local attacker could use this to cause kernel memory corruption and,
theoretically, influence processing of AppArmor policies. (CVE-2026-47333)
Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0
contained incorrect holding of locks when handling AppArmor notifications.
A local attacker could use this to cause a kernel panic or deadlock.
(CVE-2026-47334)
Tristan Madani and Trevor Lawrence have each independently discovered that
Ubuntu Linux kernel 6.8, 6.17 and 7.0 contained a NULL pointer dereference
when handling AppArmor network socket mediation. A local attacker could use
this to cause a kernel oops. (CVE-2026-47337)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Rados block device (RBD) driver;
- Compressed RAM block device driver;
- Character device driver;
- TPM device driver;
- Hardware crypto device drivers;
- EDAC drivers;
- GPU drivers;
- Greybus drivers;
- Hardware monitoring drivers;
- IIO subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- LED subsystem;
- Multiple devices driver;
- Media drivers;
- IBM Advanced System Management driver;
- MTD block device drivers;
- Network drivers;
- Microsoft Azure Network Adapter (MANA) driver;
- NVME drivers;
- Device tree and open firmware driver;
- PCI subsystem;
- Remote Processor subsystem;
- SCSI subsystem;
- SPI subsystem;
- Thermal drivers;
- VFIO drivers;
- Framebuffer layer;
- 9P distributed file system;
- AFS file system;
- Ceph distributed file system;
- EROFS file system;
- File systems infrastructure;
- Ext4 file system;
- Journaling layer for block devices (JBD2);
- File system notification infrastructure;
- NTFS3 file system;
- OCFS2 file system;
- Overlay file system;
- SMB network file system;
- UDF file system;
- XFS file system;
- Codetag library;
- Memory management;
- Tracing infrastructure;
- io_uring subsystem;
- Locking primitives;
- Scatterlist API;
- Heterogeneous memory management;
- Bluetooth subsystem;
- Ethernet bridge;
- CAIF protocol;
- Ceph Core library;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- Multipath TCP;
- Netfilter;
- Qualcomm IPC Router (QRTR);
- RDS protocol;
- RxRPC session sockets;
- SMC sockets;
- Stream parser;
- Landlock security;
- SELinux security module;
- ALSA framework;
- Generic PCM loopback sound driver;
- Creative Sound Blaster X-Fi driver;
- USB sound devices;
(CVE-2026-43491, CVE-2026-43493, CVE-2026-43494, CVE-2026-43499,
CVE-2026-43501, CVE-2026-45986, CVE-2026-45987, CVE-2026-45988,
CVE-2026-45989, CVE-2026-45990, CVE-2026-45991, CVE-2026-45994,
CVE-2026-45995, CVE-2026-45996, CVE-2026-45997, CVE-2026-45999,
CVE-2026-46001, CVE-2026-46002, CVE-2026-46003, CVE-2026-46004,
CVE-2026-46005, CVE-2026-46006, CVE-2026-46007, CVE-2026-46008,
CVE-2026-46009, CVE-2026-46010, CVE-2026-46011, CVE-2026-46012,
CVE-2026-46013, CVE-2026-46014, CVE-2026-46015, CVE-2026-46016,
CVE-2026-46018, CVE-2026-46019, CVE-2026-46020, CVE-2026-46021,
CVE-2026-46022, CVE-2026-46023, CVE-2026-46024, CVE-2026-46025,
CVE-2026-46026, CVE-2026-46027, CVE-2026-46028, CVE-2026-46029,
CVE-2026-46030, CVE-2026-46031, CVE-2026-46032, CVE-2026-46033,
CVE-2026-46034, CVE-2026-46035, CVE-2026-46036, CVE-2026-46037,
CVE-2026-46038, CVE-2026-46039, CVE-2026-46040, CVE-2026-46041,
CVE-2026-46042, CVE-2026-46043, CVE-2026-46044, CVE-2026-46045,
CVE-2026-46046, CVE-2026-46047, CVE-2026-46048, CVE-2026-46049,
CVE-2026-46050, CVE-2026-46051, CVE-2026-46052, CVE-2026-46053,
CVE-2026-46054, CVE-2026-46056, CVE-2026-46057, CVE-2026-46058,
CVE-2026-46059, CVE-2026-46060, CVE-2026-46061, CVE-2026-46062,
CVE-2026-46063, CVE-2026-46064, CVE-2026-46065, CVE-2026-46066,
CVE-2026-46067, CVE-2026-46068, CVE-2026-46069, CVE-2026-46070,
CVE-2026-46071, CVE-2026-46072, CVE-2026-46073, CVE-2026-46074,
CVE-2026-46075, CVE-2026-46076, CVE-2026-46077, CVE-2026-46078,
CVE-2026-46079, CVE-2026-46080, CVE-2026-46081, CVE-2026-46082,
CVE-2026-46083, CVE-2026-46084, CVE-2026-46085, CVE-2026-46086,
CVE-2026-46087, CVE-2026-46088, CVE-2026-46089, CVE-2026-46090,
CVE-2026-46091, CVE-2026-46092, CVE-2026-46093, CVE-2026-46094,
CVE-2026-46095, CVE-2026-46096, CVE-2026-46097, CVE-2026-46098,
CVE-2026-46099, CVE-2026-46100, CVE-2026-46101, CVE-2026-46102,
CVE-2026-46103, CVE-2026-46115, CVE-2026-46119, CVE-2026-46135,
CVE-2026-46137, CVE-2026-46155, CVE-2026-46185, CVE-2026-46195,
CVE-2026-46243, CVE-2026-46244, CVE-2026-46276, CVE-2026-46277,
CVE-2026-46278, CVE-2026-46279, CVE-2026-46280, CVE-2026-46281,
CVE-2026-46282, CVE-2026-46283, CVE-2026-46284, CVE-2026-46285,
CVE-2026-46286, CVE-2026-46287, CVE-2026-46288, CVE-2026-46289,
CVE-2026-46316, CVE-2026-46323, CVE-2026-46332, CVE-2026-52904,
CVE-2026-52905, CVE-2026-52906, CVE-2026-52907, CVE-2026-52933,
CVE-2026-53174)