Ubuntu Security Advisories

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; - S390 architecture; - Sun Sparc architecture; - User-Mode Linux (UML); - x86 architecture; - Xtensa architecture; - Block layer subsystem; - Cryptographic API; - Compute Acceleration Framework; - ACPI drivers; - ATM drivers; - Drivers core; - Block device driver; - Network block device driver; - Bluetooth drivers; - Bus devices; - Hardware random number generator core; - Character device driver; - Data acquisition framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - Device frequency scaling framework; - DMA engine subsystem; - ARM SCMI message protocol; - EFI core; - Intel Stratix 10 firmware drivers; - GPU drivers; - HID subsystem; - CoreSight HW tracing drivers; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; - Input Device (Miscellaneous) drivers; - Input Device (Tablet) drivers; - IOMMU subsystem; - ISDN/mISDN subsystem; - Mailbox framework; - Multiple devices driver; - Media drivers; - Fastrpc Driver; - MOST (Media Oriented Systems Transport) drivers; - MTD block device drivers; - Ethernet bonding driver; - Network drivers; - Mellanox network drivers; - STMicroelectronics network drivers; - Texas Instruments network drivers; - Ethernet team driver; - NVME drivers; - PCI subsystem; - PCCARD (PCMCIA/CardBus) bus subsystem; - Performance monitor drivers; - Pin controllers subsystem; - x86 platform drivers; - ARM PM domains; - PPS (Pulse Per Second) driver; - PTP clock framework; - PWM drivers; - Remote Processor subsystem; - S/390 drivers; - SCSI subsystem; - Texas Instruments SoC drivers; - TCM subsystem; - Trusted Execution Environment drivers; - TTY drivers; - Userspace I/O drivers; - Cadence USB3 driver; - DesignWare USB3 driver; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - USB Mass Storage drivers; - Virtio Host (VHOST) subsystem; - Framebuffer layer; - Xen hypervisor drivers; - AFS file system; - BTRFS file system; - Ceph distributed file system; - File systems infrastructure; - EFI Variable file system; - exFAT file system; - Ext4 file system; - F2FS file system; - FUSE (File system in Userspace); - GFS2 file system; - HFS file system; - HFS+ file system; - HugeTLB file system; - JFS file system; - KERNFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - File system notification infrastructure; - NTFS3 file system; - OCFS2 file system; - OrangeFS file system; - Proc file system; - Diskquota system; - SMB network file system; - SquashFS file system; - UDF file system; - XFS file system; - Asynchronous Transfer Mode (ATM) subsystem; - BPF subsystem; - Mellanox drivers; - NFS page cache wrapper; - Memory management; - Memory Management; - Media input infrastructure; - Bluetooth subsystem; - IP tunnels definitions; - Network traffic control; - Rose network layer; - Network sockets; - io_uring subsystem; - Control group (cgroup); - Kernel crash support code; - Kernel futex primitives; - PID allocator; - Scheduler infrastructure; - Syscalls implementation; - Timer subsystem; - Tracing infrastructure; - 9P file system network protocol; - Amateur Radio drivers; - B.A.T.M.A.N. meshing protocol; - Ethernet bridge; - Ceph Core library; - Networking core; - Devlink API; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - NFC subsystem; - Open vSwitch; - RF switch subsystem; - SCTP protocol; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - VMware vSockets driver; - Wireless networking; - eXpress Data Path; - XFRM subsystem; - Integrity Measurement Architecture(IMA) framework; - Intel ASoC drivers; - QCOM ASoC drivers; - USB sound devices; (CVE-2025-21833, CVE-2025-22103, CVE-2025-22105, CVE-2025-22106, CVE-2025-22107, CVE-2025-22113, CVE-2025-22121, CVE-2025-22124, CVE-2025-22125, CVE-2025-23129, CVE-2025-23130, CVE-2025-23133, CVE-2025-23143, CVE-2025-37860, CVE-2025-38105, CVE-2025-38502, CVE-2025-38556, CVE-2025-38627, CVE-2025-38643, CVE-2025-38709, CVE-2025-39678, CVE-2025-39697, CVE-2025-39805, CVE-2025-39806, CVE-2025-39807, CVE-2025-39808, CVE-2025-39810, CVE-2025-39811, CVE-2025-39812, CVE-2025-39813, CVE-2025-39815, CVE-2025-39817, CVE-2025-39819, CVE-2025-39823, CVE-2025-39824, CVE-2025-39825, CVE-2025-39826, CVE-2025-39827, CVE-2025-39828, CVE-2025-39829, CVE-2025-39832, CVE-2025-39835, CVE-2025-39836, CVE-2025-39838, CVE-2025-39839, CVE-2025-39841, CVE-2025-39842, CVE-2025-39843, CVE-2025-39844, CVE-2025-39845, CVE-2025-39846, CVE-2025-39847, CVE-2025-39848, CVE-2025-39849, CVE-2025-39850, CVE-2025-39851, CVE-2025-39852, CVE-2025-39853, CVE-2025-39854, CVE-2025-39857, CVE-2025-39860, CVE-2025-39861, CVE-2025-39863, CVE-2025-39864, CVE-2025-39865, CVE-2025-39866, CVE-2025-39869, CVE-2025-39870, CVE-2025-39871, CVE-2025-39873, CVE-2025-39876, CVE-2025-39877, CVE-2025-39880, CVE-2025-39881, CVE-2025-39883, CVE-2025-39885, CVE-2025-39886, CVE-2025-39891, CVE-2025-39894, CVE-2025-39895, CVE-2025-39897, CVE-2025-39899, CVE-2025-39901, CVE-2025-39902, CVE-2025-39907, CVE-2025-39909, CVE-2025-39911, CVE-2025-39913, CVE-2025-39914, CVE-2025-39916, CVE-2025-39920, CVE-2025-39923, CVE-2025-39927, CVE-2025-39929, CVE-2025-39931, CVE-2025-39932, CVE-2025-39934, CVE-2025-39937, CVE-2025-39938, CVE-2025-39940, CVE-2025-39942, CVE-2025-39943, CVE-2025-39944, CVE-2025-39945, CVE-2025-39947, CVE-2025-39948, CVE-2025-39949, CVE-2025-39950, CVE-2025-39951, CVE-2025-39952, CVE-2025-39953, CVE-2025-39955, CVE-2025-39957, CVE-2025-39961, CVE-2025-39965, CVE-2025-39967, CVE-2025-39968, CVE-2025-39969, CVE-2025-39970, CVE-2025-39971, CVE-2025-39972, CVE-2025-39973, CVE-2025-39977, CVE-2025-39978, CVE-2025-39980, CVE-2025-39981, CVE-2025-39982, CVE-2025-39985, CVE-2025-39986, CVE-2025-39987, CVE-2025-39988, CVE-2025-39991, CVE-2025-39992, CVE-2025-39994, CVE-2025-39995, CVE-2025-39996, CVE-2025-39998, CVE-2025-40000, CVE-2025-40001, CVE-2025-40006, CVE-2025-40008, CVE-2025-40009, CVE-2025-40010, CVE-2025-40011, CVE-2025-40013, CVE-2025-40016, CVE-2025-40020, CVE-2025-40021, CVE-2025-40024, CVE-2025-40026, CVE-2025-40027, CVE-2025-40029, CVE-2025-40030, CVE-2025-40031, CVE-2025-40032, CVE-2025-40033, CVE-2025-40035, CVE-2025-40036, CVE-2025-40037, CVE-2025-40038, CVE-2025-40042, CVE-2025-40043, CVE-2025-40044, CVE-2025-40047, CVE-2025-40048, CVE-2025-40049, CVE-2025-40051, CVE-2025-40052, CVE-2025-40053, CVE-2025-40055, CVE-2025-40056, CVE-2025-40057, CVE-2025-40058, CVE-2025-40059, CVE-2025-40060, CVE-2025-40061, CVE-2025-40062, CVE-2025-40067, CVE-2025-40068, CVE-2025-40070, CVE-2025-40071, CVE-2025-40077, CVE-2025-40078, CVE-2025-40079, CVE-2025-40080, CVE-2025-40081, CVE-2025-40083, CVE-2025-40084, CVE-2025-40085, CVE-2025-40087, CVE-2025-40088, CVE-2025-40092, CVE-2025-40093, CVE-2025-40094, CVE-2025-40095, CVE-2025-40096, CVE-2025-40099, CVE-2025-40100, CVE-2025-40101, CVE-2025-40103, CVE-2025-40104, CVE-2025-40105, CVE-2025-40106, CVE-2025-40107, CVE-2025-40109, CVE-2025-40110, CVE-2025-40111, CVE-2025-40112, CVE-2025-40115, CVE-2025-40116, CVE-2025-40118, CVE-2025-40120, CVE-2025-40121, CVE-2025-40123, CVE-2025-40124, CVE-2025-40125, CVE-2025-40126, CVE-2025-40127, CVE-2025-40129, CVE-2025-40134, CVE-2025-40137, CVE-2025-40140, CVE-2025-40141, CVE-2025-40153, CVE-2025-40154, CVE-2025-40155, CVE-2025-40156, CVE-2025-40159, CVE-2025-40160, CVE-2025-40165, CVE-2025-40166, CVE-2025-40167, CVE-2025-40169, CVE-2025-40171, CVE-2025-40172, CVE-2025-40173, CVE-2025-40176, CVE-2025-40178, CVE-2025-40179, CVE-2025-40180, CVE-2025-40183, CVE-2025-40187, CVE-2025-40188, CVE-2025-40192, CVE-2025-40193, CVE-2025-40194, CVE-2025-40196, CVE-2025-40198, CVE-2025-40200, CVE-2025-40201, CVE-2025-40204, CVE-2025-40205, CVE-2025-40206, CVE-2025-40207, CVE-2025-40211, CVE-2025-40218, CVE-2025-40219, CVE-2025-40220, CVE-2025-40221, CVE-2025-40223, CVE-2025-40226, CVE-2025-40231, CVE-2025-40233, CVE-2025-40235, CVE-2025-40237, CVE-2025-40238, CVE-2025-40240, CVE-2025-40242, CVE-2025-40243, CVE-2025-40244, CVE-2025-40245, CVE-2025-40248, CVE-2025-40250, CVE-2025-40251, CVE-2025-40252, CVE-2025-40253, CVE-2025-40254, CVE-2025-40257, CVE-2025-40258, CVE-2025-40259, CVE-2025-40261, CVE-2025-40262, CVE-2025-40263, CVE-2025-40264, CVE-2025-40266, CVE-2025-40268, CVE-2025-40269, CVE-2025-40271, CVE-2025-40272, CVE-2025-40273, CVE-2025-40275, CVE-2025-40277, CVE-2025-40278, CVE-2025-40279, CVE-2025-40280, CVE-2025-40281, CVE-2025-40282, CVE-2025-40283, CVE-2025-40284, CVE-2025-40285, CVE-2025-40286, CVE-2025-40287, CVE-2025-40288, CVE-2025-40289, CVE-2025-40292, CVE-2025-40293, CVE-2025-40294, CVE-2025-40301, CVE-2025-40303, CVE-2025-40304, CVE-2025-40305, CVE-2025-40306, CVE-2025-40307, CVE-2025-40308, CVE-2025-40309, CVE-2025-40310, CVE-2025-40311, CVE-2025-40312, CVE-2025-40313, CVE-2025-40314, CVE-2025-40315, CVE-2025-40317, CVE-2025-40318, CVE-2025-40319, CVE-2025-40320, CVE-2025-40321, CVE-2025-40322, CVE-2025-40323, CVE-2025-40324, CVE-2025-40328, CVE-2025-40329, CVE-2025-40331, CVE-2025-40333, CVE-2025-40337, CVE-2025-40339, CVE-2025-40341, CVE-2025-40342, CVE-2025-40343, CVE-2025-40345, CVE-2025-40346, CVE-2025-40347, CVE-2025-40349, CVE-2025-40350, CVE-2025-40351, CVE-2025-40353, CVE-2025-40358, CVE-2025-40360, CVE-2025-40363, CVE-2025-68168, CVE-2025-68171, CVE-2025-68172, CVE-2025-68173, CVE-2025-68176, CVE-2025-68177, CVE-2025-68178, CVE-2025-68179, CVE-2025-68180, CVE-2025-68183, CVE-2025-68184, CVE-2025-68185, CVE-2025-68190, CVE-2025-68191, CVE-2025-68192, CVE-2025-68194, CVE-2025-68198, CVE-2025-68200, CVE-2025-68201, CVE-2025-68204, CVE-2025-68208, CVE-2025-68213, CVE-2025-68214, CVE-2025-68217, CVE-2025-68218, CVE-2025-68219, CVE-2025-68220, CVE-2025-68222, CVE-2025-68223, CVE-2025-68227, CVE-2025-68229, CVE-2025-68231, CVE-2025-68233, CVE-2025-68235, CVE-2025-68237, CVE-2025-68238, CVE-2025-68241, CVE-2025-68244, CVE-2025-68245, CVE-2025-68246, CVE-2025-68249, CVE-2025-68282, CVE-2025-68283, CVE-2025-68284, CVE-2025-68285, CVE-2025-68286, CVE-2025-68287, CVE-2025-68288, CVE-2025-68289, CVE-2025-68290, CVE-2025-68295, CVE-2025-68297, CVE-2025-68301, CVE-2025-68302, CVE-2025-68303, CVE-2025-68305, CVE-2025-68307, CVE-2025-68308, CVE-2025-68310, CVE-2025-68311, CVE-2025-68312, CVE-2025-68313, CVE-2025-68315, CVE-2025-68320, CVE-2025-68321, CVE-2025-68322, CVE-2025-68327, CVE-2025-68328, CVE-2025-68330, CVE-2025-68331, CVE-2025-68339, CVE-2025-68340, CVE-2025-68342, CVE-2025-68343, CVE-2025-68734)

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853, CVE-2026-23268, CVE-2026-23269) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - PowerPC architecture; - Sun Sparc architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - ATM drivers; - Drivers core; - Network block device driver; - Bluetooth drivers; - Bus devices; - Character device driver; - Hardware random number generator core; - TPM device driver; - Data acquisition framework and drivers; - Counter interface drivers; - CPU frequency scaling framework; - DMA engine subsystem; - Intel Stratix 10 firmware drivers; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - CoreSight HW tracing drivers; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; - Input Device (Miscellaneous) drivers; - Input Device (Tablet) drivers; - ISDN/mISDN subsystem; - Macintosh device drivers; - Multiple devices driver; - Media drivers; - MOST (Media Oriented Systems Transport) drivers; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - Texas Instruments network drivers; - Ethernet team driver; - MediaTek network drivers; - NVME drivers; - PA-RISC drivers; - PCI subsystem; - Performance monitor drivers; - Pin controllers subsystem; - Chrome hardware platform drivers; - x86 platform drivers; - ARM PM domains; - PPS (Pulse Per Second) driver; - PWM drivers; - Voltage and Current Regulator drivers; - S/390 drivers; - SCSI subsystem; - Texas Instruments SoC drivers; - SPI subsystem; - Realtek RTL8723BS SDIO drivers; - TCM subsystem; - Userspace I/O drivers; - Cadence USB3 driver; - DesignWare USB3 driver; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - USB Mass Storage drivers; - USB Type-C Connector System Software Interface driver; - Backlight driver; - Framebuffer layer; - Watchdog drivers; - BFS file system; - BTRFS file system; - File systems infrastructure; - Ext4 file system; - F2FS file system; - FUSE (File system in Userspace); - HFS file system; - HFS+ file system; - HugeTLB file system; - Journaling layer for block devices (JBD2); - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - File system notification infrastructure; - NTFS3 file system; - OCFS2 file system; - OrangeFS file system; - Proc file system; - SMB network file system; - SquashFS file system; - UDF file system; - XFS file system; - BPF subsystem; - Ethernet bridge; - Memory management; - padata parallel execution mechanism; - IP tunnels definitions; - Network traffic control; - Network sockets; - XFRM subsystem; - io_uring subsystem; - Control group (cgroup); - Locking primitives; - Padata parallel execution mechanism; - PID allocator; - Scheduler infrastructure; - Shadow Call Stack mechanism; - Tracing infrastructure; - 9P file system network protocol; - Bluetooth subsystem; - CAIF protocol; - CAN network layer; - Ceph Core library; - Networking core; - Ethtool driver; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - RF switch subsystem; - Rose network layer; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - Unix domain sockets; - VMware vSockets driver; - Wireless networking; - Rust bindings mechanism; - Integrity Measurement Architecture(IMA) framework; - Key management; - Simplified Mandatory Access Control Kernel framework; - FireWire sound drivers; - Turtle Beach Wavefront ALSA driver; - Intel ASoC drivers; - STMicroelectronics SoC drivers; - USB sound devices; (CVE-2022-49465, CVE-2022-49635, CVE-2024-36903, CVE-2024-36927, CVE-2024-37354, CVE-2024-41014, CVE-2024-46830, CVE-2024-47666, CVE-2024-49968, CVE-2024-53114, CVE-2024-56538, CVE-2024-58011, CVE-2025-21780, CVE-2025-21861, CVE-2025-22022, CVE-2025-22058, CVE-2025-22111, CVE-2025-22121, CVE-2025-23143, CVE-2025-38022, CVE-2025-38129, CVE-2025-38236, CVE-2025-38248, CVE-2025-38556, CVE-2025-38584, CVE-2025-39869, CVE-2025-39873, CVE-2025-39876, CVE-2025-39880, CVE-2025-39883, CVE-2025-39885, CVE-2025-39907, CVE-2025-39911, CVE-2025-39913, CVE-2025-39923, CVE-2025-39934, CVE-2025-39937, CVE-2025-39943, CVE-2025-39945, CVE-2025-39949, CVE-2025-39951, CVE-2025-39953, CVE-2025-39955, CVE-2025-39967, CVE-2025-39968, CVE-2025-39969, CVE-2025-39970, CVE-2025-39971, CVE-2025-39972, CVE-2025-39973, CVE-2025-39980, CVE-2025-39985, CVE-2025-39986, CVE-2025-39987, CVE-2025-39988, CVE-2025-39994, CVE-2025-39995, CVE-2025-39996, CVE-2025-39998, CVE-2025-40001, CVE-2025-40006, CVE-2025-40011, CVE-2025-40020, CVE-2025-40021, CVE-2025-40026, CVE-2025-40027, CVE-2025-40029, CVE-2025-40030, CVE-2025-40035, CVE-2025-40040, CVE-2025-40042, CVE-2025-40043, CVE-2025-40044, CVE-2025-40048, CVE-2025-40049, CVE-2025-40053, CVE-2025-40055, CVE-2025-40060, CVE-2025-40068, CVE-2025-40070, CVE-2025-40078, CVE-2025-40081, CVE-2025-40083, CVE-2025-40085, CVE-2025-40087, CVE-2025-40088, CVE-2025-40092, CVE-2025-40094, CVE-2025-40105, CVE-2025-40106, CVE-2025-40109, CVE-2025-40110, CVE-2025-40111, CVE-2025-40112, CVE-2025-40115, CVE-2025-40116, CVE-2025-40118, CVE-2025-40120, CVE-2025-40121, CVE-2025-40124, CVE-2025-40125, CVE-2025-40126, CVE-2025-40127, CVE-2025-40134, CVE-2025-40140, CVE-2025-40153, CVE-2025-40154, CVE-2025-40167, CVE-2025-40171, CVE-2025-40173, CVE-2025-40178, CVE-2025-40179, CVE-2025-40183, CVE-2025-40187, CVE-2025-40188, CVE-2025-40194, CVE-2025-40200, CVE-2025-40204, CVE-2025-40205, CVE-2025-40211, CVE-2025-40215, CVE-2025-40219, CVE-2025-40220, CVE-2025-40223, CVE-2025-40231, CVE-2025-40233, CVE-2025-40240, CVE-2025-40243, CVE-2025-40244, CVE-2025-40245, CVE-2025-40248, CVE-2025-40252, CVE-2025-40253, CVE-2025-40254, CVE-2025-40257, CVE-2025-40258, CVE-2025-40259, CVE-2025-40261, CVE-2025-40262, CVE-2025-40263, CVE-2025-40264, CVE-2025-40269, CVE-2025-40271, CVE-2025-40272, CVE-2025-40273, CVE-2025-40275, CVE-2025-40277, CVE-2025-40278, CVE-2025-40279, CVE-2025-40280, CVE-2025-40281, CVE-2025-40282, CVE-2025-40283, CVE-2025-40304, CVE-2025-40306, CVE-2025-40308, CVE-2025-40309, CVE-2025-40312, CVE-2025-40313, CVE-2025-40314, CVE-2025-40315, CVE-2025-40317, CVE-2025-40319, CVE-2025-40321, CVE-2025-40322, CVE-2025-40324, CVE-2025-40331, CVE-2025-40342, CVE-2025-40343, CVE-2025-40345, CVE-2025-40346, CVE-2025-40349, CVE-2025-40351, CVE-2025-40360, CVE-2025-40363, CVE-2025-68168, CVE-2025-68176, CVE-2025-68177, CVE-2025-68185, CVE-2025-68191, CVE-2025-68192, CVE-2025-68194, CVE-2025-68200, CVE-2025-68204, CVE-2025-68217, CVE-2025-68220, CVE-2025-68227, CVE-2025-68229, CVE-2025-68238, CVE-2025-68241, CVE-2025-68244, CVE-2025-68245, CVE-2025-68249, CVE-2025-68254, CVE-2025-68255, CVE-2025-68257, CVE-2025-68258, CVE-2025-68261, CVE-2025-68264, CVE-2025-68266, CVE-2025-68282, CVE-2025-68284, CVE-2025-68285, CVE-2025-68286, CVE-2025-68287, CVE-2025-68288, CVE-2025-68289, CVE-2025-68290, CVE-2025-68295, CVE-2025-68301, CVE-2025-68302, CVE-2025-68303, CVE-2025-68308, CVE-2025-68312, CVE-2025-68321, CVE-2025-68325, CVE-2025-68327, CVE-2025-68328, CVE-2025-68330, CVE-2025-68331, CVE-2025-68332, CVE-2025-68335, CVE-2025-68336, CVE-2025-68337, CVE-2025-68339, CVE-2025-68344, CVE-2025-68346, CVE-2025-68349, CVE-2025-68354, CVE-2025-68362, CVE-2025-68364, CVE-2025-68366, CVE-2025-68367, CVE-2025-68372, CVE-2025-68724, CVE-2025-68727, CVE-2025-68728, CVE-2025-68732, CVE-2025-68733, CVE-2025-68734, CVE-2025-68740, CVE-2025-68746, CVE-2025-68757, CVE-2025-68758, CVE-2025-68759, CVE-2025-68764, CVE-2025-68765, CVE-2025-68767, CVE-2025-68769, CVE-2025-68771, CVE-2025-68774, CVE-2025-68776, CVE-2025-68777, CVE-2025-68780, CVE-2025-68782, CVE-2025-68783, CVE-2025-68785, CVE-2025-68787, CVE-2025-68788, CVE-2025-68795, CVE-2025-68796, CVE-2025-68797, CVE-2025-68799, CVE-2025-68800, CVE-2025-68801, CVE-2025-68803, CVE-2025-68804, CVE-2025-68808, CVE-2025-68813, CVE-2025-68814, CVE-2025-68815, CVE-2025-68816, CVE-2025-68818, CVE-2025-68819, CVE-2025-68820, CVE-2025-71064, CVE-2025-71066, CVE-2025-71068, CVE-2025-71069, CVE-2025-71075, CVE-2025-71077, CVE-2025-71078, CVE-2025-71079, CVE-2025-71081, CVE-2025-71082, CVE-2025-71083, CVE-2025-71084, CVE-2025-71085, CVE-2025-71086, CVE-2025-71087, CVE-2025-71091, CVE-2025-71093, CVE-2025-71094, CVE-2025-71096, CVE-2025-71097, CVE-2025-71098, CVE-2025-71102, CVE-2025-71104, CVE-2025-71105, CVE-2025-71108, CVE-2025-71111, CVE-2025-71112, CVE-2025-71113, CVE-2025-71114, CVE-2025-71116, CVE-2025-71118, CVE-2025-71120, CVE-2025-71121, CVE-2025-71125, CVE-2025-71127, CVE-2025-71131, CVE-2025-71132, CVE-2025-71133, CVE-2025-71136, CVE-2025-71137, CVE-2025-71147, CVE-2025-71154, CVE-2025-71180, CVE-2025-71182, CVE-2026-22976, CVE-2026-22977, CVE-2026-22978, CVE-2026-22980, CVE-2026-22982, CVE-2026-22984, CVE-2026-22990, CVE-2026-22991, CVE-2026-22992, CVE-2026-23019, CVE-2026-23020, CVE-2026-23021, CVE-2026-23047)

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853) It was discovered that some AMD Zen 5 processors supporting RDSEED instruction did not properly handle entropy, potentially resulting in the consumption of insufficiently random values. A local attacker could possibly use this issue to influence the values returned by the RDSEED instruction causing loss of confidentiality and integrity. (CVE-2025-62626) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Compute Acceleration Framework; - ATM drivers; - Network block device driver; - Bluetooth drivers; - Data acquisition framework and drivers; - Hardware crypto device drivers; - Device frequency scaling framework; - Intel Stratix 10 firmware drivers; - GPIO subsystem; - GPU drivers; - Microsoft Hyper-V drivers; - CoreSight HW tracing drivers; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; - Input Device (Tablet) drivers; - IOMMU subsystem; - IRQ chip drivers; - Macintosh device drivers; - Multiple devices driver; - MOST (Media Oriented Systems Transport) drivers; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - Texas Instruments network drivers; - Ethernet team driver; - MediaTek network drivers; - NVME drivers; - Pin controllers subsystem; - x86 platform drivers; - Voltage and Current Regulator drivers; - Real Time Clock drivers; - S/390 drivers; - SCSI subsystem; - Texas Instruments SoC drivers; - SPI subsystem; - Media Oriented Systems Transport (MOST) driver; - Realtek RTL8723BS SDIO drivers; - TCM subsystem; - UFS subsystem; - DesignWare USB3 driver; - USB Gadget drivers; - Renesas USBHS Controller drivers; - USB Mass Storage drivers; - USB Type-C Connector System Software Interface driver; - Backlight driver; - Framebuffer layer; - AFS file system; - BFS file system; - BTRFS file system; - EROFS file system; - Ext4 file system; - FAT file system; - GFS2 file system; - Journaling layer for block devices (JBD2); - File systems infrastructure; - Network file system (NFS) client; - NTFS3 file system; - OCFS2 file system; - SMB network file system; - XFS file system; - BPF subsystem; - MediaTek SoC drivers; - Bluetooth subsystem; - io_uring subsystem; - Locking primitives; - Scheduler infrastructure; - Timer subsystem; - Tracing infrastructure; - Kexec HandOver (KHO); - Memory management; - Ceph Core library; - Networking core; - Devlink API; - IPv4 networking; - IPv6 networking; - Multipath TCP; - Open vSwitch; - Network traffic control; - VMware vSockets driver; - eXpress Data Path; - Integrity Measurement Architecture(IMA) framework; - Simplified Mandatory Access Control Kernel framework; - FireWire sound drivers; - HD-audio driver; - Turtle Beach Wavefront ALSA driver; - SoundWire (SDCA) ASoC drivers; (CVE-2025-40246, CVE-2025-40247, CVE-2025-40248, CVE-2025-40249, CVE-2025-40250, CVE-2025-40251, CVE-2025-40252, CVE-2025-40253, CVE-2025-40254, CVE-2025-40255, CVE-2025-40257, CVE-2025-40258, CVE-2025-40259, CVE-2025-40260, CVE-2025-40261, CVE-2025-40262, CVE-2025-40263, CVE-2025-40264, CVE-2025-40265, CVE-2025-40266, CVE-2025-40290, CVE-2025-40345, CVE-2025-68212, CVE-2025-68213, CVE-2025-68214, CVE-2025-68215, CVE-2025-68217, CVE-2025-68218, CVE-2025-68219, CVE-2025-68220, CVE-2025-68221, CVE-2025-68222, CVE-2025-68223, CVE-2025-68225, CVE-2025-68227, CVE-2025-68228, CVE-2025-68229, CVE-2025-68230, CVE-2025-68231, CVE-2025-68232, CVE-2025-68233, CVE-2025-68234, CVE-2025-68235, CVE-2025-68236, CVE-2025-68237, CVE-2025-68238, CVE-2025-68254, CVE-2025-68255, CVE-2025-68256, CVE-2025-68257, CVE-2025-68258, CVE-2025-68259, CVE-2025-68261, CVE-2025-68262, CVE-2025-68263, CVE-2025-68264, CVE-2025-68265, CVE-2025-68266, CVE-2025-68281, CVE-2025-68282, CVE-2025-68283, CVE-2025-68284, CVE-2025-68285, CVE-2025-68286, CVE-2025-68287, CVE-2025-68288, CVE-2025-68289, CVE-2025-68290, CVE-2025-68292, CVE-2025-68293, CVE-2025-68294, CVE-2025-68295, CVE-2025-68296, CVE-2025-68297, CVE-2025-68298, CVE-2025-68299, CVE-2025-68300, CVE-2025-68301, CVE-2025-68302, CVE-2025-68303, CVE-2025-68304, CVE-2025-68305, CVE-2025-68306, CVE-2025-68307, CVE-2025-68308, CVE-2025-68323, CVE-2025-68324, CVE-2025-68325, CVE-2025-68326, CVE-2025-68327, CVE-2025-68328, CVE-2025-68329, CVE-2025-68330, CVE-2025-68331, CVE-2025-68332, CVE-2025-68333, CVE-2025-68334, CVE-2025-68335, CVE-2025-68336, CVE-2025-68337, CVE-2025-68338, CVE-2025-68339, CVE-2025-68340, CVE-2025-68341, CVE-2025-68342, CVE-2025-68343, CVE-2025-68344, CVE-2025-68345, CVE-2025-68346, CVE-2025-68347, CVE-2025-68348, CVE-2025-68349, CVE-2025-68352, CVE-2025-68354, CVE-2025-68356, CVE-2025-68358, CVE-2025-68359, CVE-2025-68360, CVE-2025-68361, CVE-2025-68362, CVE-2025-68363, CVE-2025-68364, CVE-2025-68366, CVE-2025-68367, CVE-2025-68369, CVE-2025-68370, CVE-2025-68371, CVE-2025-68372, CVE-2025-68373, CVE-2025-68374, CVE-2025-68375, CVE-2025-68376, CVE-2025-68378, CVE-2025-68379, CVE-2025-68380, CVE-2025-68724, CVE-2025-68726, CVE-2025-68727, CVE-2025-68728, CVE-2025-68729, CVE-2025-68730, CVE-2025-68732, CVE-2025-68733, CVE-2025-68735, CVE-2025-68738, CVE-2025-68739, CVE-2025-68740, CVE-2025-68741, CVE-2025-68742, CVE-2025-68743, CVE-2025-68744, CVE-2025-68746, CVE-2025-68747, CVE-2025-68748, CVE-2025-68749, CVE-2025-68751, CVE-2025-68752, CVE-2025-68753, CVE-2025-68754, CVE-2025-68755, CVE-2025-68756, CVE-2025-68757, CVE-2025-68758, CVE-2025-68759, CVE-2025-68760, CVE-2025-68762, CVE-2025-68763, CVE-2025-68764, CVE-2025-68765, CVE-2025-68766, CVE-2025-71128)

It was discovered that tar-rs embedded in cargo-c incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to modify permissions of arbitrary directories outside the extraction root, and possibly escalate privileges.

It was discovered that tar-rs incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to modify permissions of arbitrary directories outside the extraction root, and possibly escalate privileges.

USN-8089-1 fixed vulnerabilities in Go Networking. This update provides the corresponding update to code vendored in golang-golang-x-net-dev. Original advisory details: Bahruz Jabiyev, Tommaso Innocenti, Anthony Gavazzi, Steven Sprecher, and Kaan Onarlioglu discovered that servers using Go Networking could hang during shutdown if preempted by a fatal error. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-27664) Arpad Ryszka and Jakob Ackermann discovered that a maliciously crafted stream could cause excessive CPU usage in Go Networking's HPACK decoder. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-41723) Mohammad Thoriq Aziz discovered that Go Networking did not properly sanitize some text nodes. An attacker could possibly use this to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-3978) Sean Ng discovered an error in Go Networking's HTML tag handling. An attacker could possibly use this to cause a denial of service. (CVE-2025-22872) Guido Vranken and Jakub Ciolek discovered that a maliciously crafted HTML document could exhaust system resources on servers using Go Networking. An attacker could possibly use this to cause a denial of service. (CVE-2025-47911) Guido Vranken discovered that a maliciously crafted HTML document could put servers using Go Networking into an infinite loop. An attacker could possibly use this to cause a denial of service. (CVE-2025-58190)

It was discovered that Dovecot incorrectly handled invalid base64 SASL data. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 25.10. (CVE-2025-59028) It was discovered that Dovecot script decode2text.sh incorrectly handled zip files. An attacker could possibly use this issue to obtain sensitive information. (CVE-2025-59031) It was discovered that Dovecot incorrectly handled certain AUTHENTICATE requests. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-59032) It was discovered that Dovecot incorrectly handled certain SQL based authentication. An attacker could possibly use this issue to bypass authentication. This issue only affected Ubuntu 25.10. (CVE-2026-24031) It was discovered that Dovecot incorrectly handled certain LDAP based authentication. An attacker could possibly use this issue to bypass restrictions and allow probing of LDAP structure. This issue only affected Ubuntu 25.10. (CVE-2026-27860) It was discovered that Dovecot is vulnerable to replay attack under certain conditions. An attacker could possibly use this issue to bypass authentication. (CVE-2026-27855) It was discovered that Dovecot is vulnerable to a timing attack under certain conditions. An attacker could possibly use this issue to bypass authentication. (CVE-2026-27856) It was discovered that Dovecot incorrectly handled certain IMAP login requests. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-27857) It was discovered that Dovecot incorrectly handled certain specially crafted messages. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-27858) It was discovered that Dovecot incorrectly handled certain specially crafted mail messages. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-27859) It was discovered that Dovecot incorrectly handles file paths. A attacker could possibly use this issue to perform a path traversal and obtain or modify arbitrary files. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2026-0394)

It was discovered that the Ruby URI gem did not properly handle sensitive information when combining URIs. A remote attacker could possibly use this issue to leak authentication credentials.

It was discovered that Pillow did not correctly handle reading J2K files, which could lead to an out-of-bounds read vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2021-25287, CVE-2021-25288) It was discovered that Pillow did not correctly handle certain integer arithmetic, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2021-25290) It was discovered that Pillow did not correctly perform bounds checking for certain operations. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2021-28675, CVE-2021-28676, CVE-2021-28677) It was discovered that Pillow did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-44271) It was discovered that Pillow did not correctly sanitize certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2023-50447)

It was discovered that Roundcube Webmail did not properly sanitize certain HTML elements within the e-mail body. An attacker could possibly use this issue to cause a cross-site scripting attack. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2016-4068, CVE-2016-4069) It was discovered that Roundcube Webmail did not properly handle certain configuration parameters. An attacker could possibly use this issue to execute arbitrary code. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2016-9920) It was discovered that Roundcube Webmail did not properly sanitize CSS styles within SVG documents. An attacker could possibly use this issue to cause a cross-site scripting attack. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2017-6820) It was discovered that Roundcube Webmail did not properly restrict exec call in certain drivers of the password plugin. An authenticated user could possibly use this issue to perform arbitrary password resets. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2017-8114) It was discovered that Roundcube Webmail did not properly set file permissions within the Enigma plugin. An attacker could possibly use this issue to exfiltrate GPG private keys via network connectivity. (CVE-2018-1000071) It was discovered that Roundcube Webmail did not properly handle GnuPG MDC integrity-protection warnings. An attacker could possibly use this issue to obtain sensitive information from encrypted communications. (CVE-2018-19205) It was discovered that Roundcube Webmail did not properly sanitize and tags within HTML attachments. An attacker could possibly use this issue to cause a cross-site scripting attack. (CVE-2018-19206) It was discovered that Roundcube Webmail did not properly handle partially encrypted multipart messages. An attacker could possibly use this issue to cause leaking of the plaintext of encrypted messages via an email reply. (CVE-2019-10740) It was discovered that Roundcube Webmail did not properly sanitize a certain parameter within the archive plugin. An attacker could possibly use this issue to perform an IMAP injection attack. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2018-9846)

It was discovered that pyasn1 could exhaust system resources when attempting to decode a malformed certificate. An attacker could possibly use this to cause a denial of service. (CVE-2026-23490) Kevin Tu discovered that pyasn1 could exhaust system resources via uncontrolled recursion when attempting to decode malicously-crafted certificates. An attacker could possibly use this to cause a denial of service. (CVE-2026-30922)

It was discovered that PyJWT did not validate the critical header parameter, contrary to the RFC specification expectations. A remote attacker could possibly use this issue to bypass certain authentication checks and restrictions.

It was discovered that GStreamer Good Plugins incorrectly handled certain X-QDM RTP payloads. A remote attacker could use this issue to cause GStreamer Good Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code.

It was discovered that GStreamer Base Plugins incorrectly handled certain AVI media files. A remote attacker could use this issue to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code.

It was discovered that pyasn1 incorrectly handled recursion when decoding ASN.1 data. An attacker could use this issue to cause pyasn1 to consume resources, leading to a denial of service._

It was discovered that ImageMagick did not properly process certain tags prior to an image being loaded. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service. (CVE-2026-23952) It was discovered that ImageMagick did not properly handle temporary file creation failures. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service. (CVE-2026-25795) It was discovered that ImageMagick did not properly manage memory under certain conditions. An attacker could possibly use this issue to cause ImageMagick to consume resources, resulting in a denial of service. (CVE-2026-25796) It was discovered that ImageMagick incorrectly handled certain specially crafted image files. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service. (CVE-2026-25798) It was discovered that ImageMagick did not properly validate certain YUV sampling factors. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service. (CVE-2026-25799) It was discovered that ImageMagick incorrectly handled certain specially crafted image files. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2026-25970) It was discovered that ImageMagick incorrectly managed memory when handling certain specially crafted image files. An attacker could possibly use this issue to cause ImageMagick to consume resources, resulting in a denial of service. (CVE-2026-25988) It was discovered that ImageMagick incorrectly handled certain crafted image profiles. An attacker could possibly use this issue to cause ImageMagick to consume available resources, resulting in a denial of service. (CVE-2026-26066) It was discovered that ImageMagick incorrectly handled large image profiles when encoding PNG images. An attacker could use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-30883) Kamil Frankowicz discovered that ImageMagick incorrectly handled certain XML data. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service. (CVE-2026-32636)

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - GPIO subsystem; - GPU drivers; - BTRFS file system; - XFRM subsystem; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - SMC sockets; (CVE-2021-47599, CVE-2022-48875, CVE-2022-49072, CVE-2024-49927, CVE-2024-56640, CVE-2025-21780, CVE-2025-40215)

It was discovered that CryptX did not verify authentication tags while performing GCM and ChaCha20-Poly1305 decryption. An attacker could possibly use this issue to cause CryptX to accept modified ciphertext, leading to data integrity violations or authentication bypass. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-25099) It was discovered that CryptX included a version of the tomcrypt library that was susceptible to malformed unicode handling. An attacker could possibly use this issue to cause unexpected behavior or incorrect processing of crafted input. This issue only affected Ubuntu 18.04 LTS. (CVE-2025-40912) It was discovered that CryptX included a version of the libtommath library that was susceptible to an integer overflow. An attacker could possibly use this issue to cause memory corruption or a denial of service. (CVE-2025-40914)

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853) It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Sun Sparc architecture; - User-Mode Linux (UML); - x86 architecture; - Xtensa architecture; - Block layer subsystem; - Cryptographic API; - Compute Acceleration Framework; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - ATM drivers; - Drivers core; - ATA over ethernet (AOE) driver; - DRBD Distributed Replicated Block Device drivers; - Block device driver; - Network block device driver; - Ublk userspace block driver; - Bluetooth drivers; - Bus devices; - Hardware random number generator core; - Character device driver; - TPM device driver; - Clock framework and drivers; - Data acquisition framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - Device frequency scaling framework; - Buffer Sharing and Synchronization framework; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - ARM SCMI message protocol; - EFI core; - Intel Stratix 10 firmware drivers; - FPGA Framework; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - CoreSight HW tracing drivers; - I2C subsystem; - I3C subsystem; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; - Input Device (Miscellaneous) drivers; - Input Device (Tablet) drivers; - IOMMU subsystem; - IRQ chip drivers; - ISDN/mISDN subsystem; - Mailbox framework; - MCB driver; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - Fastrpc Driver; - Microchip PCI driver; - Intel Management Engine Interface driver; - PCI Endpoint Test driver; - TI TPS6594 PFSM driver; - VMware VMCI Driver; - MMC subsystem; - MOST (Media Oriented Systems Transport) drivers; - MTD block device drivers; - Ethernet bonding driver; - Network drivers; - Mellanox network drivers; - STMicroelectronics network drivers; - Texas Instruments network drivers; - Ethernet team driver; - MediaTek network drivers; - NVDIMM (Non-Volatile Memory Device) drivers; - NVME drivers; - PCI subsystem; - PCCARD (PCMCIA/CardBus) bus subsystem; - Amlogic Meson DDR PMU; - Performance monitor drivers; - PHY drivers; - Pin controllers subsystem; - x86 platform drivers; - ARM PM domains; - Power supply drivers; - Powercap sysfs driver; - PPS (Pulse Per Second) driver; - PTP clock framework; - PWM drivers; - RapidIO drivers; - Voltage and Current Regulator drivers; - Remote Processor subsystem; - S/390 drivers; - SCSI subsystem; - ASPEED SoC drivers; - QCOM SoC drivers; - Samsung SoC drivers; - Texas Instruments SoC drivers; - SPI subsystem; - small TFT LCD display modules; - Media staging drivers; - TCM subsystem; - Trusted Execution Environment drivers; - Thunderbolt and USB4 drivers; - TTY drivers; - UFS subsystem; - Userspace I/O drivers; - Cadence USB3 driver; - ChipIdea USB driver; - USB Device Class drivers; - USB core drivers; - DesignWare USB3 driver; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - USB Mass Storage drivers; - USB Type-C support driver; - USB Type-C Connector System Software Interface driver; - VFIO drivers; - Virtio Host (VHOST) subsystem; - Backlight driver; - Framebuffer layer; - TSM Common Guest driver; - Virtio drivers; - Xen hypervisor drivers; - AFS file system; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - EFI Variable file system; - exFAT file system; - Ext4 file system; - F2FS file system; - FUSE (File system in Userspace); - GFS2 file system; - HFS file system; - HFS+ file system; - HugeTLB file system; - Journaling layer for block devices (JBD2); - JFFS2 file system; - JFS file system; - KERNFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - File system notification infrastructure; - NTFS3 file system; - OCFS2 file system; - OrangeFS file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - SquashFS file system; - UDF file system; - XFS file system; - DRM display driver; - Asynchronous Transfer Mode (ATM) subsystem; - BPF subsystem; - Memory Management; - Internal shared memory driver; - LZO compression library; - Mellanox drivers; - NFS page cache wrapper; - padata parallel execution mechanism; - Memory management; - Networking subsytem; - Media input infrastructure; - Bluetooth subsystem; - IP tunnels definitions; - Netfilter; - Network traffic control; - Rose network layer; - SCTP protocol; - Network sockets; - UDP network protocol; - eXpress Data Path; - XFRM subsystem; - Digital Audio (PCM) driver; - Universal MIDI packet (UMP) support module; - Tracing infrastructure; - User-space API (UAPI); - io_uring subsystem; - IPC subsystem; - Control group (cgroup); - Kernel crash support code; - Perf events; - Kernel exit() syscall; - Kernel futex primitives; - IRQ subsystem; - Padata parallel execution mechanism; - Kernel command line parsing driver; - PID allocator; - Hibernation control; - RCU subsystem; - Restartable seuqences system call mechanism; - Scheduler infrastructure; - Syscalls implementation; - Timer subsystem; - Maple Tree data structure library; - KASAN memory debugging framework; - 802.1Q VLAN protocol; - 9P file system network protocol; - Appletalk network protocol; - Amateur Radio drivers; - B.A.T.M.A.N. meshing protocol; - Ethernet bridge; - CAN network layer; - Ceph Core library; - Networking core; - Devlink API; - Distributed Switch Architecture; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Management Component Transport Protocol (MCTP); - MultiProtocol Label Switching driver; - Multipath TCP; - NetLabel subsystem; - Netlink; - NFC subsystem; - Open vSwitch; - RDS protocol; - RF switch subsystem; - RxRPC session sockets; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - Unix domain sockets; - VMware vSockets driver; - Wireless networking; - Integrity Measurement Architecture(IMA) framework; - ALSA framework; - WCD audio codecs; - Intel ASoC drivers; - MediaTek ASoC drivers; - QCOM ASoC drivers; - SoC audio core drivers; - USB sound devices; - Virtio sound driver; - CPU Power monitoring subsystem; - KVM subsystem; (CVE-2025-21833, CVE-2025-21884, CVE-2025-21931, CVE-2025-22026, CVE-2025-22037, CVE-2025-22101, CVE-2025-22102, CVE-2025-22103, CVE-2025-22105, CVE-2025-22106, CVE-2025-22107, CVE-2025-22113, CVE-2025-22115, CVE-2025-22120, CVE-2025-22121, CVE-2025-22124, CVE-2025-22125, CVE-2025-22126, CVE-2025-22128, CVE-2025-23129, CVE-2025-23130, CVE-2025-23133, CVE-2025-23140, CVE-2025-23141, CVE-2025-23142, CVE-2025-23143, CVE-2025-23144, CVE-2025-23145, CVE-2025-23146, CVE-2025-23147, CVE-2025-23148, CVE-2025-23149, CVE-2025-23150, CVE-2025-23151, CVE-2025-23155, CVE-2025-23156, CVE-2025-23157, CVE-2025-23158, CVE-2025-23159, CVE-2025-23160, CVE-2025-23161, CVE-2025-23163, CVE-2025-37738, CVE-2025-37739, CVE-2025-37740, CVE-2025-37741, CVE-2025-37742, CVE-2025-37744, CVE-2025-37745, CVE-2025-37748, CVE-2025-37749, CVE-2025-37754, CVE-2025-37755, CVE-2025-37757, CVE-2025-37758, CVE-2025-37759, CVE-2025-37761, CVE-2025-37763, CVE-2025-37764, CVE-2025-37765, CVE-2025-37766, CVE-2025-37767, CVE-2025-37768, CVE-2025-37769, CVE-2025-37770, CVE-2025-37771, CVE-2025-37772, CVE-2025-37773, CVE-2025-37775, CVE-2025-37777, CVE-2025-37778, CVE-2025-37780, CVE-2025-37781, CVE-2025-37784, CVE-2025-37786, CVE-2025-37787, CVE-2025-37788, CVE-2025-37789, CVE-2025-37790, CVE-2025-37792, CVE-2025-37793, CVE-2025-37794, CVE-2025-37796, CVE-2025-37799, CVE-2025-37800, CVE-2025-37801, CVE-2025-37803, CVE-2025-37805, CVE-2025-37808, CVE-2025-37809, CVE-2025-37810, CVE-2025-37811, CVE-2025-37812, CVE-2025-37813, CVE-2025-37815, CVE-2025-37816, CVE-2025-37817, CVE-2025-37819, CVE-2025-37820, CVE-2025-37822, CVE-2025-37823, CVE-2025-37824, CVE-2025-37826, CVE-2025-37827, CVE-2025-37828, CVE-2025-37829, CVE-2025-37830, CVE-2025-37831, CVE-2025-37836, CVE-2025-37839, CVE-2025-37840, CVE-2025-37841, CVE-2025-37842, CVE-2025-37844, CVE-2025-37846, CVE-2025-37849, CVE-2025-37850, CVE-2025-37851, CVE-2025-37852, CVE-2025-37853, CVE-2025-37854, CVE-2025-37856, CVE-2025-37857, CVE-2025-37858, CVE-2025-37859, CVE-2025-37860, CVE-2025-37861, CVE-2025-37862, CVE-2025-37863, CVE-2025-37864, CVE-2025-37865, CVE-2025-37867, CVE-2025-37869, CVE-2025-37871, CVE-2025-37872, CVE-2025-37873, CVE-2025-37874, CVE-2025-37875, CVE-2025-37878, CVE-2025-37879, CVE-2025-37881, CVE-2025-37883, CVE-2025-37884, CVE-2025-37885, CVE-2025-37886, CVE-2025-37887, CVE-2025-37891, CVE-2025-37892, CVE-2025-37897, CVE-2025-37899, CVE-2025-37900, CVE-2025-37901, CVE-2025-37903, CVE-2025-37905, CVE-2025-37909, CVE-2025-37911, CVE-2025-37912, CVE-2025-37913, CVE-2025-37914, CVE-2025-37915, CVE-2025-37916, CVE-2025-37917, CVE-2025-37918, CVE-2025-37920, CVE-2025-37921, CVE-2025-37922, CVE-2025-37923, CVE-2025-37924, CVE-2025-37925, CVE-2025-37927, CVE-2025-37928, CVE-2025-37930, CVE-2025-37931, CVE-2025-37933, CVE-2025-37935, CVE-2025-37936, CVE-2025-37938, CVE-2025-37940, CVE-2025-37943, CVE-2025-37944, CVE-2025-37945, CVE-2025-37947, CVE-2025-37948, CVE-2025-37949, CVE-2025-37951, CVE-2025-37952, CVE-2025-37956, CVE-2025-37957, CVE-2025-37959, CVE-2025-37960, CVE-2025-37961, CVE-2025-37962, CVE-2025-37963, CVE-2025-37967, CVE-2025-37968, CVE-2025-37969, CVE-2025-37970, CVE-2025-37972, CVE-2025-37973, CVE-2025-37975, CVE-2025-37977, CVE-2025-37978, CVE-2025-37979, CVE-2025-37980, CVE-2025-37982, CVE-2025-37983, CVE-2025-37984, CVE-2025-37985, CVE-2025-37986, CVE-2025-37987, CVE-2025-37988, CVE-2025-37989, CVE-2025-37990, CVE-2025-37991, CVE-2025-37992, CVE-2025-37994, CVE-2025-37995, CVE-2025-37998, CVE-2025-38003, CVE-2025-38004, CVE-2025-38005, CVE-2025-38006, CVE-2025-38007, CVE-2025-38008, CVE-2025-38009, CVE-2025-38010, CVE-2025-38011, CVE-2025-38013, CVE-2025-38014, CVE-2025-38015, CVE-2025-38018, CVE-2025-38019, CVE-2025-38020, CVE-2025-38023, CVE-2025-38024, CVE-2025-38027, CVE-2025-38031, CVE-2025-38034, CVE-2025-38035, CVE-2025-38037, CVE-2025-38039, CVE-2025-38040, CVE-2025-38043, CVE-2025-38044, CVE-2025-38045, CVE-2025-38048, CVE-2025-38051, CVE-2025-38052, CVE-2025-38053, CVE-2025-38055, CVE-2025-38057, CVE-2025-38058, CVE-2025-38059, CVE-2025-38060, CVE-2025-38061, CVE-2025-38062, CVE-2025-38063, CVE-2025-38065, CVE-2025-38066, CVE-2025-38067, CVE-2025-38068, CVE-2025-38071, CVE-2025-38072, CVE-2025-38074, CVE-2025-38075, CVE-2025-38077, CVE-2025-38078, CVE-2025-38079, CVE-2025-38080, CVE-2025-38081, CVE-2025-38084, CVE-2025-38085, CVE-2025-38086, CVE-2025-38087, CVE-2025-38088, CVE-2025-38089, CVE-2025-38090, CVE-2025-38094, CVE-2025-38095, CVE-2025-38097, CVE-2025-38098, CVE-2025-38099, CVE-2025-38100, CVE-2025-38101, CVE-2025-38102, CVE-2025-38103, CVE-2025-38104, CVE-2025-38105, CVE-2025-38107, CVE-2025-38108, CVE-2025-38109, CVE-2025-38110, CVE-2025-38111, CVE-2025-38112, CVE-2025-38113, CVE-2025-38115, CVE-2025-38117, CVE-2025-38119, CVE-2025-38120, CVE-2025-38122, CVE-2025-38123, CVE-2025-38124, CVE-2025-38125, CVE-2025-38126, CVE-2025-38127, CVE-2025-38129, CVE-2025-38131, CVE-2025-38135, CVE-2025-38136, CVE-2025-38138, CVE-2025-38142, CVE-2025-38143, CVE-2025-38145, CVE-2025-38146, CVE-2025-38147, CVE-2025-38148, CVE-2025-38149, CVE-2025-38153, CVE-2025-38154, CVE-2025-38155, CVE-2025-38156, CVE-2025-38157, CVE-2025-38158, CVE-2025-38159, CVE-2025-38160, CVE-2025-38161, CVE-2025-38162, CVE-2025-38163, CVE-2025-38164, CVE-2025-38165, CVE-2025-38166, CVE-2025-38167, CVE-2025-38169, CVE-2025-38170, CVE-2025-38173, CVE-2025-38174, CVE-2025-38180, CVE-2025-38181, CVE-2025-38182, CVE-2025-38183, CVE-2025-38184, CVE-2025-38185, CVE-2025-38190, CVE-2025-38191, CVE-2025-38192, CVE-2025-38193, CVE-2025-38194, CVE-2025-38197, CVE-2025-38198, CVE-2025-38200, CVE-2025-38202, CVE-2025-38208, CVE-2025-38210, CVE-2025-38211, CVE-2025-38212, CVE-2025-38214, CVE-2025-38215, CVE-2025-38217, CVE-2025-38218, CVE-2025-38219, CVE-2025-38220, CVE-2025-38222, CVE-2025-38225, CVE-2025-38226, CVE-2025-38229, CVE-2025-38230, CVE-2025-38231, CVE-2025-38232, CVE-2025-38236, CVE-2025-38239, CVE-2025-38245, CVE-2025-38246, CVE-2025-38248, CVE-2025-38249, CVE-2025-38250, CVE-2025-38251, CVE-2025-38253, CVE-2025-38255, CVE-2025-38257, CVE-2025-38258, CVE-2025-38259, CVE-2025-38260, CVE-2025-38262, CVE-2025-38263, CVE-2025-38264, CVE-2025-38265, CVE-2025-38269, CVE-2025-38274, CVE-2025-38275, CVE-2025-38277, CVE-2025-38278, CVE-2025-38279, CVE-2025-38280, CVE-2025-38282, CVE-2025-38283, CVE-2025-38285, CVE-2025-38286, CVE-2025-38289, CVE-2025-38290, CVE-2025-38292, CVE-2025-38293, CVE-2025-38295, CVE-2025-38298, CVE-2025-38299, CVE-2025-38300, CVE-2025-38303, CVE-2025-38304, CVE-2025-38305, CVE-2025-38307, CVE-2025-38310, CVE-2025-38312, CVE-2025-38313, CVE-2025-38319, CVE-2025-38320, CVE-2025-38321, CVE-2025-38322, CVE-2025-38323, CVE-2025-38324, CVE-2025-38326, CVE-2025-38328, CVE-2025-38331, CVE-2025-38332, CVE-2025-38333, CVE-2025-38334, CVE-2025-38335, CVE-2025-38336, CVE-2025-38337, CVE-2025-38338, CVE-2025-38342, CVE-2025-38343, CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38347, CVE-2025-38348, CVE-2025-38349, CVE-2025-38351, CVE-2025-38354, CVE-2025-38361, CVE-2025-38362, CVE-2025-38363, CVE-2025-38364, CVE-2025-38365, CVE-2025-38368, CVE-2025-38369, CVE-2025-38371, CVE-2025-38373, CVE-2025-38374, CVE-2025-38375, CVE-2025-38376, CVE-2025-38377, CVE-2025-38382, CVE-2025-38384, CVE-2025-38385, CVE-2025-38386, CVE-2025-38387, CVE-2025-38388, CVE-2025-38389, CVE-2025-38390, CVE-2025-38391, CVE-2025-38392, CVE-2025-38393, CVE-2025-38395, CVE-2025-38396, CVE-2025-38399, CVE-2025-38400, CVE-2025-38401, CVE-2025-38402, CVE-2025-38403, CVE-2025-38405, CVE-2025-38406, CVE-2025-38407, CVE-2025-38408, CVE-2025-38409, CVE-2025-38410, CVE-2025-38412, CVE-2025-38414, CVE-2025-38415, CVE-2025-38416, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420, CVE-2025-38422, CVE-2025-38424, CVE-2025-38425, CVE-2025-38427, CVE-2025-38428, CVE-2025-38429, CVE-2025-38430, CVE-2025-38436, CVE-2025-38437, CVE-2025-38439, CVE-2025-38441, CVE-2025-38443, CVE-2025-38444, CVE-2025-38445, CVE-2025-38448, CVE-2025-38449, CVE-2025-38455, CVE-2025-38456, CVE-2025-38457, CVE-2025-38458, CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462, CVE-2025-38463, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466, CVE-2025-38467, CVE-2025-38468, CVE-2025-38469, CVE-2025-38470, CVE-2025-38471, CVE-2025-38472, CVE-2025-38473, CVE-2025-38474, CVE-2025-38476, CVE-2025-38478, CVE-2025-38480, CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38485, CVE-2025-38487, CVE-2025-38488, CVE-2025-38489, CVE-2025-38490, CVE-2025-38491, CVE-2025-38493, CVE-2025-38494, CVE-2025-38495, CVE-2025-38496, CVE-2025-38497, CVE-2025-38499, CVE-2025-38501, CVE-2025-38502, CVE-2025-38503, CVE-2025-38506, CVE-2025-38507, CVE-2025-38510, CVE-2025-38511, CVE-2025-38512, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515, CVE-2025-38516, CVE-2025-38520, CVE-2025-38521, CVE-2025-38524, CVE-2025-38526, CVE-2025-38527, CVE-2025-38528, CVE-2025-38529, CVE-2025-38530, CVE-2025-38531, CVE-2025-38532, CVE-2025-38533, CVE-2025-38535, CVE-2025-38537, CVE-2025-38538, CVE-2025-38539, CVE-2025-38540, CVE-2025-38542, CVE-2025-38543, CVE-2025-38544, CVE-2025-38546, CVE-2025-38548, CVE-2025-38549, CVE-2025-38550, CVE-2025-38551, CVE-2025-38552, CVE-2025-38553, CVE-2025-38555, CVE-2025-38556, CVE-2025-38560, CVE-2025-38561, CVE-2025-38562, CVE-2025-38566, CVE-2025-38568, CVE-2025-38569, CVE-2025-38571, CVE-2025-38572, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577, CVE-2025-38578, CVE-2025-38579, CVE-2025-38581, CVE-2025-38582, CVE-2025-38583, CVE-2025-38584, CVE-2025-38585, CVE-2025-38587, CVE-2025-38588, CVE-2025-38590, CVE-2025-38593, CVE-2025-38595, CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38608, CVE-2025-38609, CVE-2025-38610, CVE-2025-38612, CVE-2025-38614, CVE-2025-38615, CVE-2025-38619, CVE-2025-38622, CVE-2025-38623, CVE-2025-38624, CVE-2025-38625, CVE-2025-38626, CVE-2025-38627, CVE-2025-38630, CVE-2025-38632, CVE-2025-38634, CVE-2025-38635, CVE-2025-38639, CVE-2025-38640, CVE-2025-38643, CVE-2025-38644, CVE-2025-38645, CVE-2025-38646, CVE-2025-38648, CVE-2025-38650, CVE-2025-38652, CVE-2025-38653, CVE-2025-38659, CVE-2025-38660, CVE-2025-38663, CVE-2025-38664, CVE-2025-38665, CVE-2025-38668, CVE-2025-38670, CVE-2025-38671, CVE-2025-38675, CVE-2025-38676, CVE-2025-38677, CVE-2025-38679, CVE-2025-38680, CVE-2025-38681, CVE-2025-38684, CVE-2025-38685, CVE-2025-38686, CVE-2025-38687, CVE-2025-38688, CVE-2025-38691, CVE-2025-38692, CVE-2025-38693, CVE-2025-38694, CVE-2025-38695, CVE-2025-38696, CVE-2025-38697, CVE-2025-38698, CVE-2025-38699, CVE-2025-38700, CVE-2025-38701, CVE-2025-38702, CVE-2025-38703, CVE-2025-38704, CVE-2025-38705, CVE-2025-38706, CVE-2025-38707, CVE-2025-38708, CVE-2025-38709, CVE-2025-38710, CVE-2025-38711, CVE-2025-38712, CVE-2025-38713, CVE-2025-38714, CVE-2025-38715, CVE-2025-38716, CVE-2025-38718, CVE-2025-38721, CVE-2025-38722, CVE-2025-38724, CVE-2025-38725, CVE-2025-38728, CVE-2025-38729, CVE-2025-38730, CVE-2025-38732, CVE-2025-38734, CVE-2025-38735, CVE-2025-39673, CVE-2025-39675, CVE-2025-39676, CVE-2025-39678, CVE-2025-39679, CVE-2025-39681, CVE-2025-39683, CVE-2025-39684, CVE-2025-39685, CVE-2025-39686, CVE-2025-39687, CVE-2025-39689, CVE-2025-39691, CVE-2025-39692, CVE-2025-39693, CVE-2025-39694, CVE-2025-39697, CVE-2025-39698, CVE-2025-39701, CVE-2025-39702, CVE-2025-39703, CVE-2025-39705, CVE-2025-39706, CVE-2025-39707, CVE-2025-39709, CVE-2025-39710, CVE-2025-39711, CVE-2025-39712, CVE-2025-39713, CVE-2025-39714, CVE-2025-39715, CVE-2025-39716, CVE-2025-39718, CVE-2025-39719, CVE-2025-39720, CVE-2025-39721, CVE-2025-39724, CVE-2025-39726, CVE-2025-39730, CVE-2025-39731, CVE-2025-39732, CVE-2025-39734, CVE-2025-39736, CVE-2025-39737, CVE-2025-39738, CVE-2025-39739, CVE-2025-39742, CVE-2025-39743, CVE-2025-39744, CVE-2025-39746, CVE-2025-39747, CVE-2025-39748, CVE-2025-39749, CVE-2025-39750, CVE-2025-39752, CVE-2025-39753, CVE-2025-39756, CVE-2025-39757, CVE-2025-39758, CVE-2025-39759, CVE-2025-39760, CVE-2025-39761, CVE-2025-39763, CVE-2025-39766, CVE-2025-39770, CVE-2025-39772, CVE-2025-39773, CVE-2025-39776, CVE-2025-39779, CVE-2025-39781, CVE-2025-39782, CVE-2025-39783, CVE-2025-39787, CVE-2025-39788, CVE-2025-39790, CVE-2025-39794, CVE-2025-39795, CVE-2025-39797, CVE-2025-39798, CVE-2025-39800, CVE-2025-39801, CVE-2025-39805, CVE-2025-39806, CVE-2025-39807, CVE-2025-39808, CVE-2025-39810, CVE-2025-39811, CVE-2025-39812, CVE-2025-39813, CVE-2025-39815, CVE-2025-39817, CVE-2025-39819, CVE-2025-39823, CVE-2025-39824, CVE-2025-39825, CVE-2025-39826, CVE-2025-39827, CVE-2025-39828, CVE-2025-39829, CVE-2025-39832, CVE-2025-39835, CVE-2025-39836, CVE-2025-39838, CVE-2025-39839, CVE-2025-39841, CVE-2025-39842, CVE-2025-39843, CVE-2025-39844, CVE-2025-39845, CVE-2025-39846, CVE-2025-39847, CVE-2025-39848, CVE-2025-39849, CVE-2025-39850, CVE-2025-39851, CVE-2025-39852, CVE-2025-39853, CVE-2025-39854, CVE-2025-39857, CVE-2025-39860, CVE-2025-39861, CVE-2025-39863, CVE-2025-39864, CVE-2025-39865, CVE-2025-39866, CVE-2025-39869, CVE-2025-39870, CVE-2025-39871, CVE-2025-39873, CVE-2025-39876, CVE-2025-39877, CVE-2025-39880, CVE-2025-39881, CVE-2025-39883, CVE-2025-39885, CVE-2025-39886, CVE-2025-39889, CVE-2025-39890, CVE-2025-39891, CVE-2025-39894, CVE-2025-39895, CVE-2025-39897, CVE-2025-39899, CVE-2025-39901, CVE-2025-39902, CVE-2025-39907, CVE-2025-39909, CVE-2025-39911, CVE-2025-39913, CVE-2025-39914, CVE-2025-39916, CVE-2025-39920, CVE-2025-39923, CVE-2025-39927, CVE-2025-39929, CVE-2025-39931, CVE-2025-39932, CVE-2025-39934, CVE-2025-39937, CVE-2025-39938, CVE-2025-39940, CVE-2025-39942, CVE-2025-39943, CVE-2025-39944, CVE-2025-39945, CVE-2025-39946, CVE-2025-39947, CVE-2025-39948, CVE-2025-39949, CVE-2025-39950, CVE-2025-39951, CVE-2025-39952, CVE-2025-39953, CVE-2025-39955, CVE-2025-39957, CVE-2025-39961, CVE-2025-39965, CVE-2025-39967, CVE-2025-39968, CVE-2025-39969, CVE-2025-39970, CVE-2025-39971, CVE-2025-39972, CVE-2025-39973, CVE-2025-39977, CVE-2025-39978, CVE-2025-39980, CVE-2025-39981, CVE-2025-39982, CVE-2025-39985, CVE-2025-39986, CVE-2025-39987, CVE-2025-39988, CVE-2025-39989, CVE-2025-39991, CVE-2025-39992, CVE-2025-39994, CVE-2025-39995, CVE-2025-39996, CVE-2025-39998, CVE-2025-40000, CVE-2025-40001, CVE-2025-40006, CVE-2025-40008, CVE-2025-40009, CVE-2025-40010, CVE-2025-40011, CVE-2025-40013, CVE-2025-40016, CVE-2025-40019, CVE-2025-40020, CVE-2025-40021, CVE-2025-40024, CVE-2025-40026, CVE-2025-40027, CVE-2025-40029, CVE-2025-40030, CVE-2025-40031, CVE-2025-40032, CVE-2025-40033, CVE-2025-40035, CVE-2025-40036, CVE-2025-40037, CVE-2025-40038, CVE-2025-40042, CVE-2025-40043, CVE-2025-40044, CVE-2025-40047, CVE-2025-40048, CVE-2025-40049, CVE-2025-40051, CVE-2025-40052, CVE-2025-40053, CVE-2025-40055, CVE-2025-40056, CVE-2025-40057, CVE-2025-40058, CVE-2025-40059, CVE-2025-40060, CVE-2025-40061, CVE-2025-40062, CVE-2025-40067, CVE-2025-40068, CVE-2025-40070, CVE-2025-40071, CVE-2025-40077, CVE-2025-40078, CVE-2025-40079, CVE-2025-40080, CVE-2025-40081, CVE-2025-40083, CVE-2025-40084, CVE-2025-40085, CVE-2025-40087, CVE-2025-40088, CVE-2025-40092, CVE-2025-40093, CVE-2025-40094, CVE-2025-40095, CVE-2025-40096, CVE-2025-40099, CVE-2025-40100, CVE-2025-40101, CVE-2025-40103, CVE-2025-40104, CVE-2025-40105, CVE-2025-40106, CVE-2025-40107, CVE-2025-40109, CVE-2025-40110, CVE-2025-40111, CVE-2025-40112, CVE-2025-40115, CVE-2025-40116, CVE-2025-40118, CVE-2025-40120, CVE-2025-40121, CVE-2025-40123, CVE-2025-40124, CVE-2025-40125, CVE-2025-40126, CVE-2025-40127, CVE-2025-40129, CVE-2025-40134, CVE-2025-40137, CVE-2025-40140, CVE-2025-40141, CVE-2025-40153, CVE-2025-40154, CVE-2025-40155, CVE-2025-40156, CVE-2025-40159, CVE-2025-40160, CVE-2025-40165, CVE-2025-40166, CVE-2025-40167, CVE-2025-40169, CVE-2025-40171, CVE-2025-40172, CVE-2025-40173, CVE-2025-40176, CVE-2025-40178, CVE-2025-40179, CVE-2025-40180, CVE-2025-40183, CVE-2025-40187, CVE-2025-40188, CVE-2025-40192, CVE-2025-40193, CVE-2025-40194, CVE-2025-40196, CVE-2025-40198, CVE-2025-40200, CVE-2025-40201, CVE-2025-40202, CVE-2025-40204, CVE-2025-40205, CVE-2025-40206, CVE-2025-40207, CVE-2025-40211, CVE-2025-40215, CVE-2025-40218, CVE-2025-40219, CVE-2025-40220, CVE-2025-40221, CVE-2025-40223, CVE-2025-40226, CVE-2025-40231, CVE-2025-40233, CVE-2025-40235, CVE-2025-40237, CVE-2025-40238, CVE-2025-40240, CVE-2025-40242, CVE-2025-40243, CVE-2025-40244, CVE-2025-40245, CVE-2025-40248, CVE-2025-40250, CVE-2025-40251, CVE-2025-40252, CVE-2025-40253, CVE-2025-40254, CVE-2025-40257, CVE-2025-40258, CVE-2025-40259, CVE-2025-40261, CVE-2025-40262, CVE-2025-40263, CVE-2025-40264, CVE-2025-40266, CVE-2025-40268, CVE-2025-40269, CVE-2025-40271, CVE-2025-40272, CVE-2025-40273, CVE-2025-40275, CVE-2025-40277, CVE-2025-40278, CVE-2025-40279, CVE-2025-40280, CVE-2025-40281, CVE-2025-40282, CVE-2025-40283, CVE-2025-40284, CVE-2025-40285, CVE-2025-40286, CVE-2025-40287, CVE-2025-40288, CVE-2025-40289, CVE-2025-40292, CVE-2025-40293, CVE-2025-40294, CVE-2025-40297, CVE-2025-40301, CVE-2025-40303, CVE-2025-40304, CVE-2025-40305, CVE-2025-40306, CVE-2025-40307, CVE-2025-40308, CVE-2025-40309, CVE-2025-40310, CVE-2025-40311, CVE-2025-40312, CVE-2025-40313, CVE-2025-40314, CVE-2025-40315, CVE-2025-40317, CVE-2025-40318, CVE-2025-40319, CVE-2025-40320, CVE-2025-40321, CVE-2025-40322, CVE-2025-40323, CVE-2025-40324, CVE-2025-40328, CVE-2025-40329, CVE-2025-40331, CVE-2025-40333, CVE-2025-40337, CVE-2025-40339, CVE-2025-40341, CVE-2025-40342, CVE-2025-40343, CVE-2025-40345, CVE-2025-40346, CVE-2025-40347, CVE-2025-40349, CVE-2025-40350, CVE-2025-40351, CVE-2025-40353, CVE-2025-40358, CVE-2025-40360, CVE-2025-40363, CVE-2025-68168, CVE-2025-68171, CVE-2025-68172, CVE-2025-68173, CVE-2025-68176, CVE-2025-68177, CVE-2025-68178, CVE-2025-68179, CVE-2025-68180, CVE-2025-68183, CVE-2025-68184, CVE-2025-68185, CVE-2025-68190, CVE-2025-68191, CVE-2025-68192, CVE-2025-68194, CVE-2025-68198, CVE-2025-68200, CVE-2025-68201, CVE-2025-68204, CVE-2025-68208, CVE-2025-68213, CVE-2025-68214, CVE-2025-68217, CVE-2025-68218, CVE-2025-68219, CVE-2025-68220, CVE-2025-68222, CVE-2025-68223, CVE-2025-68227, CVE-2025-68229, CVE-2025-68231, CVE-2025-68233, CVE-2025-68235, CVE-2025-68237, CVE-2025-68238, CVE-2025-68241, CVE-2025-68244, CVE-2025-68245, CVE-2025-68246, CVE-2025-68249, CVE-2025-68282, CVE-2025-68283, CVE-2025-68284, CVE-2025-68285, CVE-2025-68286, CVE-2025-68287, CVE-2025-68288, CVE-2025-68289, CVE-2025-68290, CVE-2025-68295, CVE-2025-68297, CVE-2025-68301, CVE-2025-68302, CVE-2025-68303, CVE-2025-68305, CVE-2025-68307, CVE-2025-68308, CVE-2025-68310, CVE-2025-68311, CVE-2025-68312, CVE-2025-68313, CVE-2025-68315, CVE-2025-68320, CVE-2025-68321, CVE-2025-68322, CVE-2025-68327, CVE-2025-68328, CVE-2025-68330, CVE-2025-68331, CVE-2025-68339, CVE-2025-68340, CVE-2025-68342, CVE-2025-68343, CVE-2025-68734, CVE-2025-68750)

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; - S390 architecture; - Sun Sparc architecture; - User-Mode Linux (UML); - x86 architecture; - Xtensa architecture; - Block layer subsystem; - Cryptographic API; - Compute Acceleration Framework; - ACPI drivers; - ATM drivers; - Drivers core; - Block device driver; - Network block device driver; - Bluetooth drivers; - Bus devices; - Hardware random number generator core; - Character device driver; - Data acquisition framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - Device frequency scaling framework; - DMA engine subsystem; - ARM SCMI message protocol; - EFI core; - Intel Stratix 10 firmware drivers; - GPU drivers; - HID subsystem; - CoreSight HW tracing drivers; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; - Input Device (Miscellaneous) drivers; - Input Device (Tablet) drivers; - IOMMU subsystem; - ISDN/mISDN subsystem; - Mailbox framework; - Multiple devices driver; - Media drivers; - Fastrpc Driver; - MOST (Media Oriented Systems Transport) drivers; - MTD block device drivers; - Ethernet bonding driver; - Network drivers; - Mellanox network drivers; - STMicroelectronics network drivers; - Texas Instruments network drivers; - Ethernet team driver; - NVME drivers; - PCI subsystem; - PCCARD (PCMCIA/CardBus) bus subsystem; - Performance monitor drivers; - Pin controllers subsystem; - x86 platform drivers; - ARM PM domains; - PPS (Pulse Per Second) driver; - PTP clock framework; - PWM drivers; - Remote Processor subsystem; - S/390 drivers; - SCSI subsystem; - Texas Instruments SoC drivers; - TCM subsystem; - Trusted Execution Environment drivers; - TTY drivers; - Userspace I/O drivers; - Cadence USB3 driver; - DesignWare USB3 driver; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - USB Mass Storage drivers; - Virtio Host (VHOST) subsystem; - Framebuffer layer; - Xen hypervisor drivers; - AFS file system; - BTRFS file system; - Ceph distributed file system; - File systems infrastructure; - EFI Variable file system; - exFAT file system; - Ext4 file system; - F2FS file system; - FUSE (File system in Userspace); - GFS2 file system; - HFS file system; - HFS+ file system; - HugeTLB file system; - JFS file system; - KERNFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - File system notification infrastructure; - NTFS3 file system; - OCFS2 file system; - OrangeFS file system; - Proc file system; - Diskquota system; - SMB network file system; - SquashFS file system; - UDF file system; - XFS file system; - Asynchronous Transfer Mode (ATM) subsystem; - BPF subsystem; - Mellanox drivers; - NFS page cache wrapper; - Memory management; - Memory Management; - Media input infrastructure; - Bluetooth subsystem; - IP tunnels definitions; - Network traffic control; - Rose network layer; - Network sockets; - io_uring subsystem; - Control group (cgroup); - Kernel crash support code; - Kernel futex primitives; - PID allocator; - Scheduler infrastructure; - Syscalls implementation; - Timer subsystem; - Tracing infrastructure; - 9P file system network protocol; - Amateur Radio drivers; - B.A.T.M.A.N. meshing protocol; - Ethernet bridge; - Ceph Core library; - Networking core; - Devlink API; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - NFC subsystem; - Open vSwitch; - RF switch subsystem; - SCTP protocol; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - VMware vSockets driver; - Wireless networking; - eXpress Data Path; - XFRM subsystem; - Integrity Measurement Architecture(IMA) framework; - Intel ASoC drivers; - QCOM ASoC drivers; - USB sound devices; (CVE-2025-21833, CVE-2025-22037, CVE-2025-22103, CVE-2025-22105, CVE-2025-22106, CVE-2025-22107, CVE-2025-22113, CVE-2025-22121, CVE-2025-22124, CVE-2025-22125, CVE-2025-23129, CVE-2025-23130, CVE-2025-23133, CVE-2025-23143, CVE-2025-37860, CVE-2025-37899, CVE-2025-38105, CVE-2025-38502, CVE-2025-38556, CVE-2025-38627, CVE-2025-38643, CVE-2025-38709, CVE-2025-39678, CVE-2025-39697, CVE-2025-39805, CVE-2025-39806, CVE-2025-39807, CVE-2025-39808, CVE-2025-39810, CVE-2025-39811, CVE-2025-39812, CVE-2025-39813, CVE-2025-39815, CVE-2025-39817, CVE-2025-39819, CVE-2025-39823, CVE-2025-39824, CVE-2025-39825, CVE-2025-39826, CVE-2025-39827, CVE-2025-39828, CVE-2025-39829, CVE-2025-39832, CVE-2025-39835, CVE-2025-39836, CVE-2025-39838, CVE-2025-39839, CVE-2025-39841, CVE-2025-39842, CVE-2025-39843, CVE-2025-39844, CVE-2025-39845, CVE-2025-39846, CVE-2025-39847, CVE-2025-39848, CVE-2025-39849, CVE-2025-39850, CVE-2025-39851, CVE-2025-39852, CVE-2025-39853, CVE-2025-39854, CVE-2025-39857, CVE-2025-39860, CVE-2025-39861, CVE-2025-39863, CVE-2025-39864, CVE-2025-39865, CVE-2025-39866, CVE-2025-39869, CVE-2025-39870, CVE-2025-39871, CVE-2025-39873, CVE-2025-39876, CVE-2025-39877, CVE-2025-39880, CVE-2025-39881, CVE-2025-39883, CVE-2025-39885, CVE-2025-39886, CVE-2025-39891, CVE-2025-39894, CVE-2025-39895, CVE-2025-39897, CVE-2025-39899, CVE-2025-39901, CVE-2025-39902, CVE-2025-39907, CVE-2025-39909, CVE-2025-39911, CVE-2025-39913, CVE-2025-39914, CVE-2025-39916, CVE-2025-39920, CVE-2025-39923, CVE-2025-39927, CVE-2025-39929, CVE-2025-39931, CVE-2025-39932, CVE-2025-39934, CVE-2025-39937, CVE-2025-39938, CVE-2025-39940, CVE-2025-39942, CVE-2025-39943, CVE-2025-39944, CVE-2025-39945, CVE-2025-39947, CVE-2025-39948, CVE-2025-39949, CVE-2025-39950, CVE-2025-39951, CVE-2025-39952, CVE-2025-39953, CVE-2025-39955, CVE-2025-39957, CVE-2025-39961, CVE-2025-39965, CVE-2025-39967, CVE-2025-39968, CVE-2025-39969, CVE-2025-39970, CVE-2025-39971, CVE-2025-39972, CVE-2025-39973, CVE-2025-39977, CVE-2025-39978, CVE-2025-39980, CVE-2025-39981, CVE-2025-39982, CVE-2025-39985, CVE-2025-39986, CVE-2025-39987, CVE-2025-39988, CVE-2025-39991, CVE-2025-39992, CVE-2025-39994, CVE-2025-39995, CVE-2025-39996, CVE-2025-39998, CVE-2025-40000, CVE-2025-40001, CVE-2025-40006, CVE-2025-40008, CVE-2025-40009, CVE-2025-40010, CVE-2025-40011, CVE-2025-40013, CVE-2025-40016, CVE-2025-40020, CVE-2025-40021, CVE-2025-40024, CVE-2025-40026, CVE-2025-40027, CVE-2025-40029, CVE-2025-40030, CVE-2025-40031, CVE-2025-40032, CVE-2025-40033, CVE-2025-40035, CVE-2025-40036, CVE-2025-40037, CVE-2025-40038, CVE-2025-40042, CVE-2025-40043, CVE-2025-40044, CVE-2025-40047, CVE-2025-40048, CVE-2025-40049, CVE-2025-40051, CVE-2025-40052, CVE-2025-40053, CVE-2025-40055, CVE-2025-40056, CVE-2025-40057, CVE-2025-40058, CVE-2025-40059, CVE-2025-40060, CVE-2025-40061, CVE-2025-40062, CVE-2025-40067, CVE-2025-40068, CVE-2025-40070, CVE-2025-40071, CVE-2025-40077, CVE-2025-40078, CVE-2025-40079, CVE-2025-40080, CVE-2025-40081, CVE-2025-40083, CVE-2025-40084, CVE-2025-40085, CVE-2025-40087, CVE-2025-40088, CVE-2025-40092, CVE-2025-40093, CVE-2025-40094, CVE-2025-40095, CVE-2025-40096, CVE-2025-40099, CVE-2025-40100, CVE-2025-40101, CVE-2025-40103, CVE-2025-40104, CVE-2025-40105, CVE-2025-40106, CVE-2025-40107, CVE-2025-40109, CVE-2025-40110, CVE-2025-40111, CVE-2025-40112, CVE-2025-40115, CVE-2025-40116, CVE-2025-40118, CVE-2025-40120, CVE-2025-40121, CVE-2025-40123, CVE-2025-40124, CVE-2025-40125, CVE-2025-40126, CVE-2025-40127, CVE-2025-40129, CVE-2025-40134, CVE-2025-40137, CVE-2025-40140, CVE-2025-40141, CVE-2025-40153, CVE-2025-40154, CVE-2025-40155, CVE-2025-40156, CVE-2025-40159, CVE-2025-40160, CVE-2025-40165, CVE-2025-40166, CVE-2025-40167, CVE-2025-40169, CVE-2025-40171, CVE-2025-40172, CVE-2025-40173, CVE-2025-40176, CVE-2025-40178, CVE-2025-40179, CVE-2025-40180, CVE-2025-40183, CVE-2025-40187, CVE-2025-40188, CVE-2025-40192, CVE-2025-40193, CVE-2025-40194, CVE-2025-40196, CVE-2025-40198, CVE-2025-40200, CVE-2025-40201, CVE-2025-40202, CVE-2025-40204, CVE-2025-40205, CVE-2025-40206, CVE-2025-40207, CVE-2025-40211, CVE-2025-40218, CVE-2025-40219, CVE-2025-40220, CVE-2025-40221, CVE-2025-40223, CVE-2025-40226, CVE-2025-40231, CVE-2025-40233, CVE-2025-40235, CVE-2025-40237, CVE-2025-40238, CVE-2025-40240, CVE-2025-40242, CVE-2025-40243, CVE-2025-40244, CVE-2025-40245, CVE-2025-40248, CVE-2025-40250, CVE-2025-40251, CVE-2025-40252, CVE-2025-40253, CVE-2025-40254, CVE-2025-40257, CVE-2025-40258, CVE-2025-40259, CVE-2025-40261, CVE-2025-40262, CVE-2025-40263, CVE-2025-40264, CVE-2025-40266, CVE-2025-40268, CVE-2025-40269, CVE-2025-40271, CVE-2025-40272, CVE-2025-40273, CVE-2025-40275, CVE-2025-40277, CVE-2025-40278, CVE-2025-40279, CVE-2025-40280, CVE-2025-40281, CVE-2025-40282, CVE-2025-40283, CVE-2025-40284, CVE-2025-40285, CVE-2025-40286, CVE-2025-40287, CVE-2025-40288, CVE-2025-40289, CVE-2025-40292, CVE-2025-40293, CVE-2025-40294, CVE-2025-40301, CVE-2025-40303, CVE-2025-40304, CVE-2025-40305, CVE-2025-40306, CVE-2025-40307, CVE-2025-40308, CVE-2025-40309, CVE-2025-40310, CVE-2025-40311, CVE-2025-40312, CVE-2025-40313, CVE-2025-40314, CVE-2025-40315, CVE-2025-40317, CVE-2025-40318, CVE-2025-40319, CVE-2025-40320, CVE-2025-40321, CVE-2025-40322, CVE-2025-40323, CVE-2025-40324, CVE-2025-40328, CVE-2025-40329, CVE-2025-40331, CVE-2025-40333, CVE-2025-40337, CVE-2025-40339, CVE-2025-40341, CVE-2025-40342, CVE-2025-40343, CVE-2025-40345, CVE-2025-40346, CVE-2025-40347, CVE-2025-40349, CVE-2025-40350, CVE-2025-40351, CVE-2025-40353, CVE-2025-40358, CVE-2025-40360, CVE-2025-40363, CVE-2025-68168, CVE-2025-68171, CVE-2025-68172, CVE-2025-68173, CVE-2025-68176, CVE-2025-68177, CVE-2025-68178, CVE-2025-68179, CVE-2025-68180, CVE-2025-68183, CVE-2025-68184, CVE-2025-68185, CVE-2025-68190, CVE-2025-68191, CVE-2025-68192, CVE-2025-68194, CVE-2025-68198, CVE-2025-68200, CVE-2025-68201, CVE-2025-68204, CVE-2025-68208, CVE-2025-68213, CVE-2025-68214, CVE-2025-68217, CVE-2025-68218, CVE-2025-68219, CVE-2025-68220, CVE-2025-68222, CVE-2025-68223, CVE-2025-68227, CVE-2025-68229, CVE-2025-68231, CVE-2025-68233, CVE-2025-68235, CVE-2025-68237, CVE-2025-68238, CVE-2025-68241, CVE-2025-68244, CVE-2025-68245, CVE-2025-68246, CVE-2025-68249, CVE-2025-68282, CVE-2025-68283, CVE-2025-68284, CVE-2025-68285, CVE-2025-68286, CVE-2025-68287, CVE-2025-68288, CVE-2025-68289, CVE-2025-68290, CVE-2025-68295, CVE-2025-68297, CVE-2025-68301, CVE-2025-68302, CVE-2025-68303, CVE-2025-68305, CVE-2025-68307, CVE-2025-68308, CVE-2025-68310, CVE-2025-68311, CVE-2025-68312, CVE-2025-68313, CVE-2025-68315, CVE-2025-68320, CVE-2025-68321, CVE-2025-68322, CVE-2025-68327, CVE-2025-68328, CVE-2025-68330, CVE-2025-68331, CVE-2025-68339, CVE-2025-68340, CVE-2025-68342, CVE-2025-68343, CVE-2025-68734)