Ubuntu Security Advisories

Dan Smith discovered that Nova incorrectly called qemu-img without a format restriction when resizing disks. An attacker could possibly use this issue to destroy data on the host system.

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - Drivers core; - Bus devices; - Hardware random number generator core; - Data acquisition framework and drivers; - CPU frequency scaling framework; - DMA engine subsystem; - GPU drivers; - HW tracing; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - MOST (Media Oriented Systems Transport) drivers; - MTD block device drivers; - Network drivers; - NVME drivers; - PCI subsystem; - Performance monitor drivers; - Pin controllers subsystem; - x86 platform drivers; - PPS (Pulse Per Second) driver; - PWM drivers; - SCSI subsystem; - TCM subsystem; - Userspace I/O drivers; - USB Gadget drivers; - USB Host Controller drivers; - Framebuffer layer; - BTRFS file system; - File systems infrastructure; - Ext4 file system; - Network file system (NFS) server daemon; - NTFS3 file system; - SMB network file system; - padata parallel execution mechanism; - IP tunnels definitions; - Network sockets; - XFRM subsystem; - Control group (cgroup); - Padata parallel execution mechanism; - PID allocator; - Tracing infrastructure; - Memory management; - 9P file system network protocol; - Ethernet bridge; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - NFC subsystem; - RF switch subsystem; - SCTP protocol; - Unix domain sockets; - VMware vSockets driver; - Intel ASoC drivers; - USB sound devices; (CVE-2024-53114, CVE-2024-56538, CVE-2024-58011, CVE-2025-21861, CVE-2025-22058, CVE-2025-23143, CVE-2025-38236, CVE-2025-38248, CVE-2025-38584, CVE-2025-39869, CVE-2025-39873, CVE-2025-39876, CVE-2025-39880, CVE-2025-39883, CVE-2025-39885, CVE-2025-39907, CVE-2025-39911, CVE-2025-39913, CVE-2025-39923, CVE-2025-39934, CVE-2025-39937, CVE-2025-39943, CVE-2025-39945, CVE-2025-39949, CVE-2025-39951, CVE-2025-39953, CVE-2025-39955, CVE-2025-39967, CVE-2025-39968, CVE-2025-39969, CVE-2025-39970, CVE-2025-39971, CVE-2025-39972, CVE-2025-39973, CVE-2025-39980, CVE-2025-39985, CVE-2025-39986, CVE-2025-39987, CVE-2025-39988, CVE-2025-39994, CVE-2025-39995, CVE-2025-39996, CVE-2025-39998, CVE-2025-40001, CVE-2025-40006, CVE-2025-40011, CVE-2025-40020, CVE-2025-40021, CVE-2025-40026, CVE-2025-40027, CVE-2025-40029, CVE-2025-40030, CVE-2025-40035, CVE-2025-40042, CVE-2025-40043, CVE-2025-40044, CVE-2025-40048, CVE-2025-40049, CVE-2025-40053, CVE-2025-40055, CVE-2025-40060, CVE-2025-40068, CVE-2025-40070, CVE-2025-40078, CVE-2025-40081, CVE-2025-40085, CVE-2025-40087, CVE-2025-40088, CVE-2025-40092, CVE-2025-40094, CVE-2025-40105, CVE-2025-40106, CVE-2025-40109, CVE-2025-40111, CVE-2025-40112, CVE-2025-40115, CVE-2025-40116, CVE-2025-40118, CVE-2025-40120, CVE-2025-40121, CVE-2025-40124, CVE-2025-40125, CVE-2025-40126, CVE-2025-40127, CVE-2025-40134, CVE-2025-40140, CVE-2025-40153, CVE-2025-40154, CVE-2025-40167, CVE-2025-40171, CVE-2025-40173, CVE-2025-40178, CVE-2025-40179, CVE-2025-40183, CVE-2025-40187, CVE-2025-40188, CVE-2025-40194, CVE-2025-40200, CVE-2025-40204, CVE-2025-40205, CVE-2025-40215, CVE-2025-40219, CVE-2025-40220, CVE-2025-40223, CVE-2025-40231, CVE-2025-40233, CVE-2025-40240, CVE-2025-40243, CVE-2025-40244, CVE-2025-40245, CVE-2025-40346, CVE-2025-40349, CVE-2025-40351, CVE-2025-68249)

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - PA-RISC architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Compute Acceleration Framework; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - ATM drivers; - Drivers core; - ATA over ethernet (AOE) driver; - DRBD Distributed Replicated Block Device drivers; - Network block device driver; - Ublk userspace block driver; - Bluetooth drivers; - Bus devices; - Character device driver; - TPM device driver; - Clock framework and drivers; - Data acquisition framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - Device frequency scaling framework; - Buffer Sharing and Synchronization framework; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - ARM SCMI message protocol; - FPGA Framework; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - I2C subsystem; - I3C subsystem; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; - Input Device (Miscellaneous) drivers; - IOMMU subsystem; - IRQ chip drivers; - MCB driver; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - Microchip PCI driver; - Intel Management Engine Interface driver; - PCI Endpoint Test driver; - TI TPS6594 PFSM driver; - VMware VMCI Driver; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - STMicroelectronics network drivers; - NVDIMM (Non-Volatile Memory Device) drivers; - NVME drivers; - PCI subsystem; - Amlogic Meson DDR PMU; - PHY drivers; - Pin controllers subsystem; - x86 platform drivers; - Power supply drivers; - Powercap sysfs driver; - PTP clock framework; - PWM drivers; - RapidIO drivers; - Voltage and Current Regulator drivers; - Remote Processor subsystem; - S/390 drivers; - SCSI subsystem; - ASPEED SoC drivers; - QCOM SoC drivers; - Samsung SoC drivers; - SPI subsystem; - small TFT LCD display modules; - Media staging drivers; - TCM subsystem; - Trusted Execution Environment drivers; - Thunderbolt and USB4 drivers; - TTY drivers; - UFS subsystem; - Cadence USB3 driver; - ChipIdea USB driver; - USB Device Class drivers; - USB core drivers; - DesignWare USB3 driver; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - USB Type-C support driver; - USB Type-C Connector System Software Interface driver; - VFIO drivers; - Virtio Host (VHOST) subsystem; - Backlight driver; - Framebuffer layer; - TSM Common Guest driver; - Virtio drivers; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - EFI Variable file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - NTFS3 file system; - Overlay file system; - Proc file system; - SMB network file system; - DRM display driver; - Asynchronous Transfer Mode (ATM) subsystem; - BPF subsystem; - Memory Management; - Internal shared memory driver; - LZO compression library; - Mellanox drivers; - padata parallel execution mechanism; - Networking subsytem; - Bluetooth subsystem; - Netfilter; - Network traffic control; - SCTP protocol; - Network sockets; - UDP network protocol; - eXpress Data Path; - XFRM subsystem; - Digital Audio (PCM) driver; - Universal MIDI packet (UMP) support module; - Tracing infrastructure; - User-space API (UAPI); - io_uring subsystem; - IPC subsystem; - Perf events; - Kernel exit() syscall; - IRQ subsystem; - Padata parallel execution mechanism; - Kernel command line parsing driver; - Hibernation control; - RCU subsystem; - Restartable seuqences system call mechanism; - Maple Tree data structure library; - Memory management; - KASAN memory debugging framework; - 802.1Q VLAN protocol; - 9P file system network protocol; - Appletalk network protocol; - Ethernet bridge; - CAN network layer; - Networking core; - Distributed Switch Architecture; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Management Component Transport Protocol (MCTP); - MultiProtocol Label Switching driver; - Multipath TCP; - NetLabel subsystem; - Netlink; - NFC subsystem; - Open vSwitch; - RDS protocol; - Rose network layer; - RxRPC session sockets; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - Unix domain sockets; - VMware vSockets driver; - Wireless networking; - ALSA framework; - WCD audio codecs; - Intel ASoC drivers; - MediaTek ASoC drivers; - QCOM ASoC drivers; - SoC audio core drivers; - USB sound devices; - Virtio sound driver; - CPU Power monitoring subsystem; - KVM subsystem; (CVE-2025-21884, CVE-2025-21931, CVE-2025-22026, CVE-2025-22101, CVE-2025-22102, CVE-2025-22115, CVE-2025-22120, CVE-2025-22126, CVE-2025-22128, CVE-2025-23140, CVE-2025-23141, CVE-2025-23142, CVE-2025-23144, CVE-2025-23145, CVE-2025-23146, CVE-2025-23147, CVE-2025-23148, CVE-2025-23149, CVE-2025-23150, CVE-2025-23151, CVE-2025-23155, CVE-2025-23156, CVE-2025-23157, CVE-2025-23158, CVE-2025-23159, CVE-2025-23160, CVE-2025-23161, CVE-2025-23163, CVE-2025-37738, CVE-2025-37739, CVE-2025-37740, CVE-2025-37741, CVE-2025-37742, CVE-2025-37744, CVE-2025-37745, CVE-2025-37748, CVE-2025-37749, CVE-2025-37754, CVE-2025-37755, CVE-2025-37757, CVE-2025-37758, CVE-2025-37759, CVE-2025-37761, CVE-2025-37763, CVE-2025-37764, CVE-2025-37765, CVE-2025-37766, CVE-2025-37767, CVE-2025-37768, CVE-2025-37769, CVE-2025-37770, CVE-2025-37771, CVE-2025-37772, CVE-2025-37773, CVE-2025-37775, CVE-2025-37777, CVE-2025-37778, CVE-2025-37780, CVE-2025-37781, CVE-2025-37784, CVE-2025-37786, CVE-2025-37787, CVE-2025-37788, CVE-2025-37789, CVE-2025-37790, CVE-2025-37792, CVE-2025-37793, CVE-2025-37794, CVE-2025-37796, CVE-2025-37799, CVE-2025-37800, CVE-2025-37801, CVE-2025-37803, CVE-2025-37805, CVE-2025-37808, CVE-2025-37809, CVE-2025-37810, CVE-2025-37811, CVE-2025-37812, CVE-2025-37813, CVE-2025-37815, CVE-2025-37816, CVE-2025-37817, CVE-2025-37819, CVE-2025-37820, CVE-2025-37822, CVE-2025-37823, CVE-2025-37824, CVE-2025-37826, CVE-2025-37827, CVE-2025-37828, CVE-2025-37829, CVE-2025-37830, CVE-2025-37831, CVE-2025-37836, CVE-2025-37839, CVE-2025-37840, CVE-2025-37841, CVE-2025-37842, CVE-2025-37844, CVE-2025-37846, CVE-2025-37849, CVE-2025-37850, CVE-2025-37851, CVE-2025-37852, CVE-2025-37853, CVE-2025-37854, CVE-2025-37856, CVE-2025-37857, CVE-2025-37858, CVE-2025-37859, CVE-2025-37861, CVE-2025-37862, CVE-2025-37863, CVE-2025-37864, CVE-2025-37865, CVE-2025-37867, CVE-2025-37869, CVE-2025-37871, CVE-2025-37872, CVE-2025-37873, CVE-2025-37874, CVE-2025-37875, CVE-2025-37878, CVE-2025-37879, CVE-2025-37881, CVE-2025-37883, CVE-2025-37884, CVE-2025-37885, CVE-2025-37886, CVE-2025-37887, CVE-2025-37891, CVE-2025-37892, CVE-2025-37897, CVE-2025-37900, CVE-2025-37901, CVE-2025-37903, CVE-2025-37905, CVE-2025-37909, CVE-2025-37911, CVE-2025-37912, CVE-2025-37913, CVE-2025-37914, CVE-2025-37915, CVE-2025-37916, CVE-2025-37917, CVE-2025-37918, CVE-2025-37920, CVE-2025-37921, CVE-2025-37922, CVE-2025-37923, CVE-2025-37924, CVE-2025-37925, CVE-2025-37927, CVE-2025-37928, CVE-2025-37930, CVE-2025-37931, CVE-2025-37933, CVE-2025-37935, CVE-2025-37936, CVE-2025-37938, CVE-2025-37940, CVE-2025-37943, CVE-2025-37944, CVE-2025-37945, CVE-2025-37947, CVE-2025-37948, CVE-2025-37949, CVE-2025-37951, CVE-2025-37952, CVE-2025-37954, CVE-2025-37956, CVE-2025-37957, CVE-2025-37959, CVE-2025-37960, CVE-2025-37961, CVE-2025-37962, CVE-2025-37963, CVE-2025-37967, CVE-2025-37968, CVE-2025-37969, CVE-2025-37970, CVE-2025-37972, CVE-2025-37973, CVE-2025-37975, CVE-2025-37977, CVE-2025-37978, CVE-2025-37979, CVE-2025-37980, CVE-2025-37982, CVE-2025-37983, CVE-2025-37984, CVE-2025-37985, CVE-2025-37986, CVE-2025-37987, CVE-2025-37988, CVE-2025-37989, CVE-2025-37990, CVE-2025-37991, CVE-2025-37992, CVE-2025-37994, CVE-2025-37995, CVE-2025-37998, CVE-2025-38003, CVE-2025-38004, CVE-2025-38005, CVE-2025-38006, CVE-2025-38007, CVE-2025-38008, CVE-2025-38009, CVE-2025-38010, CVE-2025-38011, CVE-2025-38013, CVE-2025-38014, CVE-2025-38015, CVE-2025-38018, CVE-2025-38019, CVE-2025-38020, CVE-2025-38023, CVE-2025-38024, CVE-2025-38027, CVE-2025-38031, CVE-2025-38034, CVE-2025-38035, CVE-2025-38037, CVE-2025-38039, CVE-2025-38040, CVE-2025-38043, CVE-2025-38044, CVE-2025-38045, CVE-2025-38048, CVE-2025-38051, CVE-2025-38052, CVE-2025-38053, CVE-2025-38055, CVE-2025-38057, CVE-2025-38058, CVE-2025-38059, CVE-2025-38060, CVE-2025-38061, CVE-2025-38062, CVE-2025-38063, CVE-2025-38065, CVE-2025-38066, CVE-2025-38067, CVE-2025-38068, CVE-2025-38071, CVE-2025-38072, CVE-2025-38074, CVE-2025-38075, CVE-2025-38077, CVE-2025-38078, CVE-2025-38079, CVE-2025-38080, CVE-2025-38081, CVE-2025-38084, CVE-2025-38085, CVE-2025-38086, CVE-2025-38087, CVE-2025-38088, CVE-2025-38089, CVE-2025-38090, CVE-2025-38094, CVE-2025-38095, CVE-2025-38097, CVE-2025-38098, CVE-2025-38099, CVE-2025-38100, CVE-2025-38101, CVE-2025-38102, CVE-2025-38103, CVE-2025-38104, CVE-2025-38107, CVE-2025-38108, CVE-2025-38109, CVE-2025-38110, CVE-2025-38111, CVE-2025-38112, CVE-2025-38113, CVE-2025-38115, CVE-2025-38117, CVE-2025-38119, CVE-2025-38120, CVE-2025-38122, CVE-2025-38123, CVE-2025-38124, CVE-2025-38125, CVE-2025-38126, CVE-2025-38127, CVE-2025-38129, CVE-2025-38131, CVE-2025-38135, CVE-2025-38136, CVE-2025-38138, CVE-2025-38142, CVE-2025-38143, CVE-2025-38145, CVE-2025-38146, CVE-2025-38147, CVE-2025-38148, CVE-2025-38149, CVE-2025-38153, CVE-2025-38154, CVE-2025-38155, CVE-2025-38156, CVE-2025-38157, CVE-2025-38158, CVE-2025-38159, CVE-2025-38160, CVE-2025-38161, CVE-2025-38162, CVE-2025-38163, CVE-2025-38164, CVE-2025-38165, CVE-2025-38166, CVE-2025-38167, CVE-2025-38169, CVE-2025-38170, CVE-2025-38173, CVE-2025-38174, CVE-2025-38180, CVE-2025-38181, CVE-2025-38182, CVE-2025-38183, CVE-2025-38184, CVE-2025-38185, CVE-2025-38190, CVE-2025-38191, CVE-2025-38192, CVE-2025-38193, CVE-2025-38194, CVE-2025-38197, CVE-2025-38198, CVE-2025-38200, CVE-2025-38202, CVE-2025-38208, CVE-2025-38210, CVE-2025-38211, CVE-2025-38212, CVE-2025-38214, CVE-2025-38215, CVE-2025-38217, CVE-2025-38218, CVE-2025-38219, CVE-2025-38220, CVE-2025-38222, CVE-2025-38225, CVE-2025-38226, CVE-2025-38229, CVE-2025-38230, CVE-2025-38231, CVE-2025-38232, CVE-2025-38236, CVE-2025-38239, CVE-2025-38244, CVE-2025-38245, CVE-2025-38246, CVE-2025-38248, CVE-2025-38249, CVE-2025-38250, CVE-2025-38251, CVE-2025-38253, CVE-2025-38255, CVE-2025-38257, CVE-2025-38258, CVE-2025-38259, CVE-2025-38260, CVE-2025-38262, CVE-2025-38263, CVE-2025-38264, CVE-2025-38265, CVE-2025-38269, CVE-2025-38274, CVE-2025-38275, CVE-2025-38277, CVE-2025-38278, CVE-2025-38279, CVE-2025-38280, CVE-2025-38282, CVE-2025-38283, CVE-2025-38285, CVE-2025-38286, CVE-2025-38289, CVE-2025-38290, CVE-2025-38292, CVE-2025-38293, CVE-2025-38295, CVE-2025-38298, CVE-2025-38299, CVE-2025-38300, CVE-2025-38303, CVE-2025-38304, CVE-2025-38305, CVE-2025-38307, CVE-2025-38310, CVE-2025-38312, CVE-2025-38313, CVE-2025-38319, CVE-2025-38320, CVE-2025-38321, CVE-2025-38322, CVE-2025-38323, CVE-2025-38324, CVE-2025-38326, CVE-2025-38328, CVE-2025-38331, CVE-2025-38332, CVE-2025-38333, CVE-2025-38334, CVE-2025-38335, CVE-2025-38336, CVE-2025-38337, CVE-2025-38338, CVE-2025-38342, CVE-2025-38343, CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38347, CVE-2025-38348, CVE-2025-38349, CVE-2025-38351, CVE-2025-38354, CVE-2025-38361, CVE-2025-38362, CVE-2025-38363, CVE-2025-38364, CVE-2025-38365, CVE-2025-38368, CVE-2025-38369, CVE-2025-38371, CVE-2025-38373, CVE-2025-38374, CVE-2025-38375, CVE-2025-38376, CVE-2025-38377, CVE-2025-38382, CVE-2025-38384, CVE-2025-38385, CVE-2025-38386, CVE-2025-38387, CVE-2025-38388, CVE-2025-38389, CVE-2025-38390, CVE-2025-38391, CVE-2025-38392, CVE-2025-38393, CVE-2025-38395, CVE-2025-38396, CVE-2025-38399, CVE-2025-38400, CVE-2025-38401, CVE-2025-38402, CVE-2025-38403, CVE-2025-38405, CVE-2025-38406, CVE-2025-38407, CVE-2025-38408, CVE-2025-38409, CVE-2025-38410, CVE-2025-38412, CVE-2025-38414, CVE-2025-38415, CVE-2025-38416, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420, CVE-2025-38422, CVE-2025-38424, CVE-2025-38425, CVE-2025-38427, CVE-2025-38428, CVE-2025-38429, CVE-2025-38430, CVE-2025-38436, CVE-2025-38437, CVE-2025-38439, CVE-2025-38441, CVE-2025-38443, CVE-2025-38444, CVE-2025-38445, CVE-2025-38448, CVE-2025-38449, CVE-2025-38455, CVE-2025-38456, CVE-2025-38457, CVE-2025-38458, CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462, CVE-2025-38463, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466, CVE-2025-38467, CVE-2025-38468, CVE-2025-38469, CVE-2025-38470, CVE-2025-38471, CVE-2025-38472, CVE-2025-38473, CVE-2025-38474, CVE-2025-38476, CVE-2025-38478, CVE-2025-38480, CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38485, CVE-2025-38487, CVE-2025-38488, CVE-2025-38489, CVE-2025-38490, CVE-2025-38491, CVE-2025-38493, CVE-2025-38494, CVE-2025-38495, CVE-2025-38496, CVE-2025-38497, CVE-2025-38499, CVE-2025-38501, CVE-2025-38503, CVE-2025-38506, CVE-2025-38507, CVE-2025-38510, CVE-2025-38511, CVE-2025-38512, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515, CVE-2025-38516, CVE-2025-38520, CVE-2025-38521, CVE-2025-38524, CVE-2025-38526, CVE-2025-38527, CVE-2025-38528, CVE-2025-38529, CVE-2025-38530, CVE-2025-38531, CVE-2025-38532, CVE-2025-38533, CVE-2025-38535, CVE-2025-38537, CVE-2025-38538, CVE-2025-38539, CVE-2025-38540, CVE-2025-38542, CVE-2025-38543, CVE-2025-38544, CVE-2025-38546, CVE-2025-38548, CVE-2025-38549, CVE-2025-38550, CVE-2025-38551, CVE-2025-38552, CVE-2025-38553, CVE-2025-38555, CVE-2025-38560, CVE-2025-38562, CVE-2025-38566, CVE-2025-38568, CVE-2025-38569, CVE-2025-38571, CVE-2025-38572, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577, CVE-2025-38578, CVE-2025-38579, CVE-2025-38581, CVE-2025-38582, CVE-2025-38583, CVE-2025-38584, CVE-2025-38585, CVE-2025-38587, CVE-2025-38588, CVE-2025-38590, CVE-2025-38593, CVE-2025-38595, CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38608, CVE-2025-38609, CVE-2025-38610, CVE-2025-38612, CVE-2025-38614, CVE-2025-38615, CVE-2025-38619, CVE-2025-38622, CVE-2025-38623, CVE-2025-38624, CVE-2025-38625, CVE-2025-38626, CVE-2025-38630, CVE-2025-38632, CVE-2025-38634, CVE-2025-38635, CVE-2025-38639, CVE-2025-38640, CVE-2025-38644, CVE-2025-38645, CVE-2025-38646, CVE-2025-38648, CVE-2025-38650, CVE-2025-38652, CVE-2025-38653, CVE-2025-38659, CVE-2025-38660, CVE-2025-38663, CVE-2025-38664, CVE-2025-38665, CVE-2025-38668, CVE-2025-38670, CVE-2025-38671, CVE-2025-38675, CVE-2025-38676, CVE-2025-38677, CVE-2025-38679, CVE-2025-38680, CVE-2025-38681, CVE-2025-38683, CVE-2025-38684, CVE-2025-38685, CVE-2025-38686, CVE-2025-38687, CVE-2025-38688, CVE-2025-38691, CVE-2025-38692, CVE-2025-38693, CVE-2025-38694, CVE-2025-38695, CVE-2025-38696, CVE-2025-38697, CVE-2025-38698, CVE-2025-38699, CVE-2025-38700, CVE-2025-38701, CVE-2025-38702, CVE-2025-38703, CVE-2025-38704, CVE-2025-38705, CVE-2025-38706, CVE-2025-38707, CVE-2025-38708, CVE-2025-38710, CVE-2025-38711, CVE-2025-38712, CVE-2025-38713, CVE-2025-38714, CVE-2025-38715, CVE-2025-38716, CVE-2025-38718, CVE-2025-38721, CVE-2025-38722, CVE-2025-38724, CVE-2025-38725, CVE-2025-38728, CVE-2025-38729, CVE-2025-38730, CVE-2025-38732, CVE-2025-38734, CVE-2025-38735, CVE-2025-39673, CVE-2025-39675, CVE-2025-39676, CVE-2025-39679, CVE-2025-39681, CVE-2025-39683, CVE-2025-39684, CVE-2025-39685, CVE-2025-39686, CVE-2025-39687, CVE-2025-39689, CVE-2025-39691, CVE-2025-39692, CVE-2025-39693, CVE-2025-39694, CVE-2025-39701, CVE-2025-39702, CVE-2025-39703, CVE-2025-39705, CVE-2025-39706, CVE-2025-39707, CVE-2025-39709, CVE-2025-39710, CVE-2025-39711, CVE-2025-39712, CVE-2025-39713, CVE-2025-39714, CVE-2025-39715, CVE-2025-39716, CVE-2025-39718, CVE-2025-39719, CVE-2025-39720, CVE-2025-39721, CVE-2025-39724, CVE-2025-39726, CVE-2025-39730, CVE-2025-39731, CVE-2025-39732, CVE-2025-39734, CVE-2025-39736, CVE-2025-39737, CVE-2025-39738, CVE-2025-39739, CVE-2025-39742, CVE-2025-39743, CVE-2025-39744, CVE-2025-39746, CVE-2025-39747, CVE-2025-39748, CVE-2025-39749, CVE-2025-39750, CVE-2025-39752, CVE-2025-39753, CVE-2025-39756, CVE-2025-39757, CVE-2025-39758, CVE-2025-39759, CVE-2025-39760, CVE-2025-39761, CVE-2025-39763, CVE-2025-39766, CVE-2025-39770, CVE-2025-39772, CVE-2025-39773, CVE-2025-39776, CVE-2025-39779, CVE-2025-39781, CVE-2025-39782, CVE-2025-39783, CVE-2025-39787, CVE-2025-39788, CVE-2025-39790, CVE-2025-39794, CVE-2025-39795, CVE-2025-39797, CVE-2025-39798, CVE-2025-39800, CVE-2025-39801, CVE-2025-39889, CVE-2025-39890, CVE-2025-39946, CVE-2025-39989, CVE-2025-40215, CVE-2025-40297, CVE-2025-68750)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; - S390 architecture; - Sun Sparc architecture; - x86 architecture; - Xtensa architecture; - Block layer subsystem; - Cryptographic API; - Compute Acceleration Framework; - ACPI drivers; - Drivers core; - Network block device driver; - Bluetooth drivers; - Bus devices; - Hardware random number generator core; - Character device driver; - Clock framework and drivers; - Data acquisition framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - CXL (Compute Express Link) drivers; - Device frequency scaling framework; - ARM SCMI message protocol; - GPIO subsystem; - GPU drivers; - Hardware monitoring drivers; - HW tracing; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - IOMMU subsystem; - ISDN/mISDN subsystem; - Mailbox framework; - Multiple devices driver; - Media drivers; - Fastrpc Driver; - PCI Endpoint Test driver; - VMware Balloon Driver; - MOST (Media Oriented Systems Transport) drivers; - Network drivers; - Mellanox network drivers; - STMicroelectronics network drivers; - NVME drivers; - PCI subsystem; - Performance monitor drivers; - Pin controllers subsystem; - Mellanox platform drivers; - x86 platform drivers; - ARM PM domains; - PPS (Pulse Per Second) driver; - PTP clock framework; - PWM drivers; - Remote Processor subsystem; - SCSI subsystem; - SPI subsystem; - Trusted Execution Environment drivers; - Thunderbolt and USB4 drivers; - TTY drivers; - UFS subsystem; - Userspace I/O drivers; - Cadence USB3 driver; - USB Gadget drivers; - USB Host Controller drivers; - vDPA drivers; - Virtio Host (VHOST) subsystem; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - EROFS file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - File system notification infrastructure; - NTFS3 file system; - Proc file system; - Diskquota system; - SMB network file system; - BPF subsystem; - Mellanox drivers; - Memory management; - Virtio network driver; - Bluetooth subsystem; - IP tunnels definitions; - io_uring subsystem; - Kernel crash support code; - Perf events; - Kernel futex primitives; - PID allocator; - Scheduler infrastructure; - Syscalls implementation; - Timer subsystem; - Tracing infrastructure; - 9P file system network protocol; - Ethernet bridge; - Networking core; - IPv4 networking; - IPv6 networking; - Multipath TCP; - Netfilter; - NFC subsystem; - Network traffic control; - SCTP protocol; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - VMware vSockets driver; - eXpress Data Path; - XFRM subsystem; - Integrity Measurement Architecture(IMA) framework; - ALSA framework; - HD-audio driver; - AMD SoC Alsa drivers; - WCD audio codecs; - Intel ASoC drivers; - USB sound devices; - KVM subsystem; (CVE-2025-40001, CVE-2025-40002, CVE-2025-40003, CVE-2025-40004, CVE-2025-40029, CVE-2025-40030, CVE-2025-40031, CVE-2025-40032, CVE-2025-40033, CVE-2025-40034, CVE-2025-40035, CVE-2025-40036, CVE-2025-40037, CVE-2025-40038, CVE-2025-40039, CVE-2025-40040, CVE-2025-40041, CVE-2025-40042, CVE-2025-40043, CVE-2025-40044, CVE-2025-40045, CVE-2025-40046, CVE-2025-40047, CVE-2025-40048, CVE-2025-40049, CVE-2025-40050, CVE-2025-40051, CVE-2025-40052, CVE-2025-40053, CVE-2025-40054, CVE-2025-40055, CVE-2025-40056, CVE-2025-40057, CVE-2025-40058, CVE-2025-40059, CVE-2025-40060, CVE-2025-40061, CVE-2025-40062, CVE-2025-40063, CVE-2025-40064, CVE-2025-40065, CVE-2025-40066, CVE-2025-40067, CVE-2025-40068, CVE-2025-40069, CVE-2025-40070, CVE-2025-40071, CVE-2025-40072, CVE-2025-40073, CVE-2025-40074, CVE-2025-40075, CVE-2025-40076, CVE-2025-40077, CVE-2025-40078, CVE-2025-40079, CVE-2025-40080, CVE-2025-40081, CVE-2025-40082, CVE-2025-40084, CVE-2025-40085, CVE-2025-40086, CVE-2025-40087, CVE-2025-40088, CVE-2025-40089, CVE-2025-40091, CVE-2025-40092, CVE-2025-40093, CVE-2025-40094, CVE-2025-40095, CVE-2025-40096, CVE-2025-40097, CVE-2025-40098, CVE-2025-40099, CVE-2025-40100, CVE-2025-40101, CVE-2025-40102, CVE-2025-40103, CVE-2025-40104, CVE-2025-40105, CVE-2025-40106, CVE-2025-40110, CVE-2025-40111, CVE-2025-40112, CVE-2025-40113, CVE-2025-40115, CVE-2025-40116, CVE-2025-40117, CVE-2025-40118, CVE-2025-40119, CVE-2025-40120, CVE-2025-40121, CVE-2025-40122, CVE-2025-40123, CVE-2025-40124, CVE-2025-40125, CVE-2025-40126, CVE-2025-40127, CVE-2025-40129, CVE-2025-40130, CVE-2025-40131, CVE-2025-40132, CVE-2025-40133, CVE-2025-40134, CVE-2025-40135, CVE-2025-40136, CVE-2025-40137, CVE-2025-40138, CVE-2025-40139, CVE-2025-40140, CVE-2025-40141, CVE-2025-40142, CVE-2025-40143, CVE-2025-40145, CVE-2025-40146, CVE-2025-40147, CVE-2025-40148, CVE-2025-40149, CVE-2025-40150, CVE-2025-40151, CVE-2025-40152, CVE-2025-40153, CVE-2025-40154, CVE-2025-40155, CVE-2025-40156, CVE-2025-40158, CVE-2025-40159, CVE-2025-40160, CVE-2025-40161, CVE-2025-40162, CVE-2025-40163, CVE-2025-40164, CVE-2025-40165, CVE-2025-40166, CVE-2025-40167, CVE-2025-40168, CVE-2025-40169, CVE-2025-40170, CVE-2025-40171, CVE-2025-40173, CVE-2025-40174, CVE-2025-40175, CVE-2025-40176, CVE-2025-40178, CVE-2025-40179, CVE-2025-40180, CVE-2025-40181, CVE-2025-40182, CVE-2025-40183, CVE-2025-40184, CVE-2025-40185, CVE-2025-40186, CVE-2025-40187, CVE-2025-40188, CVE-2025-40189, CVE-2025-40191, CVE-2025-40192, CVE-2025-40193, CVE-2025-40194, CVE-2025-40195, CVE-2025-40196, CVE-2025-40198, CVE-2025-40199, CVE-2025-40200, CVE-2025-40201, CVE-2025-40203, CVE-2025-40204, CVE-2025-40205, CVE-2025-40206, CVE-2025-40207, CVE-2025-40208, CVE-2025-40209, CVE-2025-40210, CVE-2025-40211, CVE-2025-40212, CVE-2025-40213, CVE-2025-40217, CVE-2025-40218, CVE-2025-40219, CVE-2025-40220, CVE-2025-40221, CVE-2025-40222, CVE-2025-40223, CVE-2025-40224, CVE-2025-40225, CVE-2025-40226, CVE-2025-40227, CVE-2025-40228, CVE-2025-40229, CVE-2025-40230, CVE-2025-40231, CVE-2025-40233, CVE-2025-40234, CVE-2025-40235, CVE-2025-40236, CVE-2025-40237, CVE-2025-40238, CVE-2025-40239, CVE-2025-40240, CVE-2025-40241, CVE-2025-40242, CVE-2025-40243, CVE-2025-40244, CVE-2025-40245, CVE-2025-40256, CVE-2025-40267, CVE-2025-40268, CVE-2025-40269, CVE-2025-40270, CVE-2025-40271, CVE-2025-40272, CVE-2025-40273, CVE-2025-40274, CVE-2025-40275, CVE-2025-40276, CVE-2025-40277, CVE-2025-40278, CVE-2025-40279, CVE-2025-40280, CVE-2025-40281, CVE-2025-40282, CVE-2025-40283, CVE-2025-40284, CVE-2025-40285, CVE-2025-40286, CVE-2025-40287, CVE-2025-40288, CVE-2025-40289, CVE-2025-40291, CVE-2025-40292, CVE-2025-40293, CVE-2025-40294, CVE-2025-40295, CVE-2025-40296, CVE-2025-40297, CVE-2025-40298, CVE-2025-40299, CVE-2025-40301, CVE-2025-40302, CVE-2025-40303, CVE-2025-40304, CVE-2025-40305, CVE-2025-40306, CVE-2025-40307, CVE-2025-40308, CVE-2025-40309, CVE-2025-40310, CVE-2025-40311, CVE-2025-40312, CVE-2025-40313, CVE-2025-40314, CVE-2025-40315, CVE-2025-40316, CVE-2025-40317, CVE-2025-40318, CVE-2025-40319, CVE-2025-40320, CVE-2025-40321, CVE-2025-40322, CVE-2025-40323, CVE-2025-40324, CVE-2025-40326, CVE-2025-40327, CVE-2025-40328, CVE-2025-40329, CVE-2025-40330, CVE-2025-40331, CVE-2025-40332, CVE-2025-40333, CVE-2025-40334, CVE-2025-40335, CVE-2025-40336, CVE-2025-40337, CVE-2025-40338, CVE-2025-40339, CVE-2025-40340, CVE-2025-40341, CVE-2025-40342, CVE-2025-40343, CVE-2025-40344, CVE-2025-40346, CVE-2025-40347, CVE-2025-40349, CVE-2025-40350, CVE-2025-40351, CVE-2025-40352, CVE-2025-40353, CVE-2025-40354, CVE-2025-40355, CVE-2025-40356, CVE-2025-40357, CVE-2025-40358, CVE-2025-40359, CVE-2025-40360, CVE-2025-40362, CVE-2025-40363, CVE-2025-68167, CVE-2025-68168, CVE-2025-68169, CVE-2025-68170, CVE-2025-68171, CVE-2025-68172, CVE-2025-68173, CVE-2025-68174, CVE-2025-68175, CVE-2025-68176, CVE-2025-68177, CVE-2025-68178, CVE-2025-68179, CVE-2025-68180, CVE-2025-68181, CVE-2025-68182, CVE-2025-68183, CVE-2025-68184, CVE-2025-68185, CVE-2025-68186, CVE-2025-68187, CVE-2025-68188, CVE-2025-68189, CVE-2025-68190, CVE-2025-68191, CVE-2025-68192, CVE-2025-68193, CVE-2025-68194, CVE-2025-68196, CVE-2025-68197, CVE-2025-68198, CVE-2025-68199, CVE-2025-68200, CVE-2025-68201, CVE-2025-68202, CVE-2025-68204, CVE-2025-68205, CVE-2025-68206, CVE-2025-68207, CVE-2025-68208, CVE-2025-68209, CVE-2025-68210, CVE-2025-68211, CVE-2025-68239, CVE-2025-68240, CVE-2025-68241, CVE-2025-68242, CVE-2025-68243, CVE-2025-68244, CVE-2025-68245, CVE-2025-68246, CVE-2025-68247, CVE-2025-68248, CVE-2025-68249, CVE-2025-68250, CVE-2025-68251, CVE-2025-68253, CVE-2025-68309, CVE-2025-68310, CVE-2025-68311, CVE-2025-68312, CVE-2025-68313, CVE-2025-68314, CVE-2025-68315, CVE-2025-68317, CVE-2025-68318, CVE-2025-68319, CVE-2025-68320, CVE-2025-68321, CVE-2025-68322, CVE-2025-68734)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - Drivers core; - Bus devices; - Hardware random number generator core; - Data acquisition framework and drivers; - CPU frequency scaling framework; - DMA engine subsystem; - GPU drivers; - HW tracing; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - MOST (Media Oriented Systems Transport) drivers; - MTD block device drivers; - Network drivers; - NVME drivers; - PCI subsystem; - Performance monitor drivers; - Pin controllers subsystem; - x86 platform drivers; - PPS (Pulse Per Second) driver; - PWM drivers; - SCSI subsystem; - TCM subsystem; - Userspace I/O drivers; - USB Gadget drivers; - USB Host Controller drivers; - Framebuffer layer; - BTRFS file system; - File systems infrastructure; - Ext4 file system; - Network file system (NFS) server daemon; - NTFS3 file system; - SMB network file system; - padata parallel execution mechanism; - IP tunnels definitions; - Network sockets; - XFRM subsystem; - Control group (cgroup); - Padata parallel execution mechanism; - PID allocator; - Tracing infrastructure; - Memory management; - 9P file system network protocol; - Ethernet bridge; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - NFC subsystem; - RF switch subsystem; - SCTP protocol; - Unix domain sockets; - VMware vSockets driver; - Intel ASoC drivers; - USB sound devices; (CVE-2024-53114, CVE-2024-56538, CVE-2024-58011, CVE-2025-21861, CVE-2025-22058, CVE-2025-23143, CVE-2025-38236, CVE-2025-38248, CVE-2025-38584, CVE-2025-39869, CVE-2025-39873, CVE-2025-39876, CVE-2025-39880, CVE-2025-39883, CVE-2025-39885, CVE-2025-39907, CVE-2025-39911, CVE-2025-39913, CVE-2025-39923, CVE-2025-39934, CVE-2025-39937, CVE-2025-39943, CVE-2025-39945, CVE-2025-39949, CVE-2025-39951, CVE-2025-39953, CVE-2025-39955, CVE-2025-39967, CVE-2025-39968, CVE-2025-39969, CVE-2025-39970, CVE-2025-39971, CVE-2025-39972, CVE-2025-39973, CVE-2025-39980, CVE-2025-39985, CVE-2025-39986, CVE-2025-39987, CVE-2025-39988, CVE-2025-39994, CVE-2025-39995, CVE-2025-39996, CVE-2025-39998, CVE-2025-40001, CVE-2025-40006, CVE-2025-40011, CVE-2025-40020, CVE-2025-40021, CVE-2025-40026, CVE-2025-40027, CVE-2025-40029, CVE-2025-40030, CVE-2025-40035, CVE-2025-40042, CVE-2025-40043, CVE-2025-40044, CVE-2025-40048, CVE-2025-40049, CVE-2025-40053, CVE-2025-40055, CVE-2025-40060, CVE-2025-40068, CVE-2025-40070, CVE-2025-40078, CVE-2025-40081, CVE-2025-40085, CVE-2025-40087, CVE-2025-40088, CVE-2025-40092, CVE-2025-40094, CVE-2025-40105, CVE-2025-40106, CVE-2025-40109, CVE-2025-40111, CVE-2025-40112, CVE-2025-40115, CVE-2025-40116, CVE-2025-40118, CVE-2025-40120, CVE-2025-40121, CVE-2025-40124, CVE-2025-40125, CVE-2025-40126, CVE-2025-40127, CVE-2025-40134, CVE-2025-40140, CVE-2025-40153, CVE-2025-40154, CVE-2025-40167, CVE-2025-40171, CVE-2025-40173, CVE-2025-40178, CVE-2025-40179, CVE-2025-40183, CVE-2025-40187, CVE-2025-40188, CVE-2025-40194, CVE-2025-40200, CVE-2025-40204, CVE-2025-40205, CVE-2025-40215, CVE-2025-40219, CVE-2025-40220, CVE-2025-40223, CVE-2025-40231, CVE-2025-40233, CVE-2025-40240, CVE-2025-40243, CVE-2025-40244, CVE-2025-40245, CVE-2025-40346, CVE-2025-40349, CVE-2025-40351, CVE-2025-68249, CVE-2025-71162)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - Drivers core; - Bus devices; - Hardware random number generator core; - Data acquisition framework and drivers; - CPU frequency scaling framework; - DMA engine subsystem; - GPU drivers; - HW tracing; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - MOST (Media Oriented Systems Transport) drivers; - MTD block device drivers; - Network drivers; - NVME drivers; - PCI subsystem; - Performance monitor drivers; - Pin controllers subsystem; - x86 platform drivers; - PPS (Pulse Per Second) driver; - PWM drivers; - SCSI subsystem; - TCM subsystem; - Userspace I/O drivers; - USB Gadget drivers; - USB Host Controller drivers; - Framebuffer layer; - BTRFS file system; - File systems infrastructure; - Ext4 file system; - Network file system (NFS) server daemon; - NTFS3 file system; - SMB network file system; - padata parallel execution mechanism; - IP tunnels definitions; - Network sockets; - XFRM subsystem; - Control group (cgroup); - Padata parallel execution mechanism; - PID allocator; - Tracing infrastructure; - Memory management; - 9P file system network protocol; - Ethernet bridge; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - NFC subsystem; - RF switch subsystem; - SCTP protocol; - Unix domain sockets; - VMware vSockets driver; - Intel ASoC drivers; - USB sound devices; (CVE-2024-53114, CVE-2024-56538, CVE-2024-58011, CVE-2025-21861, CVE-2025-22058, CVE-2025-23143, CVE-2025-38236, CVE-2025-38248, CVE-2025-38584, CVE-2025-39869, CVE-2025-39873, CVE-2025-39876, CVE-2025-39880, CVE-2025-39883, CVE-2025-39885, CVE-2025-39907, CVE-2025-39911, CVE-2025-39913, CVE-2025-39923, CVE-2025-39934, CVE-2025-39937, CVE-2025-39943, CVE-2025-39945, CVE-2025-39949, CVE-2025-39951, CVE-2025-39953, CVE-2025-39955, CVE-2025-39967, CVE-2025-39968, CVE-2025-39969, CVE-2025-39970, CVE-2025-39971, CVE-2025-39972, CVE-2025-39973, CVE-2025-39980, CVE-2025-39985, CVE-2025-39986, CVE-2025-39987, CVE-2025-39988, CVE-2025-39994, CVE-2025-39995, CVE-2025-39996, CVE-2025-39998, CVE-2025-40001, CVE-2025-40006, CVE-2025-40011, CVE-2025-40020, CVE-2025-40021, CVE-2025-40026, CVE-2025-40027, CVE-2025-40029, CVE-2025-40030, CVE-2025-40035, CVE-2025-40042, CVE-2025-40043, CVE-2025-40044, CVE-2025-40048, CVE-2025-40049, CVE-2025-40053, CVE-2025-40055, CVE-2025-40060, CVE-2025-40068, CVE-2025-40070, CVE-2025-40078, CVE-2025-40081, CVE-2025-40085, CVE-2025-40087, CVE-2025-40088, CVE-2025-40092, CVE-2025-40094, CVE-2025-40105, CVE-2025-40106, CVE-2025-40109, CVE-2025-40111, CVE-2025-40112, CVE-2025-40115, CVE-2025-40116, CVE-2025-40118, CVE-2025-40120, CVE-2025-40121, CVE-2025-40124, CVE-2025-40125, CVE-2025-40126, CVE-2025-40127, CVE-2025-40134, CVE-2025-40140, CVE-2025-40153, CVE-2025-40154, CVE-2025-40167, CVE-2025-40171, CVE-2025-40173, CVE-2025-40178, CVE-2025-40179, CVE-2025-40183, CVE-2025-40187, CVE-2025-40188, CVE-2025-40194, CVE-2025-40200, CVE-2025-40204, CVE-2025-40205, CVE-2025-40215, CVE-2025-40219, CVE-2025-40220, CVE-2025-40223, CVE-2025-40231, CVE-2025-40233, CVE-2025-40240, CVE-2025-40243, CVE-2025-40244, CVE-2025-40245, CVE-2025-40346, CVE-2025-40349, CVE-2025-40351, CVE-2025-68249)

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - PA-RISC architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Compute Acceleration Framework; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - ATM drivers; - Drivers core; - ATA over ethernet (AOE) driver; - DRBD Distributed Replicated Block Device drivers; - Network block device driver; - Ublk userspace block driver; - Bluetooth drivers; - Bus devices; - Character device driver; - TPM device driver; - Clock framework and drivers; - Data acquisition framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - Device frequency scaling framework; - Buffer Sharing and Synchronization framework; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - ARM SCMI message protocol; - FPGA Framework; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - I2C subsystem; - I3C subsystem; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; - Input Device (Miscellaneous) drivers; - IOMMU subsystem; - IRQ chip drivers; - MCB driver; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - Microchip PCI driver; - Intel Management Engine Interface driver; - PCI Endpoint Test driver; - TI TPS6594 PFSM driver; - VMware VMCI Driver; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - STMicroelectronics network drivers; - NVDIMM (Non-Volatile Memory Device) drivers; - NVME drivers; - PCI subsystem; - Amlogic Meson DDR PMU; - PHY drivers; - Pin controllers subsystem; - x86 platform drivers; - Power supply drivers; - Powercap sysfs driver; - PTP clock framework; - PWM drivers; - RapidIO drivers; - Voltage and Current Regulator drivers; - Remote Processor subsystem; - S/390 drivers; - SCSI subsystem; - ASPEED SoC drivers; - QCOM SoC drivers; - Samsung SoC drivers; - SPI subsystem; - small TFT LCD display modules; - Media staging drivers; - TCM subsystem; - Trusted Execution Environment drivers; - Thunderbolt and USB4 drivers; - TTY drivers; - UFS subsystem; - Cadence USB3 driver; - ChipIdea USB driver; - USB Device Class drivers; - USB core drivers; - DesignWare USB3 driver; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - USB Type-C support driver; - USB Type-C Connector System Software Interface driver; - VFIO drivers; - Virtio Host (VHOST) subsystem; - Backlight driver; - Framebuffer layer; - TSM Common Guest driver; - Virtio drivers; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - EFI Variable file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - NTFS3 file system; - Overlay file system; - Proc file system; - SMB network file system; - DRM display driver; - Asynchronous Transfer Mode (ATM) subsystem; - BPF subsystem; - Memory Management; - Internal shared memory driver; - LZO compression library; - Mellanox drivers; - padata parallel execution mechanism; - Networking subsytem; - Bluetooth subsystem; - Netfilter; - Network traffic control; - SCTP protocol; - Network sockets; - UDP network protocol; - eXpress Data Path; - XFRM subsystem; - Digital Audio (PCM) driver; - Universal MIDI packet (UMP) support module; - Tracing infrastructure; - User-space API (UAPI); - io_uring subsystem; - IPC subsystem; - Perf events; - Kernel exit() syscall; - IRQ subsystem; - Padata parallel execution mechanism; - Kernel command line parsing driver; - Hibernation control; - RCU subsystem; - Restartable seuqences system call mechanism; - Maple Tree data structure library; - Memory management; - KASAN memory debugging framework; - 802.1Q VLAN protocol; - 9P file system network protocol; - Appletalk network protocol; - Ethernet bridge; - CAN network layer; - Networking core; - Distributed Switch Architecture; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Management Component Transport Protocol (MCTP); - MultiProtocol Label Switching driver; - Multipath TCP; - NetLabel subsystem; - Netlink; - NFC subsystem; - Open vSwitch; - RDS protocol; - Rose network layer; - RxRPC session sockets; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - Unix domain sockets; - VMware vSockets driver; - Wireless networking; - ALSA framework; - WCD audio codecs; - Intel ASoC drivers; - MediaTek ASoC drivers; - QCOM ASoC drivers; - SoC audio core drivers; - USB sound devices; - Virtio sound driver; - CPU Power monitoring subsystem; - KVM subsystem; (CVE-2025-21884, CVE-2025-21931, CVE-2025-22026, CVE-2025-22101, CVE-2025-22102, CVE-2025-22115, CVE-2025-22120, CVE-2025-22126, CVE-2025-22128, CVE-2025-23140, CVE-2025-23141, CVE-2025-23142, CVE-2025-23144, CVE-2025-23145, CVE-2025-23146, CVE-2025-23147, CVE-2025-23148, CVE-2025-23149, CVE-2025-23150, CVE-2025-23151, CVE-2025-23155, CVE-2025-23156, CVE-2025-23157, CVE-2025-23158, CVE-2025-23159, CVE-2025-23160, CVE-2025-23161, CVE-2025-23163, CVE-2025-37738, CVE-2025-37739, CVE-2025-37740, CVE-2025-37741, CVE-2025-37742, CVE-2025-37744, CVE-2025-37745, CVE-2025-37748, CVE-2025-37749, CVE-2025-37754, CVE-2025-37755, CVE-2025-37757, CVE-2025-37758, CVE-2025-37759, CVE-2025-37761, CVE-2025-37763, CVE-2025-37764, CVE-2025-37765, CVE-2025-37766, CVE-2025-37767, CVE-2025-37768, CVE-2025-37769, CVE-2025-37770, CVE-2025-37771, CVE-2025-37772, CVE-2025-37773, CVE-2025-37775, CVE-2025-37777, CVE-2025-37778, CVE-2025-37780, CVE-2025-37781, CVE-2025-37784, CVE-2025-37786, CVE-2025-37787, CVE-2025-37788, CVE-2025-37789, CVE-2025-37790, CVE-2025-37792, CVE-2025-37793, CVE-2025-37794, CVE-2025-37796, CVE-2025-37799, CVE-2025-37800, CVE-2025-37801, CVE-2025-37803, CVE-2025-37805, CVE-2025-37808, CVE-2025-37809, CVE-2025-37810, CVE-2025-37811, CVE-2025-37812, CVE-2025-37813, CVE-2025-37815, CVE-2025-37816, CVE-2025-37817, CVE-2025-37819, CVE-2025-37820, CVE-2025-37822, CVE-2025-37823, CVE-2025-37824, CVE-2025-37826, CVE-2025-37827, CVE-2025-37828, CVE-2025-37829, CVE-2025-37830, CVE-2025-37831, CVE-2025-37836, CVE-2025-37839, CVE-2025-37840, CVE-2025-37841, CVE-2025-37842, CVE-2025-37844, CVE-2025-37846, CVE-2025-37849, CVE-2025-37850, CVE-2025-37851, CVE-2025-37852, CVE-2025-37853, CVE-2025-37854, CVE-2025-37856, CVE-2025-37857, CVE-2025-37858, CVE-2025-37859, CVE-2025-37861, CVE-2025-37862, CVE-2025-37863, CVE-2025-37864, CVE-2025-37865, CVE-2025-37867, CVE-2025-37869, CVE-2025-37871, CVE-2025-37872, CVE-2025-37873, CVE-2025-37874, CVE-2025-37875, CVE-2025-37878, CVE-2025-37879, CVE-2025-37881, CVE-2025-37883, CVE-2025-37884, CVE-2025-37885, CVE-2025-37886, CVE-2025-37887, CVE-2025-37891, CVE-2025-37892, CVE-2025-37897, CVE-2025-37900, CVE-2025-37901, CVE-2025-37903, CVE-2025-37905, CVE-2025-37909, CVE-2025-37911, CVE-2025-37912, CVE-2025-37913, CVE-2025-37914, CVE-2025-37915, CVE-2025-37916, CVE-2025-37917, CVE-2025-37918, CVE-2025-37920, CVE-2025-37921, CVE-2025-37922, CVE-2025-37923, CVE-2025-37924, CVE-2025-37925, CVE-2025-37927, CVE-2025-37928, CVE-2025-37930, CVE-2025-37931, CVE-2025-37933, CVE-2025-37935, CVE-2025-37936, CVE-2025-37938, CVE-2025-37940, CVE-2025-37943, CVE-2025-37944, CVE-2025-37945, CVE-2025-37947, CVE-2025-37948, CVE-2025-37949, CVE-2025-37951, CVE-2025-37952, CVE-2025-37954, CVE-2025-37956, CVE-2025-37957, CVE-2025-37959, CVE-2025-37960, CVE-2025-37961, CVE-2025-37962, CVE-2025-37963, CVE-2025-37967, CVE-2025-37968, CVE-2025-37969, CVE-2025-37970, CVE-2025-37972, CVE-2025-37973, CVE-2025-37975, CVE-2025-37977, CVE-2025-37978, CVE-2025-37979, CVE-2025-37980, CVE-2025-37982, CVE-2025-37983, CVE-2025-37984, CVE-2025-37985, CVE-2025-37986, CVE-2025-37987, CVE-2025-37988, CVE-2025-37989, CVE-2025-37990, CVE-2025-37991, CVE-2025-37992, CVE-2025-37994, CVE-2025-37995, CVE-2025-37998, CVE-2025-38003, CVE-2025-38004, CVE-2025-38005, CVE-2025-38006, CVE-2025-38007, CVE-2025-38008, CVE-2025-38009, CVE-2025-38010, CVE-2025-38011, CVE-2025-38013, CVE-2025-38014, CVE-2025-38015, CVE-2025-38018, CVE-2025-38019, CVE-2025-38020, CVE-2025-38023, CVE-2025-38024, CVE-2025-38027, CVE-2025-38031, CVE-2025-38034, CVE-2025-38035, CVE-2025-38037, CVE-2025-38039, CVE-2025-38040, CVE-2025-38043, CVE-2025-38044, CVE-2025-38045, CVE-2025-38048, CVE-2025-38051, CVE-2025-38052, CVE-2025-38053, CVE-2025-38055, CVE-2025-38057, CVE-2025-38058, CVE-2025-38059, CVE-2025-38060, CVE-2025-38061, CVE-2025-38062, CVE-2025-38063, CVE-2025-38065, CVE-2025-38066, CVE-2025-38067, CVE-2025-38068, CVE-2025-38071, CVE-2025-38072, CVE-2025-38074, CVE-2025-38075, CVE-2025-38077, CVE-2025-38078, CVE-2025-38079, CVE-2025-38080, CVE-2025-38081, CVE-2025-38084, CVE-2025-38085, CVE-2025-38086, CVE-2025-38087, CVE-2025-38088, CVE-2025-38089, CVE-2025-38090, CVE-2025-38094, CVE-2025-38095, CVE-2025-38097, CVE-2025-38098, CVE-2025-38099, CVE-2025-38100, CVE-2025-38101, CVE-2025-38102, CVE-2025-38103, CVE-2025-38104, CVE-2025-38107, CVE-2025-38108, CVE-2025-38109, CVE-2025-38110, CVE-2025-38111, CVE-2025-38112, CVE-2025-38113, CVE-2025-38115, CVE-2025-38117, CVE-2025-38119, CVE-2025-38120, CVE-2025-38122, CVE-2025-38123, CVE-2025-38124, CVE-2025-38125, CVE-2025-38126, CVE-2025-38127, CVE-2025-38129, CVE-2025-38131, CVE-2025-38135, CVE-2025-38136, CVE-2025-38138, CVE-2025-38142, CVE-2025-38143, CVE-2025-38145, CVE-2025-38146, CVE-2025-38147, CVE-2025-38148, CVE-2025-38149, CVE-2025-38153, CVE-2025-38154, CVE-2025-38155, CVE-2025-38156, CVE-2025-38157, CVE-2025-38158, CVE-2025-38159, CVE-2025-38160, CVE-2025-38161, CVE-2025-38162, CVE-2025-38163, CVE-2025-38164, CVE-2025-38165, CVE-2025-38166, CVE-2025-38167, CVE-2025-38169, CVE-2025-38170, CVE-2025-38173, CVE-2025-38174, CVE-2025-38180, CVE-2025-38181, CVE-2025-38182, CVE-2025-38183, CVE-2025-38184, CVE-2025-38185, CVE-2025-38190, CVE-2025-38191, CVE-2025-38192, CVE-2025-38193, CVE-2025-38194, CVE-2025-38197, CVE-2025-38198, CVE-2025-38200, CVE-2025-38202, CVE-2025-38208, CVE-2025-38210, CVE-2025-38211, CVE-2025-38212, CVE-2025-38214, CVE-2025-38215, CVE-2025-38217, CVE-2025-38218, CVE-2025-38219, CVE-2025-38220, CVE-2025-38222, CVE-2025-38225, CVE-2025-38226, CVE-2025-38229, CVE-2025-38230, CVE-2025-38231, CVE-2025-38232, CVE-2025-38236, CVE-2025-38239, CVE-2025-38244, CVE-2025-38245, CVE-2025-38246, CVE-2025-38248, CVE-2025-38249, CVE-2025-38250, CVE-2025-38251, CVE-2025-38253, CVE-2025-38255, CVE-2025-38257, CVE-2025-38258, CVE-2025-38259, CVE-2025-38260, CVE-2025-38262, CVE-2025-38263, CVE-2025-38264, CVE-2025-38265, CVE-2025-38269, CVE-2025-38274, CVE-2025-38275, CVE-2025-38277, CVE-2025-38278, CVE-2025-38279, CVE-2025-38280, CVE-2025-38282, CVE-2025-38283, CVE-2025-38285, CVE-2025-38286, CVE-2025-38289, CVE-2025-38290, CVE-2025-38292, CVE-2025-38293, CVE-2025-38295, CVE-2025-38298, CVE-2025-38299, CVE-2025-38300, CVE-2025-38303, CVE-2025-38304, CVE-2025-38305, CVE-2025-38307, CVE-2025-38310, CVE-2025-38312, CVE-2025-38313, CVE-2025-38319, CVE-2025-38320, CVE-2025-38321, CVE-2025-38322, CVE-2025-38323, CVE-2025-38324, CVE-2025-38326, CVE-2025-38328, CVE-2025-38331, CVE-2025-38332, CVE-2025-38333, CVE-2025-38334, CVE-2025-38335, CVE-2025-38336, CVE-2025-38337, CVE-2025-38338, CVE-2025-38342, CVE-2025-38343, CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38347, CVE-2025-38348, CVE-2025-38349, CVE-2025-38351, CVE-2025-38354, CVE-2025-38361, CVE-2025-38362, CVE-2025-38363, CVE-2025-38364, CVE-2025-38365, CVE-2025-38368, CVE-2025-38369, CVE-2025-38371, CVE-2025-38373, CVE-2025-38374, CVE-2025-38375, CVE-2025-38376, CVE-2025-38377, CVE-2025-38382, CVE-2025-38384, CVE-2025-38385, CVE-2025-38386, CVE-2025-38387, CVE-2025-38388, CVE-2025-38389, CVE-2025-38390, CVE-2025-38391, CVE-2025-38392, CVE-2025-38393, CVE-2025-38395, CVE-2025-38396, CVE-2025-38399, CVE-2025-38400, CVE-2025-38401, CVE-2025-38402, CVE-2025-38403, CVE-2025-38405, CVE-2025-38406, CVE-2025-38407, CVE-2025-38408, CVE-2025-38409, CVE-2025-38410, CVE-2025-38412, CVE-2025-38414, CVE-2025-38415, CVE-2025-38416, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420, CVE-2025-38422, CVE-2025-38424, CVE-2025-38425, CVE-2025-38427, CVE-2025-38428, CVE-2025-38429, CVE-2025-38430, CVE-2025-38436, CVE-2025-38437, CVE-2025-38439, CVE-2025-38441, CVE-2025-38443, CVE-2025-38444, CVE-2025-38445, CVE-2025-38448, CVE-2025-38449, CVE-2025-38455, CVE-2025-38456, CVE-2025-38457, CVE-2025-38458, CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462, CVE-2025-38463, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466, CVE-2025-38467, CVE-2025-38468, CVE-2025-38469, CVE-2025-38470, CVE-2025-38471, CVE-2025-38472, CVE-2025-38473, CVE-2025-38474, CVE-2025-38476, CVE-2025-38478, CVE-2025-38480, CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38485, CVE-2025-38487, CVE-2025-38488, CVE-2025-38489, CVE-2025-38490, CVE-2025-38491, CVE-2025-38493, CVE-2025-38494, CVE-2025-38495, CVE-2025-38496, CVE-2025-38497, CVE-2025-38499, CVE-2025-38501, CVE-2025-38503, CVE-2025-38506, CVE-2025-38507, CVE-2025-38510, CVE-2025-38511, CVE-2025-38512, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515, CVE-2025-38516, CVE-2025-38520, CVE-2025-38521, CVE-2025-38524, CVE-2025-38526, CVE-2025-38527, CVE-2025-38528, CVE-2025-38529, CVE-2025-38530, CVE-2025-38531, CVE-2025-38532, CVE-2025-38533, CVE-2025-38535, CVE-2025-38537, CVE-2025-38538, CVE-2025-38539, CVE-2025-38540, CVE-2025-38542, CVE-2025-38543, CVE-2025-38544, CVE-2025-38546, CVE-2025-38548, CVE-2025-38549, CVE-2025-38550, CVE-2025-38551, CVE-2025-38552, CVE-2025-38553, CVE-2025-38555, CVE-2025-38560, CVE-2025-38562, CVE-2025-38566, CVE-2025-38568, CVE-2025-38569, CVE-2025-38571, CVE-2025-38572, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577, CVE-2025-38578, CVE-2025-38579, CVE-2025-38581, CVE-2025-38582, CVE-2025-38583, CVE-2025-38584, CVE-2025-38585, CVE-2025-38587, CVE-2025-38588, CVE-2025-38590, CVE-2025-38593, CVE-2025-38595, CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38608, CVE-2025-38609, CVE-2025-38610, CVE-2025-38612, CVE-2025-38614, CVE-2025-38615, CVE-2025-38619, CVE-2025-38622, CVE-2025-38623, CVE-2025-38624, CVE-2025-38625, CVE-2025-38626, CVE-2025-38630, CVE-2025-38632, CVE-2025-38634, CVE-2025-38635, CVE-2025-38639, CVE-2025-38640, CVE-2025-38644, CVE-2025-38645, CVE-2025-38646, CVE-2025-38648, CVE-2025-38650, CVE-2025-38652, CVE-2025-38653, CVE-2025-38659, CVE-2025-38660, CVE-2025-38663, CVE-2025-38664, CVE-2025-38665, CVE-2025-38668, CVE-2025-38670, CVE-2025-38671, CVE-2025-38675, CVE-2025-38676, CVE-2025-38677, CVE-2025-38679, CVE-2025-38680, CVE-2025-38681, CVE-2025-38683, CVE-2025-38684, CVE-2025-38685, CVE-2025-38686, CVE-2025-38687, CVE-2025-38688, CVE-2025-38691, CVE-2025-38692, CVE-2025-38693, CVE-2025-38694, CVE-2025-38695, CVE-2025-38696, CVE-2025-38697, CVE-2025-38698, CVE-2025-38699, CVE-2025-38700, CVE-2025-38701, CVE-2025-38702, CVE-2025-38703, CVE-2025-38704, CVE-2025-38705, CVE-2025-38706, CVE-2025-38707, CVE-2025-38708, CVE-2025-38710, CVE-2025-38711, CVE-2025-38712, CVE-2025-38713, CVE-2025-38714, CVE-2025-38715, CVE-2025-38716, CVE-2025-38718, CVE-2025-38721, CVE-2025-38722, CVE-2025-38724, CVE-2025-38725, CVE-2025-38728, CVE-2025-38729, CVE-2025-38730, CVE-2025-38732, CVE-2025-38734, CVE-2025-38735, CVE-2025-39673, CVE-2025-39675, CVE-2025-39676, CVE-2025-39679, CVE-2025-39681, CVE-2025-39683, CVE-2025-39684, CVE-2025-39685, CVE-2025-39686, CVE-2025-39687, CVE-2025-39689, CVE-2025-39691, CVE-2025-39692, CVE-2025-39693, CVE-2025-39694, CVE-2025-39701, CVE-2025-39702, CVE-2025-39703, CVE-2025-39705, CVE-2025-39706, CVE-2025-39707, CVE-2025-39709, CVE-2025-39710, CVE-2025-39711, CVE-2025-39712, CVE-2025-39713, CVE-2025-39714, CVE-2025-39715, CVE-2025-39716, CVE-2025-39718, CVE-2025-39719, CVE-2025-39720, CVE-2025-39721, CVE-2025-39724, CVE-2025-39726, CVE-2025-39730, CVE-2025-39731, CVE-2025-39732, CVE-2025-39734, CVE-2025-39736, CVE-2025-39737, CVE-2025-39738, CVE-2025-39739, CVE-2025-39742, CVE-2025-39743, CVE-2025-39744, CVE-2025-39746, CVE-2025-39747, CVE-2025-39748, CVE-2025-39749, CVE-2025-39750, CVE-2025-39752, CVE-2025-39753, CVE-2025-39756, CVE-2025-39757, CVE-2025-39758, CVE-2025-39759, CVE-2025-39760, CVE-2025-39761, CVE-2025-39763, CVE-2025-39766, CVE-2025-39770, CVE-2025-39772, CVE-2025-39773, CVE-2025-39776, CVE-2025-39779, CVE-2025-39781, CVE-2025-39782, CVE-2025-39783, CVE-2025-39787, CVE-2025-39788, CVE-2025-39790, CVE-2025-39794, CVE-2025-39795, CVE-2025-39797, CVE-2025-39798, CVE-2025-39800, CVE-2025-39801, CVE-2025-39889, CVE-2025-39890, CVE-2025-39946, CVE-2025-39989, CVE-2025-40215, CVE-2025-40297, CVE-2025-68750)

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - PA-RISC architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Compute Acceleration Framework; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - ATM drivers; - Drivers core; - ATA over ethernet (AOE) driver; - DRBD Distributed Replicated Block Device drivers; - Network block device driver; - Ublk userspace block driver; - Bluetooth drivers; - Bus devices; - Character device driver; - TPM device driver; - Clock framework and drivers; - Data acquisition framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - Device frequency scaling framework; - Buffer Sharing and Synchronization framework; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - ARM SCMI message protocol; - FPGA Framework; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - I2C subsystem; - I3C subsystem; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; - Input Device (Miscellaneous) drivers; - IOMMU subsystem; - IRQ chip drivers; - MCB driver; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - Microchip PCI driver; - Intel Management Engine Interface driver; - PCI Endpoint Test driver; - TI TPS6594 PFSM driver; - VMware VMCI Driver; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - STMicroelectronics network drivers; - NVDIMM (Non-Volatile Memory Device) drivers; - NVME drivers; - PCI subsystem; - Amlogic Meson DDR PMU; - PHY drivers; - Pin controllers subsystem; - x86 platform drivers; - Power supply drivers; - Powercap sysfs driver; - PTP clock framework; - PWM drivers; - RapidIO drivers; - Voltage and Current Regulator drivers; - Remote Processor subsystem; - S/390 drivers; - SCSI subsystem; - ASPEED SoC drivers; - QCOM SoC drivers; - Samsung SoC drivers; - SPI subsystem; - small TFT LCD display modules; - Media staging drivers; - TCM subsystem; - Trusted Execution Environment drivers; - Thunderbolt and USB4 drivers; - TTY drivers; - UFS subsystem; - Cadence USB3 driver; - ChipIdea USB driver; - USB Device Class drivers; - USB core drivers; - DesignWare USB3 driver; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - USB Type-C support driver; - USB Type-C Connector System Software Interface driver; - VFIO drivers; - Virtio Host (VHOST) subsystem; - Backlight driver; - Framebuffer layer; - TSM Common Guest driver; - Virtio drivers; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - EFI Variable file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - NTFS3 file system; - Overlay file system; - Proc file system; - SMB network file system; - DRM display driver; - Asynchronous Transfer Mode (ATM) subsystem; - BPF subsystem; - Memory Management; - Internal shared memory driver; - LZO compression library; - Mellanox drivers; - padata parallel execution mechanism; - Networking subsytem; - Bluetooth subsystem; - Netfilter; - Network traffic control; - SCTP protocol; - Network sockets; - UDP network protocol; - eXpress Data Path; - XFRM subsystem; - Digital Audio (PCM) driver; - Universal MIDI packet (UMP) support module; - Tracing infrastructure; - User-space API (UAPI); - io_uring subsystem; - IPC subsystem; - Perf events; - Kernel exit() syscall; - IRQ subsystem; - Padata parallel execution mechanism; - Kernel command line parsing driver; - Hibernation control; - RCU subsystem; - Restartable seuqences system call mechanism; - Maple Tree data structure library; - Memory management; - KASAN memory debugging framework; - 802.1Q VLAN protocol; - 9P file system network protocol; - Appletalk network protocol; - Ethernet bridge; - CAN network layer; - Networking core; - Distributed Switch Architecture; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Management Component Transport Protocol (MCTP); - MultiProtocol Label Switching driver; - Multipath TCP; - NetLabel subsystem; - Netlink; - NFC subsystem; - Open vSwitch; - RDS protocol; - Rose network layer; - RxRPC session sockets; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - Unix domain sockets; - VMware vSockets driver; - Wireless networking; - ALSA framework; - WCD audio codecs; - Intel ASoC drivers; - MediaTek ASoC drivers; - QCOM ASoC drivers; - SoC audio core drivers; - USB sound devices; - Virtio sound driver; - CPU Power monitoring subsystem; - KVM subsystem; (CVE-2025-21884, CVE-2025-21931, CVE-2025-22026, CVE-2025-22101, CVE-2025-22102, CVE-2025-22115, CVE-2025-22120, CVE-2025-22126, CVE-2025-22128, CVE-2025-23140, CVE-2025-23141, CVE-2025-23142, CVE-2025-23144, CVE-2025-23145, CVE-2025-23146, CVE-2025-23147, CVE-2025-23148, CVE-2025-23149, CVE-2025-23150, CVE-2025-23151, CVE-2025-23155, CVE-2025-23156, CVE-2025-23157, CVE-2025-23158, CVE-2025-23159, CVE-2025-23160, CVE-2025-23161, CVE-2025-23163, CVE-2025-37738, CVE-2025-37739, CVE-2025-37740, CVE-2025-37741, CVE-2025-37742, CVE-2025-37744, CVE-2025-37745, CVE-2025-37748, CVE-2025-37749, CVE-2025-37754, CVE-2025-37755, CVE-2025-37757, CVE-2025-37758, CVE-2025-37759, CVE-2025-37761, CVE-2025-37763, CVE-2025-37764, CVE-2025-37765, CVE-2025-37766, CVE-2025-37767, CVE-2025-37768, CVE-2025-37769, CVE-2025-37770, CVE-2025-37771, CVE-2025-37772, CVE-2025-37773, CVE-2025-37775, CVE-2025-37777, CVE-2025-37778, CVE-2025-37780, CVE-2025-37781, CVE-2025-37784, CVE-2025-37786, CVE-2025-37787, CVE-2025-37788, CVE-2025-37789, CVE-2025-37790, CVE-2025-37792, CVE-2025-37793, CVE-2025-37794, CVE-2025-37796, CVE-2025-37799, CVE-2025-37800, CVE-2025-37801, CVE-2025-37803, CVE-2025-37805, CVE-2025-37808, CVE-2025-37809, CVE-2025-37810, CVE-2025-37811, CVE-2025-37812, CVE-2025-37813, CVE-2025-37815, CVE-2025-37816, CVE-2025-37817, CVE-2025-37819, CVE-2025-37820, CVE-2025-37822, CVE-2025-37823, CVE-2025-37824, CVE-2025-37826, CVE-2025-37827, CVE-2025-37828, CVE-2025-37829, CVE-2025-37830, CVE-2025-37831, CVE-2025-37836, CVE-2025-37839, CVE-2025-37840, CVE-2025-37841, CVE-2025-37842, CVE-2025-37844, CVE-2025-37846, CVE-2025-37849, CVE-2025-37850, CVE-2025-37851, CVE-2025-37852, CVE-2025-37853, CVE-2025-37854, CVE-2025-37856, CVE-2025-37857, CVE-2025-37858, CVE-2025-37859, CVE-2025-37861, CVE-2025-37862, CVE-2025-37863, CVE-2025-37864, CVE-2025-37865, CVE-2025-37867, CVE-2025-37869, CVE-2025-37871, CVE-2025-37872, CVE-2025-37873, CVE-2025-37874, CVE-2025-37875, CVE-2025-37878, CVE-2025-37879, CVE-2025-37881, CVE-2025-37883, CVE-2025-37884, CVE-2025-37885, CVE-2025-37886, CVE-2025-37887, CVE-2025-37891, CVE-2025-37892, CVE-2025-37897, CVE-2025-37900, CVE-2025-37901, CVE-2025-37903, CVE-2025-37905, CVE-2025-37909, CVE-2025-37911, CVE-2025-37912, CVE-2025-37913, CVE-2025-37914, CVE-2025-37915, CVE-2025-37916, CVE-2025-37917, CVE-2025-37918, CVE-2025-37920, CVE-2025-37921, CVE-2025-37922, CVE-2025-37923, CVE-2025-37924, CVE-2025-37925, CVE-2025-37927, CVE-2025-37928, CVE-2025-37930, CVE-2025-37931, CVE-2025-37933, CVE-2025-37935, CVE-2025-37936, CVE-2025-37938, CVE-2025-37940, CVE-2025-37943, CVE-2025-37944, CVE-2025-37945, CVE-2025-37947, CVE-2025-37948, CVE-2025-37949, CVE-2025-37951, CVE-2025-37952, CVE-2025-37954, CVE-2025-37956, CVE-2025-37957, CVE-2025-37959, CVE-2025-37960, CVE-2025-37961, CVE-2025-37962, CVE-2025-37963, CVE-2025-37967, CVE-2025-37968, CVE-2025-37969, CVE-2025-37970, CVE-2025-37972, CVE-2025-37973, CVE-2025-37975, CVE-2025-37977, CVE-2025-37978, CVE-2025-37979, CVE-2025-37980, CVE-2025-37982, CVE-2025-37983, CVE-2025-37984, CVE-2025-37985, CVE-2025-37986, CVE-2025-37987, CVE-2025-37988, CVE-2025-37989, CVE-2025-37990, CVE-2025-37991, CVE-2025-37992, CVE-2025-37994, CVE-2025-37995, CVE-2025-37998, CVE-2025-38003, CVE-2025-38004, CVE-2025-38005, CVE-2025-38006, CVE-2025-38007, CVE-2025-38008, CVE-2025-38009, CVE-2025-38010, CVE-2025-38011, CVE-2025-38013, CVE-2025-38014, CVE-2025-38015, CVE-2025-38018, CVE-2025-38019, CVE-2025-38020, CVE-2025-38023, CVE-2025-38024, CVE-2025-38027, CVE-2025-38031, CVE-2025-38034, CVE-2025-38035, CVE-2025-38037, CVE-2025-38039, CVE-2025-38040, CVE-2025-38043, CVE-2025-38044, CVE-2025-38045, CVE-2025-38048, CVE-2025-38051, CVE-2025-38052, CVE-2025-38053, CVE-2025-38055, CVE-2025-38057, CVE-2025-38058, CVE-2025-38059, CVE-2025-38060, CVE-2025-38061, CVE-2025-38062, CVE-2025-38063, CVE-2025-38065, CVE-2025-38066, CVE-2025-38067, CVE-2025-38068, CVE-2025-38071, CVE-2025-38072, CVE-2025-38074, CVE-2025-38075, CVE-2025-38077, CVE-2025-38078, CVE-2025-38079, CVE-2025-38080, CVE-2025-38081, CVE-2025-38084, CVE-2025-38085, CVE-2025-38086, CVE-2025-38087, CVE-2025-38088, CVE-2025-38089, CVE-2025-38090, CVE-2025-38094, CVE-2025-38095, CVE-2025-38097, CVE-2025-38098, CVE-2025-38099, CVE-2025-38100, CVE-2025-38101, CVE-2025-38102, CVE-2025-38103, CVE-2025-38104, CVE-2025-38107, CVE-2025-38108, CVE-2025-38109, CVE-2025-38110, CVE-2025-38111, CVE-2025-38112, CVE-2025-38113, CVE-2025-38115, CVE-2025-38117, CVE-2025-38119, CVE-2025-38120, CVE-2025-38122, CVE-2025-38123, CVE-2025-38124, CVE-2025-38125, CVE-2025-38126, CVE-2025-38127, CVE-2025-38129, CVE-2025-38131, CVE-2025-38135, CVE-2025-38136, CVE-2025-38138, CVE-2025-38142, CVE-2025-38143, CVE-2025-38145, CVE-2025-38146, CVE-2025-38147, CVE-2025-38148, CVE-2025-38149, CVE-2025-38153, CVE-2025-38154, CVE-2025-38155, CVE-2025-38156, CVE-2025-38157, CVE-2025-38158, CVE-2025-38159, CVE-2025-38160, CVE-2025-38161, CVE-2025-38162, CVE-2025-38163, CVE-2025-38164, CVE-2025-38165, CVE-2025-38166, CVE-2025-38167, CVE-2025-38169, CVE-2025-38170, CVE-2025-38173, CVE-2025-38174, CVE-2025-38180, CVE-2025-38181, CVE-2025-38182, CVE-2025-38183, CVE-2025-38184, CVE-2025-38185, CVE-2025-38190, CVE-2025-38191, CVE-2025-38192, CVE-2025-38193, CVE-2025-38194, CVE-2025-38197, CVE-2025-38198, CVE-2025-38200, CVE-2025-38202, CVE-2025-38208, CVE-2025-38210, CVE-2025-38211, CVE-2025-38212, CVE-2025-38214, CVE-2025-38215, CVE-2025-38217, CVE-2025-38218, CVE-2025-38219, CVE-2025-38220, CVE-2025-38222, CVE-2025-38225, CVE-2025-38226, CVE-2025-38229, CVE-2025-38230, CVE-2025-38231, CVE-2025-38232, CVE-2025-38236, CVE-2025-38239, CVE-2025-38244, CVE-2025-38245, CVE-2025-38246, CVE-2025-38248, CVE-2025-38249, CVE-2025-38250, CVE-2025-38251, CVE-2025-38253, CVE-2025-38255, CVE-2025-38257, CVE-2025-38258, CVE-2025-38259, CVE-2025-38260, CVE-2025-38262, CVE-2025-38263, CVE-2025-38264, CVE-2025-38265, CVE-2025-38269, CVE-2025-38274, CVE-2025-38275, CVE-2025-38277, CVE-2025-38278, CVE-2025-38279, CVE-2025-38280, CVE-2025-38282, CVE-2025-38283, CVE-2025-38285, CVE-2025-38286, CVE-2025-38289, CVE-2025-38290, CVE-2025-38292, CVE-2025-38293, CVE-2025-38295, CVE-2025-38298, CVE-2025-38299, CVE-2025-38300, CVE-2025-38303, CVE-2025-38304, CVE-2025-38305, CVE-2025-38307, CVE-2025-38310, CVE-2025-38312, CVE-2025-38313, CVE-2025-38319, CVE-2025-38320, CVE-2025-38321, CVE-2025-38322, CVE-2025-38323, CVE-2025-38324, CVE-2025-38326, CVE-2025-38328, CVE-2025-38331, CVE-2025-38332, CVE-2025-38333, CVE-2025-38334, CVE-2025-38335, CVE-2025-38336, CVE-2025-38337, CVE-2025-38338, CVE-2025-38342, CVE-2025-38343, CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38347, CVE-2025-38348, CVE-2025-38349, CVE-2025-38351, CVE-2025-38354, CVE-2025-38361, CVE-2025-38362, CVE-2025-38363, CVE-2025-38364, CVE-2025-38365, CVE-2025-38368, CVE-2025-38369, CVE-2025-38371, CVE-2025-38373, CVE-2025-38374, CVE-2025-38375, CVE-2025-38376, CVE-2025-38377, CVE-2025-38382, CVE-2025-38384, CVE-2025-38385, CVE-2025-38386, CVE-2025-38387, CVE-2025-38388, CVE-2025-38389, CVE-2025-38390, CVE-2025-38391, CVE-2025-38392, CVE-2025-38393, CVE-2025-38395, CVE-2025-38396, CVE-2025-38399, CVE-2025-38400, CVE-2025-38401, CVE-2025-38402, CVE-2025-38403, CVE-2025-38405, CVE-2025-38406, CVE-2025-38407, CVE-2025-38408, CVE-2025-38409, CVE-2025-38410, CVE-2025-38412, CVE-2025-38414, CVE-2025-38415, CVE-2025-38416, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420, CVE-2025-38422, CVE-2025-38424, CVE-2025-38425, CVE-2025-38427, CVE-2025-38428, CVE-2025-38429, CVE-2025-38430, CVE-2025-38436, CVE-2025-38437, CVE-2025-38439, CVE-2025-38441, CVE-2025-38443, CVE-2025-38444, CVE-2025-38445, CVE-2025-38448, CVE-2025-38449, CVE-2025-38455, CVE-2025-38456, CVE-2025-38457, CVE-2025-38458, CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462, CVE-2025-38463, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466, CVE-2025-38467, CVE-2025-38468, CVE-2025-38469, CVE-2025-38470, CVE-2025-38471, CVE-2025-38472, CVE-2025-38473, CVE-2025-38474, CVE-2025-38476, CVE-2025-38478, CVE-2025-38480, CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38485, CVE-2025-38487, CVE-2025-38488, CVE-2025-38489, CVE-2025-38490, CVE-2025-38491, CVE-2025-38493, CVE-2025-38494, CVE-2025-38495, CVE-2025-38496, CVE-2025-38497, CVE-2025-38499, CVE-2025-38501, CVE-2025-38503, CVE-2025-38506, CVE-2025-38507, CVE-2025-38510, CVE-2025-38511, CVE-2025-38512, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515, CVE-2025-38516, CVE-2025-38520, CVE-2025-38521, CVE-2025-38524, CVE-2025-38526, CVE-2025-38527, CVE-2025-38528, CVE-2025-38529, CVE-2025-38530, CVE-2025-38531, CVE-2025-38532, CVE-2025-38533, CVE-2025-38535, CVE-2025-38537, CVE-2025-38538, CVE-2025-38539, CVE-2025-38540, CVE-2025-38542, CVE-2025-38543, CVE-2025-38544, CVE-2025-38546, CVE-2025-38548, CVE-2025-38549, CVE-2025-38550, CVE-2025-38551, CVE-2025-38552, CVE-2025-38553, CVE-2025-38555, CVE-2025-38560, CVE-2025-38562, CVE-2025-38566, CVE-2025-38568, CVE-2025-38569, CVE-2025-38571, CVE-2025-38572, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577, CVE-2025-38578, CVE-2025-38579, CVE-2025-38581, CVE-2025-38582, CVE-2025-38583, CVE-2025-38584, CVE-2025-38585, CVE-2025-38587, CVE-2025-38588, CVE-2025-38590, CVE-2025-38593, CVE-2025-38595, CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38608, CVE-2025-38609, CVE-2025-38610, CVE-2025-38612, CVE-2025-38614, CVE-2025-38615, CVE-2025-38619, CVE-2025-38622, CVE-2025-38623, CVE-2025-38624, CVE-2025-38625, CVE-2025-38626, CVE-2025-38630, CVE-2025-38632, CVE-2025-38634, CVE-2025-38635, CVE-2025-38639, CVE-2025-38640, CVE-2025-38644, CVE-2025-38645, CVE-2025-38646, CVE-2025-38648, CVE-2025-38650, CVE-2025-38652, CVE-2025-38653, CVE-2025-38659, CVE-2025-38660, CVE-2025-38663, CVE-2025-38664, CVE-2025-38665, CVE-2025-38668, CVE-2025-38670, CVE-2025-38671, CVE-2025-38675, CVE-2025-38676, CVE-2025-38677, CVE-2025-38679, CVE-2025-38680, CVE-2025-38681, CVE-2025-38683, CVE-2025-38684, CVE-2025-38685, CVE-2025-38686, CVE-2025-38687, CVE-2025-38688, CVE-2025-38691, CVE-2025-38692, CVE-2025-38693, CVE-2025-38694, CVE-2025-38695, CVE-2025-38696, CVE-2025-38697, CVE-2025-38698, CVE-2025-38699, CVE-2025-38700, CVE-2025-38701, CVE-2025-38702, CVE-2025-38703, CVE-2025-38704, CVE-2025-38705, CVE-2025-38706, CVE-2025-38707, CVE-2025-38708, CVE-2025-38710, CVE-2025-38711, CVE-2025-38712, CVE-2025-38713, CVE-2025-38714, CVE-2025-38715, CVE-2025-38716, CVE-2025-38718, CVE-2025-38721, CVE-2025-38722, CVE-2025-38724, CVE-2025-38725, CVE-2025-38728, CVE-2025-38729, CVE-2025-38730, CVE-2025-38732, CVE-2025-38734, CVE-2025-38735, CVE-2025-39673, CVE-2025-39675, CVE-2025-39676, CVE-2025-39679, CVE-2025-39681, CVE-2025-39683, CVE-2025-39684, CVE-2025-39685, CVE-2025-39686, CVE-2025-39687, CVE-2025-39689, CVE-2025-39691, CVE-2025-39692, CVE-2025-39693, CVE-2025-39694, CVE-2025-39701, CVE-2025-39702, CVE-2025-39703, CVE-2025-39705, CVE-2025-39706, CVE-2025-39707, CVE-2025-39709, CVE-2025-39710, CVE-2025-39711, CVE-2025-39712, CVE-2025-39713, CVE-2025-39714, CVE-2025-39715, CVE-2025-39716, CVE-2025-39718, CVE-2025-39719, CVE-2025-39720, CVE-2025-39721, CVE-2025-39724, CVE-2025-39726, CVE-2025-39730, CVE-2025-39731, CVE-2025-39732, CVE-2025-39734, CVE-2025-39736, CVE-2025-39737, CVE-2025-39738, CVE-2025-39739, CVE-2025-39742, CVE-2025-39743, CVE-2025-39744, CVE-2025-39746, CVE-2025-39747, CVE-2025-39748, CVE-2025-39749, CVE-2025-39750, CVE-2025-39752, CVE-2025-39753, CVE-2025-39756, CVE-2025-39757, CVE-2025-39758, CVE-2025-39759, CVE-2025-39760, CVE-2025-39761, CVE-2025-39763, CVE-2025-39766, CVE-2025-39770, CVE-2025-39772, CVE-2025-39773, CVE-2025-39776, CVE-2025-39779, CVE-2025-39781, CVE-2025-39782, CVE-2025-39783, CVE-2025-39787, CVE-2025-39788, CVE-2025-39790, CVE-2025-39794, CVE-2025-39795, CVE-2025-39797, CVE-2025-39798, CVE-2025-39800, CVE-2025-39801, CVE-2025-39889, CVE-2025-39890, CVE-2025-39946, CVE-2025-39989, CVE-2025-40215, CVE-2025-40297, CVE-2025-68750)

Yarden Porat discovered that Pillow incorrectly handled certain malformed PSD images. An attacker could use this issue to cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code.

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; - S390 architecture; - Sun Sparc architecture; - x86 architecture; - Xtensa architecture; - Block layer subsystem; - Cryptographic API; - Compute Acceleration Framework; - ACPI drivers; - Drivers core; - Network block device driver; - Bluetooth drivers; - Bus devices; - Hardware random number generator core; - Character device driver; - Clock framework and drivers; - Data acquisition framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - CXL (Compute Express Link) drivers; - Device frequency scaling framework; - ARM SCMI message protocol; - GPIO subsystem; - GPU drivers; - Hardware monitoring drivers; - HW tracing; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - IOMMU subsystem; - ISDN/mISDN subsystem; - Mailbox framework; - Multiple devices driver; - Media drivers; - Fastrpc Driver; - PCI Endpoint Test driver; - VMware Balloon Driver; - MOST (Media Oriented Systems Transport) drivers; - Network drivers; - Mellanox network drivers; - STMicroelectronics network drivers; - NVME drivers; - PCI subsystem; - Performance monitor drivers; - Pin controllers subsystem; - Mellanox platform drivers; - x86 platform drivers; - ARM PM domains; - PPS (Pulse Per Second) driver; - PTP clock framework; - PWM drivers; - Remote Processor subsystem; - SCSI subsystem; - SPI subsystem; - Trusted Execution Environment drivers; - Thunderbolt and USB4 drivers; - TTY drivers; - UFS subsystem; - Userspace I/O drivers; - Cadence USB3 driver; - USB Gadget drivers; - USB Host Controller drivers; - vDPA drivers; - Virtio Host (VHOST) subsystem; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - EROFS file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - File system notification infrastructure; - NTFS3 file system; - Proc file system; - Diskquota system; - SMB network file system; - BPF subsystem; - Mellanox drivers; - Memory management; - Virtio network driver; - Bluetooth subsystem; - IP tunnels definitions; - io_uring subsystem; - Kernel crash support code; - Perf events; - Kernel futex primitives; - PID allocator; - Scheduler infrastructure; - Syscalls implementation; - Timer subsystem; - Tracing infrastructure; - 9P file system network protocol; - Ethernet bridge; - Networking core; - IPv4 networking; - IPv6 networking; - Multipath TCP; - Netfilter; - NFC subsystem; - Network traffic control; - SCTP protocol; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - VMware vSockets driver; - eXpress Data Path; - XFRM subsystem; - Integrity Measurement Architecture(IMA) framework; - ALSA framework; - HD-audio driver; - AMD SoC Alsa drivers; - WCD audio codecs; - Intel ASoC drivers; - USB sound devices; - KVM subsystem; (CVE-2025-40001, CVE-2025-40002, CVE-2025-40003, CVE-2025-40004, CVE-2025-40029, CVE-2025-40030, CVE-2025-40031, CVE-2025-40032, CVE-2025-40033, CVE-2025-40034, CVE-2025-40035, CVE-2025-40036, CVE-2025-40037, CVE-2025-40038, CVE-2025-40039, CVE-2025-40040, CVE-2025-40042, CVE-2025-40043, CVE-2025-40044, CVE-2025-40045, CVE-2025-40046, CVE-2025-40047, CVE-2025-40048, CVE-2025-40049, CVE-2025-40050, CVE-2025-40051, CVE-2025-40052, CVE-2025-40053, CVE-2025-40054, CVE-2025-40055, CVE-2025-40056, CVE-2025-40057, CVE-2025-40058, CVE-2025-40059, CVE-2025-40060, CVE-2025-40061, CVE-2025-40062, CVE-2025-40063, CVE-2025-40064, CVE-2025-40065, CVE-2025-40066, CVE-2025-40067, CVE-2025-40068, CVE-2025-40069, CVE-2025-40070, CVE-2025-40071, CVE-2025-40072, CVE-2025-40073, CVE-2025-40074, CVE-2025-40075, CVE-2025-40076, CVE-2025-40077, CVE-2025-40078, CVE-2025-40079, CVE-2025-40080, CVE-2025-40081, CVE-2025-40082, CVE-2025-40084, CVE-2025-40085, CVE-2025-40086, CVE-2025-40087, CVE-2025-40088, CVE-2025-40089, CVE-2025-40091, CVE-2025-40092, CVE-2025-40093, CVE-2025-40094, CVE-2025-40095, CVE-2025-40096, CVE-2025-40097, CVE-2025-40098, CVE-2025-40099, CVE-2025-40100, CVE-2025-40101, CVE-2025-40102, CVE-2025-40103, CVE-2025-40104, CVE-2025-40105, CVE-2025-40106, CVE-2025-40110, CVE-2025-40111, CVE-2025-40112, CVE-2025-40113, CVE-2025-40115, CVE-2025-40116, CVE-2025-40117, CVE-2025-40118, CVE-2025-40119, CVE-2025-40120, CVE-2025-40121, CVE-2025-40122, CVE-2025-40123, CVE-2025-40124, CVE-2025-40125, CVE-2025-40126, CVE-2025-40127, CVE-2025-40129, CVE-2025-40130, CVE-2025-40131, CVE-2025-40132, CVE-2025-40133, CVE-2025-40134, CVE-2025-40135, CVE-2025-40136, CVE-2025-40137, CVE-2025-40138, CVE-2025-40139, CVE-2025-40140, CVE-2025-40141, CVE-2025-40142, CVE-2025-40143, CVE-2025-40145, CVE-2025-40146, CVE-2025-40147, CVE-2025-40148, CVE-2025-40149, CVE-2025-40150, CVE-2025-40152, CVE-2025-40153, CVE-2025-40154, CVE-2025-40155, CVE-2025-40156, CVE-2025-40158, CVE-2025-40159, CVE-2025-40160, CVE-2025-40161, CVE-2025-40162, CVE-2025-40163, CVE-2025-40164, CVE-2025-40165, CVE-2025-40166, CVE-2025-40167, CVE-2025-40168, CVE-2025-40169, CVE-2025-40170, CVE-2025-40171, CVE-2025-40172, CVE-2025-40173, CVE-2025-40174, CVE-2025-40175, CVE-2025-40176, CVE-2025-40177, CVE-2025-40178, CVE-2025-40179, CVE-2025-40180, CVE-2025-40181, CVE-2025-40182, CVE-2025-40183, CVE-2025-40184, CVE-2025-40185, CVE-2025-40186, CVE-2025-40187, CVE-2025-40188, CVE-2025-40189, CVE-2025-40191, CVE-2025-40192, CVE-2025-40193, CVE-2025-40194, CVE-2025-40195, CVE-2025-40196, CVE-2025-40198, CVE-2025-40199, CVE-2025-40200, CVE-2025-40201, CVE-2025-40203, CVE-2025-40204, CVE-2025-40205, CVE-2025-40206, CVE-2025-40207, CVE-2025-40208, CVE-2025-40209, CVE-2025-40210, CVE-2025-40211, CVE-2025-40212, CVE-2025-40213, CVE-2025-40217, CVE-2025-40218, CVE-2025-40219, CVE-2025-40220, CVE-2025-40221, CVE-2025-40222, CVE-2025-40223, CVE-2025-40224, CVE-2025-40225, CVE-2025-40226, CVE-2025-40227, CVE-2025-40228, CVE-2025-40229, CVE-2025-40230, CVE-2025-40231, CVE-2025-40233, CVE-2025-40234, CVE-2025-40235, CVE-2025-40236, CVE-2025-40237, CVE-2025-40238, CVE-2025-40239, CVE-2025-40240, CVE-2025-40241, CVE-2025-40242, CVE-2025-40243, CVE-2025-40244, CVE-2025-40245, CVE-2025-40256, CVE-2025-40267, CVE-2025-40268, CVE-2025-40269, CVE-2025-40270, CVE-2025-40271, CVE-2025-40272, CVE-2025-40273, CVE-2025-40274, CVE-2025-40275, CVE-2025-40276, CVE-2025-40277, CVE-2025-40278, CVE-2025-40279, CVE-2025-40280, CVE-2025-40281, CVE-2025-40282, CVE-2025-40283, CVE-2025-40284, CVE-2025-40285, CVE-2025-40286, CVE-2025-40287, CVE-2025-40288, CVE-2025-40289, CVE-2025-40291, CVE-2025-40292, CVE-2025-40293, CVE-2025-40294, CVE-2025-40295, CVE-2025-40296, CVE-2025-40297, CVE-2025-40298, CVE-2025-40299, CVE-2025-40301, CVE-2025-40302, CVE-2025-40303, CVE-2025-40304, CVE-2025-40305, CVE-2025-40306, CVE-2025-40307, CVE-2025-40308, CVE-2025-40309, CVE-2025-40310, CVE-2025-40311, CVE-2025-40312, CVE-2025-40313, CVE-2025-40314, CVE-2025-40315, CVE-2025-40316, CVE-2025-40317, CVE-2025-40318, CVE-2025-40319, CVE-2025-40320, CVE-2025-40321, CVE-2025-40322, CVE-2025-40323, CVE-2025-40324, CVE-2025-40326, CVE-2025-40327, CVE-2025-40328, CVE-2025-40329, CVE-2025-40330, CVE-2025-40331, CVE-2025-40332, CVE-2025-40333, CVE-2025-40334, CVE-2025-40335, CVE-2025-40336, CVE-2025-40337, CVE-2025-40338, CVE-2025-40339, CVE-2025-40340, CVE-2025-40341, CVE-2025-40342, CVE-2025-40343, CVE-2025-40344, CVE-2025-40346, CVE-2025-40347, CVE-2025-40349, CVE-2025-40350, CVE-2025-40351, CVE-2025-40352, CVE-2025-40353, CVE-2025-40354, CVE-2025-40355, CVE-2025-40356, CVE-2025-40357, CVE-2025-40358, CVE-2025-40359, CVE-2025-40360, CVE-2025-40362, CVE-2025-40363, CVE-2025-68167, CVE-2025-68168, CVE-2025-68169, CVE-2025-68170, CVE-2025-68171, CVE-2025-68172, CVE-2025-68173, CVE-2025-68174, CVE-2025-68175, CVE-2025-68176, CVE-2025-68177, CVE-2025-68178, CVE-2025-68179, CVE-2025-68180, CVE-2025-68181, CVE-2025-68182, CVE-2025-68183, CVE-2025-68184, CVE-2025-68185, CVE-2025-68186, CVE-2025-68187, CVE-2025-68188, CVE-2025-68189, CVE-2025-68190, CVE-2025-68191, CVE-2025-68192, CVE-2025-68193, CVE-2025-68194, CVE-2025-68196, CVE-2025-68197, CVE-2025-68198, CVE-2025-68199, CVE-2025-68200, CVE-2025-68201, CVE-2025-68202, CVE-2025-68204, CVE-2025-68205, CVE-2025-68206, CVE-2025-68207, CVE-2025-68208, CVE-2025-68209, CVE-2025-68210, CVE-2025-68211, CVE-2025-68239, CVE-2025-68240, CVE-2025-68241, CVE-2025-68242, CVE-2025-68243, CVE-2025-68244, CVE-2025-68245, CVE-2025-68246, CVE-2025-68247, CVE-2025-68248, CVE-2025-68249, CVE-2025-68250, CVE-2025-68251, CVE-2025-68253, CVE-2025-68309, CVE-2025-68310, CVE-2025-68311, CVE-2025-68312, CVE-2025-68313, CVE-2025-68314, CVE-2025-68315, CVE-2025-68316, CVE-2025-68317, CVE-2025-68318, CVE-2025-68319, CVE-2025-68320, CVE-2025-68321, CVE-2025-68322, CVE-2025-68734)

It was discovered that FRR incorrectly handled certain malformed OSPF and update packets. A remote attacker could possibly use these issues to cause FRR to crash, resulting in a denial of service.

It was discovered that alsa-lib incorrectly handled the topology mixer control decoder. A local attacker could use a specially crafted topology file to cause alsa-lib to crash, resulting in a denial of service, or possibly execute arbitrary code.

Tim Scheckenbach discovered that GnuTLS incorrectly handled malicious certificates containing a large number of name constraints and subject alternative names. A remote attacker could possibly use this issue to cause GnuTLS to consume resources, resulting in a denial of service. (CVE-2025-14831) Luigino Camastra discovered that GnuTLS incorrectly handled certain PKCS11 token labels. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service. (CVE-2025-9820)

It was discovered that FreeRDP incorrectly handled memory under certain circumstances, which could lead to a NULL pointer dereference. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-23948) It was discovered that FreeRDP did not correctly validate the size of certain variables, which could cause a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected FreeRDP3 in Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2026-24491) It was discovered that FreeRDP did not correctly validate the size of certain variables, which could cause a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2026-24675, CVE-2026-24679, CVE-2026-24682) It was discovered that FreeRDP had a use after free vulnerability under certain circumstances. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2026-24676, CVE-2026-24681) It was discovered that FreeRDP did not correctly validate the size of certain variables, which could cause a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 25.10. (CVE-2026-24677) It was discovered that FreeRDP had a use after free vulnerability under certain circumstances. An attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 25.10. (CVE-2026-24678) It was discovered that FreeRDP had a use after free vulnerability under certain circumstances. An attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected FreeRDP3 in Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2026-24680) It was discovered that FreeRDP had a use after free vulnerability under certain circumstances. An attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2026-24683, CVE-2026-24684)

USN-8022-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for Ubuntu 24.04 LTS. Original advisory details: It was discovered that Expat incorrectly handled the initialization of parsers for external entities. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-24515) It was discovered that Expat incorrectly handled integer calculations when allocating memory for XML tags. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2026-25210)

USN 8025-1 fixed a vulnerability in .NET. This update provides the corresponding fix for Ubuntu 24.04 LTS. Original advisory details: Kevin Jones discovered that the System.Security.Cryptography.Cose component in .NET did not properly handle certain missing special elements in input data. An attacker could possibly use this issue to bypass security checks and gain unauthorized access or perform data manipulation.

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - Drivers core; - Bus devices; - Hardware random number generator core; - Data acquisition framework and drivers; - CPU frequency scaling framework; - DMA engine subsystem; - GPU drivers; - HW tracing; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - MOST (Media Oriented Systems Transport) drivers; - MTD block device drivers; - Network drivers; - NVME drivers; - PCI subsystem; - Performance monitor drivers; - Pin controllers subsystem; - x86 platform drivers; - PPS (Pulse Per Second) driver; - PWM drivers; - SCSI subsystem; - TCM subsystem; - Userspace I/O drivers; - USB Gadget drivers; - USB Host Controller drivers; - Framebuffer layer; - BTRFS file system; - File systems infrastructure; - Ext4 file system; - Network file system (NFS) server daemon; - NTFS3 file system; - SMB network file system; - padata parallel execution mechanism; - IP tunnels definitions; - Network sockets; - XFRM subsystem; - Control group (cgroup); - Padata parallel execution mechanism; - PID allocator; - Tracing infrastructure; - Memory management; - 9P file system network protocol; - Ethernet bridge; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - NFC subsystem; - RF switch subsystem; - SCTP protocol; - Unix domain sockets; - VMware vSockets driver; - Intel ASoC drivers; - USB sound devices; (CVE-2024-53114, CVE-2024-56538, CVE-2024-58011, CVE-2025-21861, CVE-2025-22058, CVE-2025-23143, CVE-2025-38236, CVE-2025-38248, CVE-2025-38584, CVE-2025-39869, CVE-2025-39873, CVE-2025-39876, CVE-2025-39880, CVE-2025-39883, CVE-2025-39885, CVE-2025-39907, CVE-2025-39911, CVE-2025-39913, CVE-2025-39923, CVE-2025-39934, CVE-2025-39937, CVE-2025-39943, CVE-2025-39945, CVE-2025-39949, CVE-2025-39951, CVE-2025-39953, CVE-2025-39955, CVE-2025-39967, CVE-2025-39968, CVE-2025-39969, CVE-2025-39970, CVE-2025-39971, CVE-2025-39972, CVE-2025-39973, CVE-2025-39980, CVE-2025-39985, CVE-2025-39986, CVE-2025-39987, CVE-2025-39988, CVE-2025-39994, CVE-2025-39995, CVE-2025-39996, CVE-2025-39998, CVE-2025-40001, CVE-2025-40006, CVE-2025-40011, CVE-2025-40020, CVE-2025-40021, CVE-2025-40026, CVE-2025-40027, CVE-2025-40029, CVE-2025-40030, CVE-2025-40035, CVE-2025-40042, CVE-2025-40043, CVE-2025-40044, CVE-2025-40048, CVE-2025-40049, CVE-2025-40053, CVE-2025-40055, CVE-2025-40060, CVE-2025-40068, CVE-2025-40070, CVE-2025-40078, CVE-2025-40081, CVE-2025-40085, CVE-2025-40087, CVE-2025-40088, CVE-2025-40092, CVE-2025-40094, CVE-2025-40105, CVE-2025-40106, CVE-2025-40109, CVE-2025-40111, CVE-2025-40112, CVE-2025-40115, CVE-2025-40116, CVE-2025-40118, CVE-2025-40120, CVE-2025-40121, CVE-2025-40124, CVE-2025-40125, CVE-2025-40126, CVE-2025-40127, CVE-2025-40134, CVE-2025-40140, CVE-2025-40153, CVE-2025-40154, CVE-2025-40167, CVE-2025-40171, CVE-2025-40173, CVE-2025-40178, CVE-2025-40179, CVE-2025-40183, CVE-2025-40187, CVE-2025-40188, CVE-2025-40194, CVE-2025-40200, CVE-2025-40204, CVE-2025-40205, CVE-2025-40215, CVE-2025-40219, CVE-2025-40220, CVE-2025-40223, CVE-2025-40231, CVE-2025-40233, CVE-2025-40240, CVE-2025-40243, CVE-2025-40244, CVE-2025-40245, CVE-2025-40346, CVE-2025-40349, CVE-2025-40351, CVE-2025-68249)

Charles Chan discovered that AIOHTTP incorrectly handled the decompression of compressed requests. A remote attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 25.10. (CVE-2025-69223) Thomas Rinsma discovered that AIOHTTP incorrectly handled non-ASCII characters in HTTP headers. A remote attacker could possibly use this issue to perform a request smuggling attack to bypass certain proxy protections. This issue was only addressed in Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2025-69224) Thomas Rinsma discovered that AIOHTTP incorrectly handled non-ASCII characters in the Range header. A remote attacker could possibly use this issue to perform a request smuggling attack. (CVE-2025-69225) Thomas Rinsma discovered that AIOHTTP incorrectly handled path normalization when serving static files. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2025-69226) Thomas Rinsma discovered that AIOHTTP incorrectly handled certain POST request bodies. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2025-69227) Thomas Rinsma discovered that AIOHTTP incorrectly handled large POST request payloads. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2025-69228) It was discovered that AIOHTTP incorrectly handled chunked messages. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2025-69229)

Yuhan Gao and Peng Zhou discovered that Dottie was vulnerable to prototype pollution when altering the __proto__ magical attribute. An attacker could possibly use this issue to achieve remote code execution.

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Padata parallel execution mechanism; - Netfilter; (CVE-2022-49698, CVE-2025-21726, CVE-2025-40019)