Ubuntu Security Advisories

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Compute Acceleration Framework; - ACPI drivers; - Drivers core; - Ublk userspace block driver; - Virtio block driver; - DMA engine subsystem; - GPU drivers; - Microsoft Hyper-V drivers; - Hardware monitoring drivers; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - Multiple devices driver; - Media drivers; - Microchip PCI driver; - Network drivers; - Mellanox network drivers; - STMicroelectronics network drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - Power supply drivers; - SCSI subsystem; - USB Gadget drivers; - TDX Guest driver; - AFS file system; - BTRFS file system; - Ceph distributed file system; - EROFS file system; - File systems infrastructure; - Network file systems library; - NILFS2 file system; - Overlay file system; - SMB network file system; - VLANs driver; - Memory management; - LAPB network protocol; - io_uring subsystem; - BPF subsystem; - Control group (cgroup); - Tracing infrastructure; - Workqueue subsystem; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - NET/ROM layer; - Packet sockets; - RDS protocol; - Network traffic control; - SCTP protocol; - SMC sockets; - Wireless networking; - SELinux security module; - ALSA framework; - SOF drivers; (CVE-2024-57913, CVE-2024-47408, CVE-2024-57884, CVE-2024-57801, CVE-2025-21664, CVE-2024-57912, CVE-2025-21634, CVE-2024-53125, CVE-2024-57900, CVE-2024-57911, CVE-2024-56716, CVE-2024-56715, CVE-2024-57892, CVE-2025-21640, CVE-2025-21646, CVE-2024-57889, CVE-2024-56758, CVE-2024-56767, CVE-2024-57926, CVE-2024-56670, CVE-2024-57940, CVE-2024-56717, CVE-2024-56759, CVE-2024-57887, CVE-2025-21654, CVE-2024-57938, CVE-2024-57841, CVE-2024-39282, CVE-2024-56761, CVE-2025-21649, CVE-2024-56652, CVE-2024-56665, CVE-2024-57896, CVE-2024-56667, CVE-2024-57902, CVE-2024-54455, CVE-2025-21656, CVE-2024-56709, CVE-2025-21635, CVE-2024-57792, CVE-2025-21642, CVE-2025-21660, CVE-2024-53690, CVE-2024-57904, CVE-2024-53685, CVE-2025-21938, CVE-2024-55881, CVE-2024-57793, CVE-2024-56659, CVE-2025-21632, CVE-2024-56656, CVE-2025-21636, CVE-2024-47736, CVE-2024-57899, CVE-2024-57916, CVE-2024-56664, CVE-2025-21971, CVE-2025-21659, CVE-2024-57910, CVE-2024-57802, CVE-2024-57806, CVE-2025-21655, CVE-2024-54193, CVE-2024-57885, CVE-2025-21658, CVE-2024-57945, CVE-2025-21650, CVE-2024-58237, CVE-2024-57804, CVE-2024-57888, CVE-2025-21637, CVE-2024-57882, CVE-2024-57883, CVE-2024-56675, CVE-2025-21663, CVE-2024-49568, CVE-2024-58087, CVE-2024-56764, CVE-2024-57903, CVE-2024-57917, CVE-2024-57893, CVE-2025-21648, CVE-2025-21631, CVE-2024-57890, CVE-2024-56718, CVE-2025-21638, CVE-2024-56372, CVE-2024-49571, CVE-2025-21662, CVE-2024-56770, CVE-2024-57807, CVE-2024-57925, CVE-2024-57898, CVE-2025-21653, CVE-2024-57895, CVE-2024-56657, CVE-2024-54683, CVE-2024-56769, CVE-2024-38608, CVE-2024-57931, CVE-2025-21652, CVE-2024-57908, CVE-2024-56760, CVE-2024-57929, CVE-2024-36476, CVE-2024-55639, CVE-2025-21645, CVE-2024-57907, CVE-2024-54460, CVE-2025-21643, CVE-2024-56660, CVE-2024-53687, CVE-2025-21639, CVE-2024-57932, CVE-2024-56654, CVE-2024-57805, CVE-2024-56662, CVE-2025-21647, CVE-2024-56710, CVE-2024-57901, CVE-2024-56369, CVE-2024-57897, CVE-2024-57939, CVE-2024-57791, CVE-2024-57879, CVE-2024-57946, CVE-2024-55916, CVE-2024-41013, CVE-2025-21651, CVE-2024-53179, CVE-2024-57933, CVE-2024-56763, CVE-2024-57906)

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix use-after-free due to delegation race A delegation break could arrive as soon as we've called vfs_setlease. A delegation break runs a callback which immediately (in nfsd4_cb_recall_prepare) adds the delegation to del_recall_lru. If we then exit nfs4_set_delegation without hashing the delegation, it will be freed as soon as the callback is done with it, without ever being removed from del_recall_lru. Symptoms show up later as use-after-free or list corruption warnings, usually in the laundromat thread. I suspect aba2072f4523 'nfsd: grant read delegations to clients holding writes' made this bug easier to hit, but I looked as far back as v3.0 and it looks to me it already had the same problem. So I'm not sure where the bug was introduced; it may have been there from the beginning.)(CVE-2021-47506) Jann Horn discovered that the watch_queue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or escalate their privileges.)(CVE-2022-0995) In the Linux kernel, the following vulnerability has been resolved: net: atlantic: eliminate double free in error handling logic Driver has a logic leak in ring data allocation/free, where aq_ring_free could be called multiple times on same ring, if system is under stress and got memory allocation error. Ring pointer was used as an indicator of failure, but this is not correct since only ring data is allocated/deallocated. Ring itself is an array member. Changing ring allocation functions to return error code directly. This simplifies error handling and eliminates aq_ring_free on higher layer.)(CVE-2023-52664) In the Linux kernel, the following vulnerability has been resolved: ceph: prevent use-after-free in encode_cap_msg() In fs/ceph/caps.c, in encode_cap_msg(), 'use after free' error was caught by KASAN at this line - 'ceph_buffer_get(arg->xattr_buf);'. This implies before the refcount could be increment here, it was freed. In same file, in 'handle_cap_grant()' refcount is decremented by this line - 'ceph_buffer_put(ci->i_xattrs.blob);'. It appears that a race occurred and resource was freed by the latter line before the former line could increment it. encode_cap_msg() is called by __send_cap() and __send_cap() is called by ceph_check_caps() after calling __prep_cap(). __prep_cap() is where arg->xattr_buf is assigned to ci->i_xattrs.blob. This is the spot where the refcount must be increased to prevent 'use after free' error.)(CVE-2024-26689) In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.)(CVE-2024-35864) In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero- initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report.)(CVE-2024-50302) In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the risk of out of memory access The dvbdev contains a static variable used to store dvb minors. The behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set or not. When not set, dvb_register_device() won't check for boundaries, as it will rely that a previous call to dvb_register_adapter() would already be enforcing it. On a similar way, dvb_device_open() uses the assumption that the register functions already did the needed checks. This can be fragile if some device ends using different calls. This also generate warnings on static check analysers like Coverity. So, add explicit guards to prevent potential risk of OOM issues.)(CVE-2024-53063) In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That is, when a device provides a bogus descriptor with a shorter bLength, the driver might hit out-of-bounds reads. For addressing it, this patch adds sanity checks to the validator functions for the clock descriptor traversal. When the descriptor length is shorter than expected, it's skipped in the loop. For the clock source and clock multiplier descriptors, we can just check bLength against the sizeof() of each descriptor type. OTOH, the clock selector descriptor of UAC2 and UAC3 has an array of bNrInPins elements and two more fields at its tail, hence those have to be checked in addition to the sizeof() check.)(CVE-2024-53150) In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 (CVE-2024-53168) In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating dev->config. This can lead to out-of-bounds accesses later, e.g. in usb_destroy_configuration.)(CVE-2024-53197) In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix usage slab after free [ +0.000021] BUG: KASAN: slab-use-after-free in drm_sched_entity_flush+0x6cb/0x7a0 (CVE-2024-56551) In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() This patch fixes a NULL pointer dereference bug in brcmfmac that occurs when a high 'sd_sgentry_align' value applies (e.g. 512) and a lot of queued SKBs are sent from the pkt queue. The problem is the number of entries in the pre-allocated sgtable, it is nents = max(rxglom_size, txglom_size) + max(rxglom_size, txglom_size) >> 4 + 1. Given the default [rt]xglom_size=32 it's actually 35 which is too small. Worst case, the pkt queue can end up with 64 SKBs. This occurs when a new SKB is added for each original SKB if tailroom isn't enough to hold tail_pad. At least one sg entry is needed for each SKB. So, eventually the 'skb_queue_walk loop' in brcmf_sdiod_sglist_rw may run out of sg entries. This makes sg_next return NULL and this causes the oops. The patch sets nents to max(rxglom_size, txglom_size) * 2 to be able handle the worst- case. Btw. this requires only 64-35=29 * 16 (or 20 if CONFIG_NEED_SG_DMA_LENGTH) = 464 additional bytes of memory.)(CVE-2024-56593) In the Linux kernel, the following vulnerability has been resolved: jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree When the value of lp is 0 at the beginning of the for loop, it will become negative in the next assignment and we should bail out.)(CVE-2024-56595) In the Linux kernel, the following vulnerability has been resolved: jfs: array-index-out-of-bounds fix in dtReadFirst The value of stbl can be sometimes out of bounds due to a bad filesystem. Added a check with appopriate return of error code in that case.)(CVE-2024-56598) In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: avoid UAF in btmtk_process_coredump hci_devcd_append may lead to the release of the skb, so it cannot be accessed once it is called. (CVE-2024-56653) In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one thread in drm_dp_mst_handle_up_req(), the MST topology could be removed from another thread via drm_dp_mst_topology_mgr_set_mst(false), freeing mst_primary and setting drm_dp_mst_topology_mgr::mst_primary to NULL. This could lead to a NULL deref/use-after-free of mst_primary in drm_dp_mst_handle_up_req(). Avoid the above by holding a reference for mst_primary in drm_dp_mst_handle_up_req() while it's used. v2: Fix kfreeing the request if getting an mst_primary reference fails.)(CVE-2024-57798)

USN-7537-1 fixed a vulnerability in net-tools that caused a regression. This update fixes the problem. Original advisory details: It was discovered that net-tools incorrectly handled certain inputs. An attacker could possible use this issue to cause a crash or execute arbitrary code.

It was discovered that setuptools did not properly sanitize paths. An attacker could possibly use this issue to write files to arbitrary locations on the filesystem.

It was discovered that Kerberos allowed the usage of weak cryptographic standards. An attacker could possibly use this issue to expose sensitive information. This update introduces the allow_rc4 and allow_des3 configuration options, and disables the usage of RC4 and 3DES ciphers by default. Users are advised to discontinue their usage and upgrade to stronger encryption protocols. If the use of the insecure RC4 and 3DES algorithms is necessary, they can be enabled with the aforementioned configuration options.

Jan Różański discovered that libsoup incorrectly handled certain headers when sending HTTP/2 requests over TLS. An attacker could possibly use this issue to cause a denial of service. This issue only affected libsoup3 in Ubuntu 24.04 LTS, Ubuntu 24.10, and Ubuntu 25.04. (CVE-2025-32908) Jan Różański discovered that libsoup incorrectly parsed certain response headers. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-4476)

It was discovered that the GNU C Library incorrectly search LD_LIBRARY_PATH to determine which library to load when statically linked setuid binary calls dlopen. A local attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-23848) Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - S390 architecture; - SuperH RISC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Virtio block driver; - Character device driver; - TPM device driver; - Data acquisition framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - ARM SCPI message protocol; - GPIO subsystem; - GPU drivers; - HID subsystem; - Microsoft Hyper-V drivers; - I2C subsystem; - I3C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - LED subsystem; - Mailbox framework; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - NTB driver; - Virtio pmem driver; - NVME drivers; - Parport drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - SLIMbus drivers; - QCOM SoC drivers; - SPI subsystem; - Direct Digital Synthesis drivers; - Trusted Execution Environment drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - USB Dual Role (OTG-ready) Controller drivers; - Renesas USBHS Controller drivers; - USB Serial drivers; - USB Type-C support driver; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - UBI file system; - Timer subsystem; - VLANs driver; - KVM subsystem; - L3 Master device support module; - LAPB network protocol; - Network namespace; - Netfilter; - Network traffic control; - Network sockets; - TCP network protocol; - Kernel init infrastructure; - Process Accounting mechanism; - BPF subsystem; - Kernel CPU control infrastructure; - Perf events; - printk logging mechanism; - Arbitrary resource management; - Scheduler infrastructure; - Tracing infrastructure; - Closures library; - Memory management; - 802.1Q VLAN protocol; - 9P file system network protocol; - Amateur Radio drivers; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Ethernet bridge; - CAN network layer; - Networking core; - DCCP (Datagram Congestion Control Protocol); - IEEE802154.4 network protocol; - IPv4 networking; - IPv6 networking; - Logical Link layer; - MAC80211 subsystem; - IEEE 802.15.4 subsystem; - Netlink; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Packet sockets; - Rose network layer; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - Wireless networking; - eXpress Data Path; - XFRM subsystem; - Key management; - SELinux security module; - Tomoyo security module; - FireWire sound drivers; - AudioScience HPI driver; - Amlogic Meson SoC drivers; - USB sound devices; (CVE-2024-41066, CVE-2025-21935, CVE-2024-47684, CVE-2024-57986, CVE-2024-35896, CVE-2024-50202, CVE-2024-50184, CVE-2024-44938, CVE-2025-21722, CVE-2024-50008, CVE-2023-52927, CVE-2024-57951, CVE-2024-53112, CVE-2024-56723, CVE-2024-50195, CVE-2024-56748, CVE-2024-53131, CVE-2024-50302, CVE-2025-21697, CVE-2024-53146, CVE-2025-21814, CVE-2024-49962, CVE-2024-56594, CVE-2024-47671, CVE-2024-57904, CVE-2024-50127, CVE-2025-21694, CVE-2024-57900, CVE-2024-58071, CVE-2024-50273, CVE-2024-56593, CVE-2024-50044, CVE-2024-49879, CVE-2023-52664, CVE-2024-49949, CVE-2024-50151, CVE-2024-58063, CVE-2024-49944, CVE-2025-21871, CVE-2024-57980, CVE-2025-21948, CVE-2024-49882, CVE-2025-21678, CVE-2024-47679, CVE-2024-46853, CVE-2024-58002, CVE-2024-58020, CVE-2024-52332, CVE-2024-47747, CVE-2024-49973, CVE-2024-50096, CVE-2024-49894, CVE-2024-50055, CVE-2024-57973, CVE-2024-47696, CVE-2024-56615, CVE-2024-57979, CVE-2024-56643, CVE-2024-49892, CVE-2024-56598, CVE-2024-56569, CVE-2024-53181, CVE-2024-53063, CVE-2024-57892, CVE-2024-56631, CVE-2025-21763, CVE-2024-58052, CVE-2025-21910, CVE-2024-56531, CVE-2024-56780, CVE-2024-50179, CVE-2024-56746, CVE-2024-50134, CVE-2024-56629, CVE-2024-49878, CVE-2024-50287, CVE-2024-50074, CVE-2024-56558, CVE-2024-50265, CVE-2024-50205, CVE-2025-21846, CVE-2024-49985, CVE-2025-21640, CVE-2024-50279, CVE-2024-26915, CVE-2024-47701, CVE-2025-21806, CVE-2024-57977, CVE-2025-21700, CVE-2024-56567, CVE-2024-49996, CVE-2024-49925, CVE-2025-21647, CVE-2025-21926, CVE-2024-58090, CVE-2024-57902, CVE-2025-21791, CVE-2025-21862, CVE-2024-49997, CVE-2024-47707, CVE-2024-56572, CVE-2024-47692, CVE-2024-58055, CVE-2024-53061, CVE-2024-56539, CVE-2024-47710, CVE-2025-21687, CVE-2024-56691, CVE-2024-56606, CVE-2024-49963, CVE-2024-58007, CVE-2024-57807, CVE-2025-21761, CVE-2024-53059, CVE-2024-53121, CVE-2024-56633, CVE-2024-49981, CVE-2024-49903, CVE-2024-50035, CVE-2024-56659, CVE-2024-40911, CVE-2024-57889, CVE-2024-58083, CVE-2024-57913, CVE-2024-26982, CVE-2024-53198, CVE-2024-53227, CVE-2024-47698, CVE-2024-57931, CVE-2024-53104, CVE-2024-50282, CVE-2024-56619, CVE-2024-56597, CVE-2024-49900, CVE-2024-57890, CVE-2024-56562, CVE-2024-50082, CVE-2024-53101, CVE-2024-53173, CVE-2024-58051, CVE-2024-50040, CVE-2024-56581, CVE-2024-56694, CVE-2024-50167, CVE-2024-49938, CVE-2024-50290, CVE-2024-53142, CVE-2024-50116, CVE-2025-21760, CVE-2024-55916, CVE-2024-50199, CVE-2025-21753, CVE-2024-53197, CVE-2024-47672, CVE-2024-50237, CVE-2024-57910, CVE-2024-56601, CVE-2024-49860, CVE-2025-21866, CVE-2024-50251, CVE-2024-50230, CVE-2024-49959, CVE-2024-50006, CVE-2025-21904, CVE-2025-21922, CVE-2024-50236, CVE-2024-49924, CVE-2025-21772, CVE-2025-21728, CVE-2024-56651, CVE-2024-49884, CVE-2024-56779, CVE-2025-21914, CVE-2025-21971, CVE-2024-58014, CVE-2024-53127, CVE-2024-56769, CVE-2024-53165, CVE-2024-50131, CVE-2024-49868, CVE-2025-21744, CVE-2025-21653, CVE-2024-53157, CVE-2025-21934, CVE-2025-21689, CVE-2024-56595, CVE-2024-50256, CVE-2024-50143, CVE-2024-50171, CVE-2024-50117, CVE-2024-47742, CVE-2024-56781, CVE-2024-53124, CVE-2024-57908, CVE-2024-56747, CVE-2024-57929, CVE-2024-43900, CVE-2025-21704, CVE-2025-21858, CVE-2024-53130, CVE-2024-44931, CVE-2025-21925, CVE-2024-53239, CVE-2024-53150, CVE-2024-53172, CVE-2024-56614, CVE-2025-21787, CVE-2025-21877, CVE-2024-56681, CVE-2024-53174, CVE-2024-56570, CVE-2024-49896, CVE-2024-56576, CVE-2025-21859, CVE-2024-57946, CVE-2024-50024, CVE-2025-21920, CVE-2024-50296, CVE-2024-56599, CVE-2024-56602, CVE-2025-21762, CVE-2024-53680, CVE-2024-56670, CVE-2024-53171, CVE-2025-21718, CVE-2024-58069, CVE-2025-21735, CVE-2024-57884, CVE-2024-50007, CVE-2024-40965, CVE-2024-53214, CVE-2024-47674, CVE-2024-43098, CVE-2024-58001, CVE-2024-56739, CVE-2023-52741, CVE-2024-53237, CVE-2024-49952, CVE-2025-21835, CVE-2025-21848, CVE-2025-21916, CVE-2024-26996, CVE-2024-50194, CVE-2025-21721, CVE-2024-46731, CVE-2024-53148, CVE-2024-50262, CVE-2024-47749, CVE-2024-49974, CVE-2024-49975, CVE-2025-21781, CVE-2024-56658, CVE-2022-49034, CVE-2024-56688, CVE-2024-47699, CVE-2025-21664, CVE-2024-57849, CVE-2024-57912, CVE-2024-56724, CVE-2024-56630, CVE-2024-50180, CVE-2024-47723, CVE-2024-47737, CVE-2025-21639, CVE-2024-56645, CVE-2024-46849, CVE-2024-49948, CVE-2024-43863, CVE-2024-56532, CVE-2024-50148, CVE-2024-38544, CVE-2024-53183, CVE-2024-57922, CVE-2024-50051, CVE-2024-50278, CVE-2024-56700, CVE-2024-35887, CVE-2024-56756, CVE-2025-21764, CVE-2024-46826, CVE-2024-56603, CVE-2025-21731, CVE-2024-56644, CVE-2024-49877, CVE-2024-26689, CVE-2024-56587, CVE-2024-50269, CVE-2025-21917, CVE-2024-56548, CVE-2021-47119, CVE-2024-56637, CVE-2024-50299, CVE-2024-56690, CVE-2024-47740, CVE-2024-50233, CVE-2025-21811, CVE-2024-50229, CVE-2024-49902, CVE-2025-21708, CVE-2024-57802, CVE-2025-21702, CVE-2024-53194, CVE-2024-58058, CVE-2024-49867, CVE-2024-47756, CVE-2021-47191, CVE-2024-57906, CVE-2024-47709, CVE-2024-56596, CVE-2024-56634, CVE-2024-57850, CVE-2025-21909, CVE-2024-53066, CVE-2025-21638, CVE-2024-57938, CVE-2025-21776, CVE-2024-50059, CVE-2024-56704, CVE-2025-21928, CVE-2024-49966, CVE-2024-49883, CVE-2024-49936, CVE-2024-49965, CVE-2025-21905, CVE-2024-35864, CVE-2024-47706, CVE-2024-40953, CVE-2024-53161, CVE-2024-49957, CVE-2024-26928, CVE-2024-57948, CVE-2024-49955, CVE-2024-47685, CVE-2024-50301, CVE-2024-48881, CVE-2024-56642, CVE-2024-50218, CVE-2024-49982, CVE-2024-50267, CVE-2024-53158, CVE-2025-21736, CVE-2024-50039, CVE-2024-53217, CVE-2025-21782, CVE-2024-50150, CVE-2024-50099, CVE-2025-21898, CVE-2024-58072, CVE-2024-53155, CVE-2024-53138, CVE-2024-47670, CVE-2021-47219, CVE-2024-41016, CVE-2024-35958, CVE-2024-49958, CVE-2025-21699, CVE-2024-50142, CVE-2024-47712, CVE-2024-57911, CVE-2024-58017, CVE-2024-56605, CVE-2024-58085, CVE-2025-21715, CVE-2024-53140, CVE-2024-56574, CVE-2024-56600, CVE-2024-42252, CVE-2024-50033, CVE-2024-46854, CVE-2024-47697, CVE-2024-47757, CVE-2025-21785, CVE-2024-47713, CVE-2024-50045, CVE-2024-56767, CVE-2025-21749, CVE-2024-53690, CVE-2024-53145, CVE-2024-53135, CVE-2023-52458, CVE-2024-57901, CVE-2024-56650, CVE-2025-21719, CVE-2025-21823, CVE-2024-38588, CVE-2024-53156, CVE-2024-49851, CVE-2024-57981, CVE-2025-21765, CVE-2024-56586, CVE-2024-53184, CVE-2024-56770, CVE-2024-50234, CVE-2024-56720, CVE-2024-58010)

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-23848) Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - S390 architecture; - SuperH RISC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Virtio block driver; - Character device driver; - TPM device driver; - Data acquisition framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - ARM SCPI message protocol; - GPIO subsystem; - GPU drivers; - HID subsystem; - Microsoft Hyper-V drivers; - I2C subsystem; - I3C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - LED subsystem; - Mailbox framework; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - NTB driver; - Virtio pmem driver; - NVME drivers; - Parport drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - SLIMbus drivers; - QCOM SoC drivers; - SPI subsystem; - Direct Digital Synthesis drivers; - Trusted Execution Environment drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - USB Dual Role (OTG-ready) Controller drivers; - Renesas USBHS Controller drivers; - USB Serial drivers; - USB Type-C support driver; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - UBI file system; - Timer subsystem; - VLANs driver; - KVM subsystem; - L3 Master device support module; - LAPB network protocol; - Network namespace; - Netfilter; - Network traffic control; - Network sockets; - TCP network protocol; - Kernel init infrastructure; - Process Accounting mechanism; - BPF subsystem; - Kernel CPU control infrastructure; - Perf events; - printk logging mechanism; - Arbitrary resource management; - Scheduler infrastructure; - Tracing infrastructure; - Closures library; - Memory management; - 802.1Q VLAN protocol; - 9P file system network protocol; - Amateur Radio drivers; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Ethernet bridge; - CAN network layer; - Networking core; - DCCP (Datagram Congestion Control Protocol); - IEEE802154.4 network protocol; - IPv4 networking; - IPv6 networking; - Logical Link layer; - MAC80211 subsystem; - IEEE 802.15.4 subsystem; - Netlink; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Packet sockets; - Rose network layer; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - Wireless networking; - eXpress Data Path; - XFRM subsystem; - Key management; - SELinux security module; - Tomoyo security module; - FireWire sound drivers; - AudioScience HPI driver; - Amlogic Meson SoC drivers; - USB sound devices; (CVE-2025-21814, CVE-2024-57938, CVE-2024-56605, CVE-2024-47747, CVE-2024-50251, CVE-2021-47191, CVE-2024-49973, CVE-2024-53171, CVE-2024-50167, CVE-2024-53066, CVE-2024-57980, CVE-2024-56558, CVE-2024-57906, CVE-2025-21846, CVE-2024-56576, CVE-2024-56593, CVE-2024-57850, CVE-2024-56594, CVE-2024-50256, CVE-2024-49948, CVE-2024-38544, CVE-2024-58071, CVE-2024-58017, CVE-2024-50282, CVE-2024-47737, CVE-2024-47740, CVE-2024-56548, CVE-2025-21925, CVE-2025-21689, CVE-2024-46826, CVE-2024-26982, CVE-2024-53121, CVE-2024-50171, CVE-2024-50278, CVE-2024-50290, CVE-2024-56597, CVE-2025-21708, CVE-2024-49867, CVE-2024-57849, CVE-2024-56769, CVE-2024-58010, CVE-2025-21848, CVE-2024-50218, CVE-2024-53063, CVE-2025-21697, CVE-2023-52664, CVE-2024-50302, CVE-2024-58014, CVE-2024-53112, CVE-2024-50099, CVE-2024-49884, CVE-2024-53138, CVE-2024-53183, CVE-2024-56658, CVE-2024-57884, CVE-2024-50229, CVE-2024-53174, CVE-2024-47756, CVE-2024-49851, CVE-2024-47699, CVE-2024-58072, CVE-2024-49878, CVE-2024-50148, CVE-2024-57904, CVE-2024-50045, CVE-2024-53157, CVE-2024-53146, CVE-2024-50287, CVE-2024-49883, CVE-2024-56724, CVE-2024-58090, CVE-2025-21722, CVE-2024-53061, CVE-2025-21664, CVE-2024-50265, CVE-2024-50168, CVE-2024-49894, CVE-2024-50035, CVE-2024-57913, CVE-2024-57929, CVE-2024-48881, CVE-2024-58058, CVE-2024-56633, CVE-2024-56756, CVE-2024-49925, CVE-2024-50233, CVE-2025-21639, CVE-2024-49944, CVE-2024-53194, CVE-2025-21904, CVE-2024-56581, CVE-2025-21877, CVE-2025-21811, CVE-2024-53156, CVE-2024-57912, CVE-2025-21653, CVE-2024-50024, CVE-2024-57931, CVE-2024-26928, CVE-2024-49949, CVE-2024-56688, CVE-2024-47757, CVE-2024-56601, CVE-2024-56562, CVE-2025-21749, CVE-2024-47709, CVE-2025-21934, CVE-2024-47674, CVE-2024-49879, CVE-2024-49924, CVE-2024-46731, CVE-2024-53214, CVE-2024-56659, CVE-2024-50236, CVE-2025-21694, CVE-2024-47707, CVE-2024-53680, CVE-2024-41066, CVE-2024-56651, CVE-2025-21718, CVE-2024-50279, CVE-2024-50040, CVE-2024-56598, CVE-2023-52927, CVE-2025-21862, CVE-2024-49981, CVE-2024-50273, CVE-2024-50180, CVE-2025-21753, CVE-2024-49957, CVE-2024-56615, CVE-2024-46854, CVE-2025-21721, CVE-2024-49962, CVE-2024-49974, CVE-2024-53217, CVE-2024-35887, CVE-2024-53172, CVE-2024-58069, CVE-2024-53124, CVE-2024-50131, CVE-2024-53158, CVE-2024-57901, CVE-2024-46849, CVE-2025-21917, CVE-2024-57892, CVE-2024-53131, CVE-2024-56587, CVE-2024-50151, CVE-2024-49860, CVE-2024-53184, CVE-2025-21687, CVE-2024-56690, CVE-2025-21926, CVE-2024-47723, CVE-2024-50195, CVE-2025-21760, CVE-2024-50142, CVE-2025-21910, CVE-2024-49997, CVE-2024-58083, CVE-2024-52332, CVE-2025-21806, CVE-2025-21640, CVE-2025-21922, CVE-2024-58051, CVE-2024-56606, CVE-2024-47698, CVE-2024-50044, CVE-2024-56574, CVE-2025-21785, CVE-2024-56532, CVE-2024-53165, CVE-2024-56779, CVE-2024-50269, CVE-2024-47684, CVE-2024-50006, CVE-2024-47749, CVE-2024-56595, CVE-2025-21736, CVE-2024-53198, CVE-2024-49952, CVE-2024-53104, CVE-2025-21772, CVE-2025-21914, CVE-2024-53127, CVE-2024-50301, CVE-2024-53239, CVE-2024-47670, CVE-2021-47119, CVE-2025-21702, CVE-2024-50296, CVE-2024-50033, CVE-2024-49975, CVE-2024-57900, CVE-2024-56596, CVE-2024-56569, CVE-2024-47692, CVE-2024-56567, CVE-2024-56746, CVE-2024-47672, CVE-2025-21866, CVE-2024-58001, CVE-2024-50202, CVE-2024-49955, CVE-2024-38588, CVE-2024-47706, CVE-2025-21700, CVE-2025-21763, CVE-2024-47696, CVE-2024-53150, CVE-2024-53237, CVE-2024-40953, CVE-2024-53197, CVE-2024-49892, CVE-2024-40965, CVE-2024-49903, CVE-2024-42252, CVE-2024-56642, CVE-2024-56739, CVE-2024-43098, CVE-2024-57973, CVE-2023-52741, CVE-2024-50096, CVE-2025-21835, CVE-2024-49882, CVE-2025-21765, CVE-2024-57889, CVE-2022-49034, CVE-2024-57946, CVE-2025-21735, CVE-2024-56720, CVE-2024-57890, CVE-2024-50267, CVE-2025-21920, CVE-2024-56634, CVE-2024-56599, CVE-2024-47701, CVE-2024-56780, CVE-2024-49900, CVE-2024-26689, CVE-2025-21638, CVE-2024-50150, CVE-2024-47679, CVE-2025-21776, CVE-2024-49996, CVE-2024-49896, CVE-2024-53140, CVE-2024-50127, CVE-2024-53148, CVE-2024-49963, CVE-2024-56645, CVE-2025-21859, CVE-2024-53135, CVE-2024-56614, CVE-2024-49985, CVE-2024-57948, CVE-2024-50230, CVE-2024-57986, CVE-2024-56767, CVE-2024-50199, CVE-2024-53181, CVE-2024-49936, CVE-2024-58052, CVE-2024-57910, CVE-2024-47671, CVE-2024-50134, CVE-2024-55916, CVE-2024-50184, CVE-2024-56691, CVE-2024-26915, CVE-2024-58085, CVE-2025-21909, CVE-2024-44938, CVE-2024-41016, CVE-2025-21761, CVE-2024-35958, CVE-2024-49982, CVE-2024-57911, CVE-2025-21858, CVE-2024-57981, CVE-2024-53059, CVE-2024-26996, CVE-2025-21916, CVE-2025-21871, CVE-2021-47219, CVE-2024-50059, CVE-2024-58020, CVE-2025-21744, CVE-2024-47710, CVE-2025-21699, CVE-2024-49958, CVE-2024-53155, CVE-2024-53161, CVE-2024-56572, CVE-2024-49938, CVE-2024-53142, CVE-2024-53145, CVE-2024-50205, CVE-2024-47712, CVE-2024-56704, CVE-2024-56619, CVE-2024-56603, CVE-2024-56650, CVE-2024-50007, CVE-2024-56586, CVE-2025-21898, CVE-2024-49877, CVE-2024-56723, CVE-2024-50237, CVE-2025-21781, CVE-2025-21762, CVE-2024-53130, CVE-2024-57802, CVE-2024-56602, CVE-2024-53101, CVE-2024-57977, CVE-2025-21948, CVE-2024-47685, CVE-2024-35896, CVE-2024-58002, CVE-2024-49902, CVE-2024-50116, CVE-2024-56531, CVE-2024-56600, CVE-2025-21787, CVE-2024-56630, CVE-2024-50055, CVE-2024-47713, CVE-2024-56570, CVE-2024-46853, CVE-2024-57807, CVE-2023-52458, CVE-2024-44931, CVE-2025-21728, CVE-2024-43900, CVE-2024-57951, CVE-2025-21782, CVE-2024-43863, CVE-2024-56781, CVE-2025-21971, CVE-2024-56539, CVE-2024-57979, CVE-2024-50179, CVE-2024-56643, CVE-2025-21647, CVE-2024-50262, CVE-2024-56629, CVE-2024-50234, CVE-2024-57922, CVE-2024-58063, CVE-2024-53690, CVE-2024-50082, CVE-2024-57908, CVE-2024-53227, CVE-2024-58009, CVE-2024-56644, CVE-2024-56681, CVE-2024-58007, CVE-2024-56637, CVE-2024-50074, CVE-2025-21731, CVE-2024-49965, CVE-2025-21823, CVE-2024-56747, CVE-2025-21935, CVE-2025-21905, CVE-2024-47742, CVE-2024-56670, CVE-2024-50143, CVE-2025-21715, CVE-2024-35864, CVE-2024-50039, CVE-2024-56694, CVE-2025-21678, CVE-2024-58055, CVE-2024-50117, CVE-2024-49868, CVE-2024-56748, CVE-2025-21764, CVE-2024-49959, CVE-2025-21704, CVE-2024-57902, CVE-2025-21928, CVE-2024-50299, CVE-2025-21719, CVE-2025-21865, CVE-2024-50051, CVE-2024-47697, CVE-2024-56631, CVE-2024-56770, CVE-2024-49966, CVE-2024-40911, CVE-2024-50194, CVE-2024-50008, CVE-2024-53173, CVE-2025-21791, CVE-2024-56700)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device driver; - Bus devices; - Character device driver; - TPM device driver; - Clock framework and drivers; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Media drivers; - NVIDIA Tegra memory controller driver; - Network drivers; - PCI subsystem; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - TTY drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - ACRN Hypervisor Service Module driver; - File systems infrastructure; - BTRFS file system; - F2FS file system; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - SMB network file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Process Accounting mechanism; - Padata parallel execution mechanism; - printk logging mechanism; - Scheduler infrastructure; - Timer subsystem; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - Multipath TCP; - Netfilter; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Landlock security; - Linux Security Modules (LSM) Framework; - Tomoyo security module; (CVE-2025-21767, CVE-2025-21875, CVE-2025-21719, CVE-2025-21760, CVE-2025-21704, CVE-2025-21749, CVE-2024-56721, CVE-2025-21731, CVE-2025-21910, CVE-2024-58063, CVE-2025-21835, CVE-2025-21726, CVE-2024-58086, CVE-2025-21934, CVE-2024-58014, CVE-2025-21904, CVE-2024-56599, CVE-2025-21727, CVE-2025-21877, CVE-2025-21799, CVE-2024-58071, CVE-2025-21776, CVE-2025-21905, CVE-2025-21926, CVE-2025-21922, CVE-2025-21858, CVE-2024-47726, CVE-2025-21647, CVE-2025-21764, CVE-2025-21862, CVE-2025-21846, CVE-2025-21848, CVE-2024-57973, CVE-2025-21796, CVE-2025-21814, CVE-2025-21878, CVE-2025-21898, CVE-2025-21795, CVE-2025-21735, CVE-2025-21785, CVE-2025-21950, CVE-2024-26982, CVE-2024-57986, CVE-2025-21948, CVE-2024-58072, CVE-2025-21766, CVE-2025-21715, CVE-2025-21920, CVE-2025-21823, CVE-2024-58020, CVE-2024-58017, CVE-2024-58069, CVE-2025-21871, CVE-2024-58085, CVE-2025-21791, CVE-2025-21765, CVE-2025-21782, CVE-2024-58001, CVE-2025-21909, CVE-2024-58079, CVE-2025-21811, CVE-2025-21943, CVE-2025-21924, CVE-2025-21928, CVE-2025-21826, CVE-2025-21708, CVE-2025-21802, CVE-2025-21951, CVE-2025-21744, CVE-2025-21925, CVE-2025-21971, CVE-2024-58076, CVE-2025-21761, CVE-2025-21914, CVE-2025-21684, CVE-2024-58083, CVE-2025-21830, CVE-2025-21887, CVE-2025-21748, CVE-2025-21721, CVE-2024-57980, CVE-2024-58034, CVE-2025-21935, CVE-2025-21859, CVE-2024-58052, CVE-2025-21912, CVE-2025-21753, CVE-2025-21787, CVE-2025-21806, CVE-2025-21917, CVE-2025-21718, CVE-2024-57979, CVE-2025-21866, CVE-2025-21758, CVE-2025-21781, CVE-2025-21711, CVE-2025-21745, CVE-2024-58051, CVE-2024-58016, CVE-2024-58002, CVE-2025-21844, CVE-2024-57977, CVE-2024-57981, CVE-2025-21728, CVE-2024-58090, CVE-2024-58007, CVE-2025-21763, CVE-2025-21762, CVE-2024-58005, CVE-2025-21916, CVE-2024-57834, CVE-2025-21707, CVE-2025-21865, CVE-2025-21736, CVE-2024-57978, CVE-2025-21919, CVE-2025-21820, CVE-2025-21804, CVE-2025-21722, CVE-2024-58055, CVE-2025-21779, CVE-2025-21772, CVE-2024-58010, CVE-2024-58058)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Compute Acceleration Framework; - ACPI drivers; - Drivers core; - Ublk userspace block driver; - Virtio block driver; - DMA engine subsystem; - GPU drivers; - Microsoft Hyper-V drivers; - Hardware monitoring drivers; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - Multiple devices driver; - Media drivers; - Microchip PCI driver; - Network drivers; - Mellanox network drivers; - STMicroelectronics network drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - Power supply drivers; - SCSI subsystem; - USB Gadget drivers; - TDX Guest driver; - AFS file system; - BTRFS file system; - Ceph distributed file system; - EROFS file system; - File systems infrastructure; - Network file systems library; - NILFS2 file system; - Overlay file system; - SMB network file system; - VLANs driver; - Memory management; - LAPB network protocol; - io_uring subsystem; - BPF subsystem; - Control group (cgroup); - Tracing infrastructure; - Workqueue subsystem; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - NET/ROM layer; - Packet sockets; - RDS protocol; - Network traffic control; - SCTP protocol; - SMC sockets; - Wireless networking; - SELinux security module; - ALSA framework; - SOF drivers; (CVE-2024-57895, CVE-2024-57801, CVE-2025-21653, CVE-2025-21664, CVE-2024-57911, CVE-2024-57890, CVE-2024-56372, CVE-2024-57931, CVE-2024-57841, CVE-2024-56758, CVE-2024-57946, CVE-2024-54460, CVE-2024-55639, CVE-2025-21636, CVE-2025-21656, CVE-2024-57917, CVE-2024-53685, CVE-2024-55881, CVE-2024-57910, CVE-2024-56369, CVE-2024-57929, CVE-2024-57940, CVE-2024-54455, CVE-2025-21631, CVE-2024-56656, CVE-2025-21643, CVE-2024-57807, CVE-2024-47736, CVE-2024-56670, CVE-2025-21660, CVE-2024-56667, CVE-2024-41013, CVE-2024-56710, CVE-2025-21659, CVE-2024-57792, CVE-2024-57893, CVE-2024-57913, CVE-2024-57897, CVE-2024-57907, CVE-2024-57916, CVE-2025-21647, CVE-2024-56665, CVE-2025-21649, CVE-2024-57938, CVE-2024-56709, CVE-2024-57945, CVE-2025-21654, CVE-2024-56657, CVE-2024-49571, CVE-2024-54683, CVE-2024-56664, CVE-2024-58087, CVE-2024-54193, CVE-2024-57802, CVE-2025-21637, CVE-2024-56761, CVE-2024-57892, CVE-2024-56675, CVE-2025-21645, CVE-2024-57908, CVE-2024-58237, CVE-2024-57887, CVE-2024-53687, CVE-2025-21650, CVE-2024-57888, CVE-2024-57902, CVE-2024-57906, CVE-2024-56764, CVE-2024-57882, CVE-2024-56652, CVE-2025-21652, CVE-2025-21662, CVE-2024-57879, CVE-2024-56662, CVE-2024-56660, CVE-2025-21632, CVE-2024-47408, CVE-2025-21642, CVE-2025-21655, CVE-2025-21640, CVE-2025-21663, CVE-2024-57933, CVE-2024-57899, CVE-2024-57884, CVE-2024-56654, CVE-2024-57806, CVE-2024-57901, CVE-2024-57926, CVE-2024-39282, CVE-2024-56770, CVE-2024-57889, CVE-2024-56769, CVE-2024-53690, CVE-2024-57904, CVE-2025-21971, CVE-2024-57885, CVE-2024-56718, CVE-2024-56767, CVE-2024-38608, CVE-2024-56760, CVE-2024-56763, CVE-2024-57912, CVE-2024-36476, CVE-2024-57793, CVE-2025-21638, CVE-2024-56716, CVE-2024-57804, CVE-2024-57932, CVE-2024-57900, CVE-2025-21651, CVE-2024-57925, CVE-2024-53125, CVE-2024-56717, CVE-2025-21938, CVE-2025-21639, CVE-2024-57883, CVE-2024-56715, CVE-2024-57805, CVE-2024-55916, CVE-2024-53179, CVE-2024-56759, CVE-2024-57939, CVE-2025-21646, CVE-2024-57898, CVE-2024-57791, CVE-2025-21634, CVE-2025-21635, CVE-2024-56659, CVE-2024-57903, CVE-2025-21648, CVE-2024-57896, CVE-2024-49568, CVE-2025-21658)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Drivers core; - Network block device driver; - Bluetooth drivers; - Character device driver; - TPM device driver; - Clock framework and drivers; - Hardware crypto device drivers; - FireWire subsystem; - EFI core; - Qualcomm firmware drivers; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - I3C subsystem; - InfiniBand drivers; - Input Device (Mouse) drivers; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - NVIDIA Tegra memory controller driver; - Fastrpc Driver; - Network drivers; - Operating Performance Points (OPP) driver; - PCI subsystem; - x86 platform drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - Remote Processor subsystem; - Real Time Clock drivers; - S/390 drivers; - SCSI subsystem; - QCOM SoC drivers; - SPI subsystem; - Media staging drivers; - Trusted Execution Environment drivers; - TTY drivers; - UFS subsystem; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Framebuffer layer; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - SMB network file system; - UBI file system; - BPF subsystem; - Timer subsystem; - KVM subsystem; - Networking core; - ptr_ring data structure definitions; - Networking subsytem; - Amateur Radio drivers; - L3 Master device support module; - TCP network protocol; - XFRM subsystem; - Tracing infrastructure; - io_uring subsystem; - Process Accounting mechanism; - Perf events; - Padata parallel execution mechanism; - printk logging mechanism; - Scheduler infrastructure; - Workqueue subsystem; - Memory management; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - NFC subsystem; - Open vSwitch; - Rose network layer; - RxRPC session sockets; - Network traffic control; - Wireless networking; - Key management; - Landlock security; - Linux Security Modules (LSM) Framework; - Tomoyo security module; - SoC audio core drivers; - SOF drivers; (CVE-2025-21799, CVE-2025-21765, CVE-2024-57834, CVE-2025-21971, CVE-2025-21855, CVE-2024-58019, CVE-2025-21987, CVE-2025-21754, CVE-2025-21779, CVE-2024-57986, CVE-2025-21809, CVE-2025-21887, CVE-2025-21744, CVE-2024-58014, CVE-2025-21892, CVE-2025-21848, CVE-2024-58051, CVE-2024-58085, CVE-2025-21862, CVE-2024-57981, CVE-2024-57987, CVE-2024-58053, CVE-2024-58063, CVE-2024-58079, CVE-2025-21875, CVE-2025-21715, CVE-2024-58004, CVE-2025-21857, CVE-2025-21856, CVE-2025-21938, CVE-2024-58082, CVE-2025-21815, CVE-2025-21864, CVE-2024-52559, CVE-2024-58078, CVE-2024-57989, CVE-2024-58001, CVE-2025-21889, CVE-2025-21739, CVE-2024-58005, CVE-2025-21829, CVE-2024-58069, CVE-2025-21712, CVE-2025-21846, CVE-2025-21883, CVE-2025-21852, CVE-2025-21808, CVE-2025-21900, CVE-2025-21888, CVE-2025-21784, CVE-2025-21838, CVE-2024-58054, CVE-2025-21781, CVE-2025-21737, CVE-2024-58013, CVE-2025-21885, CVE-2025-21877, CVE-2024-58010, CVE-2025-21844, CVE-2024-58012, CVE-2024-58083, CVE-2025-21783, CVE-2025-21798, CVE-2024-57973, CVE-2024-57982, CVE-2025-21708, CVE-2024-58003, CVE-2025-21786, CVE-2025-21750, CVE-2025-21870, CVE-2025-21745, CVE-2024-58081, CVE-2024-57979, CVE-2025-21718, CVE-2025-21816, CVE-2025-21868, CVE-2025-21731, CVE-2025-21814, CVE-2025-21826, CVE-2024-58006, CVE-2025-21821, CVE-2024-57852, CVE-2025-21746, CVE-2025-21874, CVE-2025-21866, CVE-2025-21770, CVE-2025-21899, CVE-2025-21804, CVE-2025-21723, CVE-2025-21742, CVE-2024-57988, CVE-2024-58034, CVE-2025-21733, CVE-2024-57980, CVE-2025-21782, CVE-2025-21711, CVE-2024-58090, CVE-2025-21761, CVE-2025-21851, CVE-2025-21828, CVE-2024-58068, CVE-2024-58018, CVE-2024-58064, CVE-2025-21869, CVE-2025-21772, CVE-2025-21758, CVE-2025-21793, CVE-2024-58017, CVE-2025-21835, CVE-2025-21775, CVE-2025-21719, CVE-2024-57998, CVE-2024-58002, CVE-2024-57993, CVE-2025-21847, CVE-2025-21760, CVE-2025-21796, CVE-2024-58075, CVE-2024-58077, CVE-2025-21773, CVE-2025-21790, CVE-2025-21872, CVE-2025-21895, CVE-2025-21732, CVE-2025-21871, CVE-2024-58058, CVE-2025-21749, CVE-2025-21830, CVE-2025-21704, CVE-2025-21720, CVE-2025-21748, CVE-2025-21726, CVE-2025-21801, CVE-2024-58076, CVE-2025-21881, CVE-2025-21831, CVE-2025-21724, CVE-2024-58086, CVE-2025-21812, CVE-2024-57985, CVE-2025-21795, CVE-2025-21725, CVE-2025-21762, CVE-2025-21788, CVE-2024-58080, CVE-2025-21839, CVE-2024-58057, CVE-2025-21706, CVE-2024-58011, CVE-2025-21832, CVE-2024-58061, CVE-2025-21710, CVE-2025-21734, CVE-2025-21836, CVE-2024-54456, CVE-2024-58008, CVE-2025-21743, CVE-2024-58071, CVE-2025-21707, CVE-2025-21791, CVE-2025-21767, CVE-2024-57974, CVE-2024-58021, CVE-2025-21849, CVE-2025-21827, CVE-2024-58084, CVE-2024-58016, CVE-2024-58072, CVE-2025-21802, CVE-2024-58055, CVE-2025-21853, CVE-2024-57997, CVE-2025-21858, CVE-2024-57999, CVE-2025-21780, CVE-2025-21876, CVE-2024-58088, CVE-2025-21820, CVE-2025-21753, CVE-2025-21766, CVE-2025-21768, CVE-2025-21898, CVE-2025-21785, CVE-2024-54458, CVE-2024-58060, CVE-2024-49570, CVE-2025-21759, CVE-2024-57953, CVE-2024-57977, CVE-2025-21810, CVE-2025-21735, CVE-2025-21728, CVE-2025-21865, CVE-2024-58007, CVE-2025-21776, CVE-2025-21859, CVE-2025-21721, CVE-2025-21823, CVE-2024-58070, CVE-2024-57996, CVE-2024-58056, CVE-2024-58020, CVE-2025-21741, CVE-2025-21806, CVE-2025-21727, CVE-2025-21736, CVE-2025-21787, CVE-2025-21763, CVE-2025-21811, CVE-2025-21873, CVE-2025-21890, CVE-2024-58052, CVE-2025-21705, CVE-2025-21713, CVE-2025-21863, CVE-2025-21716, CVE-2025-21825, CVE-2025-21792, CVE-2025-21854, CVE-2025-21738, CVE-2024-57990, CVE-2024-57994, CVE-2024-57978, CVE-2025-21878, CVE-2025-21867, CVE-2025-21764, CVE-2024-57984, CVE-2025-21891)

Simcha Kosman discovered that FFmpeg did not correctly handle certain return values. An attacker could possibly use this issue to leak sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2025-0518) It was discovered that FFmpeg did not correctly handle certain memory operations. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.10. (CVE-2025-1816) It was discovered that FFmpeg contained a reachable assertion, which could lead to a failure when processing certain AAC files. If a user or automated system were tricked into opening a specially crafted AAC file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2025-22919) It was discovered that FFmpeg did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 24.10 and Ubuntu 25.04. (CVE-2025-22921) It was discovered that FFmpeg did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS, Ubuntu 24.10 and Ubuntu 25.04. (CVE-2025-25473)

It was discovered that net-tools incorrectly handled certain inputs. An attacker could possible use this issue to cause a crash or execute arbitrary code.

It was discovered that cifs-utils incorrectly handled namespaces when obtaining Kerberos credentials. An attacker could possibly use this issue to obtain sensitive information.

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device driver; - Bus devices; - Character device driver; - TPM device driver; - Clock framework and drivers; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Media drivers; - NVIDIA Tegra memory controller driver; - Network drivers; - PCI subsystem; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - TTY drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - ACRN Hypervisor Service Module driver; - File systems infrastructure; - BTRFS file system; - F2FS file system; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - SMB network file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Process Accounting mechanism; - Padata parallel execution mechanism; - printk logging mechanism; - Scheduler infrastructure; - Timer subsystem; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - Multipath TCP; - Netfilter; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Landlock security; - Linux Security Modules (LSM) Framework; - Tomoyo security module; (CVE-2024-57973, CVE-2025-21728, CVE-2025-21684, CVE-2024-57980, CVE-2025-21919, CVE-2025-21802, CVE-2025-21748, CVE-2024-58034, CVE-2025-21877, CVE-2024-57981, CVE-2024-58071, CVE-2025-21926, CVE-2025-21848, CVE-2025-21766, CVE-2024-57834, CVE-2024-58085, CVE-2025-21914, CVE-2025-21758, CVE-2025-21707, CVE-2025-21726, CVE-2025-21731, CVE-2025-21916, CVE-2025-21826, CVE-2025-21917, CVE-2025-21760, CVE-2025-21925, CVE-2024-58086, CVE-2025-21948, CVE-2025-21943, CVE-2025-21782, CVE-2024-56599, CVE-2025-21875, CVE-2025-21753, CVE-2025-21721, CVE-2025-21711, CVE-2025-21787, CVE-2025-21928, CVE-2024-57979, CVE-2025-21779, CVE-2025-21924, CVE-2024-58020, CVE-2025-21905, CVE-2024-58002, CVE-2025-21744, CVE-2025-21763, CVE-2024-58017, CVE-2025-21736, CVE-2024-58069, CVE-2025-21715, CVE-2024-58083, CVE-2025-21934, CVE-2024-58055, CVE-2025-21761, CVE-2025-21772, CVE-2025-21796, CVE-2025-21718, CVE-2025-21719, CVE-2025-21887, CVE-2025-21806, CVE-2024-58063, CVE-2025-21871, CVE-2025-21858, CVE-2025-21922, CVE-2025-21767, CVE-2024-58058, CVE-2024-57986, CVE-2025-21971, CVE-2025-21912, CVE-2025-21862, CVE-2024-58001, CVE-2024-58005, CVE-2024-58079, CVE-2025-21749, CVE-2024-58076, CVE-2024-47726, CVE-2025-21722, CVE-2024-58007, CVE-2024-26982, CVE-2024-58016, CVE-2025-21647, CVE-2025-21814, CVE-2024-57978, CVE-2025-21823, CVE-2025-21795, CVE-2025-21910, CVE-2024-58051, CVE-2024-58010, CVE-2025-21776, CVE-2025-21859, CVE-2025-21950, CVE-2025-21811, CVE-2025-21935, CVE-2025-21799, CVE-2025-21835, CVE-2024-58090, CVE-2025-21844, CVE-2024-58052, CVE-2025-21951, CVE-2025-21865, CVE-2025-21820, CVE-2025-21804, CVE-2025-21765, CVE-2025-21727, CVE-2025-21830, CVE-2025-21846, CVE-2025-21781, CVE-2025-21704, CVE-2025-21735, CVE-2024-58072, CVE-2025-21878, CVE-2025-21909, CVE-2024-56721, CVE-2025-21866, CVE-2025-21904, CVE-2025-21898, CVE-2025-21920, CVE-2025-21745, CVE-2025-21785, CVE-2025-21791, CVE-2024-57977, CVE-2025-21764, CVE-2024-58014, CVE-2025-21762, CVE-2025-21708)

Sander Wiebing and Cristiano Giuffrida discovered that some Intel® Processors did not properly handle data in Shared Microarchitectural Structures during Transient Execution. An authenticated attacker could possibly use this issue to obtain sensitive information. (CVE-2024-28956) It was discovered that some Intel® Processors did not properly handle prediction calculations. An authenticated attacker could possibly use this issue to obtain sensitive information. (CVE-2024-43420, CVE-2024-45332, CVE-2025-20623) It was discovered that some Intel® Processors did not properly initialize resources in the branch prediction unit. An authenticated attacker could possibly use this issue to obtain sensitive information. (CVE-2025-20012, CVE-2025-24495) Michal Raviv and Jeff Gilbert discovered that some Intel® Processors did not properly handle resources and exceptions in the core management mechanism. An authenticated attacker could possibly use this issue to cause a denial of service. (CVE-2025-20054, CVE-2025-20103)

It was discovered that Flask incorrectly handled key rotation. An attacker could possibly use this issue to sign sessions with stale keys.

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver; - Character device driver; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Media drivers; - Network drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SCSI subsystem; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - NILFS2 file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Netfilter; - Process Accounting mechanism; - printk logging mechanism; - Scheduler infrastructure; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Tomoyo security module; (CVE-2024-58055, CVE-2025-21715, CVE-2024-26982, CVE-2025-21806, CVE-2024-58052, CVE-2024-57981, CVE-2025-21935, CVE-2025-21763, CVE-2024-58002, CVE-2025-21736, CVE-2025-21704, CVE-2024-57986, CVE-2025-21761, CVE-2024-58069, CVE-2025-21934, CVE-2024-58017, CVE-2025-21862, CVE-2024-26689, CVE-2025-21744, CVE-2025-21776, CVE-2024-56599, CVE-2025-21858, CVE-2025-21722, CVE-2025-21791, CVE-2025-21735, CVE-2025-21926, CVE-2025-21904, CVE-2024-58009, CVE-2024-58010, CVE-2024-58063, CVE-2025-21765, CVE-2025-21914, CVE-2025-21866, CVE-2025-21760, CVE-2024-57979, CVE-2024-58071, CVE-2025-21781, CVE-2025-21772, CVE-2025-21928, CVE-2025-21762, CVE-2024-58014, CVE-2024-57980, CVE-2024-26996, CVE-2025-21708, CVE-2025-21922, CVE-2024-58051, CVE-2023-52927, CVE-2024-58085, CVE-2025-21721, CVE-2025-21782, CVE-2025-21871, CVE-2024-50055, CVE-2025-21749, CVE-2025-21835, CVE-2024-58007, CVE-2025-21971, CVE-2024-58083, CVE-2025-21731, CVE-2024-57973, CVE-2025-21811, CVE-2025-21728, CVE-2023-52741, CVE-2025-21865, CVE-2025-21859, CVE-2025-21823, CVE-2025-21877, CVE-2024-57977, CVE-2025-21917, CVE-2025-21909, CVE-2025-21846, CVE-2024-58072, CVE-2025-21848, CVE-2023-52664, CVE-2025-21785, CVE-2021-47191, CVE-2025-21910, CVE-2025-21925, CVE-2025-21814, CVE-2024-58020, CVE-2025-21764, CVE-2024-58058, CVE-2025-21905, CVE-2025-21787, CVE-2024-58001, CVE-2025-21647, CVE-2025-21719, CVE-2024-58090, CVE-2025-21753, CVE-2025-21718, CVE-2025-21948, CVE-2025-21898, CVE-2025-21920, CVE-2025-21916)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver; - Character device driver; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Media drivers; - Network drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SCSI subsystem; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - File systems infrastructure; - BTRFS file system; - NILFS2 file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Process Accounting mechanism; - printk logging mechanism; - Scheduler infrastructure; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Tomoyo security module; (CVE-2025-21814, CVE-2025-21917, CVE-2025-21871, CVE-2024-57973, CVE-2025-21862, CVE-2025-21877, CVE-2024-26982, CVE-2024-58090, CVE-2025-21925, CVE-2025-21787, CVE-2025-21763, CVE-2024-58083, CVE-2025-21719, CVE-2025-21715, CVE-2025-21704, CVE-2025-21865, CVE-2025-21781, CVE-2025-21762, CVE-2023-52741, CVE-2025-21761, CVE-2025-21764, CVE-2025-21811, CVE-2025-21846, CVE-2024-57981, CVE-2024-58051, CVE-2025-21772, CVE-2024-56599, CVE-2024-58014, CVE-2024-58007, CVE-2025-21760, CVE-2021-47191, CVE-2025-21909, CVE-2025-21791, CVE-2025-21916, CVE-2024-57979, CVE-2024-26996, CVE-2024-58085, CVE-2024-58072, CVE-2025-21914, CVE-2025-21848, CVE-2025-21736, CVE-2025-21785, CVE-2024-58002, CVE-2024-58058, CVE-2025-21776, CVE-2025-21935, CVE-2025-21722, CVE-2024-58071, CVE-2025-21721, CVE-2025-21708, CVE-2024-58055, CVE-2025-21782, CVE-2025-21806, CVE-2025-21922, CVE-2025-21835, CVE-2025-21749, CVE-2025-21858, CVE-2024-58020, CVE-2024-58069, CVE-2024-57980, CVE-2025-21735, CVE-2025-21905, CVE-2025-21823, CVE-2024-58052, CVE-2025-21971, CVE-2024-58063, CVE-2025-21728, CVE-2025-21910, CVE-2024-58017, CVE-2025-21647, CVE-2025-21934, CVE-2025-21926, CVE-2024-57986, CVE-2025-21948, CVE-2024-58009, CVE-2025-21765, CVE-2025-21904, CVE-2025-21866, CVE-2025-21928, CVE-2025-21859, CVE-2024-58010, CVE-2025-21753, CVE-2025-21718, CVE-2024-58001, CVE-2025-21731, CVE-2024-50055, CVE-2025-21744, CVE-2025-21920, CVE-2024-57977, CVE-2025-21898)