[USN-8308-1] Dnsmasq vulnerability
[USN-8309-1] libssh2 vulnerability
[USN-8306-1] Samba vulnerabilities
[USN-8303-1] GitPython vulnerabilities
[USN-8167-2] xdg-dbus-proxy vulnerability
[USN-8063-2] Protocol Buffers vulnerability
[USN-7972-2] OpenCC vulnerability
[USN-8307-1] ONNX vulnerability
[USN-8280-3] Linux kernel (IoT) vulnerabilities
[USN-8310-1] Linux kernel (Azure) vulnerabilities
[USN-8278-2] Linux kernel (Azure) vulnerabilities
[USN-8305-2] Linux kernel (Low Latency) vulnerabilities
[USN-8308-1] Dnsmasq vulnerability
==========================================================================
Ubuntu Security Notice USN-8308-1
May 26, 2026
dnsmasq vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
Summary:
Dnsmasq could be made to crash or run programs if it received specially
crafted network traffic.
Software Description:
- dnsmasq: Small caching DNS proxy and DHCP/TFTP server
Details:
It was discovered that Dnsmasq incorrectly handled BOOTREPLY packets when
configured with the --dhcp-split-relay option. A remote attacker could
use this issue to cause Dnsmasq to crash, resulting in a denial of
service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
dnsmasq 2.92-1ubuntu0.3
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8308-1
CVE-2026-6507
Package Information:
https://launchpad.net/ubuntu/+source/dnsmasq/2.92-1ubuntu0.3
[USN-8309-1] libssh2 vulnerability
==========================================================================
Ubuntu Security Notice USN-8309-1
May 26, 2026
libssh2 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
Summary:
libssh2 could be made to crash if it received specially crafted
network traffic.
Software Description:
- libssh2: Client-side C library implementing the SSH2 protocol
Details:
It was discovered that libssh2 incorrectly handled username and password
length values during SSH password authentication. A remote attacker could
possibly use this issue to cause a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
libssh2-1t64 1.11.1-1ubuntu0.26.04.1
Ubuntu 25.10
libssh2-1t64 1.11.1-1ubuntu0.25.10.1
Ubuntu 24.04 LTS
libssh2-1t64 1.11.0-4.1ubuntu0.24.04.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8309-1
CVE-2026-7598
Package Information:
https://launchpad.net/ubuntu/+source/libssh2/1.11.1-1ubuntu0.26.04.1
https://launchpad.net/ubuntu/+source/libssh2/1.11.1-1ubuntu0.25.10.1
https://launchpad.net/ubuntu/+source/libssh2/1.11.0-4.1ubuntu0.24.04.1
[USN-8306-1] Samba vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8306-1
May 26, 2026
samba vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in Samba.
Software Description:
- samba: SMB/CIFS file, print, and login server for Unix
Details:
Asim Viladi Oglu Manizada discovered that Samba incorrectly handled access
checks on reparse point operations. An attacker could possibly use this
issue to modify reparse point extended attributes on files that should have
been read-only. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS.
(CVE-2026-1933)
Pavel Kohout discovered that Samba's vfs_worm module did not properly block
file overwrites. An attacker could possibly use this issue to overwrite
files that should have remained immutable. (CVE-2026-2340)
Arad Inbar, Nir Somech, and Ben Grinberg discovered that Samba incorrectly
handled certificate auto-enrolment group policies over HTTP without
verification. A machine-in-the-middle attacker could possibly use this
issue to install a malicious CA certificate. This issue only affected
Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-3012)
Arad Inbar, Erez Cohen, Nir Somech, and Ben Grinberg discovered that
Samba's Active Directory Domain Controller WINS server could be made to
crash under certain circumstances. A remote attacker could possibly use
this issue to cause a denial of service. (CVE-2026-3238)
Ron Ben Yizhak discovered that Samba's DCE/RPC SAMR server incorrectly
handled a non-default password check script configuration. A remote
attacker could possibly use this issue to execute arbitrary code.
(CVE-2026-4408)
Ron Ben Yizhak discovered that Samba's printing subsystem incorrectly
handled a non-default print command configuration. A remote attacker could
possibly use this issue to execute arbitrary code. (CVE-2026-4480)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
samba 2:4.23.6+dfsg-1ubuntu2.1
Ubuntu 25.10
samba 2:4.22.3+dfsg-4ubuntu2.4
Ubuntu 24.04 LTS
samba 2:4.19.5+dfsg-4ubuntu9.6
Ubuntu 22.04 LTS
samba 2:4.15.13+dfsg-0ubuntu1.12
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8306-1
CVE-2026-1933, CVE-2026-2340, CVE-2026-3012, CVE-2026-3238,
CVE-2026-4408, CVE-2026-4480
Package Information:
https://launchpad.net/ubuntu/+source/samba/2:4.23.6+dfsg-1ubuntu2.1
https://launchpad.net/ubuntu/+source/samba/2:4.22.3+dfsg-4ubuntu2.4
https://launchpad.net/ubuntu/+source/samba/2:4.19.5+dfsg-4ubuntu9.6
https://launchpad.net/ubuntu/+source/samba/2:4.15.13+dfsg-0ubuntu1.12
[USN-8303-1] GitPython vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8303-1
May 26, 2026
python-git vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in GitPython.
Software Description:
- python-git: A python library used to interact with Git repositories
Details:
Santos Gallegos discovered that GitPython did not properly validate
paths when resolving certain Git references. An attacker could possibly
use this issue to cause files outside the .git directory to be accessed,
leading to a denial of service. This issue only affected Ubuntu 14.04
LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu
22.04 LTS. (CVE-2023-41040)
Wes Ring discovered that GitPython did not properly block certain unsafe
Git options when they were provided as Python keyword arguments. An
attacker could possibly use this issue to cause arbitrary command
execution. (CVE-2026-42215)
It was discovered that GitPython did not properly validate clone options
before processing them. An attacker could possibly use this issue to
inject unsafe Git configuration, leading to arbitrary command execution
through Git hooks. This issue only affected Ubuntu 20.04 LTS, Ubuntu
22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 26.04 LTS. (CVE-2026-42284)
It was discovered that GitPython did not properly validate reference
paths during reference operations. An attacker could possibly use this
issue to write, overwrite, move, or delete files outside the repository.
(CVE-2026-44243)
Dan Aridor discovered that GitPython did not properly validate
configuration values before writing them to Git configuration files. An
attacker could possibly use this issue to inject unsafe Git
configuration, leading to arbitrary command execution through Git hooks.
(CVE-2026-44244)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
python-git-doc 3.1.46-1ubuntu0.1~esm1
Available with Ubuntu Pro
python3-git 3.1.46-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 24.04 LTS
python-git-doc 3.1.37-3ubuntu0.1~esm2
Available with Ubuntu Pro
python3-git 3.1.37-3ubuntu0.1~esm2
Available with Ubuntu Pro
Ubuntu 22.04 LTS
python-git-doc 3.1.24-1ubuntu0.1~esm3
Available with Ubuntu Pro
python3-git 3.1.24-1ubuntu0.1~esm3
Available with Ubuntu Pro
Ubuntu 20.04 LTS
python-git-doc 3.0.7-1ubuntu0.1~esm4
Available with Ubuntu Pro
python3-git 3.0.7-1ubuntu0.1~esm4
Available with Ubuntu Pro
Ubuntu 18.04 LTS
python-git 2.1.8-1ubuntu0.1~esm4
Available with Ubuntu Pro
python-git-doc 2.1.8-1ubuntu0.1~esm4
Available with Ubuntu Pro
python3-git 2.1.8-1ubuntu0.1~esm4
Available with Ubuntu Pro
Ubuntu 16.04 LTS
python-git 1.0.1+git137-gc8b8379-2.1ubuntu0.1~esm4
Available with Ubuntu Pro
python-git-doc 1.0.1+git137-gc8b8379-2.1ubuntu0.1~esm4
Available with Ubuntu Pro
python3-git 1.0.1+git137-gc8b8379-2.1ubuntu0.1~esm4
Available with Ubuntu Pro
Ubuntu 14.04 LTS
python-git 0.3.2~RC1-3ubuntu0.1~esm3
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8303-1
CVE-2023-41040, CVE-2026-42215, CVE-2026-42284, CVE-2026-44243,
CVE-2026-44244
[USN-8167-2] xdg-dbus-proxy vulnerability
==========================================================================
Ubuntu Security Notice USN-8167-2
May 26, 2026
xdg-dbus-proxy vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
xdg-dbus-proxy could be made to expose sensitive information.
Software Description:
- xdg-dbus-proxy: A filtering proxy for D-Bus connections
Details:
USN-8167-1 fixed a vulnerability in xdg-dbus-proxy. This update
provides the corresponding update for Ubuntu 20.04 LTS.
Original advisory details:
It was discovered that xdg-dbus-proxy incorrectly handled eavesdropping
in policy rules. A local attacker could possibly use this issue to
intercept certain D-Bus messages.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
xdg-dbus-proxy 0.1.2-1ubuntu0.1~esm1
Available with Ubuntu Pro
After a standard system update you need to restart your session to make all
the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8167-2
https://ubuntu.com/security/notices/USN-8167-1
CVE-2026-34080
[USN-8063-2] Protocol Buffers vulnerability
==========================================================================
Ubuntu Security Notice USN-8063-2
May 26, 2026
protobuf vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Protocol Buffers could be made to consume resources if it received
specially crafted input.
Software Description:
- protobuf: protocol buffers data serialization library
Details:
USN-8063-1 fixed a vulnerability in Protocol Buffers. This update provides
the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
Original advisory details:
It was discovered that Protocol Buffers incorrectly handled recursion
when the Python google.protobuf.json_format.ParseDict() function is being
used. An attacker could possibly use this issue to cause Protocol Buffers
to consume resources, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
libprotobuf17 3.6.1.3-2ubuntu5.2+esm3
Available with Ubuntu Pro
python-protobuf 3.6.1.3-2ubuntu5.2+esm3
Available with Ubuntu Pro
python3-protobuf 3.6.1.3-2ubuntu5.2+esm3
Available with Ubuntu Pro
Ubuntu 18.04 LTS
libprotobuf10 3.0.0-9.1ubuntu1.1+esm4
Available with Ubuntu Pro
python-protobuf 3.0.0-9.1ubuntu1.1+esm4
Available with Ubuntu Pro
python3-protobuf 3.0.0-9.1ubuntu1.1+esm4
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8063-2
https://ubuntu.com/security/notices/USN-8063-1
CVE-2026-0994
[USN-7972-2] OpenCC vulnerability
==========================================================================
Ubuntu Security Notice USN-7972-2
May 26, 2026
opencc vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
OpenCC could be made to crash if it received specially crafted input.
Software Description:
- opencc: simplified-traditional Chinese conversion library
Details:
USN-7972-1 fixed a vulnerability in OpenCC. This update provides the
corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
Original advisory details:
It was discovered that OpenCC incorrectly handled truncated UTF-8 input.
An attacker could possibly use this issue to cause OpenCC to crash,
resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
libopencc2 1.0.5+git20190530-1ubuntu0.1~esm1
Available with Ubuntu Pro
opencc 1.0.5+git20190530-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
libopencc2 1.0.4-5ubuntu0.1~esm1
Available with Ubuntu Pro
opencc 1.0.4-5ubuntu0.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7972-2
https://ubuntu.com/security/notices/USN-7972-1
CVE-2025-15536
[USN-8307-1] ONNX vulnerability
==========================================================================
Ubuntu Security Notice USN-8307-1
May 26, 2026
onnx vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
ONNX could be made to overwrite arbitrary files if a user downloaded a
specially crafted model archive.
Software Description:
- onnx: Open Neural Network Exchange
Details:
It was discovered that ONNX did not properly validate paths when extracting
tar archives during model downloads. An attacker could possibly use this
issue to overwrite arbitrary files on the system.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
libonnx1t64 1.14.1-2.1ubuntu0.1~esm1
Available with Ubuntu Pro
python3-onnx 1.14.1-2.1ubuntu0.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8307-1
CVE-2024-5187
[USN-8280-3] Linux kernel (IoT) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8280-3
May 26, 2026
linux-iot vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-iot: Linux kernel for IoT platforms
Details:
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Packet sockets;
- TLS protocol;
(CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077,
CVE-2026-43078)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.4.0-1063-iot 5.4.0-1063.66
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8280-3
https://ubuntu.com/security/notices/USN-8280-2
https://ubuntu.com/security/notices/USN-8280-1
CVE-2026-31431, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033,
CVE-2026-43077, CVE-2026-43078
[USN-8310-1] Linux kernel (Azure) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8310-1
May 26, 2026
linux-azure, linux-azure-6.17 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-azure-6.17: Linux kernel for Microsoft Azure cloud systems
Details:
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- S390 architecture;
- Cryptographic API;
- GPU drivers;
- Ethernet bonding driver;
- Microsoft Azure Network Adapter (MANA) driver;
- Network file system (NFS) server daemon;
- Distributed Switch Architecture;
- Netfilter;
- Control group (cgroup);
- Kernel kexec() syscall;
- Memory management;
- MAC80211 subsystem;
- Multipath TCP;
- Packet sockets;
- TLS protocol;
- Unix domain sockets;
(CVE-2025-71088, CVE-2025-71090, CVE-2025-71127, CVE-2025-71134,
CVE-2025-71139, CVE-2025-71141, CVE-2025-71142, CVE-2025-71144,
CVE-2025-71152, CVE-2025-71155, CVE-2026-23274, CVE-2026-23351,
CVE-2026-23394, CVE-2026-23454, CVE-2026-31419, CVE-2026-31504,
CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078,
CVE-2026-43276)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
linux-image-6.17.0-1015-azure 6.17.0-1015.15
linux-image-azure 6.17.0-1015.15
linux-image-azure-6.17 6.17.0-1015.15
Ubuntu 24.04 LTS
linux-image-6.17.0-1015-azure 6.17.0-1015.15~24.04.1
linux-image-azure 6.17.0-1015.15~24.04.1
linux-image-azure-6.17 6.17.0-1015.15~24.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8310-1
CVE-2025-71088, CVE-2025-71090, CVE-2025-71127, CVE-2025-71134,
CVE-2025-71139, CVE-2025-71141, CVE-2025-71142, CVE-2025-71144,
CVE-2025-71152, CVE-2025-71155, CVE-2026-23274, CVE-2026-23351,
CVE-2026-23394, CVE-2026-23454, CVE-2026-31419, CVE-2026-31431,
CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077,
CVE-2026-43078, CVE-2026-43276
Package Information:
https://launchpad.net/ubuntu/+source/linux-azure/6.17.0-1015.15
https://launchpad.net/ubuntu/+source/linux-azure-6.17/6.17.0-1015.15~24.04.1
[USN-8278-2] Linux kernel (Azure) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8278-2
May 26, 2026
linux-azure vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
Details:
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- x86 architecture;
- Cryptographic API;
- Compute Acceleration Framework;
- Drivers core;
- Null block device driver;
- Ublk userspace block driver;
- Bluetooth drivers;
- Counter interface drivers;
- DMA engine subsystem;
- DPLL subsystem;
- GPU drivers;
- HID subsystem;
- Intel Trace Hub HW tracing drivers;
- IIO ADC drivers;
- IIO subsystem;
- On-Chip Interconnect management framework;
- IRQ chip drivers;
- Modular ISDN driver;
- LED subsystem;
- Multiple devices driver;
- UACCE accelerator framework;
- MMC subsystem;
- Ethernet bonding driver;
- Network drivers;
- Mellanox network drivers;
- NVME drivers;
- PHY drivers;
- x86 platform drivers;
- i.MX PM domains;
- SCSI subsystem;
- SLIMbus drivers;
- SPI subsystem;
- TCM subsystem;
- W1 Dallas's 1-wire bus driver;
- Xen hypervisor drivers;
- BTRFS file system;
- EFI Variable file system;
- exFAT file system;
- Ext4 file system;
- HFS+ file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NTFS3 file system;
- SMB network file system;
- Scheduler infrastructure;
- Netfilter;
- NFC subsystem;
- Tracing infrastructure;
- io_uring subsystem;
- BPF subsystem;
- Perf events;
- Floating proportions library;
- Memory management;
- Bluetooth subsystem;
- CAN network layer;
- Ceph Core library;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- L2TP protocol;
- MAC80211 subsystem;
- NET/ROM layer;
- Packet sockets;
- Network traffic control;
- SCTP protocol;
- TLS protocol;
- Unix domain sockets;
- VMware vSockets driver;
- Wireless networking;
- ALSA AC97 driver;
- Generic PCM loopback sound driver;
- Creative Sound Blaster X-Fi driver;
- AMD SoC Alsa drivers;
- Texas InstrumentS Audio (ASoC/HDA) drivers;
- USB sound devices;
- KVM subsystem;
(CVE-2024-50004, CVE-2024-58096, CVE-2024-58097, CVE-2025-37926,
CVE-2025-38201, CVE-2025-38591, CVE-2025-40039, CVE-2025-40082,
CVE-2025-40149, CVE-2025-68351, CVE-2025-68358, CVE-2025-68365,
CVE-2025-68725, CVE-2025-68749, CVE-2025-68803, CVE-2025-68823,
CVE-2025-71160, CVE-2025-71162, CVE-2025-71163, CVE-2025-71180,
CVE-2025-71182, CVE-2025-71183, CVE-2025-71184, CVE-2025-71185,
CVE-2025-71186, CVE-2025-71188, CVE-2025-71189, CVE-2025-71190,
CVE-2025-71191, CVE-2025-71192, CVE-2025-71193, CVE-2025-71194,
CVE-2025-71195, CVE-2025-71196, CVE-2025-71197, CVE-2025-71198,
CVE-2025-71199, CVE-2025-71200, CVE-2025-71220, CVE-2025-71222,
CVE-2025-71224, CVE-2025-71225, CVE-2025-71268, CVE-2026-22976,
CVE-2026-22977, CVE-2026-22978, CVE-2026-22979, CVE-2026-22980,
CVE-2026-22982, CVE-2026-22984, CVE-2026-22990, CVE-2026-22991,
CVE-2026-22992, CVE-2026-22994, CVE-2026-22996, CVE-2026-22997,
CVE-2026-22998, CVE-2026-22999, CVE-2026-23000, CVE-2026-23001,
CVE-2026-23003, CVE-2026-23005, CVE-2026-23006, CVE-2026-23010,
CVE-2026-23011, CVE-2026-23019, CVE-2026-23020, CVE-2026-23021,
CVE-2026-23025, CVE-2026-23026, CVE-2026-23030, CVE-2026-23031,
CVE-2026-23032, CVE-2026-23033, CVE-2026-23035, CVE-2026-23037,
CVE-2026-23038, CVE-2026-23047, CVE-2026-23049, CVE-2026-23050,
CVE-2026-23053, CVE-2026-23054, CVE-2026-23056, CVE-2026-23057,
CVE-2026-23058, CVE-2026-23059, CVE-2026-23061, CVE-2026-23062,
CVE-2026-23063, CVE-2026-23064, CVE-2026-23065, CVE-2026-23068,
CVE-2026-23069, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075,
CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083,
CVE-2026-23084, CVE-2026-23085, CVE-2026-23086, CVE-2026-23087,
CVE-2026-23088, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091,
CVE-2026-23093, CVE-2026-23094, CVE-2026-23095, CVE-2026-23096,
CVE-2026-23097, CVE-2026-23098, CVE-2026-23099, CVE-2026-23101,
CVE-2026-23102, CVE-2026-23103, CVE-2026-23105, CVE-2026-23107,
CVE-2026-23108, CVE-2026-23110, CVE-2026-23113, CVE-2026-23116,
CVE-2026-23119, CVE-2026-23120, CVE-2026-23121, CVE-2026-23123,
CVE-2026-23124, CVE-2026-23125, CVE-2026-23126, CVE-2026-23128,
CVE-2026-23129, CVE-2026-23131, CVE-2026-23133, CVE-2026-23135,
CVE-2026-23136, CVE-2026-23139, CVE-2026-23140, CVE-2026-23141,
CVE-2026-23142, CVE-2026-23144, CVE-2026-23145, CVE-2026-23146,
CVE-2026-23148, CVE-2026-23150, CVE-2026-23151, CVE-2026-23156,
CVE-2026-23159, CVE-2026-23160, CVE-2026-23163, CVE-2026-23164,
CVE-2026-23166, CVE-2026-23167, CVE-2026-23168, CVE-2026-23170,
CVE-2026-23172, CVE-2026-23173, CVE-2026-23176, CVE-2026-23178,
CVE-2026-23179, CVE-2026-23180, CVE-2026-23182, CVE-2026-23187,
CVE-2026-23190, CVE-2026-23191, CVE-2026-23193, CVE-2026-23198,
CVE-2026-23200, CVE-2026-23202, CVE-2026-23204, CVE-2026-23205,
CVE-2026-23206, CVE-2026-23212, CVE-2026-23213, CVE-2026-23214,
CVE-2026-23215, CVE-2026-23216, CVE-2026-23254, CVE-2026-23256,
CVE-2026-23257, CVE-2026-23258, CVE-2026-23260, CVE-2026-23261,
CVE-2026-23262, CVE-2026-23264, CVE-2026-23274, CVE-2026-23351,
CVE-2026-23394, CVE-2026-31419, CVE-2026-31504, CVE-2026-31533,
CVE-2026-43033, CVE-2026-43077, CVE-2026-43078)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
linux-image-6.8.0-1056-azure 6.8.0-1056.62
linux-image-azure-6.8 6.8.0-1056.62
linux-image-azure-lts-24.04 6.8.0-1056.62
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8278-2
https://ubuntu.com/security/notices/USN-8278-1
CVE-2024-50004, CVE-2024-58096, CVE-2024-58097, CVE-2025-37926,
CVE-2025-38201, CVE-2025-38591, CVE-2025-40039, CVE-2025-40082,
CVE-2025-40149, CVE-2025-68351, CVE-2025-68358, CVE-2025-68365,
CVE-2025-68725, CVE-2025-68749, CVE-2025-68803, CVE-2025-68823,
CVE-2025-71160, CVE-2025-71162, CVE-2025-71163, CVE-2025-71180,
CVE-2025-71182, CVE-2025-71183, CVE-2025-71184, CVE-2025-71185,
CVE-2025-71186, CVE-2025-71188, CVE-2025-71189, CVE-2025-71190,
CVE-2025-71191, CVE-2025-71192, CVE-2025-71193, CVE-2025-71194,
CVE-2025-71195, CVE-2025-71196, CVE-2025-71197, CVE-2025-71198,
CVE-2025-71199, CVE-2025-71200, CVE-2025-71220, CVE-2025-71222,
CVE-2025-71224, CVE-2025-71225, CVE-2025-71268, CVE-2026-22976,
CVE-2026-22977, CVE-2026-22978, CVE-2026-22979, CVE-2026-22980,
CVE-2026-22982, CVE-2026-22984, CVE-2026-22990, CVE-2026-22991,
CVE-2026-22992, CVE-2026-22994, CVE-2026-22996, CVE-2026-22997,
CVE-2026-22998, CVE-2026-22999, CVE-2026-23000, CVE-2026-23001,
CVE-2026-23003, CVE-2026-23005, CVE-2026-23006, CVE-2026-23010,
CVE-2026-23011, CVE-2026-23019, CVE-2026-23020, CVE-2026-23021,
CVE-2026-23025, CVE-2026-23026, CVE-2026-23030, CVE-2026-23031,
CVE-2026-23032, CVE-2026-23033, CVE-2026-23035, CVE-2026-23037,
CVE-2026-23038, CVE-2026-23047, CVE-2026-23049, CVE-2026-23050,
CVE-2026-23053, CVE-2026-23054, CVE-2026-23056, CVE-2026-23057,
CVE-2026-23058, CVE-2026-23059, CVE-2026-23061, CVE-2026-23062,
CVE-2026-23063, CVE-2026-23064, CVE-2026-23065, CVE-2026-23068,
CVE-2026-23069, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075,
CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083,
CVE-2026-23084, CVE-2026-23085, CVE-2026-23086, CVE-2026-23087,
CVE-2026-23088, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091,
CVE-2026-23093, CVE-2026-23094, CVE-2026-23095, CVE-2026-23096,
CVE-2026-23097, CVE-2026-23098, CVE-2026-23099, CVE-2026-23101,
CVE-2026-23102, CVE-2026-23103, CVE-2026-23105, CVE-2026-23107,
CVE-2026-23108, CVE-2026-23110, CVE-2026-23113, CVE-2026-23116,
CVE-2026-23119, CVE-2026-23120, CVE-2026-23121, CVE-2026-23123,
CVE-2026-23124, CVE-2026-23125, CVE-2026-23126, CVE-2026-23128,
CVE-2026-23129, CVE-2026-23131, CVE-2026-23133, CVE-2026-23135,
CVE-2026-23136, CVE-2026-23139, CVE-2026-23140, CVE-2026-23141,
CVE-2026-23142, CVE-2026-23144, CVE-2026-23145, CVE-2026-23146,
CVE-2026-23148, CVE-2026-23150, CVE-2026-23151, CVE-2026-23156,
CVE-2026-23159, CVE-2026-23160, CVE-2026-23163, CVE-2026-23164,
CVE-2026-23166, CVE-2026-23167, CVE-2026-23168, CVE-2026-23170,
CVE-2026-23172, CVE-2026-23173, CVE-2026-23176, CVE-2026-23178,
CVE-2026-23179, CVE-2026-23180, CVE-2026-23182, CVE-2026-23187,
CVE-2026-23190, CVE-2026-23191, CVE-2026-23193, CVE-2026-23198,
CVE-2026-23200, CVE-2026-23202, CVE-2026-23204, CVE-2026-23205,
CVE-2026-23206, CVE-2026-23212, CVE-2026-23213, CVE-2026-23214,
CVE-2026-23215, CVE-2026-23216, CVE-2026-23254, CVE-2026-23256,
CVE-2026-23257, CVE-2026-23258, CVE-2026-23260, CVE-2026-23261,
CVE-2026-23262, CVE-2026-23264, CVE-2026-23274, CVE-2026-23351,
CVE-2026-23394, CVE-2026-31419, CVE-2026-31431, CVE-2026-31504,
CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078
Package Information:
https://launchpad.net/ubuntu/+source/linux-azure/6.8.0-1056.62
[USN-8305-2] Linux kernel (Low Latency) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8305-2
May 26, 2026
linux-lowlatency-hwe-5.15 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-lowlatency-hwe-5.15: Linux low latency kernel
Details:
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Ethernet bonding driver;
- Packet sockets;
- TLS protocol;
(CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033,
CVE-2026-43077, CVE-2026-43078)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.15.0-179-lowlatency 5.15.0-179.189~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-179-lowlatency-64k 5.15.0-179.189~20.04.1
Available with Ubuntu Pro
linux-image-lowlatency-5.15 5.15.0.179.189~20.04.1
Available with Ubuntu Pro
linux-image-lowlatency-64k-5.15 5.15.0.179.189~20.04.1
Available with Ubuntu Pro
linux-image-lowlatency-64k-hwe-20.04 5.15.0.179.189~20.04.1
Available with Ubuntu Pro
linux-image-lowlatency-hwe-20.04 5.15.0.179.189~20.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8305-2
https://ubuntu.com/security/notices/USN-8305-1
CVE-2026-31419, CVE-2026-31431, CVE-2026-31504, CVE-2026-31533,
CVE-2026-43033, CVE-2026-43077, CVE-2026-43078
