[USN-8285-1] GStreamer Good Plugins vulnerability
[USN-8282-1] Unbound vulnerabilities
[USN-8284-1] GnuTLS vulnerabilities
[USN-8286-1] OpenVPN vulnerabilities
[USN-8283-1] rsync vulnerabilities
[USN-8289-1] Linux kernel (NVIDIA) vulnerabilities
[USN-8285-1] GStreamer Good Plugins vulnerability
==========================================================================
Ubuntu Security Notice USN-8285-1
May 20, 2026
gst-plugins-good1.0 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
Summary:
GStreamer Good Plugins could be made to crash or run programs if it opened
a specially crafted file.
Software Description:
- gst-plugins-good1.0: GStreamer plugins
Details:
It was discovered that GStreamer Good Plugins incorrectly handled certain
MOV/MP4 media files. A remote attacker could use this issue to cause
GStreamer Good Plugins to crash, resulting in a denial of service, or
possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
gstreamer1.0-plugins-good 1.26.5-1ubuntu2.2
libgstreamer-plugins-good1.0-0 1.26.5-1ubuntu2.2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8285-1
CVE-2026-5056
Package Information:
https://launchpad.net/ubuntu/+source/gst-plugins-good1.0/1.26.5-1ubuntu2.2
[USN-8282-1] Unbound vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8282-1
May 20, 2026
unbound vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in Unbound.
Software Description:
- unbound: validating, recursive, caching DNS resolver
Details:
Andrew Griffiths discovered that Unbound did not properly handle certain
DNSCrypt packets. A remote attacker could possibly use this issue to cause
Unbound to crash, resulting in a denial of service. (CVE-2026-32792)
Qifan Zhang discovered that Unbound incorrectly handled DNSSEC validation
in certain situations. A remote attacker could possibly use this issue to
execute arbitrary code. This issue only affected Ubuntu 24.04 LTS,
Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-33278)
Qifan Zhang discovered that Unbound incorrectly handled certain ghost
domain name records. A remote attacker could possibly use this issue to
cause a denial of service. This issue only affected Ubuntu 24.04 LTS,
Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-40622)
Qifan Zhang discovered that Unbound did not properly limit processing of
long EDNS option lists. A remote attacker could possibly use this issue to
cause Unbound to use excessive resources, leading to a denial of service.
(CVE-2026-41292)
Qifan Zhang discovered that Unbound incorrectly handled jostle logic under
certain circumstances. A remote attacker could possibly use this issue to
cause Unbound to use excessive resources, leading to a denial of service.
(CVE-2026-42534)
Qifan Zhang discovered that Unbound did not properly bound NSEC3 hash
calculations. A remote attacker could possibly use this issue to cause
Unbound to use excessive resources, leading to a denial of service.
(CVE-2026-42923)
Qifan Zhang discovered that Unbound incorrectly handled multiple EDNS
options in certain situations. A remote attacker could possibly use this
issue to cause Unbound to crash, resulting in a denial of service, or
execute arbitrary code. This issue only affected Ubuntu 24.04 LTS,
Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-42944)
Qifan Zhang discovered that Unbound incorrectly handled DNSSEC validation
of malicious content. A remote attacker could possibly use this issue to
cause Unbound to crash, resulting in a denial of service.
(CVE-2026-42959)
TaoFei Guo, Yang Luo, and JianJun Chen discovered that Unbound
incorrectly handled delegation processing in certain situations. A remote
attacker could possibly use this issue to poison the DNS cache and obtain
sensitive information. (CVE-2026-42960)
Qifan Zhang discovered that Unbound did not properly bound name
compression in certain cases. A remote attacker could possibly use this
issue to cause Unbound to use excessive resources, leading to a denial of
service. (CVE-2026-44390)
Qifan Zhang discovered that Unbound had a use-after-free issue in RPZ
handling. A remote attacker could possibly use this issue to cause Unbound
to crash, resulting in a denial of service, or execute arbitrary code.
This issue only affected Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04
LTS. (CVE-2026-44608)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
libunbound8 1.24.2-1ubuntu2.1
unbound 1.24.2-1ubuntu2.1
Ubuntu 25.10
libunbound8 1.22.0-2ubuntu2.3
unbound 1.22.0-2ubuntu2.3
Ubuntu 24.04 LTS
libunbound8 1.19.2-1ubuntu3.8
unbound 1.19.2-1ubuntu3.8
Ubuntu 22.04 LTS
libunbound8 1.13.1-1ubuntu5.15
unbound 1.13.1-1ubuntu5.15
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8282-1
CVE-2026-32792, CVE-2026-33278, CVE-2026-40622, CVE-2026-41292,
CVE-2026-42534, CVE-2026-42923, CVE-2026-42944, CVE-2026-42959,
CVE-2026-42960, CVE-2026-44390, CVE-2026-44608
Package Information:
https://launchpad.net/ubuntu/+source/unbound/1.24.2-1ubuntu2.1
https://launchpad.net/ubuntu/+source/unbound/1.22.0-2ubuntu2.3
https://launchpad.net/ubuntu/+source/unbound/1.19.2-1ubuntu3.8
https://launchpad.net/ubuntu/+source/unbound/1.13.1-1ubuntu5.15
[USN-8284-1] GnuTLS vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8284-1
May 20, 2026
gnutls28 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in GnuTLS.
Software Description:
- gnutls28: GNU TLS library
Details:
Joshua Rogers discovered that GnuTLS did not properly handle malformed
DTLS handshake fragments in certain cases. A remote attacker could
possibly use this issue to obtain sensitive information, or cause a
denial of service. (CVE-2026-33845)
Haruto Kimura, Oscar Reparaz, and Zou Dikai discovered that GnuTLS did
not properly validate DTLS handshake fragment lengths in certain cases. A
remote attacker could possibly use this issue to cause GnuTLS to crash,
resulting in a denial of service, or execute arbitrary code.
(CVE-2026-33846)
Oleh Konko and Joshua Rogers discovered that GnuTLS did not properly
validate OCSP responses in certain cases. A remote attacker could
possibly use this issue to bypass certificate revocation checks, leading
to a machine-in-the-middle attack. (CVE-2026-3832)
Oleh Konko and Joshua Rogers discovered that GnuTLS did not properly
handle case-insensitive name constraints in certain cases. A remote
attacker could possibly use this issue to bypass certificate validation,
leading to a machine-in-the-middle attack. (CVE-2026-3833)
Joshua Rogers discovered that GnuTLS did not properly order DTLS packets
with duplicate sequence numbers in certain cases. A remote attacker could
possibly use this issue to cause GnuTLS to crash, resulting in a denial
of service. (CVE-2026-42009)
Joshua Rogers discovered that GnuTLS did not properly handle usernames
containing NUL characters in certain RSA-PSK configurations. A remote
attacker could possibly use this issue to bypass authentication and gain
unintended access to services. (CVE-2026-42010)
Haruto Kimura discovered that GnuTLS did not properly apply permitted
name constraints in certain certificate validation paths. A remote
attacker could possibly use this issue to bypass certificate validation,
leading to a machine-in-the-middle attack. (CVE-2026-42011)
Oleh Konko discovered that GnuTLS incorrectly fell back to Common Name
checks for certain URI and SRV subject alternative names. A remote
attacker could possibly use this issue to bypass certificate validation,
leading to a machine-in-the-middle attack. (CVE-2026-42012)
Haruto Kimura and Joshua Rogers discovered that GnuTLS incorrectly fell
back to Common Name checks when subject alternative names were oversized.
A remote attacker could possibly use this issue to bypass certificate
validation, leading to a machine-in-the-middle attack. (CVE-2026-42013)
Luigino Camastra and Joshua Rogers discovered that GnuTLS had a
use-after-free issue when changing PKCS#11 token security officer PINs in
certain cases. An attacker could possibly use this issue to cause GnuTLS
to crash, resulting in a denial of service, or execute arbitrary code.
(CVE-2026-42014)
Zou Dikai discovered that GnuTLS did not properly validate PKCS#12 bag
sizes in certain cases. An attacker could possibly use this issue to
cause GnuTLS to crash, resulting in a denial of service, or execute
arbitrary code. (CVE-2026-42015)
Joshua Rogers discovered that GnuTLS did not properly handle very short
premaster secrets in certain RSA key exchange cases with PKCS#11-backed
server keys. A remote attacker could possibly use this issue to obtain
sensitive information. (CVE-2026-5260)
Doria Tang discovered that GnuTLS did not perform PKCS#7 padding checks
in constant time in certain cases. A remote attacker could possibly use
this issue to obtain sensitive information. This issue only affected
Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-5419)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
libgnutls30t64 3.8.12-2ubuntu1.1
Ubuntu 25.10
libgnutls30t64 3.8.9-3ubuntu2.2
Ubuntu 24.04 LTS
libgnutls30t64 3.8.3-1.1ubuntu3.6
Ubuntu 22.04 LTS
libgnutls30 3.7.3-4ubuntu1.9
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8284-1
CVE-2026-33845, CVE-2026-33846, CVE-2026-3832, CVE-2026-3833,
CVE-2026-42009, CVE-2026-42010, CVE-2026-42011, CVE-2026-42012,
CVE-2026-42013, CVE-2026-42014, CVE-2026-42015, CVE-2026-5260,
CVE-2026-5419
Package Information:
https://launchpad.net/ubuntu/+source/gnutls28/3.8.12-2ubuntu1.1
https://launchpad.net/ubuntu/+source/gnutls28/3.8.9-3ubuntu2.2
https://launchpad.net/ubuntu/+source/gnutls28/3.8.3-1.1ubuntu3.6
https://launchpad.net/ubuntu/+source/gnutls28/3.7.3-4ubuntu1.9
[USN-8286-1] OpenVPN vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8286-1
May 20, 2026
openvpn vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in OpenVPN.
Software Description:
- openvpn: virtual private network software
Details:
Guannan Wang, Zhanpeng Liu, Guancheng Li, and Emma Reuter
discovered that OpenVPN incorrectly handled suitably malformed
packets with valid tls-crypt-v2 keys. An attacker could possibly use
this issue to cause OpenVPN to crash, resulting in a denial of
service. (CVE-2026-35058)
Guannan Wang, Zhanpeng Liu, and Guancheng Li discovered that
OpenVPN had a race condition in the TLS handshake process that could
leak packet data from a previous handshake under certain
circumstances. An attacker could possibly use this issue to obtain
sensitive information. (CVE-2026-40215)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
openvpn 2.7.0-1ubuntu1.1
Ubuntu 25.10
openvpn 2.6.19-0ubuntu0.25.10.2
Ubuntu 24.04 LTS
openvpn 2.6.19-0ubuntu0.24.04.2
Ubuntu 22.04 LTS
openvpn 2.5.11-0ubuntu0.22.04.3
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8286-1
CVE-2026-35058, CVE-2026-40215
Package Information:
https://launchpad.net/ubuntu/+source/openvpn/2.7.0-1ubuntu1.1
https://launchpad.net/ubuntu/+source/openvpn/2.6.19-0ubuntu0.25.10.2
https://launchpad.net/ubuntu/+source/openvpn/2.6.19-0ubuntu0.24.04.2
https://launchpad.net/ubuntu/+source/openvpn/2.5.11-0ubuntu0.22.04.3
[USN-8283-1] rsync vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8283-1
May 20, 2026
rsync vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in rsync.
Software Description:
- rsync: fast, versatile, remote (and local) file-copying tool
Details:
Calum Hutton discovered that rsync contained a heap-based out-of-bounds
read when handling file transfers. A remote attacker with read access
to an rsync server could possibly use this issue to cause a denial of
service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS,
and Ubuntu 25.10. (CVE-2025-10158)
Batuhan Sancak, Damien Neil, and Michael Stapelberg discovered that
rsync daemons configured without chroot protection were exposed to a
race condition on parent path components. A local attacker with write
access to a module could possibly use this issue to overwrite files,
obtain sensitive information, or escalate privileges.
(CVE-2026-29518)
It was discovered that rsync did not properly validate a length value
while sorting extended attributes. An attacker could possibly use this
issue to cause a denial of service. (CVE-2026-41035)
It was discovered that rsync performed reverse-DNS lookups after
chrooting in some daemon configurations. A remote attacker could
possibly use this issue to bypass hostname-based access controls and
access network services. (CVE-2026-43617)
Omar Elsayed discovered that rsync did not properly check for integer
overflows while decoding compressed tokens. A remote attacker could
possibly use this issue to obtain sensitive information.
(CVE-2026-43618)
Andrew Tridgell discovered that rsync did not fully fix a symlink race
condition in path-based system calls for daemons configured without
chroot protection. A local attacker could possibly use this issue to
overwrite files, obtain sensitive information, or escalate privileges.
(CVE-2026-43619)
Pratham Gupta discovered that rsync did not properly validate an index
while processing file lists. A remote attacker could possibly use this
issue to cause rsync to crash, resulting in a denial of service.
(CVE-2026-43620)
Michal Ruprich discovered that rsync contained an off-by-one error
while handling HTTP proxy responses. An attacker able to intercept network
communications or a malicious proxy server could possibly use this issue to
cause a denial of service. (CVE-2026-45232)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
rsync 3.4.1+ds1-7ubuntu0.2
Ubuntu 25.10
rsync 3.4.1+ds1-5ubuntu1.2
Ubuntu 24.04 LTS
rsync 3.2.7-1ubuntu1.4
Ubuntu 22.04 LTS
rsync 3.2.7-0ubuntu0.22.04.6
In general, a standard system update will make all the necessary
changes. After a standard system update you need to restart rsync
daemons if configured to make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8283-1
CVE-2025-10158, CVE-2026-29518, CVE-2026-41035, CVE-2026-43617,
CVE-2026-43618, CVE-2026-43619, CVE-2026-43620, CVE-2026-45232
Package Information:
https://launchpad.net/ubuntu/+source/rsync/3.4.1+ds1-7ubuntu0.2
https://launchpad.net/ubuntu/+source/rsync/3.4.1+ds1-5ubuntu1.2
https://launchpad.net/ubuntu/+source/rsync/3.2.7-1ubuntu1.4
https://launchpad.net/ubuntu/+source/rsync/3.2.7-0ubuntu0.22.04.6
[USN-8289-1] Linux kernel (NVIDIA) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8289-1
May 20, 2026
linux-nvidia, linux-nvidia-lowlatency vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-nvidia: Linux kernel for NVIDIA systems
- linux-nvidia-lowlatency: Linux low latency kernel for NVIDIA systems
Details:
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- x86 architecture;
- Cryptographic API;
- Compute Acceleration Framework;
- Drivers core;
- Null block device driver;
- Ublk userspace block driver;
- Bluetooth drivers;
- Counter interface drivers;
- DMA engine subsystem;
- DPLL subsystem;
- GPU drivers;
- HID subsystem;
- Intel Trace Hub HW tracing drivers;
- IIO ADC drivers;
- IIO subsystem;
- On-Chip Interconnect management framework;
- IRQ chip drivers;
- Modular ISDN driver;
- LED subsystem;
- Multiple devices driver;
- UACCE accelerator framework;
- MMC subsystem;
- Ethernet bonding driver;
- Network drivers;
- Mellanox network drivers;
- NVME drivers;
- PHY drivers;
- x86 platform drivers;
- i.MX PM domains;
- SCSI subsystem;
- SLIMbus drivers;
- SPI subsystem;
- TCM subsystem;
- W1 Dallas's 1-wire bus driver;
- Xen hypervisor drivers;
- BTRFS file system;
- EFI Variable file system;
- exFAT file system;
- Ext4 file system;
- HFS+ file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NTFS3 file system;
- SMB network file system;
- Scheduler infrastructure;
- Netfilter;
- NFC subsystem;
- Tracing infrastructure;
- io_uring subsystem;
- BPF subsystem;
- Perf events;
- Floating proportions library;
- Memory management;
- Bluetooth subsystem;
- CAN network layer;
- Ceph Core library;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- L2TP protocol;
- MAC80211 subsystem;
- NET/ROM layer;
- Packet sockets;
- Network traffic control;
- SCTP protocol;
- TLS protocol;
- Unix domain sockets;
- VMware vSockets driver;
- Wireless networking;
- ALSA AC97 driver;
- Generic PCM loopback sound driver;
- Creative Sound Blaster X-Fi driver;
- AMD SoC Alsa drivers;
- Texas InstrumentS Audio (ASoC/HDA) drivers;
- USB sound devices;
- KVM subsystem;
(CVE-2024-50004, CVE-2024-58096, CVE-2024-58097, CVE-2025-37926,
CVE-2025-38201, CVE-2025-38591, CVE-2025-40039, CVE-2025-40082,
CVE-2025-40149, CVE-2025-68351, CVE-2025-68358, CVE-2025-68365,
CVE-2025-68725, CVE-2025-68749, CVE-2025-68803, CVE-2025-68823,
CVE-2025-71160, CVE-2025-71162, CVE-2025-71163, CVE-2025-71180,
CVE-2025-71182, CVE-2025-71183, CVE-2025-71184, CVE-2025-71185,
CVE-2025-71186, CVE-2025-71188, CVE-2025-71189, CVE-2025-71190,
CVE-2025-71191, CVE-2025-71192, CVE-2025-71193, CVE-2025-71194,
CVE-2025-71195, CVE-2025-71196, CVE-2025-71197, CVE-2025-71198,
CVE-2025-71199, CVE-2025-71200, CVE-2025-71220, CVE-2025-71222,
CVE-2025-71224, CVE-2025-71225, CVE-2025-71268, CVE-2026-22976,
CVE-2026-22977, CVE-2026-22978, CVE-2026-22979, CVE-2026-22980,
CVE-2026-22982, CVE-2026-22984, CVE-2026-22990, CVE-2026-22991,
CVE-2026-22992, CVE-2026-22994, CVE-2026-22996, CVE-2026-22997,
CVE-2026-22998, CVE-2026-22999, CVE-2026-23000, CVE-2026-23001,
CVE-2026-23003, CVE-2026-23005, CVE-2026-23006, CVE-2026-23010,
CVE-2026-23011, CVE-2026-23019, CVE-2026-23020, CVE-2026-23021,
CVE-2026-23025, CVE-2026-23026, CVE-2026-23030, CVE-2026-23031,
CVE-2026-23032, CVE-2026-23033, CVE-2026-23035, CVE-2026-23037,
CVE-2026-23038, CVE-2026-23047, CVE-2026-23049, CVE-2026-23050,
CVE-2026-23053, CVE-2026-23054, CVE-2026-23056, CVE-2026-23057,
CVE-2026-23058, CVE-2026-23059, CVE-2026-23061, CVE-2026-23062,
CVE-2026-23063, CVE-2026-23064, CVE-2026-23065, CVE-2026-23068,
CVE-2026-23069, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075,
CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083,
CVE-2026-23084, CVE-2026-23085, CVE-2026-23086, CVE-2026-23087,
CVE-2026-23088, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091,
CVE-2026-23093, CVE-2026-23094, CVE-2026-23095, CVE-2026-23096,
CVE-2026-23097, CVE-2026-23098, CVE-2026-23099, CVE-2026-23101,
CVE-2026-23102, CVE-2026-23103, CVE-2026-23105, CVE-2026-23107,
CVE-2026-23108, CVE-2026-23110, CVE-2026-23113, CVE-2026-23116,
CVE-2026-23119, CVE-2026-23120, CVE-2026-23121, CVE-2026-23123,
CVE-2026-23124, CVE-2026-23125, CVE-2026-23126, CVE-2026-23128,
CVE-2026-23129, CVE-2026-23131, CVE-2026-23133, CVE-2026-23135,
CVE-2026-23136, CVE-2026-23139, CVE-2026-23140, CVE-2026-23141,
CVE-2026-23142, CVE-2026-23144, CVE-2026-23145, CVE-2026-23146,
CVE-2026-23148, CVE-2026-23150, CVE-2026-23151, CVE-2026-23156,
CVE-2026-23159, CVE-2026-23160, CVE-2026-23163, CVE-2026-23164,
CVE-2026-23166, CVE-2026-23167, CVE-2026-23168, CVE-2026-23170,
CVE-2026-23172, CVE-2026-23173, CVE-2026-23176, CVE-2026-23178,
CVE-2026-23179, CVE-2026-23180, CVE-2026-23182, CVE-2026-23187,
CVE-2026-23190, CVE-2026-23191, CVE-2026-23193, CVE-2026-23198,
CVE-2026-23200, CVE-2026-23204, CVE-2026-23205, CVE-2026-23206,
CVE-2026-23212, CVE-2026-23213, CVE-2026-23214, CVE-2026-23215,
CVE-2026-23216, CVE-2026-23254, CVE-2026-23256, CVE-2026-23257,
CVE-2026-23258, CVE-2026-23260, CVE-2026-23261, CVE-2026-23262,
CVE-2026-23264, CVE-2026-23274, CVE-2026-23351, CVE-2026-23394,
CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033,
CVE-2026-43077, CVE-2026-43078)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
linux-image-6.8.0-1054-nvidia 6.8.0-1054.57
linux-image-6.8.0-1054-nvidia-64k 6.8.0-1054.57
linux-image-6.8.0-1054-nvidia-lowlatency 6.8.0-1054.57.1
linux-image-6.8.0-1054-nvidia-lowlatency-64k 6.8.0-1054.57.1
linux-image-nvidia 6.8.0-1054.57
linux-image-nvidia-6.8 6.8.0-1054.57
linux-image-nvidia-64k 6.8.0-1054.57
linux-image-nvidia-64k-6.8 6.8.0-1054.57
linux-image-nvidia-lowlatency 6.8.0-1054.57.1
linux-image-nvidia-lowlatency-6.8 6.8.0-1054.57.1
linux-image-nvidia-lowlatency-64k 6.8.0-1054.57.1
linux-image-nvidia-lowlatency-64k-6.8 6.8.0-1054.57.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8289-1
CVE-2024-50004, CVE-2024-58096, CVE-2024-58097, CVE-2025-37926,
CVE-2025-38201, CVE-2025-38591, CVE-2025-40039, CVE-2025-40082,
CVE-2025-40149, CVE-2025-68351, CVE-2025-68358, CVE-2025-68365,
CVE-2025-68725, CVE-2025-68749, CVE-2025-68803, CVE-2025-68823,
CVE-2025-71160, CVE-2025-71162, CVE-2025-71163, CVE-2025-71180,
CVE-2025-71182, CVE-2025-71183, CVE-2025-71184, CVE-2025-71185,
CVE-2025-71186, CVE-2025-71188, CVE-2025-71189, CVE-2025-71190,
CVE-2025-71191, CVE-2025-71192, CVE-2025-71193, CVE-2025-71194,
CVE-2025-71195, CVE-2025-71196, CVE-2025-71197, CVE-2025-71198,
CVE-2025-71199, CVE-2025-71200, CVE-2025-71220, CVE-2025-71222,
CVE-2025-71224, CVE-2025-71225, CVE-2025-71268, CVE-2026-22976,
CVE-2026-22977, CVE-2026-22978, CVE-2026-22979, CVE-2026-22980,
CVE-2026-22982, CVE-2026-22984, CVE-2026-22990, CVE-2026-22991,
CVE-2026-22992, CVE-2026-22994, CVE-2026-22996, CVE-2026-22997,
CVE-2026-22998, CVE-2026-22999, CVE-2026-23000, CVE-2026-23001,
CVE-2026-23003, CVE-2026-23005, CVE-2026-23006, CVE-2026-23010,
CVE-2026-23011, CVE-2026-23019, CVE-2026-23020, CVE-2026-23021,
CVE-2026-23025, CVE-2026-23026, CVE-2026-23030, CVE-2026-23031,
CVE-2026-23032, CVE-2026-23033, CVE-2026-23035, CVE-2026-23037,
CVE-2026-23038, CVE-2026-23047, CVE-2026-23049, CVE-2026-23050,
CVE-2026-23053, CVE-2026-23054, CVE-2026-23056, CVE-2026-23057,
CVE-2026-23058, CVE-2026-23059, CVE-2026-23061, CVE-2026-23062,
CVE-2026-23063, CVE-2026-23064, CVE-2026-23065, CVE-2026-23068,
CVE-2026-23069, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075,
CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083,
CVE-2026-23084, CVE-2026-23085, CVE-2026-23086, CVE-2026-23087,
CVE-2026-23088, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091,
CVE-2026-23093, CVE-2026-23094, CVE-2026-23095, CVE-2026-23096,
CVE-2026-23097, CVE-2026-23098, CVE-2026-23099, CVE-2026-23101,
CVE-2026-23102, CVE-2026-23103, CVE-2026-23105, CVE-2026-23107,
CVE-2026-23108, CVE-2026-23110, CVE-2026-23113, CVE-2026-23116,
CVE-2026-23119, CVE-2026-23120, CVE-2026-23121, CVE-2026-23123,
CVE-2026-23124, CVE-2026-23125, CVE-2026-23126, CVE-2026-23128,
CVE-2026-23129, CVE-2026-23131, CVE-2026-23133, CVE-2026-23135,
CVE-2026-23136, CVE-2026-23139, CVE-2026-23140, CVE-2026-23141,
CVE-2026-23142, CVE-2026-23144, CVE-2026-23145, CVE-2026-23146,
CVE-2026-23148, CVE-2026-23150, CVE-2026-23151, CVE-2026-23156,
CVE-2026-23159, CVE-2026-23160, CVE-2026-23163, CVE-2026-23164,
CVE-2026-23166, CVE-2026-23167, CVE-2026-23168, CVE-2026-23170,
CVE-2026-23172, CVE-2026-23173, CVE-2026-23176, CVE-2026-23178,
CVE-2026-23179, CVE-2026-23180, CVE-2026-23182, CVE-2026-23187,
CVE-2026-23190, CVE-2026-23191, CVE-2026-23193, CVE-2026-23198,
CVE-2026-23200, CVE-2026-23204, CVE-2026-23205, CVE-2026-23206,
CVE-2026-23212, CVE-2026-23213, CVE-2026-23214, CVE-2026-23215,
CVE-2026-23216, CVE-2026-23254, CVE-2026-23256, CVE-2026-23257,
CVE-2026-23258, CVE-2026-23260, CVE-2026-23261, CVE-2026-23262,
CVE-2026-23264, CVE-2026-23274, CVE-2026-23351, CVE-2026-23394,
CVE-2026-31419, CVE-2026-31431, CVE-2026-31504, CVE-2026-31533,
CVE-2026-43033, CVE-2026-43077, CVE-2026-43078
Package Information:
https://launchpad.net/ubuntu/+source/linux-nvidia/6.8.0-1054.57
https://launchpad.net/ubuntu/+source/linux-nvidia-lowlatency/6.8.0-1054.57.1
