[USN-8296-1] Linux kernel (FIPS) vulnerabilities
[USN-8277-2] Linux kernel (Oracle) vulnerabilities
[USN-8291-2] Linux kernel (Low Latency) vulnerabilities
[USN-8295-1] Evince vulnerability
[USN-8290-1] Path-to-Regexp vulnerability
[USN-8279-2] Linux kernel (GCP) vulnerabilities
[USN-8281-2] Linux kernel (Azure) vulnerabilities
[USN-8297-1] Linux kernel (GCP) vulnerabilities
[USN-8280-2] Linux kernel (Azure)vulnerabilities
[USN-8296-1] Linux kernel (FIPS) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8296-1
May 22, 2026
linux-fips vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-fips: Linux kernel with FIPS
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- x86 architecture;
- Compute Acceleration Framework;
- Drivers core;
- Null block device driver;
- Ublk userspace block driver;
- Bluetooth drivers;
- Counter interface drivers;
- DMA engine subsystem;
- DPLL subsystem;
- GPU drivers;
- HID subsystem;
- Intel Trace Hub HW tracing drivers;
- IIO ADC drivers;
- IIO subsystem;
- On-Chip Interconnect management framework;
- IRQ chip drivers;
- Modular ISDN driver;
- LED subsystem;
- Multiple devices driver;
- UACCE accelerator framework;
- MMC subsystem;
- Ethernet bonding driver;
- Network drivers;
- Mellanox network drivers;
- NVME drivers;
- PHY drivers;
- x86 platform drivers;
- i.MX PM domains;
- SCSI subsystem;
- SLIMbus drivers;
- SPI subsystem;
- TCM subsystem;
- W1 Dallas's 1-wire bus driver;
- Xen hypervisor drivers;
- BTRFS file system;
- EFI Variable file system;
- exFAT file system;
- Ext4 file system;
- HFS+ file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NTFS3 file system;
- SMB network file system;
- Scheduler infrastructure;
- Netfilter;
- NFC subsystem;
- Tracing infrastructure;
- io_uring subsystem;
- BPF subsystem;
- Perf events;
- Floating proportions library;
- Memory management;
- Bluetooth subsystem;
- CAN network layer;
- Ceph Core library;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- L2TP protocol;
- MAC80211 subsystem;
- NET/ROM layer;
- Network traffic control;
- SCTP protocol;
- TLS protocol;
- Unix domain sockets;
- VMware vSockets driver;
- Wireless networking;
- ALSA AC97 driver;
- Generic PCM loopback sound driver;
- Creative Sound Blaster X-Fi driver;
- AMD SoC Alsa drivers;
- Texas InstrumentS Audio (ASoC/HDA) drivers;
- USB sound devices;
- KVM subsystem;
(CVE-2024-50004, CVE-2024-58096, CVE-2024-58097, CVE-2025-37926,
CVE-2025-38201, CVE-2025-38591, CVE-2025-40039, CVE-2025-40082,
CVE-2025-40149, CVE-2025-68351, CVE-2025-68358, CVE-2025-68365,
CVE-2025-68725, CVE-2025-68749, CVE-2025-68803, CVE-2025-68823,
CVE-2025-71160, CVE-2025-71162, CVE-2025-71163, CVE-2025-71180,
CVE-2025-71182, CVE-2025-71183, CVE-2025-71184, CVE-2025-71185,
CVE-2025-71186, CVE-2025-71188, CVE-2025-71189, CVE-2025-71190,
CVE-2025-71191, CVE-2025-71192, CVE-2025-71193, CVE-2025-71194,
CVE-2025-71195, CVE-2025-71196, CVE-2025-71197, CVE-2025-71198,
CVE-2025-71199, CVE-2025-71200, CVE-2025-71220, CVE-2025-71222,
CVE-2025-71224, CVE-2025-71225, CVE-2025-71268, CVE-2026-22976,
CVE-2026-22977, CVE-2026-22978, CVE-2026-22979, CVE-2026-22980,
CVE-2026-22982, CVE-2026-22984, CVE-2026-22990, CVE-2026-22991,
CVE-2026-22992, CVE-2026-22994, CVE-2026-22996, CVE-2026-22997,
CVE-2026-22998, CVE-2026-22999, CVE-2026-23000, CVE-2026-23001,
CVE-2026-23003, CVE-2026-23005, CVE-2026-23006, CVE-2026-23010,
CVE-2026-23011, CVE-2026-23019, CVE-2026-23020, CVE-2026-23021,
CVE-2026-23025, CVE-2026-23026, CVE-2026-23030, CVE-2026-23031,
CVE-2026-23032, CVE-2026-23033, CVE-2026-23035, CVE-2026-23037,
CVE-2026-23038, CVE-2026-23047, CVE-2026-23049, CVE-2026-23050,
CVE-2026-23053, CVE-2026-23054, CVE-2026-23056, CVE-2026-23057,
CVE-2026-23058, CVE-2026-23059, CVE-2026-23061, CVE-2026-23062,
CVE-2026-23063, CVE-2026-23064, CVE-2026-23065, CVE-2026-23068,
CVE-2026-23069, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075,
CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083,
CVE-2026-23084, CVE-2026-23085, CVE-2026-23086, CVE-2026-23087,
CVE-2026-23088, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091,
CVE-2026-23093, CVE-2026-23094, CVE-2026-23095, CVE-2026-23096,
CVE-2026-23097, CVE-2026-23098, CVE-2026-23099, CVE-2026-23101,
CVE-2026-23102, CVE-2026-23103, CVE-2026-23105, CVE-2026-23107,
CVE-2026-23108, CVE-2026-23110, CVE-2026-23113, CVE-2026-23116,
CVE-2026-23119, CVE-2026-23120, CVE-2026-23121, CVE-2026-23123,
CVE-2026-23124, CVE-2026-23125, CVE-2026-23126, CVE-2026-23128,
CVE-2026-23129, CVE-2026-23131, CVE-2026-23133, CVE-2026-23135,
CVE-2026-23136, CVE-2026-23139, CVE-2026-23140, CVE-2026-23141,
CVE-2026-23142, CVE-2026-23144, CVE-2026-23145, CVE-2026-23146,
CVE-2026-23148, CVE-2026-23150, CVE-2026-23151, CVE-2026-23156,
CVE-2026-23159, CVE-2026-23160, CVE-2026-23163, CVE-2026-23164,
CVE-2026-23166, CVE-2026-23167, CVE-2026-23168, CVE-2026-23170,
CVE-2026-23172, CVE-2026-23173, CVE-2026-23176, CVE-2026-23178,
CVE-2026-23179, CVE-2026-23180, CVE-2026-23182, CVE-2026-23187,
CVE-2026-23190, CVE-2026-23191, CVE-2026-23193, CVE-2026-23198,
CVE-2026-23200, CVE-2026-23202, CVE-2026-23204, CVE-2026-23205,
CVE-2026-23206, CVE-2026-23212, CVE-2026-23213, CVE-2026-23214,
CVE-2026-23215, CVE-2026-23216, CVE-2026-23254, CVE-2026-23256,
CVE-2026-23257, CVE-2026-23258, CVE-2026-23260, CVE-2026-23261,
CVE-2026-23262, CVE-2026-23264, CVE-2026-23274, CVE-2026-23351,
CVE-2026-23394)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
linux-image-6.8.0-116-fips 6.8.0-116.116+fips1
Available with Ubuntu Pro
linux-image-fips 6.8.0-116.116+fips1
Available with Ubuntu Pro
linux-image-fips-6.8 6.8.0-116.116+fips1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8296-1
CVE-2024-50004, CVE-2024-58096, CVE-2024-58097, CVE-2025-37926,
CVE-2025-38201, CVE-2025-38591, CVE-2025-40039, CVE-2025-40082,
CVE-2025-40149, CVE-2025-68351, CVE-2025-68358, CVE-2025-68365,
CVE-2025-68725, CVE-2025-68749, CVE-2025-68803, CVE-2025-68823,
CVE-2025-71160, CVE-2025-71162, CVE-2025-71163, CVE-2025-71180,
CVE-2025-71182, CVE-2025-71183, CVE-2025-71184, CVE-2025-71185,
CVE-2025-71186, CVE-2025-71188, CVE-2025-71189, CVE-2025-71190,
CVE-2025-71191, CVE-2025-71192, CVE-2025-71193, CVE-2025-71194,
CVE-2025-71195, CVE-2025-71196, CVE-2025-71197, CVE-2025-71198,
CVE-2025-71199, CVE-2025-71200, CVE-2025-71220, CVE-2025-71222,
CVE-2025-71224, CVE-2025-71225, CVE-2025-71268, CVE-2026-22976,
CVE-2026-22977, CVE-2026-22978, CVE-2026-22979, CVE-2026-22980,
CVE-2026-22982, CVE-2026-22984, CVE-2026-22990, CVE-2026-22991,
CVE-2026-22992, CVE-2026-22994, CVE-2026-22996, CVE-2026-22997,
CVE-2026-22998, CVE-2026-22999, CVE-2026-23000, CVE-2026-23001,
CVE-2026-23003, CVE-2026-23005, CVE-2026-23006, CVE-2026-23010,
CVE-2026-23011, CVE-2026-23019, CVE-2026-23020, CVE-2026-23021,
CVE-2026-23025, CVE-2026-23026, CVE-2026-23030, CVE-2026-23031,
CVE-2026-23032, CVE-2026-23033, CVE-2026-23035, CVE-2026-23037,
CVE-2026-23038, CVE-2026-23047, CVE-2026-23049, CVE-2026-23050,
CVE-2026-23053, CVE-2026-23054, CVE-2026-23056, CVE-2026-23057,
CVE-2026-23058, CVE-2026-23059, CVE-2026-23061, CVE-2026-23062,
CVE-2026-23063, CVE-2026-23064, CVE-2026-23065, CVE-2026-23068,
CVE-2026-23069, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075,
CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083,
CVE-2026-23084, CVE-2026-23085, CVE-2026-23086, CVE-2026-23087,
CVE-2026-23088, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091,
CVE-2026-23093, CVE-2026-23094, CVE-2026-23095, CVE-2026-23096,
CVE-2026-23097, CVE-2026-23098, CVE-2026-23099, CVE-2026-23101,
CVE-2026-23102, CVE-2026-23103, CVE-2026-23105, CVE-2026-23107,
CVE-2026-23108, CVE-2026-23110, CVE-2026-23113, CVE-2026-23116,
CVE-2026-23119, CVE-2026-23120, CVE-2026-23121, CVE-2026-23123,
CVE-2026-23124, CVE-2026-23125, CVE-2026-23126, CVE-2026-23128,
CVE-2026-23129, CVE-2026-23131, CVE-2026-23133, CVE-2026-23135,
CVE-2026-23136, CVE-2026-23139, CVE-2026-23140, CVE-2026-23141,
CVE-2026-23142, CVE-2026-23144, CVE-2026-23145, CVE-2026-23146,
CVE-2026-23148, CVE-2026-23150, CVE-2026-23151, CVE-2026-23156,
CVE-2026-23159, CVE-2026-23160, CVE-2026-23163, CVE-2026-23164,
CVE-2026-23166, CVE-2026-23167, CVE-2026-23168, CVE-2026-23170,
CVE-2026-23172, CVE-2026-23173, CVE-2026-23176, CVE-2026-23178,
CVE-2026-23179, CVE-2026-23180, CVE-2026-23182, CVE-2026-23187,
CVE-2026-23190, CVE-2026-23191, CVE-2026-23193, CVE-2026-23198,
CVE-2026-23200, CVE-2026-23202, CVE-2026-23204, CVE-2026-23205,
CVE-2026-23206, CVE-2026-23212, CVE-2026-23213, CVE-2026-23214,
CVE-2026-23215, CVE-2026-23216, CVE-2026-23254, CVE-2026-23256,
CVE-2026-23257, CVE-2026-23258, CVE-2026-23260, CVE-2026-23261,
CVE-2026-23262, CVE-2026-23264, CVE-2026-23274, CVE-2026-23351,
CVE-2026-23394
Package Information:
https://launchpad.net/ubuntu/+source/linux-fips/6.8.0-116.116+fips1
[USN-8277-2] Linux kernel (Oracle) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8277-2
May 22, 2026
linux-oracle-6.17 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-oracle-6.17: Linux kernel for Oracle Cloud systems
Details:
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- S390 architecture;
- Cryptographic API;
- GPU drivers;
- Ethernet bonding driver;
- Network file system (NFS) server daemon;
- Distributed Switch Architecture;
- Netfilter;
- Control group (cgroup);
- Kernel kexec() syscall;
- Memory management;
- MAC80211 subsystem;
- Multipath TCP;
- Packet sockets;
- TLS protocol;
- Unix domain sockets;
(CVE-2025-71088, CVE-2025-71090, CVE-2025-71127, CVE-2025-71134,
CVE-2025-71139, CVE-2025-71141, CVE-2025-71142, CVE-2025-71144,
CVE-2025-71152, CVE-2025-71155, CVE-2026-23274, CVE-2026-23351,
CVE-2026-23394, CVE-2026-31419, CVE-2026-31504, CVE-2026-31533,
CVE-2026-43033, CVE-2026-43077, CVE-2026-43078)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
linux-image-6.17.0-1014-oracle 6.17.0-1014.14~24.04.1
linux-image-6.17.0-1014-oracle-64k 6.17.0-1014.14~24.04.1
linux-image-oracle 6.17.0-1014.14~24.04.1
linux-image-oracle-6.17 6.17.0-1014.14~24.04.1
linux-image-oracle-64k 6.17.0-1014.14~24.04.1
linux-image-oracle-64k-6.17 6.17.0-1014.14~24.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8277-2
https://ubuntu.com/security/notices/USN-8277-1
CVE-2025-71088, CVE-2025-71090, CVE-2025-71127, CVE-2025-71134,
CVE-2025-71139, CVE-2025-71141, CVE-2025-71142, CVE-2025-71144,
CVE-2025-71152, CVE-2025-71155, CVE-2026-23274, CVE-2026-23351,
CVE-2026-23394, CVE-2026-31419, CVE-2026-31431, CVE-2026-31504,
CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078
Package Information:
https://launchpad.net/ubuntu/+source/linux-oracle-6.17/6.17.0-1014.14~24.04.1
[USN-8291-2] Linux kernel (Low Latency) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8291-2
May 22, 2026
linux-lowlatency-hwe-5.15 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-lowlatency-hwe-5.15: Linux low latency kernel
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
- Netfilter;
- io_uring subsystem;
(CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.15.0-178-lowlatency 5.15.0-178.188~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-178-lowlatency-64k 5.15.0-178.188~20.04.1
Available with Ubuntu Pro
linux-image-lowlatency-5.15 5.15.0.178.188~20.04.1
Available with Ubuntu Pro
linux-image-lowlatency-64k-5.15 5.15.0.178.188~20.04.1
Available with Ubuntu Pro
linux-image-lowlatency-64k-hwe-20.04 5.15.0.178.188~20.04.1
Available with Ubuntu Pro
linux-image-lowlatency-hwe-20.04 5.15.0.178.188~20.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8291-2
https://ubuntu.com/security/notices/USN-8291-1
CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351
[USN-8295-1] Evince vulnerability
==========================================================================
Ubuntu Security Notice USN-8295-1
May 22, 2026
evince vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Evince could be made to run programs as your login if it opened a
specially crafted file.
Software Description:
- evince: Document viewer
Details:
It was discovered that Evince did not properly sanitize command-line
arguments in PDF /GoToR actions. If a user opened a specially crafted PDF
file, an attacker could possibly use this issue to execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
evince 49~alpha-2ubuntu2.1
evince-common 49~alpha-2ubuntu2.1
Ubuntu 25.10
evince 48.1-3ubuntu2.1
evince-common 48.1-3ubuntu2.1
Ubuntu 24.04 LTS
evince 46.3.1-0ubuntu1.1
evince-common 46.3.1-0ubuntu1.1
Ubuntu 22.04 LTS
evince 42.3-0ubuntu3.2
evince-common 42.3-0ubuntu3.2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8295-1
CVE-2026-46529
Package Information:
https://launchpad.net/ubuntu/+source/evince/49~alpha-2ubuntu2.1
https://launchpad.net/ubuntu/+source/evince/48.1-3ubuntu2.1
https://launchpad.net/ubuntu/+source/evince/46.3.1-0ubuntu1.1
https://launchpad.net/ubuntu/+source/evince/42.3-0ubuntu3.2
[USN-8290-1] Path-to-Regexp vulnerability
==========================================================================
Ubuntu Security Notice USN-8290-1
May 21, 2026
node-path-to-regexp vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Path-to-Regexp could be made to crash if it received specially crafted
network traffic.
Software Description:
- node-path-to-regexp: Turn a path string such as /user/:name into a regular expression.
Details:
It was discovered that Path-to-Regexp incorrectly handled route patterns
containing multiple named parameters separated by non-delimiter characters
such as hyphens. An attacker could possibly use this issue to cause a denial
of service via catastrophic backtracking in the generated regular expressions.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
node-path-to-regexp 6.2.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 22.04 LTS
node-path-to-regexp 6.2.0-2ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 20.04 LTS
node-path-to-regexp 6.1.0-2ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
node-path-to-regexp 1.0.1-1ubuntu0.18.04.1~esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
node-path-to-regexp 1.0.1-1ubuntu0.16.04.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8290-1
CVE-2024-45296
[USN-8279-2] Linux kernel (GCP) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8279-2
May 22, 2026
linux-gcp-5.15 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-gcp-5.15: Linux kernel for Google Cloud Platform (GCP) systems
Details:
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Ethernet bonding driver;
- SMB network file system;
- Netfilter;
- io_uring subsystem;
- Packet sockets;
- TLS protocol;
(CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351,
CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033,
CVE-2026-43077, CVE-2026-43078)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.15.0-1108-gcp 5.15.0-1108.117~20.04.1
Available with Ubuntu Pro
linux-image-gcp 5.15.0.1108.117~20.04.1
Available with Ubuntu Pro
linux-image-gcp-5.15 5.15.0.1108.117~20.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8279-2
https://ubuntu.com/security/notices/USN-8279-1
CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351,
CVE-2026-31419, CVE-2026-31431, CVE-2026-31504, CVE-2026-31533,
CVE-2026-43033, CVE-2026-43077, CVE-2026-43078
[USN-8281-2] Linux kernel (Azure) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8281-2
May 22, 2026
linux-azure-4.15, linux-azure-fips vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems
- linux-azure-fips: Linux kernel for Microsoft Azure Cloud systems with FIPS
Details:
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Packet sockets;
(CVE-2026-31504, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
linux-image-4.15.0-1201-azure 4.15.0-1201.216
Available with Ubuntu Pro
linux-image-4.15.0-2110-azure-fips 4.15.0-2110.116
Available with Ubuntu Pro
linux-image-azure-4.15 4.15.0.1201.169
Available with Ubuntu Pro
linux-image-azure-fips 4.15.0.2110.106
Available with Ubuntu Pro
linux-image-azure-fips-4.15 4.15.0.2110.106
Available with Ubuntu Pro
linux-image-azure-lts-18.04 4.15.0.1201.169
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8281-2
https://ubuntu.com/security/notices/USN-8281-1
CVE-2026-31431, CVE-2026-31504, CVE-2026-43033, CVE-2026-43077,
CVE-2026-43078
[USN-8297-1] Linux kernel (GCP) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8297-1
May 22, 2026
linux-gcp-5.15 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-gcp-5.15: Linux kernel for Google Cloud Platform (GCP) systems
Details:
Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS
implementation in the Ubuntu Linux kernel did not properly perform
permission checks in certain situations. A local attacker could possibly
use this to gain elevated privileges. (CVE-2023-2640)
Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in
the Ubuntu Linux kernel did not properly perform permission checks in
certain situations. A local attacker could possibly use this to gain
elevated privileges. (CVE-2023-32629)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- Block layer subsystem;
- Drivers core;
- Bluetooth drivers;
- DMA engine subsystem;
- GPU drivers;
- HID subsystem;
- Intel Trace Hub HW tracing drivers;
- IIO ADC drivers;
- IRQ chip drivers;
- Modular ISDN driver;
- LED subsystem;
- UACCE accelerator framework;
- Ethernet bonding driver;
- Network drivers;
- STMicroelectronics network drivers;
- Ethernet team driver;
- NVME drivers;
- PHY drivers;
- SLIMbus drivers;
- W1 Dallas's 1-wire bus driver;
- Xen hypervisor drivers;
- BTRFS file system;
- Ext4 file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NTFS3 file system;
- SMB network file system;
- NFC subsystem;
- BPF subsystem;
- IRQ subsystem;
- Memory management;
- Bluetooth subsystem;
- CAN network layer;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- L2TP protocol;
- NET/ROM layer;
- Network traffic control;
- SCTP protocol;
- TLS protocol;
- XFRM subsystem;
- Creative Sound Blaster X-Fi driver;
- USB sound devices;
(CVE-2023-53421, CVE-2023-53520, CVE-2023-53662, CVE-2023-54207,
CVE-2025-38057, CVE-2025-38125, CVE-2025-38232, CVE-2025-38408,
CVE-2025-38591, CVE-2025-40149, CVE-2025-40164, CVE-2025-68211,
CVE-2025-68340, CVE-2025-68365, CVE-2025-68725, CVE-2025-68817,
CVE-2025-71162, CVE-2025-71163, CVE-2025-71185, CVE-2025-71186,
CVE-2025-71188, CVE-2025-71190, CVE-2025-71191, CVE-2025-71194,
CVE-2025-71196, CVE-2025-71197, CVE-2025-71199, CVE-2026-22997,
CVE-2026-22998, CVE-2026-22999, CVE-2026-23001, CVE-2026-23003,
CVE-2026-23011, CVE-2026-23026, CVE-2026-23033, CVE-2026-23037,
CVE-2026-23038, CVE-2026-23049, CVE-2026-23056, CVE-2026-23058,
CVE-2026-23061, CVE-2026-23063, CVE-2026-23064, CVE-2026-23071,
CVE-2026-23073, CVE-2026-23075, CVE-2026-23076, CVE-2026-23078,
CVE-2026-23080, CVE-2026-23083, CVE-2026-23084, CVE-2026-23085,
CVE-2026-23087, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091,
CVE-2026-23093, CVE-2026-23095, CVE-2026-23096, CVE-2026-23097,
CVE-2026-23098, CVE-2026-23099, CVE-2026-23101, CVE-2026-23103,
CVE-2026-23105, CVE-2026-23108, CVE-2026-23112, CVE-2026-23119,
CVE-2026-23120, CVE-2026-23121, CVE-2026-23124, CVE-2026-23125,
CVE-2026-23128, CVE-2026-23133, CVE-2026-23145, CVE-2026-23146,
CVE-2026-23150, CVE-2026-23164, CVE-2026-23167, CVE-2026-23170,
CVE-2026-23209)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.15.0-1106-gcp 5.15.0-1106.115~20.04.1
Available with Ubuntu Pro
linux-image-gcp 5.15.0.1106.115~20.04.1
Available with Ubuntu Pro
linux-image-gcp-5.15 5.15.0.1106.115~20.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8297-1
CVE-2023-2640, CVE-2023-32629, CVE-2023-53421, CVE-2023-53520,
CVE-2023-53662, CVE-2023-54207, CVE-2025-38057, CVE-2025-38125,
CVE-2025-38232, CVE-2025-38408, CVE-2025-38591, CVE-2025-40149,
CVE-2025-40164, CVE-2025-68211, CVE-2025-68340, CVE-2025-68365,
CVE-2025-68725, CVE-2025-68817, CVE-2025-71162, CVE-2025-71163,
CVE-2025-71185, CVE-2025-71186, CVE-2025-71188, CVE-2025-71190,
CVE-2025-71191, CVE-2025-71194, CVE-2025-71196, CVE-2025-71197,
CVE-2025-71199, CVE-2026-22997, CVE-2026-22998, CVE-2026-22999,
CVE-2026-23001, CVE-2026-23003, CVE-2026-23011, CVE-2026-23026,
CVE-2026-23033, CVE-2026-23037, CVE-2026-23038, CVE-2026-23049,
CVE-2026-23056, CVE-2026-23058, CVE-2026-23061, CVE-2026-23063,
CVE-2026-23064, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075,
CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083,
CVE-2026-23084, CVE-2026-23085, CVE-2026-23087, CVE-2026-23089,
CVE-2026-23090, CVE-2026-23091, CVE-2026-23093, CVE-2026-23095,
CVE-2026-23096, CVE-2026-23097, CVE-2026-23098, CVE-2026-23099,
CVE-2026-23101, CVE-2026-23103, CVE-2026-23105, CVE-2026-23108,
CVE-2026-23112, CVE-2026-23119, CVE-2026-23120, CVE-2026-23121,
CVE-2026-23124, CVE-2026-23125, CVE-2026-23128, CVE-2026-23133,
CVE-2026-23145, CVE-2026-23146, CVE-2026-23150, CVE-2026-23164,
CVE-2026-23167, CVE-2026-23170, CVE-2026-23209
[USN-8280-2] Linux kernel (Azure)vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8280-2
May 22, 2026
linux-azure, linux-azure-5.4, linux-azure-fips vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-azure-fips: Linux kernel for Microsoft Azure Cloud systems with FIPS
- linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems
Details:
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Packet sockets;
- TLS protocol;
(CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077,
CVE-2026-43078)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.4.0-1163-azure 5.4.0-1163.169
Available with Ubuntu Pro
linux-image-5.4.0-1163-azure-fips 5.4.0-1163.169+fips1
Available with Ubuntu Pro
linux-image-azure-5.4 5.4.0.1163.155
Available with Ubuntu Pro
linux-image-azure-fips 5.4.0.1163.99
Available with Ubuntu Pro
linux-image-azure-fips-5.4 5.4.0.1163.99
Available with Ubuntu Pro
linux-image-azure-lts-20.04 5.4.0.1163.155
Available with Ubuntu Pro
Ubuntu 18.04 LTS
linux-image-5.4.0-1163-azure 5.4.0-1163.169~18.04.1
Available with Ubuntu Pro
linux-image-azure 5.4.0.1163.169~18.04.1
Available with Ubuntu Pro
linux-image-azure-5.4 5.4.0.1163.169~18.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8280-2
https://ubuntu.com/security/notices/USN-8280-1
CVE-2026-31431, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033,
CVE-2026-43077, CVE-2026-43078
