Kernel, Gnuplot, Eventlet, PCRE2, Sha.js updates for Ubuntu

Ubuntu 6922 Published by

Several security updates have been released for Ubuntu to address vulnerabilities. The updates include fixes for Linux kernel vulnerabilities, affecting Azure FIPS, real-time, Oracle, and IBM versions. Additionally, vulnerabilities were found in Gnuplot, Eventlet, PCRE2, and sha.js, which also received security updates.

[USN-7775-1] Linux kernel (Azure FIPS) vulnerabilities
[USN-7774-3] Linux kernel (Real-time) vulnerabilities
[USN-7774-1] Linux kernel vulnerabilities
[USN-7773-1] Gnuplot vulnerabilities
[USN-7772-1] Eventlet vulnerability
[USN-7776-1] Linux kernel (Oracle) vulnerabilities
[USN-7767-2] Linux kernel (Real-time) vulnerabilities
[USN-7779-1] Linux kernel (IBM) vulnerabilities
[USN-7777-1] PCRE2 vulnerability
[USN-7778-1] sha.js vulnerability




[USN-7775-1] Linux kernel (Azure FIPS) vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7775-1
September 25, 2025

linux-azure-fips vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-azure-fips: Linux kernel for Microsoft Azure Cloud systems with FIPS

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Pin controllers subsystem;
- x86 platform drivers;
- PTP clock framework;
- RapidIO drivers;
- Voltage and Current Regulator drivers;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI subsystem;
- ASPEED SoC drivers;
- TCM subsystem;
- Thermal drivers;
- Thunderbolt and USB4 drivers;
- TTY drivers;
- UFS subsystem;
- USB Gadget drivers;
- Renesas USBHS Controller drivers;
- USB Type-C support driver;
- Virtio Host (VHOST) subsystem;
- Backlight driver;
- Framebuffer layer;
- BTRFS file system;
- File systems infrastructure;
- Ext4 file system;
- F2FS file system;
- JFFS2 file system;
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NTFS3 file system;
- SMB network file system;
- DRM display driver;
- Memory Management;
- Mellanox drivers;
- Memory management;
- Netfilter;
- Network sockets;
- IPC subsystem;
- BPF subsystem;
- Perf events;
- Kernel exit() syscall;
- Restartable seuqences system call mechanism;
- Timer subsystem;
- Tracing infrastructure;
- Appletalk network protocol;
- Asynchronous Transfer Mode (ATM) subsystem;
- Networking core;
- IPv6 networking;
- MultiProtocol Label Switching driver;
- NetLabel subsystem;
- Netlink;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- RxRPC session sockets;
- Network traffic control;
- TIPC protocol;
- VMware vSockets driver;
- USB sound devices;
(CVE-2025-38181, CVE-2025-38200, CVE-2025-38115, CVE-2025-38375,
CVE-2025-38457, CVE-2025-38371, CVE-2025-38145, CVE-2025-38540,
CVE-2025-38305, CVE-2025-38443, CVE-2025-38222, CVE-2025-38143,
CVE-2025-38173, CVE-2025-38466, CVE-2025-38458, CVE-2025-38293,
CVE-2025-38412, CVE-2025-38418, CVE-2025-38513, CVE-2025-38459,
CVE-2025-38084, CVE-2022-48703, CVE-2025-38419, CVE-2025-38336,
CVE-2025-37963, CVE-2025-38204, CVE-2025-38227, CVE-2025-38088,
CVE-2025-38401, CVE-2025-38107, CVE-2025-38285, CVE-2025-37958,
CVE-2025-38389, CVE-2025-38444, CVE-2025-38465, CVE-2025-38206,
CVE-2025-38326, CVE-2025-38103, CVE-2024-44939, CVE-2025-38154,
CVE-2025-38348, CVE-2025-38229, CVE-2025-38514, CVE-2025-38231,
CVE-2025-38136, CVE-2024-26775, CVE-2025-38439, CVE-2025-38386,
CVE-2025-38219, CVE-2025-38163, CVE-2025-38498, CVE-2025-38312,
CVE-2025-38074, CVE-2025-38328, CVE-2025-38430, CVE-2025-38102,
CVE-2024-57883, CVE-2025-38406, CVE-2025-38515, CVE-2025-38363,
CVE-2025-38319, CVE-2025-38395, CVE-2025-38111, CVE-2025-38462,
CVE-2025-38184, CVE-2025-38324, CVE-2025-38197, CVE-2025-38100,
CVE-2025-38112, CVE-2025-38384, CVE-2025-38420, CVE-2025-38403,
CVE-2025-38415, CVE-2025-38067, CVE-2025-38157, CVE-2025-38146,
CVE-2025-38310, CVE-2025-38377, CVE-2025-38174, CVE-2025-38135,
CVE-2025-38320, CVE-2025-38387, CVE-2025-21888, CVE-2025-38516,
CVE-2025-38448, CVE-2025-38441, CVE-2025-38313, CVE-2025-38410,
CVE-2025-38424, CVE-2025-38161, CVE-2025-38090, CVE-2025-38362,
CVE-2025-38138, CVE-2025-38160, CVE-2025-38218, CVE-2025-38460,
CVE-2025-38542, CVE-2025-38122, CVE-2025-38086, CVE-2025-38245,
CVE-2025-38391, CVE-2025-38400, CVE-2025-38467, CVE-2025-38280,
CVE-2025-38273, CVE-2025-38147, CVE-2025-38257, CVE-2025-38263,
CVE-2025-38464, CVE-2025-38352, CVE-2025-38120, CVE-2025-38159,
CVE-2025-38237, CVE-2025-38212, CVE-2025-38399, CVE-2025-38346,
CVE-2025-38262, CVE-2025-38345, CVE-2025-38332, CVE-2025-38445,
CVE-2024-26726, CVE-2025-38249, CVE-2025-38428, CVE-2025-38167,
CVE-2025-38119, CVE-2025-38461, CVE-2025-38194, CVE-2025-38226,
CVE-2025-38203, CVE-2025-38342, CVE-2025-38344, CVE-2025-38251,
CVE-2025-37948, CVE-2025-38393, CVE-2025-37954, CVE-2025-38286,
CVE-2025-38337, CVE-2025-38416, CVE-2025-38108, CVE-2025-38211,
CVE-2025-38153, CVE-2025-38085, CVE-2025-38298)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
linux-image-5.15.0-1096-azure-fips 5.15.0-1096.105+fips1
Available with Ubuntu Pro
linux-image-azure-fips 5.15.0.1096.81
Available with Ubuntu Pro
linux-image-azure-fips-5.15 5.15.0.1096.81
Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7775-1
CVE-2022-48703, CVE-2024-26726, CVE-2024-26775, CVE-2024-44939,
CVE-2024-57883, CVE-2025-21888, CVE-2025-37948, CVE-2025-37954,
CVE-2025-37958, CVE-2025-37963, CVE-2025-38067, CVE-2025-38074,
CVE-2025-38084, CVE-2025-38085, CVE-2025-38086, CVE-2025-38088,
CVE-2025-38090, CVE-2025-38100, CVE-2025-38102, CVE-2025-38103,
CVE-2025-38107, CVE-2025-38108, CVE-2025-38111, CVE-2025-38112,
CVE-2025-38115, CVE-2025-38119, CVE-2025-38120, CVE-2025-38122,
CVE-2025-38135, CVE-2025-38136, CVE-2025-38138, CVE-2025-38143,
CVE-2025-38145, CVE-2025-38146, CVE-2025-38147, CVE-2025-38153,
CVE-2025-38154, CVE-2025-38157, CVE-2025-38159, CVE-2025-38160,
CVE-2025-38161, CVE-2025-38163, CVE-2025-38167, CVE-2025-38173,
CVE-2025-38174, CVE-2025-38181, CVE-2025-38184, CVE-2025-38194,
CVE-2025-38197, CVE-2025-38200, CVE-2025-38203, CVE-2025-38204,
CVE-2025-38206, CVE-2025-38211, CVE-2025-38212, CVE-2025-38218,
CVE-2025-38219, CVE-2025-38222, CVE-2025-38226, CVE-2025-38227,
CVE-2025-38229, CVE-2025-38231, CVE-2025-38237, CVE-2025-38245,
CVE-2025-38249, CVE-2025-38251, CVE-2025-38257, CVE-2025-38262,
CVE-2025-38263, CVE-2025-38273, CVE-2025-38280, CVE-2025-38285,
CVE-2025-38286, CVE-2025-38293, CVE-2025-38298, CVE-2025-38305,
CVE-2025-38310, CVE-2025-38312, CVE-2025-38313, CVE-2025-38319,
CVE-2025-38320, CVE-2025-38324, CVE-2025-38326, CVE-2025-38328,
CVE-2025-38332, CVE-2025-38336, CVE-2025-38337, CVE-2025-38342,
CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38348,
CVE-2025-38352, CVE-2025-38362, CVE-2025-38363, CVE-2025-38371,
CVE-2025-38375, CVE-2025-38377, CVE-2025-38384, CVE-2025-38386,
CVE-2025-38387, CVE-2025-38389, CVE-2025-38391, CVE-2025-38393,
CVE-2025-38395, CVE-2025-38399, CVE-2025-38400, CVE-2025-38401,
CVE-2025-38403, CVE-2025-38406, CVE-2025-38410, CVE-2025-38412,
CVE-2025-38415, CVE-2025-38416, CVE-2025-38418, CVE-2025-38419,
CVE-2025-38420, CVE-2025-38424, CVE-2025-38428, CVE-2025-38430,
CVE-2025-38439, CVE-2025-38441, CVE-2025-38443, CVE-2025-38444,
CVE-2025-38445, CVE-2025-38448, CVE-2025-38457, CVE-2025-38458,
CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462,
CVE-2025-38464, CVE-2025-38465, CVE-2025-38466, CVE-2025-38467,
CVE-2025-38498, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515,
CVE-2025-38516, CVE-2025-38540, CVE-2025-38542

Package Information:
https://launchpad.net/ubuntu/+source/linux-azure-fips/5.15.0-1096.105+fips1



[USN-7774-3] Linux kernel (Real-time) vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7774-3
September 25, 2025

linux-intel-iot-realtime, linux-realtime vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-intel-iot-realtime: Linux kernel for Intel IoT Real-time platforms
- linux-realtime: Linux kernel for Real-time systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Pin controllers subsystem;
- x86 platform drivers;
- PTP clock framework;
- RapidIO drivers;
- Voltage and Current Regulator drivers;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI subsystem;
- ASPEED SoC drivers;
- TCM subsystem;
- Thermal drivers;
- Thunderbolt and USB4 drivers;
- TTY drivers;
- UFS subsystem;
- USB Gadget drivers;
- Renesas USBHS Controller drivers;
- USB Type-C support driver;
- Virtio Host (VHOST) subsystem;
- Backlight driver;
- Framebuffer layer;
- BTRFS file system;
- File systems infrastructure;
- Ext4 file system;
- F2FS file system;
- JFFS2 file system;
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NTFS3 file system;
- DRM display driver;
- Memory Management;
- Mellanox drivers;
- Memory management;
- Netfilter;
- Network sockets;
- IPC subsystem;
- BPF subsystem;
- Perf events;
- Kernel exit() syscall;
- Restartable seuqences system call mechanism;
- Timer subsystem;
- Tracing infrastructure;
- Appletalk network protocol;
- Asynchronous Transfer Mode (ATM) subsystem;
- Networking core;
- IPv6 networking;
- MultiProtocol Label Switching driver;
- NetLabel subsystem;
- Netlink;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- RxRPC session sockets;
- Network traffic control;
- TIPC protocol;
- VMware vSockets driver;
- USB sound devices;
(CVE-2025-38399, CVE-2025-38391, CVE-2025-38412, CVE-2025-38393,
CVE-2025-38163, CVE-2025-38167, CVE-2025-38319, CVE-2025-38135,
CVE-2025-37963, CVE-2025-38226, CVE-2025-38147, CVE-2025-38513,
CVE-2025-38161, CVE-2025-38146, CVE-2025-38352, CVE-2025-38458,
CVE-2025-38444, CVE-2025-38430, CVE-2025-38418, CVE-2025-38206,
CVE-2025-38160, CVE-2025-38461, CVE-2025-38465, CVE-2025-38119,
CVE-2025-38459, CVE-2025-38410, CVE-2025-38111, CVE-2025-38222,
CVE-2025-38313, CVE-2025-38285, CVE-2025-38067, CVE-2025-38143,
CVE-2025-38200, CVE-2024-44939, CVE-2025-38219, CVE-2024-26775,
CVE-2025-38090, CVE-2025-38262, CVE-2025-38332, CVE-2025-38345,
CVE-2025-38337, CVE-2025-38403, CVE-2025-38085, CVE-2025-38229,
CVE-2025-38540, CVE-2025-38362, CVE-2025-38384, CVE-2025-38115,
CVE-2025-38136, CVE-2025-38445, CVE-2025-38424, CVE-2025-38328,
CVE-2025-38389, CVE-2025-38428, CVE-2025-38516, CVE-2025-38336,
CVE-2025-38184, CVE-2025-38293, CVE-2025-38346, CVE-2025-38464,
CVE-2025-38251, CVE-2025-38112, CVE-2025-38194, CVE-2025-38375,
CVE-2025-38466, CVE-2025-38157, CVE-2025-38457, CVE-2025-38320,
CVE-2025-38406, CVE-2025-37948, CVE-2025-38145, CVE-2025-38395,
CVE-2025-38218, CVE-2025-38154, CVE-2025-38401, CVE-2025-38103,
CVE-2025-38088, CVE-2025-38298, CVE-2025-38108, CVE-2025-38120,
CVE-2025-38086, CVE-2025-38415, CVE-2025-38443, CVE-2025-38245,
CVE-2025-38400, CVE-2025-38371, CVE-2025-38084, CVE-2022-48703,
CVE-2025-38237, CVE-2025-38324, CVE-2025-38515, CVE-2025-38107,
CVE-2025-38448, CVE-2025-38153, CVE-2025-38342, CVE-2025-38102,
CVE-2025-38173, CVE-2025-38441, CVE-2025-38138, CVE-2025-38257,
CVE-2025-38386, CVE-2025-38514, CVE-2025-38363, CVE-2025-38231,
CVE-2025-38159, CVE-2025-38203, CVE-2025-38344, CVE-2025-38211,
CVE-2025-38286, CVE-2025-38498, CVE-2025-38312, CVE-2025-38420,
CVE-2025-38212, CVE-2025-38122, CVE-2025-38542, CVE-2025-38348,
CVE-2025-38263, CVE-2025-38462, CVE-2025-38204, CVE-2025-38387,
CVE-2025-38439, CVE-2025-38227, CVE-2024-26726, CVE-2025-38074,
CVE-2025-38174, CVE-2025-38326, CVE-2025-38310, CVE-2025-38197,
CVE-2025-37958, CVE-2025-38100, CVE-2025-38305, CVE-2025-38273,
CVE-2025-38181, CVE-2025-38280, CVE-2025-38377, CVE-2025-38249,
CVE-2024-57883, CVE-2025-38460, CVE-2025-38467, CVE-2025-38419,
CVE-2025-21888, CVE-2025-38416)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
linux-image-5.15.0-1085-intel-iot-realtime 5.15.0-1085.87
Available with Ubuntu Pro
linux-image-5.15.0-1092-realtime 5.15.0-1092.101
Available with Ubuntu Pro
linux-image-intel-iot-realtime 5.15.0.1085.89
Available with Ubuntu Pro
linux-image-intel-iot-realtime-5.15 5.15.0.1085.89
Available with Ubuntu Pro
linux-image-realtime 5.15.0.1092.96
Available with Ubuntu Pro
linux-image-realtime-5.15 5.15.0.1092.96
Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7774-3
https://ubuntu.com/security/notices/USN-7774-2
https://ubuntu.com/security/notices/USN-7774-1
CVE-2022-48703, CVE-2024-26726, CVE-2024-26775, CVE-2024-44939,
CVE-2024-57883, CVE-2025-21888, CVE-2025-37948, CVE-2025-37958,
CVE-2025-37963, CVE-2025-38067, CVE-2025-38074, CVE-2025-38084,
CVE-2025-38085, CVE-2025-38086, CVE-2025-38088, CVE-2025-38090,
CVE-2025-38100, CVE-2025-38102, CVE-2025-38103, CVE-2025-38107,
CVE-2025-38108, CVE-2025-38111, CVE-2025-38112, CVE-2025-38115,
CVE-2025-38119, CVE-2025-38120, CVE-2025-38122, CVE-2025-38135,
CVE-2025-38136, CVE-2025-38138, CVE-2025-38143, CVE-2025-38145,
CVE-2025-38146, CVE-2025-38147, CVE-2025-38153, CVE-2025-38154,
CVE-2025-38157, CVE-2025-38159, CVE-2025-38160, CVE-2025-38161,
CVE-2025-38163, CVE-2025-38167, CVE-2025-38173, CVE-2025-38174,
CVE-2025-38181, CVE-2025-38184, CVE-2025-38194, CVE-2025-38197,
CVE-2025-38200, CVE-2025-38203, CVE-2025-38204, CVE-2025-38206,
CVE-2025-38211, CVE-2025-38212, CVE-2025-38218, CVE-2025-38219,
CVE-2025-38222, CVE-2025-38226, CVE-2025-38227, CVE-2025-38229,
CVE-2025-38231, CVE-2025-38237, CVE-2025-38245, CVE-2025-38249,
CVE-2025-38251, CVE-2025-38257, CVE-2025-38262, CVE-2025-38263,
CVE-2025-38273, CVE-2025-38280, CVE-2025-38285, CVE-2025-38286,
CVE-2025-38293, CVE-2025-38298, CVE-2025-38305, CVE-2025-38310,
CVE-2025-38312, CVE-2025-38313, CVE-2025-38319, CVE-2025-38320,
CVE-2025-38324, CVE-2025-38326, CVE-2025-38328, CVE-2025-38332,
CVE-2025-38336, CVE-2025-38337, CVE-2025-38342, CVE-2025-38344,
CVE-2025-38345, CVE-2025-38346, CVE-2025-38348, CVE-2025-38352,
CVE-2025-38362, CVE-2025-38363, CVE-2025-38371, CVE-2025-38375,
CVE-2025-38377, CVE-2025-38384, CVE-2025-38386, CVE-2025-38387,
CVE-2025-38389, CVE-2025-38391, CVE-2025-38393, CVE-2025-38395,
CVE-2025-38399, CVE-2025-38400, CVE-2025-38401, CVE-2025-38403,
CVE-2025-38406, CVE-2025-38410, CVE-2025-38412, CVE-2025-38415,
CVE-2025-38416, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420,
CVE-2025-38424, CVE-2025-38428, CVE-2025-38430, CVE-2025-38439,
CVE-2025-38441, CVE-2025-38443, CVE-2025-38444, CVE-2025-38445,
CVE-2025-38448, CVE-2025-38457, CVE-2025-38458, CVE-2025-38459,
CVE-2025-38460, CVE-2025-38461, CVE-2025-38462, CVE-2025-38464,
CVE-2025-38465, CVE-2025-38466, CVE-2025-38467, CVE-2025-38498,
CVE-2025-38513, CVE-2025-38514, CVE-2025-38515, CVE-2025-38516,
CVE-2025-38540, CVE-2025-38542

Package Information:
https://launchpad.net/ubuntu/+source/linux-intel-iot-realtime/5.15.0-1085.87
https://launchpad.net/ubuntu/+source/linux-realtime/5.15.0-1092.101



[USN-7774-1] Linux kernel vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7774-1
September 25, 2025

linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke,
linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg,
linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15,
linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle,
linux-raspi, linux-riscv-5.15, linux-xilinx-zynqmp vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gke: Linux kernel for Google Container Engine (GKE) systems
- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems
- linux-ibm: Linux kernel for IBM cloud systems
- linux-intel-iotg: Linux kernel for Intel IoT platforms
- linux-lowlatency: Linux low latency kernel
- linux-nvidia: Linux kernel for NVIDIA systems
- linux-nvidia-tegra: Linux kernel for NVIDIA Tegra systems
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-raspi: Linux kernel for Raspberry Pi systems
- linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP processors
- linux-aws-5.15: Linux kernel for Amazon Web Services (AWS) systems
- linux-gcp-5.15: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe-5.15: Linux hardware enablement (HWE) kernel
- linux-ibm-5.15: Linux kernel for IBM cloud systems
- linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms
- linux-lowlatency-hwe-5.15: Linux low latency kernel
- linux-nvidia-tegra-5.15: Linux kernel for NVIDIA Tegra systems
- linux-riscv-5.15: Linux kernel for RISC-V systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Pin controllers subsystem;
- x86 platform drivers;
- PTP clock framework;
- RapidIO drivers;
- Voltage and Current Regulator drivers;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI subsystem;
- ASPEED SoC drivers;
- TCM subsystem;
- Thermal drivers;
- Thunderbolt and USB4 drivers;
- TTY drivers;
- UFS subsystem;
- USB Gadget drivers;
- Renesas USBHS Controller drivers;
- USB Type-C support driver;
- Virtio Host (VHOST) subsystem;
- Backlight driver;
- Framebuffer layer;
- BTRFS file system;
- File systems infrastructure;
- Ext4 file system;
- F2FS file system;
- JFFS2 file system;
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NTFS3 file system;
- DRM display driver;
- Memory Management;
- Mellanox drivers;
- Memory management;
- Netfilter;
- Network sockets;
- IPC subsystem;
- BPF subsystem;
- Perf events;
- Kernel exit() syscall;
- Restartable seuqences system call mechanism;
- Timer subsystem;
- Tracing infrastructure;
- Appletalk network protocol;
- Asynchronous Transfer Mode (ATM) subsystem;
- Networking core;
- IPv6 networking;
- MultiProtocol Label Switching driver;
- NetLabel subsystem;
- Netlink;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- RxRPC session sockets;
- Network traffic control;
- TIPC protocol;
- VMware vSockets driver;
- USB sound devices;
(CVE-2025-38465, CVE-2025-38386, CVE-2025-38273, CVE-2025-38227,
CVE-2025-38107, CVE-2025-37958, CVE-2025-38371, CVE-2025-38328,
CVE-2025-38348, CVE-2025-38100, CVE-2025-38336, CVE-2025-38420,
CVE-2025-38154, CVE-2025-38542, CVE-2025-38222, CVE-2025-38406,
CVE-2025-37948, CVE-2025-38112, CVE-2025-38145, CVE-2025-38163,
CVE-2025-38464, CVE-2025-38085, CVE-2025-38342, CVE-2025-38310,
CVE-2025-38326, CVE-2025-38418, CVE-2025-38362, CVE-2025-38412,
CVE-2025-38219, CVE-2025-38332, CVE-2025-38387, CVE-2025-38262,
CVE-2025-38157, CVE-2025-38514, CVE-2025-38466, CVE-2025-38313,
CVE-2025-38159, CVE-2024-44939, CVE-2025-38352, CVE-2025-38459,
CVE-2025-38419, CVE-2025-38086, CVE-2025-38298, CVE-2025-38146,
CVE-2025-38181, CVE-2025-38448, CVE-2025-38231, CVE-2025-38461,
CVE-2025-38251, CVE-2025-38391, CVE-2025-38515, CVE-2024-26726,
CVE-2025-38462, CVE-2025-38416, CVE-2025-38280, CVE-2025-38226,
CVE-2025-38211, CVE-2025-38120, CVE-2025-38377, CVE-2025-38147,
CVE-2025-38204, CVE-2025-38345, CVE-2025-38424, CVE-2025-38203,
CVE-2025-38443, CVE-2025-38197, CVE-2025-38067, CVE-2025-38400,
CVE-2025-38229, CVE-2025-38108, CVE-2025-38319, CVE-2025-38445,
CVE-2025-38212, CVE-2025-38184, CVE-2025-38363, CVE-2025-38160,
CVE-2024-57883, CVE-2025-38441, CVE-2025-38320, CVE-2025-38393,
CVE-2025-38200, CVE-2025-38467, CVE-2025-38444, CVE-2025-38194,
CVE-2025-38460, CVE-2025-38167, CVE-2025-38428, CVE-2025-38312,
CVE-2025-38111, CVE-2025-38498, CVE-2025-38135, CVE-2025-38237,
CVE-2025-38457, CVE-2025-38401, CVE-2025-38206, CVE-2025-38293,
CVE-2025-38143, CVE-2025-38161, CVE-2025-38136, CVE-2022-48703,
CVE-2025-38513, CVE-2025-38430, CVE-2025-38384, CVE-2025-38346,
CVE-2025-38337, CVE-2025-38088, CVE-2025-38257, CVE-2025-38395,
CVE-2025-38153, CVE-2025-38263, CVE-2025-38218, CVE-2024-26775,
CVE-2025-38305, CVE-2025-38119, CVE-2025-38389, CVE-2025-38102,
CVE-2025-38074, CVE-2025-38173, CVE-2025-38138, CVE-2025-38103,
CVE-2025-38286, CVE-2025-38458, CVE-2025-38174, CVE-2025-38245,
CVE-2025-38084, CVE-2025-38415, CVE-2025-38516, CVE-2025-38090,
CVE-2025-38439, CVE-2025-38403, CVE-2025-38115, CVE-2025-38344,
CVE-2025-38410, CVE-2025-38375, CVE-2025-37963, CVE-2025-38249,
CVE-2025-38324, CVE-2025-38122, CVE-2025-38540, CVE-2025-38399,
CVE-2025-21888, CVE-2025-38285)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
linux-image-5.15.0-1045-nvidia-tegra 5.15.0-1045.45
linux-image-5.15.0-1045-nvidia-tegra-rt 5.15.0-1045.45
linux-image-5.15.0-1056-xilinx-zynqmp 5.15.0-1056.60
linux-image-5.15.0-1075-gkeop 5.15.0-1075.83
linux-image-5.15.0-1086-ibm 5.15.0-1086.89
linux-image-5.15.0-1086-raspi 5.15.0-1086.89
linux-image-5.15.0-1087-intel-iotg 5.15.0-1087.93
linux-image-5.15.0-1087-nvidia 5.15.0-1087.88
linux-image-5.15.0-1087-nvidia-lowlatency 5.15.0-1087.88
linux-image-5.15.0-1089-gke 5.15.0-1089.95
linux-image-5.15.0-1090-oracle 5.15.0-1090.96
linux-image-5.15.0-1092-aws 5.15.0-1092.99
linux-image-5.15.0-1092-aws-64k 5.15.0-1092.99
linux-image-5.15.0-1092-gcp 5.15.0-1092.101
linux-image-5.15.0-156-generic 5.15.0-156.166
linux-image-5.15.0-156-generic-64k 5.15.0-156.166
linux-image-5.15.0-156-generic-lpae 5.15.0-156.166
linux-image-5.15.0-156-lowlatency 5.15.0-156.166
linux-image-5.15.0-156-lowlatency-64k 5.15.0-156.166
linux-image-aws-5.15 5.15.0.1092.95
linux-image-aws-64k-5.15 5.15.0.1092.95
linux-image-aws-64k-lts-22.04 5.15.0.1092.95
linux-image-aws-lts-22.04 5.15.0.1092.95
linux-image-gcp-5.15 5.15.0.1092.88
linux-image-gcp-lts-22.04 5.15.0.1092.88
linux-image-generic 5.15.0.156.154
linux-image-generic-5.15 5.15.0.156.154
linux-image-generic-64k 5.15.0.156.154
linux-image-generic-64k-5.15 5.15.0.156.154
linux-image-generic-lpae 5.15.0.156.154
linux-image-generic-lpae-5.15 5.15.0.156.154
linux-image-gke 5.15.0.1089.88
linux-image-gke-5.15 5.15.0.1089.88
linux-image-gkeop 5.15.0.1075.74
linux-image-gkeop-5.15 5.15.0.1075.74
linux-image-ibm 5.15.0.1086.82
linux-image-ibm-5.15 5.15.0.1086.82
linux-image-intel-iotg 5.15.0.1087.87
linux-image-intel-iotg-5.15 5.15.0.1087.87
linux-image-lowlatency 5.15.0.156.135
linux-image-lowlatency-5.15 5.15.0.156.135
linux-image-lowlatency-64k 5.15.0.156.135
linux-image-lowlatency-64k-5.15 5.15.0.156.135
linux-image-nvidia 5.15.0.1087.87
linux-image-nvidia-5.15 5.15.0.1087.87
linux-image-nvidia-lowlatency 5.15.0.1087.87
linux-image-nvidia-lowlatency-5.15 5.15.0.1087.87
linux-image-nvidia-tegra 5.15.0.1045.45
linux-image-nvidia-tegra-5.15 5.15.0.1045.45
linux-image-nvidia-tegra-rt 5.15.0.1045.45
linux-image-nvidia-tegra-rt-5.15 5.15.0.1045.45
linux-image-oracle-5.15 5.15.0.1090.86
linux-image-oracle-lts-22.04 5.15.0.1090.86
linux-image-raspi 5.15.0.1086.84
linux-image-raspi-5.15 5.15.0.1086.84
linux-image-raspi-nolpae 5.15.0.1086.84
linux-image-virtual 5.15.0.156.154
linux-image-virtual-5.15 5.15.0.156.154
linux-image-xilinx-zynqmp 5.15.0.1056.59
linux-image-xilinx-zynqmp-5.15 5.15.0.1056.59

Ubuntu 20.04 LTS
linux-image-5.15.0-1045-nvidia-tegra 5.15.0-1045.45~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-1045-nvidia-tegra-rt 5.15.0-1045.45~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-1086-ibm 5.15.0-1086.89~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-1087-generic 5.15.0-1087.91~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-1087-intel-iotg 5.15.0-1087.93~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-1092-aws 5.15.0-1092.99~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-1092-gcp 5.15.0-1092.101~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-156-generic 5.15.0-156.166~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-156-generic-64k 5.15.0-156.166~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-156-generic-lpae 5.15.0-156.166~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-156-lowlatency 5.15.0-156.166~20.04.1
Available with Ubuntu Pro
linux-image-5.15.0-156-lowlatency-64k 5.15.0-156.166~20.04.1
Available with Ubuntu Pro
linux-image-aws 5.15.0.1092.99~20.04.1
Available with Ubuntu Pro
linux-image-aws-5.15 5.15.0.1092.99~20.04.1
Available with Ubuntu Pro
linux-image-gcp 5.15.0.1092.101~20.04.1
Available with Ubuntu Pro
linux-image-gcp-5.15 5.15.0.1092.101~20.04.1
Available with Ubuntu Pro
linux-image-generic 5.15.0.1087.91~20.04.1
Available with Ubuntu Pro
linux-image-generic-5.15 5.15.0.1087.91~20.04.1
Available with Ubuntu Pro
linux-image-generic-64k-5.15 5.15.0.156.166~20.04.1
Available with Ubuntu Pro
linux-image-generic-64k-hwe-20.04 5.15.0.156.166~20.04.1
Available with Ubuntu Pro
linux-image-generic-hwe-20.04 5.15.0.1087.91~20.04.1
Available with Ubuntu Pro
linux-image-generic-lpae-5.15 5.15.0.156.166~20.04.1
Available with Ubuntu Pro
linux-image-generic-lpae-hwe-20.04 5.15.0.156.166~20.04.1
Available with Ubuntu Pro
linux-image-ibm 5.15.0.1086.89~20.04.1
Available with Ubuntu Pro
linux-image-ibm-5.15 5.15.0.1086.89~20.04.1
Available with Ubuntu Pro
linux-image-intel 5.15.0.1087.93~20.04.1
Available with Ubuntu Pro
linux-image-intel-iotg 5.15.0.1087.93~20.04.1
Available with Ubuntu Pro
linux-image-intel-iotg-5.15 5.15.0.1087.93~20.04.1
Available with Ubuntu Pro
linux-image-lowlatency-5.15 5.15.0.156.166~20.04.1
Available with Ubuntu Pro
linux-image-lowlatency-64k-5.15 5.15.0.156.166~20.04.1
Available with Ubuntu Pro
linux-image-lowlatency-64k-hwe-20.04 5.15.0.156.166~20.04.1
Available with Ubuntu Pro
linux-image-lowlatency-hwe-20.04 5.15.0.156.166~20.04.1
Available with Ubuntu Pro
linux-image-nvidia-tegra 5.15.0.1045.45~20.04.1
Available with Ubuntu Pro
linux-image-nvidia-tegra-5.15 5.15.0.1045.45~20.04.1
Available with Ubuntu Pro
linux-image-nvidia-tegra-rt 5.15.0.1045.45~20.04.1
Available with Ubuntu Pro
linux-image-nvidia-tegra-rt-5.15 5.15.0.1045.45~20.04.1
Available with Ubuntu Pro
linux-image-oem-20.04 5.15.0.156.166~20.04.1
Available with Ubuntu Pro
linux-image-oem-20.04b 5.15.0.156.166~20.04.1
Available with Ubuntu Pro
linux-image-oem-20.04c 5.15.0.156.166~20.04.1
Available with Ubuntu Pro
linux-image-oem-20.04d 5.15.0.156.166~20.04.1
Available with Ubuntu Pro
linux-image-virtual 5.15.0.1087.91~20.04.1
Available with Ubuntu Pro
linux-image-virtual-5.15 5.15.0.1087.91~20.04.1
Available with Ubuntu Pro
linux-image-virtual-hwe-20.04 5.15.0.1087.91~20.04.1
Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7774-1
CVE-2022-48703, CVE-2024-26726, CVE-2024-26775, CVE-2024-44939,
CVE-2024-57883, CVE-2025-21888, CVE-2025-37948, CVE-2025-37958,
CVE-2025-37963, CVE-2025-38067, CVE-2025-38074, CVE-2025-38084,
CVE-2025-38085, CVE-2025-38086, CVE-2025-38088, CVE-2025-38090,
CVE-2025-38100, CVE-2025-38102, CVE-2025-38103, CVE-2025-38107,
CVE-2025-38108, CVE-2025-38111, CVE-2025-38112, CVE-2025-38115,
CVE-2025-38119, CVE-2025-38120, CVE-2025-38122, CVE-2025-38135,
CVE-2025-38136, CVE-2025-38138, CVE-2025-38143, CVE-2025-38145,
CVE-2025-38146, CVE-2025-38147, CVE-2025-38153, CVE-2025-38154,
CVE-2025-38157, CVE-2025-38159, CVE-2025-38160, CVE-2025-38161,
CVE-2025-38163, CVE-2025-38167, CVE-2025-38173, CVE-2025-38174,
CVE-2025-38181, CVE-2025-38184, CVE-2025-38194, CVE-2025-38197,
CVE-2025-38200, CVE-2025-38203, CVE-2025-38204, CVE-2025-38206,
CVE-2025-38211, CVE-2025-38212, CVE-2025-38218, CVE-2025-38219,
CVE-2025-38222, CVE-2025-38226, CVE-2025-38227, CVE-2025-38229,
CVE-2025-38231, CVE-2025-38237, CVE-2025-38245, CVE-2025-38249,
CVE-2025-38251, CVE-2025-38257, CVE-2025-38262, CVE-2025-38263,
CVE-2025-38273, CVE-2025-38280, CVE-2025-38285, CVE-2025-38286,
CVE-2025-38293, CVE-2025-38298, CVE-2025-38305, CVE-2025-38310,
CVE-2025-38312, CVE-2025-38313, CVE-2025-38319, CVE-2025-38320,
CVE-2025-38324, CVE-2025-38326, CVE-2025-38328, CVE-2025-38332,
CVE-2025-38336, CVE-2025-38337, CVE-2025-38342, CVE-2025-38344,
CVE-2025-38345, CVE-2025-38346, CVE-2025-38348, CVE-2025-38352,
CVE-2025-38362, CVE-2025-38363, CVE-2025-38371, CVE-2025-38375,
CVE-2025-38377, CVE-2025-38384, CVE-2025-38386, CVE-2025-38387,
CVE-2025-38389, CVE-2025-38391, CVE-2025-38393, CVE-2025-38395,
CVE-2025-38399, CVE-2025-38400, CVE-2025-38401, CVE-2025-38403,
CVE-2025-38406, CVE-2025-38410, CVE-2025-38412, CVE-2025-38415,
CVE-2025-38416, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420,
CVE-2025-38424, CVE-2025-38428, CVE-2025-38430, CVE-2025-38439,
CVE-2025-38441, CVE-2025-38443, CVE-2025-38444, CVE-2025-38445,
CVE-2025-38448, CVE-2025-38457, CVE-2025-38458, CVE-2025-38459,
CVE-2025-38460, CVE-2025-38461, CVE-2025-38462, CVE-2025-38464,
CVE-2025-38465, CVE-2025-38466, CVE-2025-38467, CVE-2025-38498,
CVE-2025-38513, CVE-2025-38514, CVE-2025-38515, CVE-2025-38516,
CVE-2025-38540, CVE-2025-38542

Package Information:
https://launchpad.net/ubuntu/+source/linux/5.15.0-156.166
https://launchpad.net/ubuntu/+source/linux-aws/5.15.0-1092.99
https://launchpad.net/ubuntu/+source/linux-gcp/5.15.0-1092.101
https://launchpad.net/ubuntu/+source/linux-gke/5.15.0-1089.95
https://launchpad.net/ubuntu/+source/linux-gkeop/5.15.0-1075.83
https://launchpad.net/ubuntu/+source/linux-ibm/5.15.0-1086.89
https://launchpad.net/ubuntu/+source/linux-intel-iotg/5.15.0-1087.93
https://launchpad.net/ubuntu/+source/linux-lowlatency/5.15.0-156.166
https://launchpad.net/ubuntu/+source/linux-nvidia/5.15.0-1087.88
https://launchpad.net/ubuntu/+source/linux-nvidia-tegra/5.15.0-1045.45
https://launchpad.net/ubuntu/+source/linux-oracle/5.15.0-1090.96
https://launchpad.net/ubuntu/+source/linux-raspi/5.15.0-1086.89
https://launchpad.net/ubuntu/+source/linux-xilinx-zynqmp/5.15.0-1056.60



[USN-7773-1] Gnuplot vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7773-1
September 25, 2025

gnuplot vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in Gnuplot.

Software Description:
- gnuplot: Portable command-line driven graphing utility

Details:

ChenYiFan Liu discovered that Gnuplot did not correctly handle certain
memory operations. An attacker could possibly use this issue to cause a
denial of service. (CVE-2025-3359, CVE-2025-31178, CVE-2025-31179,
CVE-2025-31181)

ChenYiFan Liu discovered that Gnuplot did not correctly handle certain
memory operations. An attacker could possibly use this issue to cause a
denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04
LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.04. (CVE-2025-31176,
CVE-2025-31180)

ChenYiFan Liu discovered that Gnuplot did not correctly handle certain
memory operations. An attacker could possibly use this issue to execute
arbitrary code or cause a denial of service. This issue only affected
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS,
Ubuntu 25.04. (CVE-2025-31177)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
gnuplot 6.0.2+dfsg1-1ubuntu0.1

Ubuntu 24.04 LTS
gnuplot 6.0.0+dfsg1-1ubuntu3+esm1
Available with Ubuntu Pro

Ubuntu 22.04 LTS
gnuplot 5.4.2+dfsg2-2ubuntu0.1~esm1
Available with Ubuntu Pro

Ubuntu 20.04 LTS
gnuplot 5.2.8+dfsg1-2ubuntu0.1~esm2
Available with Ubuntu Pro

Ubuntu 18.04 LTS
gnuplot 5.2.2+dfsg1-2ubuntu1+esm2
Available with Ubuntu Pro

Ubuntu 16.04 LTS
gnuplot 4.6.6-3ubuntu0.1+esm2
Available with Ubuntu Pro

Ubuntu 14.04 LTS
gnuplot 4.6.4-2ubuntu0.1~esm2
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7773-1
CVE-2025-31176, CVE-2025-31177, CVE-2025-31178, CVE-2025-31179,
CVE-2025-31180, CVE-2025-31181, CVE-2025-3359

Package Information:
https://launchpad.net/ubuntu/+source/gnuplot/6.0.2+dfsg1-1ubuntu0.1



[USN-7772-1] Eventlet vulnerability


=======================================================================

Ubuntu Security Notice USN-7772-1
September 24, 2025

python-eventlet vulnerability
=======================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

Eventlet could be made to bypass front-end security controls
if it received a specially crafted request.

Software Description:
- python-eventlet: concurrent networking library

Details:

It was discovered that Eventlet incorrectly handled certain requests.
An attacker could possibly use this issue to bypass front-end security
controls, launch targeted attacks against active site users, and poison
web
caches.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
Ā  python3-eventletĀ Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā  0.39.0-0ubuntu1.1

Ubuntu 24.04 LTS
Ā  python3-eventletĀ Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā  0.35.2-0ubuntu1.1

Ubuntu 22.04 LTS
Ā  python3-eventletĀ Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā  0.30.2-5ubuntu2.2

Ubuntu 20.04 LTS
Ā  python3-eventletĀ Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā  0.25.1-2ubuntu1.1+esm2
Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā Ā  Available with Ubuntu Pro

In general, a standard system update will make all the necessary
changes.

References:
Ā  https://ubuntu.com/security/notices/USN-7772-1
Ā  CVE-2025-58068, https://launchpad.net/bugs/2125423

Package Information:
Ā 
https://launchpad.net/ubuntu/+source/python-eventlet/0.39.0-0ubuntu1.1
Ā 
https://launchpad.net/ubuntu/+source/python-eventlet/0.35.2-0ubuntu1.1
Ā 
https://launchpad.net/ubuntu/+source/python-eventlet/0.30.2-5ubuntu2.2



[USN-7776-1] Linux kernel (Oracle) vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7776-1
September 25, 2025

linux-oracle-5.15 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-oracle-5.15: Linux kernel for Oracle Cloud systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Pin controllers subsystem;
- x86 platform drivers;
- PTP clock framework;
- RapidIO drivers;
- Voltage and Current Regulator drivers;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI subsystem;
- ASPEED SoC drivers;
- TCM subsystem;
- Thermal drivers;
- Thunderbolt and USB4 drivers;
- TTY drivers;
- UFS subsystem;
- USB Gadget drivers;
- Renesas USBHS Controller drivers;
- USB Type-C support driver;
- Virtio Host (VHOST) subsystem;
- Backlight driver;
- Framebuffer layer;
- BTRFS file system;
- File systems infrastructure;
- Ext4 file system;
- F2FS file system;
- JFFS2 file system;
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NTFS3 file system;
- DRM display driver;
- Memory Management;
- Mellanox drivers;
- Memory management;
- Netfilter;
- Network sockets;
- IPC subsystem;
- BPF subsystem;
- Perf events;
- Kernel exit() syscall;
- Restartable seuqences system call mechanism;
- Timer subsystem;
- Tracing infrastructure;
- Appletalk network protocol;
- Asynchronous Transfer Mode (ATM) subsystem;
- Networking core;
- IPv6 networking;
- MultiProtocol Label Switching driver;
- NetLabel subsystem;
- Netlink;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- RxRPC session sockets;
- Network traffic control;
- TIPC protocol;
- VMware vSockets driver;
- USB sound devices;
(CVE-2025-38420, CVE-2025-38173, CVE-2025-38305, CVE-2025-38312,
CVE-2025-38458, CVE-2024-26726, CVE-2025-38416, CVE-2025-38363,
CVE-2025-38107, CVE-2025-38174, CVE-2025-38310, CVE-2025-38406,
CVE-2025-38439, CVE-2025-38245, CVE-2025-38163, CVE-2025-38111,
CVE-2025-38467, CVE-2025-38515, CVE-2025-38391, CVE-2025-21888,
CVE-2025-38108, CVE-2025-38395, CVE-2025-38212, CVE-2025-38153,
CVE-2025-38226, CVE-2025-38375, CVE-2025-37958, CVE-2025-38444,
CVE-2022-48703, CVE-2025-38280, CVE-2025-38345, CVE-2025-38384,
CVE-2025-38362, CVE-2025-38326, CVE-2025-38348, CVE-2025-37752,
CVE-2025-38324, CVE-2025-38298, CVE-2025-38206, CVE-2025-38219,
CVE-2025-38145, CVE-2025-38200, CVE-2025-38293, CVE-2025-38461,
CVE-2025-38514, CVE-2025-38389, CVE-2025-38319, CVE-2025-38344,
CVE-2025-38160, CVE-2025-38159, CVE-2025-38424, CVE-2025-38412,
CVE-2025-38346, CVE-2025-38466, CVE-2024-27407, CVE-2025-38211,
CVE-2025-38419, CVE-2025-38227, CVE-2025-38120, CVE-2025-38143,
CVE-2025-38122, CVE-2025-38197, CVE-2025-38285, CVE-2025-38273,
CVE-2025-38112, CVE-2025-38403, CVE-2025-38249, CVE-2025-38448,
CVE-2025-38203, CVE-2025-38085, CVE-2024-44939, CVE-2025-38119,
CVE-2025-38184, CVE-2025-38443, CVE-2025-38084, CVE-2025-38194,
CVE-2025-38459, CVE-2025-38231, CVE-2025-38229, CVE-2025-38418,
CVE-2025-38415, CVE-2024-57883, CVE-2025-38513, CVE-2025-38460,
CVE-2025-38377, CVE-2025-38147, CVE-2025-38371, CVE-2025-38428,
CVE-2025-38237, CVE-2025-38542, CVE-2025-38100, CVE-2025-38251,
CVE-2025-38430, CVE-2025-38336, CVE-2025-38103, CVE-2025-38342,
CVE-2025-38154, CVE-2025-38540, CVE-2025-38161, CVE-2025-38399,
CVE-2024-57996, CVE-2025-38350, CVE-2025-38516, CVE-2025-38262,
CVE-2025-38393, CVE-2025-38204, CVE-2024-26775, CVE-2025-38464,
CVE-2025-38135, CVE-2025-38313, CVE-2025-38387, CVE-2025-38102,
CVE-2025-37963, CVE-2025-38401, CVE-2025-38257, CVE-2025-38400,
CVE-2025-38386, CVE-2025-38138, CVE-2025-38074, CVE-2025-38410,
CVE-2025-38218, CVE-2025-38115, CVE-2025-38222, CVE-2025-38286,
CVE-2025-38136, CVE-2025-38328, CVE-2025-38146, CVE-2025-38462,
CVE-2025-38157, CVE-2025-38067, CVE-2025-38086, CVE-2025-38445,
CVE-2025-38090, CVE-2025-38498, CVE-2025-38167, CVE-2025-38352,
CVE-2025-38441, CVE-2025-38337, CVE-2025-37948, CVE-2025-38320,
CVE-2025-38332, CVE-2025-38181, CVE-2025-38457, CVE-2025-38465,
CVE-2025-38263, CVE-2025-38088)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS
linux-image-5.15.0-1090-oracle 5.15.0-1090.96~20.04.1
Available with Ubuntu Pro
linux-image-oracle 5.15.0.1090.96~20.04.1
Available with Ubuntu Pro
linux-image-oracle-5.15 5.15.0.1090.96~20.04.1
Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7776-1
CVE-2022-48703, CVE-2024-26726, CVE-2024-26775, CVE-2024-27407,
CVE-2024-44939, CVE-2024-57883, CVE-2024-57996, CVE-2025-21888,
CVE-2025-37752, CVE-2025-37948, CVE-2025-37958, CVE-2025-37963,
CVE-2025-38067, CVE-2025-38074, CVE-2025-38084, CVE-2025-38085,
CVE-2025-38086, CVE-2025-38088, CVE-2025-38090, CVE-2025-38100,
CVE-2025-38102, CVE-2025-38103, CVE-2025-38107, CVE-2025-38108,
CVE-2025-38111, CVE-2025-38112, CVE-2025-38115, CVE-2025-38119,
CVE-2025-38120, CVE-2025-38122, CVE-2025-38135, CVE-2025-38136,
CVE-2025-38138, CVE-2025-38143, CVE-2025-38145, CVE-2025-38146,
CVE-2025-38147, CVE-2025-38153, CVE-2025-38154, CVE-2025-38157,
CVE-2025-38159, CVE-2025-38160, CVE-2025-38161, CVE-2025-38163,
CVE-2025-38167, CVE-2025-38173, CVE-2025-38174, CVE-2025-38181,
CVE-2025-38184, CVE-2025-38194, CVE-2025-38197, CVE-2025-38200,
CVE-2025-38203, CVE-2025-38204, CVE-2025-38206, CVE-2025-38211,
CVE-2025-38212, CVE-2025-38218, CVE-2025-38219, CVE-2025-38222,
CVE-2025-38226, CVE-2025-38227, CVE-2025-38229, CVE-2025-38231,
CVE-2025-38237, CVE-2025-38245, CVE-2025-38249, CVE-2025-38251,
CVE-2025-38257, CVE-2025-38262, CVE-2025-38263, CVE-2025-38273,
CVE-2025-38280, CVE-2025-38285, CVE-2025-38286, CVE-2025-38293,
CVE-2025-38298, CVE-2025-38305, CVE-2025-38310, CVE-2025-38312,
CVE-2025-38313, CVE-2025-38319, CVE-2025-38320, CVE-2025-38324,
CVE-2025-38326, CVE-2025-38328, CVE-2025-38332, CVE-2025-38336,
CVE-2025-38337, CVE-2025-38342, CVE-2025-38344, CVE-2025-38345,
CVE-2025-38346, CVE-2025-38348, CVE-2025-38350, CVE-2025-38352,
CVE-2025-38362, CVE-2025-38363, CVE-2025-38371, CVE-2025-38375,
CVE-2025-38377, CVE-2025-38384, CVE-2025-38386, CVE-2025-38387,
CVE-2025-38389, CVE-2025-38391, CVE-2025-38393, CVE-2025-38395,
CVE-2025-38399, CVE-2025-38400, CVE-2025-38401, CVE-2025-38403,
CVE-2025-38406, CVE-2025-38410, CVE-2025-38412, CVE-2025-38415,
CVE-2025-38416, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420,
CVE-2025-38424, CVE-2025-38428, CVE-2025-38430, CVE-2025-38439,
CVE-2025-38441, CVE-2025-38443, CVE-2025-38444, CVE-2025-38445,
CVE-2025-38448, CVE-2025-38457, CVE-2025-38458, CVE-2025-38459,
CVE-2025-38460, CVE-2025-38461, CVE-2025-38462, CVE-2025-38464,
CVE-2025-38465, CVE-2025-38466, CVE-2025-38467, CVE-2025-38498,
CVE-2025-38513, CVE-2025-38514, CVE-2025-38515, CVE-2025-38516,
CVE-2025-38540, CVE-2025-38542



[USN-7767-2] Linux kernel (Real-time) vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7767-2
September 25, 2025

linux-realtime-6.8 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-realtime-6.8: Linux kernel for Real-time systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- x86 architecture;
- Compute Acceleration Framework;
- Bus devices;
- AMD CDX bus driver;
- DPLL subsystem;
- EFI core;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- I2C subsystem;
- InfiniBand drivers;
- Multiple devices driver;
- Network drivers;
- Mellanox network drivers;
- NVME drivers;
- Pin controllers subsystem;
- RapidIO drivers;
- Voltage and Current Regulator drivers;
- SCSI subsystem;
- SLIMbus drivers;
- QCOM SoC drivers;
- UFS subsystem;
- USB DSL drivers;
- Renesas USBHS Controller drivers;
- USB Type-C Connector System Software Interface driver;
- Framebuffer layer;
- ACRN Hypervisor Service Module driver;
- Network file system (NFS) client;
- Proc file system;
- SMB network file system;
- Memory Management;
- Scheduler infrastructure;
- SoC audio core drivers;
- Perf events;
- Tracing infrastructure;
- Memory management;
- 802.1Q VLAN protocol;
- Asynchronous Transfer Mode (ATM) subsystem;
- Bluetooth subsystem;
- Devlink API;
- IPv4 networking;
- IPv6 networking;
- Logical Link layer;
- Management Component Transport Protocol (MCTP);
- Multipath TCP;
- Netfilter;
- Network traffic control;
- Switch device API;
- Wireless networking;
- eXpress Data Path;
(CVE-2025-21964, CVE-2025-21890, CVE-2025-21934, CVE-2025-21929,
CVE-2025-21922, CVE-2025-21970, CVE-2025-21913, CVE-2025-21937,
CVE-2025-21872, CVE-2025-21972, CVE-2025-21892, CVE-2025-21991,
CVE-2025-21967, CVE-2025-21894, CVE-2025-21881, CVE-2025-21885,
CVE-2025-21999, CVE-2025-21978, CVE-2025-22001, CVE-2025-21979,
CVE-2025-21951, CVE-2025-22003, CVE-2025-21963, CVE-2025-21936,
CVE-2025-21891, CVE-2025-21941, CVE-2025-21895, CVE-2025-21982,
CVE-2025-21919, CVE-2025-21961, CVE-2025-21946, CVE-2025-21889,
CVE-2025-21899, CVE-2025-21873, CVE-2025-37889, CVE-2025-22008,
CVE-2025-21969, CVE-2025-21957, CVE-2025-21925, CVE-2025-21945,
CVE-2025-21927, CVE-2025-21878, CVE-2025-21995, CVE-2025-21981,
CVE-2025-21956, CVE-2025-21909, CVE-2025-21955, CVE-2025-21918,
CVE-2025-21960, CVE-2025-21915, CVE-2025-21992, CVE-2025-21914,
CVE-2025-21877, CVE-2025-21875, CVE-2025-21928, CVE-2025-22013,
CVE-2025-22014, CVE-2025-21950, CVE-2025-21948, CVE-2025-21912,
CVE-2025-21944, CVE-2025-22004, CVE-2025-22009, CVE-2025-21968,
CVE-2025-21888, CVE-2025-21980, CVE-2025-21911, CVE-2025-22017,
CVE-2025-21975, CVE-2025-21930, CVE-2025-21947, CVE-2025-21908,
CVE-2025-21994, CVE-2024-58090, CVE-2025-21910, CVE-2025-21959,
CVE-2025-21977, CVE-2025-21903, CVE-2025-22016, CVE-2025-21976,
CVE-2025-21898, CVE-2025-21986, CVE-2025-22011, CVE-2025-21905,
CVE-2025-22015, CVE-2025-21996, CVE-2025-21966, CVE-2025-21883,
CVE-2025-22010, CVE-2025-21904, CVE-2025-21916, CVE-2025-21935,
CVE-2025-21924, CVE-2025-22005, CVE-2025-21962, CVE-2025-21917,
CVE-2025-21920, CVE-2025-21997, CVE-2025-21880, CVE-2025-21926,
CVE-2025-22007)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
linux-image-6.8.1-1034-realtime 6.8.1-1034.35~22.04.1
Available with Ubuntu Pro
linux-image-realtime-6.8.1 6.8.1-1034.35~22.04.1
Available with Ubuntu Pro
linux-image-realtime-hwe-22.04 6.8.1-1034.35~22.04.1
Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7767-2
https://ubuntu.com/security/notices/USN-7767-1
CVE-2024-58090, CVE-2025-21872, CVE-2025-21873, CVE-2025-21875,
CVE-2025-21877, CVE-2025-21878, CVE-2025-21880, CVE-2025-21881,
CVE-2025-21883, CVE-2025-21885, CVE-2025-21888, CVE-2025-21889,
CVE-2025-21890, CVE-2025-21891, CVE-2025-21892, CVE-2025-21894,
CVE-2025-21895, CVE-2025-21898, CVE-2025-21899, CVE-2025-21903,
CVE-2025-21904, CVE-2025-21905, CVE-2025-21908, CVE-2025-21909,
CVE-2025-21910, CVE-2025-21911, CVE-2025-21912, CVE-2025-21913,
CVE-2025-21914, CVE-2025-21915, CVE-2025-21916, CVE-2025-21917,
CVE-2025-21918, CVE-2025-21919, CVE-2025-21920, CVE-2025-21922,
CVE-2025-21924, CVE-2025-21925, CVE-2025-21926, CVE-2025-21927,
CVE-2025-21928, CVE-2025-21929, CVE-2025-21930, CVE-2025-21934,
CVE-2025-21935, CVE-2025-21936, CVE-2025-21937, CVE-2025-21941,
CVE-2025-21944, CVE-2025-21945, CVE-2025-21946, CVE-2025-21947,
CVE-2025-21948, CVE-2025-21950, CVE-2025-21951, CVE-2025-21955,
CVE-2025-21956, CVE-2025-21957, CVE-2025-21959, CVE-2025-21960,
CVE-2025-21961, CVE-2025-21962, CVE-2025-21963, CVE-2025-21964,
CVE-2025-21966, CVE-2025-21967, CVE-2025-21968, CVE-2025-21969,
CVE-2025-21970, CVE-2025-21972, CVE-2025-21975, CVE-2025-21976,
CVE-2025-21977, CVE-2025-21978, CVE-2025-21979, CVE-2025-21980,
CVE-2025-21981, CVE-2025-21982, CVE-2025-21986, CVE-2025-21991,
CVE-2025-21992, CVE-2025-21994, CVE-2025-21995, CVE-2025-21996,
CVE-2025-21997, CVE-2025-21999, CVE-2025-22001, CVE-2025-22003,
CVE-2025-22004, CVE-2025-22005, CVE-2025-22007, CVE-2025-22008,
CVE-2025-22009, CVE-2025-22010, CVE-2025-22011, CVE-2025-22013,
CVE-2025-22014, CVE-2025-22015, CVE-2025-22016, CVE-2025-22017,
CVE-2025-37889

Package Information:
https://launchpad.net/ubuntu/+source/linux-realtime-6.8/6.8.1-1034.35~22.04.1



[USN-7779-1] Linux kernel (IBM) vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7779-1
September 25, 2025

linux-ibm, linux-ibm-6.8 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-ibm: Linux kernel for IBM cloud systems
- linux-ibm-6.8: Linux kernel for IBM cloud systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- x86 architecture;
- Compute Acceleration Framework;
- Bus devices;
- AMD CDX bus driver;
- DPLL subsystem;
- EFI core;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- I2C subsystem;
- InfiniBand drivers;
- Multiple devices driver;
- Network drivers;
- Mellanox network drivers;
- NVME drivers;
- Pin controllers subsystem;
- RapidIO drivers;
- Voltage and Current Regulator drivers;
- SCSI subsystem;
- SLIMbus drivers;
- QCOM SoC drivers;
- UFS subsystem;
- USB DSL drivers;
- Renesas USBHS Controller drivers;
- USB Type-C Connector System Software Interface driver;
- Framebuffer layer;
- ACRN Hypervisor Service Module driver;
- Network file system (NFS) client;
- Overlay file system;
- Proc file system;
- SMB network file system;
- Memory Management;
- Scheduler infrastructure;
- SoC audio core drivers;
- Perf events;
- Tracing infrastructure;
- Memory management;
- 802.1Q VLAN protocol;
- Asynchronous Transfer Mode (ATM) subsystem;
- Bluetooth subsystem;
- Devlink API;
- IPv4 networking;
- IPv6 networking;
- Logical Link layer;
- Management Component Transport Protocol (MCTP);
- Multipath TCP;
- Netfilter;
- Network traffic control;
- Switch device API;
- Wireless networking;
- eXpress Data Path;
(CVE-2025-22017, CVE-2025-22003, CVE-2025-22009, CVE-2025-22015,
CVE-2025-21934, CVE-2025-21908, CVE-2025-21885, CVE-2025-21979,
CVE-2025-21887, CVE-2025-21922, CVE-2025-21944, CVE-2025-21905,
CVE-2025-21969, CVE-2025-21904, CVE-2025-21926, CVE-2025-21951,
CVE-2025-21997, CVE-2025-21920, CVE-2025-21994, CVE-2025-21977,
CVE-2025-21976, CVE-2025-21975, CVE-2025-21972, CVE-2025-22013,
CVE-2025-21894, CVE-2025-21963, CVE-2025-21978, CVE-2025-38569,
CVE-2025-21936, CVE-2025-21873, CVE-2025-22010, CVE-2025-21981,
CVE-2025-22005, CVE-2025-21959, CVE-2025-21929, CVE-2025-21927,
CVE-2025-21966, CVE-2025-22008, CVE-2025-21957, CVE-2025-21970,
CVE-2025-21968, CVE-2025-21889, CVE-2025-22047, CVE-2025-21881,
CVE-2025-21956, CVE-2025-22011, CVE-2025-21986, CVE-2025-21892,
CVE-2025-21964, CVE-2025-21899, CVE-2025-21877, CVE-2025-21875,
CVE-2025-21912, CVE-2025-22001, CVE-2025-38350, CVE-2025-21991,
CVE-2025-21930, CVE-2025-21962, CVE-2025-21880, CVE-2024-57996,
CVE-2025-21914, CVE-2025-22014, CVE-2025-21888, CVE-2025-21955,
CVE-2025-21937, CVE-2025-21924, CVE-2025-21895, CVE-2025-21947,
CVE-2025-21946, CVE-2025-21878, CVE-2025-21918, CVE-2025-21913,
CVE-2025-21945, CVE-2025-37752, CVE-2025-21935, CVE-2025-21950,
CVE-2025-21960, CVE-2024-58090, CVE-2025-21992, CVE-2025-21961,
CVE-2025-21948, CVE-2025-21982, CVE-2025-21910, CVE-2025-21909,
CVE-2025-21925, CVE-2025-37889, CVE-2025-21967, CVE-2025-21898,
CVE-2025-22007, CVE-2025-21995, CVE-2025-22016, CVE-2025-21891,
CVE-2025-21911, CVE-2025-21890, CVE-2025-21999, CVE-2025-22004,
CVE-2025-21915, CVE-2025-21996, CVE-2025-21980, CVE-2025-21903,
CVE-2025-21916, CVE-2025-21941, CVE-2025-21928, CVE-2025-21919,
CVE-2025-21883, CVE-2025-21872, CVE-2025-21917)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
linux-image-6.8.0-1037-ibm 6.8.0-1037.37
linux-image-ibm 6.8.0-1037.37
linux-image-ibm-6.8 6.8.0-1037.37
linux-image-ibm-classic 6.8.0-1037.37
linux-image-ibm-lts-24.04 6.8.0-1037.37

Ubuntu 22.04 LTS
linux-image-6.8.0-1037-ibm 6.8.0-1037.37~22.04.1
linux-image-ibm-6.8 6.8.0-1037.37~22.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7779-1
CVE-2024-57996, CVE-2024-58090, CVE-2025-21872, CVE-2025-21873,
CVE-2025-21875, CVE-2025-21877, CVE-2025-21878, CVE-2025-21880,
CVE-2025-21881, CVE-2025-21883, CVE-2025-21885, CVE-2025-21887,
CVE-2025-21888, CVE-2025-21889, CVE-2025-21890, CVE-2025-21891,
CVE-2025-21892, CVE-2025-21894, CVE-2025-21895, CVE-2025-21898,
CVE-2025-21899, CVE-2025-21903, CVE-2025-21904, CVE-2025-21905,
CVE-2025-21908, CVE-2025-21909, CVE-2025-21910, CVE-2025-21911,
CVE-2025-21912, CVE-2025-21913, CVE-2025-21914, CVE-2025-21915,
CVE-2025-21916, CVE-2025-21917, CVE-2025-21918, CVE-2025-21919,
CVE-2025-21920, CVE-2025-21922, CVE-2025-21924, CVE-2025-21925,
CVE-2025-21926, CVE-2025-21927, CVE-2025-21928, CVE-2025-21929,
CVE-2025-21930, CVE-2025-21934, CVE-2025-21935, CVE-2025-21936,
CVE-2025-21937, CVE-2025-21941, CVE-2025-21944, CVE-2025-21945,
CVE-2025-21946, CVE-2025-21947, CVE-2025-21948, CVE-2025-21950,
CVE-2025-21951, CVE-2025-21955, CVE-2025-21956, CVE-2025-21957,
CVE-2025-21959, CVE-2025-21960, CVE-2025-21961, CVE-2025-21962,
CVE-2025-21963, CVE-2025-21964, CVE-2025-21966, CVE-2025-21967,
CVE-2025-21968, CVE-2025-21969, CVE-2025-21970, CVE-2025-21972,
CVE-2025-21975, CVE-2025-21976, CVE-2025-21977, CVE-2025-21978,
CVE-2025-21979, CVE-2025-21980, CVE-2025-21981, CVE-2025-21982,
CVE-2025-21986, CVE-2025-21991, CVE-2025-21992, CVE-2025-21994,
CVE-2025-21995, CVE-2025-21996, CVE-2025-21997, CVE-2025-21999,
CVE-2025-22001, CVE-2025-22003, CVE-2025-22004, CVE-2025-22005,
CVE-2025-22007, CVE-2025-22008, CVE-2025-22009, CVE-2025-22010,
CVE-2025-22011, CVE-2025-22013, CVE-2025-22014, CVE-2025-22015,
CVE-2025-22016, CVE-2025-22017, CVE-2025-22047, CVE-2025-37752,
CVE-2025-37889, CVE-2025-38350, CVE-2025-38569

Package Information:
https://launchpad.net/ubuntu/+source/linux-ibm/6.8.0-1037.37
https://launchpad.net/ubuntu/+source/linux-ibm-6.8/6.8.0-1037.37~22.04.1



[USN-7777-1] PCRE2 vulnerability


==========================================================================
Ubuntu Security Notice USN-7777-1
September 25, 2025

pcre2 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04

Summary:

PCRE2 could be made to expose sensitive information.

Software Description:
- pcre2: New Perl Compatible Regular Expression Library

Details:

It was discovered that PCRE2 incorrectly handled the Scan SubString verb.
An attacker could possibly use this issue to cause applications using PCRE2
to expose sensitive information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
libpcre2-16-0 10.45-1ubuntu0.1
libpcre2-32-0 10.45-1ubuntu0.1
libpcre2-8-0 10.45-1ubuntu0.1
libpcre2-posix3 10.45-1ubuntu0.1
pcre2-utils 10.45-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7777-1
CVE-2025-58050

Package Information:
https://launchpad.net/ubuntu/+source/pcre2/10.45-1ubuntu0.1



[USN-7778-1] sha.js vulnerability


==========================================================================
Ubuntu Security Notice USN-7778-1
September 25, 2025

node-sha.js vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

sha.js could be made to consume resources or return incorrect hash
values if it received specially crafted input.

Software Description:
- node-sha.js: Streamable SHA hashes in pure javascript

Details:

Nikita Skovoroda discovered that sha.js did not properly handle
certain inputs. An attacker could possibly use this issue to manipulate
the internal state of hash functions, resulting in hash collisions,
denial of service, or other unspecified impact.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
node-sha.js 2.4.11+~2.4.0-2+deb13u1build0.25.04.1

Ubuntu 24.04 LTS
node-sha.js 2.4.11+~2.4.0-2+deb13u1build0.24.04.1

Ubuntu 22.04 LTS
node-sha.js 2.4.11+~2.4.0-1ubuntu0.1

Ubuntu 20.04 LTS
node-sha.js 2.4.11-2ubuntu0.1~esm1
Available with Ubuntu Pro

Ubuntu 18.04 LTS
node-sha.js 2.4.9-1ubuntu0.1~esm1
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7778-1
CVE-2025-9288

Package Information:
https://launchpad.net/ubuntu/+source/node-sha.js/2.4.11+~2.4.0-2+deb13u1build0.25.04.1
https://launchpad.net/ubuntu/+source/node-sha.js/2.4.11+~2.4.0-2+deb13u1build0.24.04.1
https://launchpad.net/ubuntu/+source/node-sha.js/2.4.11+~2.4.0-1ubuntu0.1


Expat update for Slackware

LibXSLT, PAM, Ceph, Chromium, Thunderbird updates for Debian

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...