A security issue was found in the Linux kernel for Amazon Web Services (AWS) systems, affecting Ubuntu 20.04 LTS and its derivatives. The issue was fixed by correcting flaws in multiple subsystems, including Nios II architecture, x86 architecture, Block layer subsystem, Cryptographic API, and more. To fix the problem, users need to update their system to specific package versions, reboot, and reinstall any third-party kernel modules that were installed manually.

[USN-8033-4] Linux kernel (AWS) vulnerabilities

[USN-8033-4] Linux kernel (AWS) vulnerabilities

==========================================================================
Ubuntu Security Notice USN-8033-4
February 13, 2026

linux-aws-5.15 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-aws-5.15: Linux kernel for Amazon Web Services (AWS) systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Nios II architecture;
- Sun Sparc architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Drivers core;
- Bus devices;
- Hardware random number generator core;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- DMA engine subsystem;
- GPU drivers;
- HW tracing;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- MOST (Media Oriented Systems Transport) drivers;
- MTD block device drivers;
- Network drivers;
- NVME drivers;
- PCI subsystem;
- Performance monitor drivers;
- Pin controllers subsystem;
- x86 platform drivers;
- PPS (Pulse Per Second) driver;
- PWM drivers;
- SCSI subsystem;
- TCM subsystem;
- Userspace I/O drivers;
- USB Gadget drivers;
- USB Host Controller drivers;
- Framebuffer layer;
- BTRFS file system;
- File systems infrastructure;
- Ext4 file system;
- Network file system (NFS) server daemon;
- NTFS3 file system;
- SMB network file system;
- padata parallel execution mechanism;
- IP tunnels definitions;
- Network sockets;
- XFRM subsystem;
- Control group (cgroup);
- Padata parallel execution mechanism;
- PID allocator;
- Tracing infrastructure;
- Memory management;
- 9P file system network protocol;
- Ethernet bridge;
- Ceph Core library;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- NFC subsystem;
- RF switch subsystem;
- SCTP protocol;
- Unix domain sockets;
- VMware vSockets driver;
- Intel ASoC drivers;
- USB sound devices;
(CVE-2024-53114, CVE-2024-56538, CVE-2024-58011, CVE-2025-21861,
CVE-2025-22058, CVE-2025-23143, CVE-2025-38236, CVE-2025-38248,
CVE-2025-38584, CVE-2025-39869, CVE-2025-39873, CVE-2025-39876,
CVE-2025-39880, CVE-2025-39883, CVE-2025-39885, CVE-2025-39907,
CVE-2025-39911, CVE-2025-39913, CVE-2025-39923, CVE-2025-39934,
CVE-2025-39937, CVE-2025-39943, CVE-2025-39945, CVE-2025-39949,
CVE-2025-39951, CVE-2025-39953, CVE-2025-39955, CVE-2025-39967,
CVE-2025-39968, CVE-2025-39969, CVE-2025-39970, CVE-2025-39971,
CVE-2025-39972, CVE-2025-39973, CVE-2025-39980, CVE-2025-39985,
CVE-2025-39986, CVE-2025-39987, CVE-2025-39988, CVE-2025-39994,
CVE-2025-39995, CVE-2025-39996, CVE-2025-39998, CVE-2025-40001,
CVE-2025-40006, CVE-2025-40011, CVE-2025-40020, CVE-2025-40021,
CVE-2025-40026, CVE-2025-40027, CVE-2025-40029, CVE-2025-40030,
CVE-2025-40035, CVE-2025-40042, CVE-2025-40043, CVE-2025-40044,
CVE-2025-40048, CVE-2025-40049, CVE-2025-40053, CVE-2025-40055,
CVE-2025-40060, CVE-2025-40068, CVE-2025-40070, CVE-2025-40078,
CVE-2025-40081, CVE-2025-40085, CVE-2025-40087, CVE-2025-40088,
CVE-2025-40092, CVE-2025-40094, CVE-2025-40105, CVE-2025-40106,
CVE-2025-40109, CVE-2025-40111, CVE-2025-40112, CVE-2025-40115,
CVE-2025-40116, CVE-2025-40118, CVE-2025-40120, CVE-2025-40121,
CVE-2025-40124, CVE-2025-40125, CVE-2025-40126, CVE-2025-40127,
CVE-2025-40134, CVE-2025-40140, CVE-2025-40153, CVE-2025-40154,
CVE-2025-40167, CVE-2025-40171, CVE-2025-40173, CVE-2025-40178,
CVE-2025-40179, CVE-2025-40183, CVE-2025-40187, CVE-2025-40188,
CVE-2025-40194, CVE-2025-40200, CVE-2025-40204, CVE-2025-40205,
CVE-2025-40215, CVE-2025-40219, CVE-2025-40220, CVE-2025-40223,
CVE-2025-40231, CVE-2025-40233, CVE-2025-40240, CVE-2025-40243,
CVE-2025-40244, CVE-2025-40245, CVE-2025-40346, CVE-2025-40349,
CVE-2025-40351, CVE-2025-68249)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS
linux-image-5.15.0-1100-aws 5.15.0-1100.107~20.04.2
Available with Ubuntu Pro
linux-image-aws 5.15.0.1100.107~20.04.1
Available with Ubuntu Pro
linux-image-aws-5.15 5.15.0.1100.107~20.04.1
Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-8033-4
https://ubuntu.com/security/notices/USN-8033-3
https://ubuntu.com/security/notices/USN-8033-2
https://ubuntu.com/security/notices/USN-8033-1
CVE-2024-53114, CVE-2024-56538, CVE-2024-58011, CVE-2025-21861,
CVE-2025-22058, CVE-2025-23143, CVE-2025-38236, CVE-2025-38248,
CVE-2025-38584, CVE-2025-39869, CVE-2025-39873, CVE-2025-39876,
CVE-2025-39880, CVE-2025-39883, CVE-2025-39885, CVE-2025-39907,
CVE-2025-39911, CVE-2025-39913, CVE-2025-39923, CVE-2025-39934,
CVE-2025-39937, CVE-2025-39943, CVE-2025-39945, CVE-2025-39949,
CVE-2025-39951, CVE-2025-39953, CVE-2025-39955, CVE-2025-39967,
CVE-2025-39968, CVE-2025-39969, CVE-2025-39970, CVE-2025-39971,
CVE-2025-39972, CVE-2025-39973, CVE-2025-39980, CVE-2025-39985,
CVE-2025-39986, CVE-2025-39987, CVE-2025-39988, CVE-2025-39994,
CVE-2025-39995, CVE-2025-39996, CVE-2025-39998, CVE-2025-40001,
CVE-2025-40006, CVE-2025-40011, CVE-2025-40020, CVE-2025-40021,
CVE-2025-40026, CVE-2025-40027, CVE-2025-40029, CVE-2025-40030,
CVE-2025-40035, CVE-2025-40042, CVE-2025-40043, CVE-2025-40044,
CVE-2025-40048, CVE-2025-40049, CVE-2025-40053, CVE-2025-40055,
CVE-2025-40060, CVE-2025-40068, CVE-2025-40070, CVE-2025-40078,
CVE-2025-40081, CVE-2025-40085, CVE-2025-40087, CVE-2025-40088,
CVE-2025-40092, CVE-2025-40094, CVE-2025-40105, CVE-2025-40106,
CVE-2025-40109, CVE-2025-40111, CVE-2025-40112, CVE-2025-40115,
CVE-2025-40116, CVE-2025-40118, CVE-2025-40120, CVE-2025-40121,
CVE-2025-40124, CVE-2025-40125, CVE-2025-40126, CVE-2025-40127,
CVE-2025-40134, CVE-2025-40140, CVE-2025-40153, CVE-2025-40154,
CVE-2025-40167, CVE-2025-40171, CVE-2025-40173, CVE-2025-40178,
CVE-2025-40179, CVE-2025-40183, CVE-2025-40187, CVE-2025-40188,
CVE-2025-40194, CVE-2025-40200, CVE-2025-40204, CVE-2025-40205,
CVE-2025-40215, CVE-2025-40219, CVE-2025-40220, CVE-2025-40223,
CVE-2025-40231, CVE-2025-40233, CVE-2025-40240, CVE-2025-40243,
CVE-2025-40244, CVE-2025-40245, CVE-2025-40346, CVE-2025-40349,
CVE-2025-40351, CVE-2025-68249