Ubuntu Linux has released security updates to address several vulnerabilities in the Linux kernel. These vulnerabilities could potentially allow an attacker to compromise the system and affect various subsystems, including ARM32 and ARM64 architectures, GPU drivers, network drivers, and more. The update corrects flaws in 89 identified CVEs (Common Vulnerabilities and Exposures) across multiple components of the Linux kernel. Users are advised to apply these security updates to ensure their Ubuntu systems remain secure against potential attacks.

[USN-7775-2] Linux kernel (Azure) vulnerabilities
[USN-7769-3] Linux kernel vulnerabilities
[USN-7764-2] Linux kernel (HWE) vulnerabilities

[USN-7775-2] Linux kernel (Azure) vulnerabilities

==========================================================================
Ubuntu Security Notice USN-7775-2
September 26, 2025

linux-azure vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-azure: Linux kernel for Microsoft Azure Cloud systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Pin controllers subsystem;
- x86 platform drivers;
- PTP clock framework;
- RapidIO drivers;
- Voltage and Current Regulator drivers;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI subsystem;
- ASPEED SoC drivers;
- TCM subsystem;
- Thermal drivers;
- Thunderbolt and USB4 drivers;
- TTY drivers;
- UFS subsystem;
- USB Gadget drivers;
- Renesas USBHS Controller drivers;
- USB Type-C support driver;
- Virtio Host (VHOST) subsystem;
- Backlight driver;
- Framebuffer layer;
- BTRFS file system;
- File systems infrastructure;
- Ext4 file system;
- F2FS file system;
- JFFS2 file system;
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NTFS3 file system;
- SMB network file system;
- DRM display driver;
- Memory Management;
- Mellanox drivers;
- Memory management;
- Netfilter;
- Network sockets;
- IPC subsystem;
- BPF subsystem;
- Perf events;
- Kernel exit() syscall;
- Restartable seuqences system call mechanism;
- Timer subsystem;
- Tracing infrastructure;
- Appletalk network protocol;
- Asynchronous Transfer Mode (ATM) subsystem;
- Networking core;
- IPv6 networking;
- MultiProtocol Label Switching driver;
- NetLabel subsystem;
- Netlink;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- RxRPC session sockets;
- Network traffic control;
- TIPC protocol;
- VMware vSockets driver;
- USB sound devices;
(CVE-2025-38389, CVE-2025-38146, CVE-2025-38237, CVE-2025-38107,
CVE-2025-38229, CVE-2025-38211, CVE-2025-38313, CVE-2025-21888,
CVE-2025-38122, CVE-2025-38514, CVE-2025-38280, CVE-2025-38375,
CVE-2025-38084, CVE-2025-38410, CVE-2025-38459, CVE-2025-38119,
CVE-2025-38391, CVE-2025-38293, CVE-2025-38086, CVE-2025-38085,
CVE-2025-38231, CVE-2025-38324, CVE-2025-38227, CVE-2025-38153,
CVE-2025-38439, CVE-2025-38263, CVE-2025-38387, CVE-2025-38542,
CVE-2025-37948, CVE-2025-38462, CVE-2025-38498, CVE-2025-38320,
CVE-2025-38262, CVE-2025-38218, CVE-2025-38412, CVE-2025-38424,
CVE-2025-38384, CVE-2025-38377, CVE-2025-38102, CVE-2025-38163,
CVE-2024-26726, CVE-2025-38386, CVE-2025-38400, CVE-2024-57883,
CVE-2025-38145, CVE-2025-38157, CVE-2025-38399, CVE-2025-38419,
CVE-2025-38464, CVE-2025-38251, CVE-2025-38444, CVE-2025-38428,
CVE-2024-44939, CVE-2025-37954, CVE-2024-26775, CVE-2025-38147,
CVE-2025-38286, CVE-2025-38516, CVE-2025-38154, CVE-2025-38336,
CVE-2025-38467, CVE-2025-38067, CVE-2025-38206, CVE-2025-38090,
CVE-2025-38312, CVE-2022-48703, CVE-2025-38161, CVE-2025-38328,
CVE-2025-38540, CVE-2025-38401, CVE-2025-38513, CVE-2025-37963,
CVE-2025-38219, CVE-2025-38305, CVE-2025-38415, CVE-2025-38143,
CVE-2025-38515, CVE-2025-38418, CVE-2025-38135, CVE-2025-38445,
CVE-2025-38222, CVE-2025-38200, CVE-2025-38403, CVE-2025-38181,
CVE-2025-38461, CVE-2025-38458, CVE-2025-38173, CVE-2025-38448,
CVE-2025-38346, CVE-2025-38466, CVE-2025-38249, CVE-2025-38457,
CVE-2025-38160, CVE-2025-38138, CVE-2025-38088, CVE-2025-38167,
CVE-2025-38184, CVE-2025-38319, CVE-2025-38395, CVE-2025-38194,
CVE-2025-38416, CVE-2025-38363, CVE-2025-38245, CVE-2025-38348,
CVE-2025-38326, CVE-2025-38441, CVE-2025-38103, CVE-2025-37958,
CVE-2025-38074, CVE-2025-38174, CVE-2025-38371, CVE-2025-38112,
CVE-2025-38115, CVE-2025-38273, CVE-2025-38159, CVE-2025-38136,
CVE-2025-38298, CVE-2025-38342, CVE-2025-38344, CVE-2025-38337,
CVE-2025-38120, CVE-2025-38345, CVE-2025-38203, CVE-2025-38420,
CVE-2025-38443, CVE-2025-38362, CVE-2025-38111, CVE-2025-38352,
CVE-2025-38285, CVE-2025-38465, CVE-2025-38460, CVE-2025-38406,
CVE-2025-38100, CVE-2025-38393, CVE-2025-38197, CVE-2025-38257,
CVE-2025-38226, CVE-2025-38310, CVE-2025-38108, CVE-2025-38430,
CVE-2025-38212, CVE-2025-38332, CVE-2025-38204)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
linux-image-5.15.0-1096-azure 5.15.0-1096.105
linux-image-azure-5.15 5.15.0.1096.94
linux-image-azure-lts-22.04 5.15.0.1096.94

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7775-2
https://ubuntu.com/security/notices/USN-7775-1
CVE-2022-48703, CVE-2024-26726, CVE-2024-26775, CVE-2024-44939,
CVE-2024-57883, CVE-2025-21888, CVE-2025-37948, CVE-2025-37954,
CVE-2025-37958, CVE-2025-37963, CVE-2025-38067, CVE-2025-38074,
CVE-2025-38084, CVE-2025-38085, CVE-2025-38086, CVE-2025-38088,
CVE-2025-38090, CVE-2025-38100, CVE-2025-38102, CVE-2025-38103,
CVE-2025-38107, CVE-2025-38108, CVE-2025-38111, CVE-2025-38112,
CVE-2025-38115, CVE-2025-38119, CVE-2025-38120, CVE-2025-38122,
CVE-2025-38135, CVE-2025-38136, CVE-2025-38138, CVE-2025-38143,
CVE-2025-38145, CVE-2025-38146, CVE-2025-38147, CVE-2025-38153,
CVE-2025-38154, CVE-2025-38157, CVE-2025-38159, CVE-2025-38160,
CVE-2025-38161, CVE-2025-38163, CVE-2025-38167, CVE-2025-38173,
CVE-2025-38174, CVE-2025-38181, CVE-2025-38184, CVE-2025-38194,
CVE-2025-38197, CVE-2025-38200, CVE-2025-38203, CVE-2025-38204,
CVE-2025-38206, CVE-2025-38211, CVE-2025-38212, CVE-2025-38218,
CVE-2025-38219, CVE-2025-38222, CVE-2025-38226, CVE-2025-38227,
CVE-2025-38229, CVE-2025-38231, CVE-2025-38237, CVE-2025-38245,
CVE-2025-38249, CVE-2025-38251, CVE-2025-38257, CVE-2025-38262,
CVE-2025-38263, CVE-2025-38273, CVE-2025-38280, CVE-2025-38285,
CVE-2025-38286, CVE-2025-38293, CVE-2025-38298, CVE-2025-38305,
CVE-2025-38310, CVE-2025-38312, CVE-2025-38313, CVE-2025-38319,
CVE-2025-38320, CVE-2025-38324, CVE-2025-38326, CVE-2025-38328,
CVE-2025-38332, CVE-2025-38336, CVE-2025-38337, CVE-2025-38342,
CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38348,
CVE-2025-38352, CVE-2025-38362, CVE-2025-38363, CVE-2025-38371,
CVE-2025-38375, CVE-2025-38377, CVE-2025-38384, CVE-2025-38386,
CVE-2025-38387, CVE-2025-38389, CVE-2025-38391, CVE-2025-38393,
CVE-2025-38395, CVE-2025-38399, CVE-2025-38400, CVE-2025-38401,
CVE-2025-38403, CVE-2025-38406, CVE-2025-38410, CVE-2025-38412,
CVE-2025-38415, CVE-2025-38416, CVE-2025-38418, CVE-2025-38419,
CVE-2025-38420, CVE-2025-38424, CVE-2025-38428, CVE-2025-38430,
CVE-2025-38439, CVE-2025-38441, CVE-2025-38443, CVE-2025-38444,
CVE-2025-38445, CVE-2025-38448, CVE-2025-38457, CVE-2025-38458,
CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462,
CVE-2025-38464, CVE-2025-38465, CVE-2025-38466, CVE-2025-38467,
CVE-2025-38498, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515,
CVE-2025-38516, CVE-2025-38540, CVE-2025-38542

Package Information:
https://launchpad.net/ubuntu/+source/linux-azure/5.15.0-1096.105

[USN-7769-3] Linux kernel vulnerabilities

==========================================================================
Ubuntu Security Notice USN-7769-3
September 26, 2025

linux-aws-6.14, linux-hwe-6.14 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-aws-6.14: Linux kernel for Amazon Web Services (AWS) systems
- linux-hwe-6.14: Linux hardware enablement (HWE) kernel

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsystem;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MTD block device drivers;
- Network drivers;
- Mellanox network drivers;
- STMicroelectronics network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- NVMEM (Non Volatile Memory) drivers;
- PCI subsystem;
- Amlogic Meson DDR PMU;
- NI-700 PMU driver;
- PHY drivers;
- Pin controllers subsystem;
- x86 platform drivers;
- PTP clock framework;
- SCSI subsystem;
- ASPEED SoC drivers;
- SPI subsystem;
- TCM subsystem;
- Thunderbolt and USB4 drivers;
- TTY drivers;
- UFS subsystem;
- USB core drivers;
- USB Gadget drivers;
- Renesas USBHS Controller drivers;
- USB Type-C Port Controller Manager driver;
- VFIO drivers;
- Virtio Host (VHOST) subsystem;
- Backlight driver;
- Framebuffer layer;
- Virtio drivers;
- BTRFS file system;
- EROFS file system;
- F2FS file system;
- File systems infrastructure;
- Network file systems library;
- NTFS3 file system;
- SMB network file system;
- Codetag library;
- BPF subsystem;
- LZO compression library;
- Mellanox drivers;
- IPv4 networking;
- Bluetooth subsystem;
- Network sockets;
- XFRM subsystem;
- Digital Audio (PCM) driver;
- Tracing infrastructure;
- io_uring subsystem;
- Padata parallel execution mechanism;
- DVFS energy model driver;
- Restartable seuqences system call mechanism;
- Timer subsystem;
- Memory management;
- KASAN memory debugging framework;
- CAN network layer;
- Networking core;
- IPv6 networking;
- Netfilter;
- NetLabel subsystem;
- Open vSwitch;
- Network traffic control;
- TIPC protocol;
- TLS protocol;
- ALSA framework;
- sma1307 audio codecs;
- Intel ASoC drivers;
- MediaTek ASoC drivers;
- USB sound devices;
(CVE-2025-38115, CVE-2025-38004, CVE-2025-38035, CVE-2025-38057,
CVE-2025-38314, CVE-2025-38317, CVE-2025-38074, CVE-2025-38113,
CVE-2025-38130, CVE-2025-38175, CVE-2025-38155, CVE-2025-38062,
CVE-2025-38050, CVE-2025-38159, CVE-2025-38352, CVE-2025-38101,
CVE-2025-38034, CVE-2025-38061, CVE-2025-38288, CVE-2025-38153,
CVE-2025-38043, CVE-2025-38268, CVE-2025-38415, CVE-2025-38291,
CVE-2025-38270, CVE-2025-38044, CVE-2025-38146, CVE-2025-38048,
CVE-2025-38069, CVE-2025-38298, CVE-2025-38058, CVE-2025-38161,
CVE-2025-38158, CVE-2025-38059, CVE-2025-38066, CVE-2025-38047,
CVE-2025-38040, CVE-2025-38112, CVE-2025-38042, CVE-2025-38107,
CVE-2025-38296, CVE-2025-38278, CVE-2025-39890, CVE-2025-38088,
CVE-2025-38174, CVE-2025-38118, CVE-2025-38117, CVE-2025-38110,
CVE-2025-38305, CVE-2025-38136, CVE-2025-38063, CVE-2025-38498,
CVE-2025-38499, CVE-2025-38106, CVE-2025-38292, CVE-2025-38163,
CVE-2025-38169, CVE-2025-38032, CVE-2025-38310, CVE-2025-38302,
CVE-2025-38092, CVE-2025-38052, CVE-2025-38282, CVE-2025-38082,
CVE-2025-38036, CVE-2025-38054, CVE-2025-38105, CVE-2025-38265,
CVE-2025-38116, CVE-2025-38060, CVE-2025-38154, CVE-2025-38280,
CVE-2025-38176, CVE-2025-38156, CVE-2025-38289, CVE-2025-38166,
CVE-2025-38080, CVE-2025-38098, CVE-2025-38127, CVE-2025-38125,
CVE-2025-38172, CVE-2025-38142, CVE-2025-38096, CVE-2025-38055,
CVE-2025-38138, CVE-2025-38126, CVE-2025-38073, CVE-2025-38173,
CVE-2025-38031, CVE-2025-38128, CVE-2025-38064, CVE-2025-38071,
CVE-2025-38099, CVE-2025-38316, CVE-2025-38119, CVE-2025-38108,
CVE-2025-38079, CVE-2025-38301, CVE-2025-38122, CVE-2025-38269,
CVE-2025-38300, CVE-2025-38097, CVE-2025-38318, CVE-2025-38100,
CVE-2025-38045, CVE-2025-38053, CVE-2025-38124, CVE-2025-38295,
CVE-2025-38078, CVE-2025-38037, CVE-2025-38135, CVE-2025-38165,
CVE-2025-38294, CVE-2025-38132, CVE-2025-38065, CVE-2025-38281,
CVE-2025-38145, CVE-2025-38311, CVE-2025-38075, CVE-2025-38033,
CVE-2025-38275, CVE-2025-38319, CVE-2025-38081, CVE-2025-38279,
CVE-2025-38076, CVE-2025-38077, CVE-2025-38068, CVE-2025-38148,
CVE-2025-38313, CVE-2025-38134, CVE-2025-38143, CVE-2025-38102,
CVE-2025-38131, CVE-2025-38283, CVE-2025-38151, CVE-2025-38111,
CVE-2025-38029, CVE-2025-38141, CVE-2025-38277, CVE-2025-38414,
CVE-2025-38147, CVE-2025-38167, CVE-2025-38286, CVE-2025-38315,
CVE-2025-38103, CVE-2025-38303, CVE-2025-38123, CVE-2025-38129,
CVE-2025-38164, CVE-2025-38157, CVE-2025-38306, CVE-2025-38299,
CVE-2025-38307, CVE-2025-38091, CVE-2025-38304, CVE-2025-38149,
CVE-2025-38170, CVE-2025-38137, CVE-2025-38293, CVE-2025-38070,
CVE-2025-38120, CVE-2025-38290, CVE-2025-38003, CVE-2025-38160,
CVE-2025-38039, CVE-2025-38139, CVE-2025-38114, CVE-2025-38041,
CVE-2025-38038, CVE-2025-38168, CVE-2025-38274, CVE-2025-38051,
CVE-2025-38072, CVE-2025-38287, CVE-2025-38067, CVE-2025-38285,
CVE-2025-38284, CVE-2025-38312, CVE-2025-38109, CVE-2025-38272,
CVE-2025-38140, CVE-2025-38162, CVE-2025-38267, CVE-2025-38297)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
linux-image-6.14.0-1013-aws 6.14.0-1013.13~24.04.1
linux-image-6.14.0-1013-aws-64k 6.14.0-1013.13~24.04.1
linux-image-6.14.0-32-generic 6.14.0-32.32~24.04.1
linux-image-6.14.0-32-generic-64k 6.14.0-32.32~24.04.1
linux-image-aws 6.14.0-1013.13~24.04.1
linux-image-aws-6.14 6.14.0-1013.13~24.04.1
linux-image-aws-64k 6.14.0-1013.13~24.04.1
linux-image-aws-64k-6.14 6.14.0-1013.13~24.04.1
linux-image-generic-6.14 6.14.0-32.32~24.04.1
linux-image-generic-64k-6.14 6.14.0-32.32~24.04.1
linux-image-generic-64k-hwe-24.04 6.14.0-32.32~24.04.1
linux-image-generic-hwe-24.04 6.14.0-32.32~24.04.1
linux-image-virtual-6.14 6.14.0-32.32~24.04.1
linux-image-virtual-hwe-24.04 6.14.0-32.32~24.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7769-3
https://ubuntu.com/security/notices/USN-7769-2
https://ubuntu.com/security/notices/USN-7769-1
CVE-2025-38003, CVE-2025-38004, CVE-2025-38029, CVE-2025-38031,
CVE-2025-38032, CVE-2025-38033, CVE-2025-38034, CVE-2025-38035,
CVE-2025-38036, CVE-2025-38037, CVE-2025-38038, CVE-2025-38039,
CVE-2025-38040, CVE-2025-38041, CVE-2025-38042, CVE-2025-38043,
CVE-2025-38044, CVE-2025-38045, CVE-2025-38047, CVE-2025-38048,
CVE-2025-38050, CVE-2025-38051, CVE-2025-38052, CVE-2025-38053,
CVE-2025-38054, CVE-2025-38055, CVE-2025-38057, CVE-2025-38058,
CVE-2025-38059, CVE-2025-38060, CVE-2025-38061, CVE-2025-38062,
CVE-2025-38063, CVE-2025-38064, CVE-2025-38065, CVE-2025-38066,
CVE-2025-38067, CVE-2025-38068, CVE-2025-38069, CVE-2025-38070,
CVE-2025-38071, CVE-2025-38072, CVE-2025-38073, CVE-2025-38074,
CVE-2025-38075, CVE-2025-38076, CVE-2025-38077, CVE-2025-38078,
CVE-2025-38079, CVE-2025-38080, CVE-2025-38081, CVE-2025-38082,
CVE-2025-38088, CVE-2025-38091, CVE-2025-38092, CVE-2025-38096,
CVE-2025-38097, CVE-2025-38098, CVE-2025-38099, CVE-2025-38100,
CVE-2025-38101, CVE-2025-38102, CVE-2025-38103, CVE-2025-38105,
CVE-2025-38106, CVE-2025-38107, CVE-2025-38108, CVE-2025-38109,
CVE-2025-38110, CVE-2025-38111, CVE-2025-38112, CVE-2025-38113,
CVE-2025-38114, CVE-2025-38115, CVE-2025-38116, CVE-2025-38117,
CVE-2025-38118, CVE-2025-38119, CVE-2025-38120, CVE-2025-38122,
CVE-2025-38123, CVE-2025-38124, CVE-2025-38125, CVE-2025-38126,
CVE-2025-38127, CVE-2025-38128, CVE-2025-38129, CVE-2025-38130,
CVE-2025-38131, CVE-2025-38132, CVE-2025-38134, CVE-2025-38135,
CVE-2025-38136, CVE-2025-38137, CVE-2025-38138, CVE-2025-38139,
CVE-2025-38140, CVE-2025-38141, CVE-2025-38142, CVE-2025-38143,
CVE-2025-38145, CVE-2025-38146, CVE-2025-38147, CVE-2025-38148,
CVE-2025-38149, CVE-2025-38151, CVE-2025-38153, CVE-2025-38154,
CVE-2025-38155, CVE-2025-38156, CVE-2025-38157, CVE-2025-38158,
CVE-2025-38159, CVE-2025-38160, CVE-2025-38161, CVE-2025-38162,
CVE-2025-38163, CVE-2025-38164, CVE-2025-38165, CVE-2025-38166,
CVE-2025-38167, CVE-2025-38168, CVE-2025-38169, CVE-2025-38170,
CVE-2025-38172, CVE-2025-38173, CVE-2025-38174, CVE-2025-38175,
CVE-2025-38176, CVE-2025-38265, CVE-2025-38267, CVE-2025-38268,
CVE-2025-38269, CVE-2025-38270, CVE-2025-38272, CVE-2025-38274,
CVE-2025-38275, CVE-2025-38277, CVE-2025-38278, CVE-2025-38279,
CVE-2025-38280, CVE-2025-38281, CVE-2025-38282, CVE-2025-38283,
CVE-2025-38284, CVE-2025-38285, CVE-2025-38286, CVE-2025-38287,
CVE-2025-38288, CVE-2025-38289, CVE-2025-38290, CVE-2025-38291,
CVE-2025-38292, CVE-2025-38293, CVE-2025-38294, CVE-2025-38295,
CVE-2025-38296, CVE-2025-38297, CVE-2025-38298, CVE-2025-38299,
CVE-2025-38300, CVE-2025-38301, CVE-2025-38302, CVE-2025-38303,
CVE-2025-38304, CVE-2025-38305, CVE-2025-38306, CVE-2025-38307,
CVE-2025-38310, CVE-2025-38311, CVE-2025-38312, CVE-2025-38313,
CVE-2025-38314, CVE-2025-38315, CVE-2025-38316, CVE-2025-38317,
CVE-2025-38318, CVE-2025-38319, CVE-2025-38352, CVE-2025-38414,
CVE-2025-38415, CVE-2025-38498, CVE-2025-38499, CVE-2025-39890

Package Information:
https://launchpad.net/ubuntu/+source/linux-aws-6.14/6.14.0-1013.13~24.04.1
https://launchpad.net/ubuntu/+source/linux-hwe-6.14/6.14.0-32.32~24.04.1

[USN-7764-2] Linux kernel (HWE) vulnerabilities

==========================================================================
Ubuntu Security Notice USN-7764-2
September 26, 2025

linux-hwe-6.8 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-hwe-6.8: Linux hardware enablement (HWE) kernel

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- x86 architecture;
- Compute Acceleration Framework;
- Bus devices;
- AMD CDX bus driver;
- DPLL subsystem;
- EFI core;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- I2C subsystem;
- InfiniBand drivers;
- Multiple devices driver;
- Network drivers;
- Mellanox network drivers;
- NVME drivers;
- Pin controllers subsystem;
- RapidIO drivers;
- Voltage and Current Regulator drivers;
- SCSI subsystem;
- SLIMbus drivers;
- QCOM SoC drivers;
- UFS subsystem;
- USB DSL drivers;
- Renesas USBHS Controller drivers;
- USB Type-C Connector System Software Interface driver;
- Framebuffer layer;
- ACRN Hypervisor Service Module driver;
- Network file system (NFS) client;
- Proc file system;
- SMB network file system;
- Memory Management;
- Scheduler infrastructure;
- SoC audio core drivers;
- Perf events;
- Tracing infrastructure;
- Memory management;
- 802.1Q VLAN protocol;
- Asynchronous Transfer Mode (ATM) subsystem;
- Bluetooth subsystem;
- Devlink API;
- IPv4 networking;
- IPv6 networking;
- Logical Link layer;
- Management Component Transport Protocol (MCTP);
- Multipath TCP;
- Netfilter;
- Network traffic control;
- Switch device API;
- Wireless networking;
- eXpress Data Path;
(CVE-2025-21945, CVE-2025-21991, CVE-2025-22008, CVE-2025-21996,
CVE-2025-21924, CVE-2025-21986, CVE-2025-21872, CVE-2025-21962,
CVE-2025-22007, CVE-2025-37889, CVE-2025-21889, CVE-2025-21968,
CVE-2025-21903, CVE-2025-21955, CVE-2025-21982, CVE-2025-21929,
CVE-2025-21944, CVE-2025-22004, CVE-2025-21997, CVE-2025-21941,
CVE-2025-22047, CVE-2025-21915, CVE-2025-21995, CVE-2025-22011,
CVE-2025-21891, CVE-2025-22009, CVE-2025-22015, CVE-2024-58090,
CVE-2025-21947, CVE-2025-21976, CVE-2025-21964, CVE-2025-21904,
CVE-2025-21880, CVE-2025-21918, CVE-2025-21950, CVE-2025-21948,
CVE-2025-21888, CVE-2025-22014, CVE-2025-21963, CVE-2025-21875,
CVE-2025-21967, CVE-2025-21972, CVE-2025-21895, CVE-2025-21961,
CVE-2025-21926, CVE-2025-21892, CVE-2025-21916, CVE-2025-21894,
CVE-2025-21930, CVE-2025-21927, CVE-2025-21911, CVE-2025-21936,
CVE-2025-21881, CVE-2025-38569, CVE-2025-21873, CVE-2025-21951,
CVE-2025-22003, CVE-2025-21877, CVE-2025-21908, CVE-2025-21956,
CVE-2025-21977, CVE-2025-21917, CVE-2025-21922, CVE-2025-21959,
CVE-2025-22005, CVE-2025-22017, CVE-2025-22016, CVE-2025-21878,
CVE-2025-21970, CVE-2025-21905, CVE-2025-21978, CVE-2025-21981,
CVE-2025-21980, CVE-2025-21910, CVE-2025-21925, CVE-2025-21885,
CVE-2025-21946, CVE-2025-21937, CVE-2025-21919, CVE-2025-22013,
CVE-2025-21883, CVE-2025-21957, CVE-2025-21914, CVE-2025-21909,
CVE-2025-21934, CVE-2025-21975, CVE-2025-21912, CVE-2025-21969,
CVE-2025-21898, CVE-2025-21890, CVE-2025-21899, CVE-2025-22001,
CVE-2025-21979, CVE-2025-21966, CVE-2025-21935, CVE-2025-21920,
CVE-2025-21913, CVE-2025-22010, CVE-2025-21992, CVE-2025-21960,
CVE-2025-21994, CVE-2025-21999, CVE-2025-21928)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
linux-image-6.8.0-84-generic 6.8.0-84.84~22.04.1
linux-image-6.8.0-84-generic-64k 6.8.0-84.84~22.04.1
linux-image-generic-6.8 6.8.0-84.84~22.04.1
linux-image-generic-64k-6.8 6.8.0-84.84~22.04.1
linux-image-generic-64k-hwe-22.04 6.8.0-84.84~22.04.1
linux-image-generic-hwe-22.04 6.8.0-84.84~22.04.1
linux-image-oem-22.04 6.8.0-84.84~22.04.1
linux-image-oem-22.04a 6.8.0-84.84~22.04.1
linux-image-oem-22.04b 6.8.0-84.84~22.04.1
linux-image-oem-22.04c 6.8.0-84.84~22.04.1
linux-image-oem-22.04d 6.8.0-84.84~22.04.1
linux-image-virtual-6.8 6.8.0-84.84~22.04.1
linux-image-virtual-hwe-22.04 6.8.0-84.84~22.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7764-2
https://ubuntu.com/security/notices/USN-7764-1
CVE-2024-58090, CVE-2025-21872, CVE-2025-21873, CVE-2025-21875,
CVE-2025-21877, CVE-2025-21878, CVE-2025-21880, CVE-2025-21881,
CVE-2025-21883, CVE-2025-21885, CVE-2025-21888, CVE-2025-21889,
CVE-2025-21890, CVE-2025-21891, CVE-2025-21892, CVE-2025-21894,
CVE-2025-21895, CVE-2025-21898, CVE-2025-21899, CVE-2025-21903,
CVE-2025-21904, CVE-2025-21905, CVE-2025-21908, CVE-2025-21909,
CVE-2025-21910, CVE-2025-21911, CVE-2025-21912, CVE-2025-21913,
CVE-2025-21914, CVE-2025-21915, CVE-2025-21916, CVE-2025-21917,
CVE-2025-21918, CVE-2025-21919, CVE-2025-21920, CVE-2025-21922,
CVE-2025-21924, CVE-2025-21925, CVE-2025-21926, CVE-2025-21927,
CVE-2025-21928, CVE-2025-21929, CVE-2025-21930, CVE-2025-21934,
CVE-2025-21935, CVE-2025-21936, CVE-2025-21937, CVE-2025-21941,
CVE-2025-21944, CVE-2025-21945, CVE-2025-21946, CVE-2025-21947,
CVE-2025-21948, CVE-2025-21950, CVE-2025-21951, CVE-2025-21955,
CVE-2025-21956, CVE-2025-21957, CVE-2025-21959, CVE-2025-21960,
CVE-2025-21961, CVE-2025-21962, CVE-2025-21963, CVE-2025-21964,
CVE-2025-21966, CVE-2025-21967, CVE-2025-21968, CVE-2025-21969,
CVE-2025-21970, CVE-2025-21972, CVE-2025-21975, CVE-2025-21976,
CVE-2025-21977, CVE-2025-21978, CVE-2025-21979, CVE-2025-21980,
CVE-2025-21981, CVE-2025-21982, CVE-2025-21986, CVE-2025-21991,
CVE-2025-21992, CVE-2025-21994, CVE-2025-21995, CVE-2025-21996,
CVE-2025-21997, CVE-2025-21999, CVE-2025-22001, CVE-2025-22003,
CVE-2025-22004, CVE-2025-22005, CVE-2025-22007, CVE-2025-22008,
CVE-2025-22009, CVE-2025-22010, CVE-2025-22011, CVE-2025-22013,
CVE-2025-22014, CVE-2025-22015, CVE-2025-22016, CVE-2025-22017,
CVE-2025-22047, CVE-2025-37889, CVE-2025-38569

Package Information:
https://launchpad.net/ubuntu/+source/linux-hwe-6.8/6.8.0-84.84~22.04.1