[USN-7985-1] TeX Live vulnerabilities
[USN-7981-1] wlc vulnerabilities
[USN-7983-1] containerd vulnerabilities
[USN-7988-1] Linux kernel vulnerabilities
[LSN-0117-1] Linux kernel vulnerability
[USN-7987-2] Linux kernel (FIPS) vulnerabilities
[USN-7987-1] Linux kernel vulnerabilities
[USN-7986-1] Linux kernel vulnerabilities
[USN-7988-2] Linux kernel (FIPS) vulnerabilities
[USN-7985-1] TeX Live vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7985-1
January 29, 2026
texlive-bin vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in TeX Live.
Software Description:
- texlive-bin: Binaries for TeX Live
Details:
Shin Ando discovered that the Xpdf toolkit embedded in TeX Live incorrectly
handled memory when decoding certain data streams. An attacker could
possibly use this issue to cause TeX Live to crash, resulting in a denial
of service, or execute arbitrary code. This issue only affected Ubuntu
20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-24106, CVE-2022-24107)
It was discovered that TeX Live allowed documents to make arbitrary network
requests. If a user or automated system were tricked into opening a
specially crafted document, a remote attacker could possibly use this issue
to exfiltrate sensitive information, or perform other network-related
attacks. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
(CVE-2023-32668)
It was discovered that TeX Live incorrectly handled certain TrueType fonts.
If a user or automated system were tricked into opening a specially crafted
TrueType font, a remote attacker could use this issue to cause TeX Live to
crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
(CVE-2024-25262)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
texlive-binaries 2021.20210626.59705-1ubuntu0.3
Ubuntu 20.04 LTS
texlive-binaries 2019.20190605.51237-3ubuntu0.2+esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
texlive-binaries 2017.20170613.44572-8ubuntu0.2+esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
texlive-binaries 2015.20160222.37495-1ubuntu0.1+esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7985-1
CVE-2022-24106, CVE-2022-24107, CVE-2023-32668, CVE-2024-25262
Package Information:
https://launchpad.net/ubuntu/+source/texlive-bin/2021.20210626.59705-1ubuntu0.3
[USN-7981-1] wlc vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7981-1
January 27, 2026
wlc vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in wlc.
Software Description:
- wlc: A Weblate command-line client using Weblate's REST API
Details:
It was discovered that wlc did not correctly handle SSL verification. An
attacker could possibly use this issue to access sensitive resources.
(CVE-2026-22250)
It was discovered that wlc did not correctly handle API keys. An attacker
could possibly use this issue to leak API keys to a malicious server.
(CVE-2026-22251)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
wlc 1.15-2ubuntu0.1
Ubuntu 24.04 LTS
wlc 1.13-2ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 22.04 LTS
wlc 1.2-1ubuntu0.22.04.1~esm1
Available with Ubuntu Pro
Ubuntu 20.04 LTS
wlc 1.2-1ubuntu0.20.04.1~esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
wlc 0.8-1ubuntu0.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7981-1
CVE-2026-22250, CVE-2026-22251
Package Information:
https://launchpad.net/ubuntu/+source/wlc/1.15-2ubuntu0.1
[USN-7983-1] containerd vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7983-1
January 29, 2026
containerd, containerd-app vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in containerd.
Software Description:
- containerd: open and reliable container runtime library
- containerd-app: open and reliable container runtime
Details:
David Leadbeater discovered that containerd incorrectly set certain
directory path permissions. An attacker could possibly use this issue to
achieve unauthorised access to the files. (CVE-2024-25621)
It was discovered that containerd did not properly handle the execution
of the goroutine of container attach. An attacker could possibly use this
issue to cause a denial of service. (CVE-2025-64329)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
containerd 2.1.3-0ubuntu3.1
golang-github-containerd-containerd-dev 1.7.24~ds1-8ubuntu1.1
Ubuntu 24.04 LTS
containerd 1.7.28-0ubuntu1~24.04.2
golang-github-containerd-containerd-dev 1.6.24~ds1-1ubuntu1.3+esm2
Available with Ubuntu Pro
Ubuntu 22.04 LTS
containerd 1.7.28-0ubuntu1~22.04.1+esm1
Available with Ubuntu Pro
golang-github-containerd-containerd-dev 1.6.12-0ubuntu1~22.04.10
Ubuntu 20.04 LTS
containerd 1.7.24-0ubuntu1~20.04.2+esm1
Available with Ubuntu Pro
golang-github-containerd-containerd-dev 1.6.12-0ubuntu1~20.04.8+esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
containerd 1.6.12-0ubuntu1~18.04.1+esm3
Available with Ubuntu Pro
golang-github-containerd-containerd-dev 1.6.12-0ubuntu1~18.04.1+esm3
Available with Ubuntu Pro
Ubuntu 16.04 LTS
containerd 1.2.6-0ubuntu1~16.04.6+esm6
Available with Ubuntu Pro
golang-github-docker-containerd-dev 1.2.6-0ubuntu1~16.04.6+esm6
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7983-1
CVE-2024-25621, CVE-2025-64329
Package Information:
https://launchpad.net/ubuntu/+source/containerd/1.7.24~ds1-8ubuntu1.1
https://launchpad.net/ubuntu/+source/containerd-app/2.1.3-0ubuntu3.1
[USN-7988-1] Linux kernel vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7988-1
January 29, 2026
linux, linux-aws, linux-aws-hwe, linux-hwe, linux-kvm, linux-oracle
vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-kvm: Linux kernel for cloud environments
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-aws-hwe: Linux kernel for Amazon Web Services (AWS-HWE) systems
- linux-hwe: Linux hardware enablement (HWE) kernel
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Media drivers;
- NVME drivers;
- File systems infrastructure;
- Timer subsystem;
- Memory management;
- Packet sockets;
(CVE-2022-48986, CVE-2024-27078, CVE-2024-49959, CVE-2024-50195,
CVE-2024-56606, CVE-2024-56756, CVE-2025-39993)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
linux-image-4.15.0-1150-oracle 4.15.0-1150.161
Available with Ubuntu Pro
linux-image-4.15.0-1170-kvm 4.15.0-1170.175
Available with Ubuntu Pro
linux-image-4.15.0-1188-aws 4.15.0-1188.201
Available with Ubuntu Pro
linux-image-4.15.0-246-generic 4.15.0-246.258
Available with Ubuntu Pro
linux-image-4.15.0-246-lowlatency 4.15.0-246.258
Available with Ubuntu Pro
linux-image-aws-4.15 4.15.0.1188.186
Available with Ubuntu Pro
linux-image-aws-lts-18.04 4.15.0.1188.186
Available with Ubuntu Pro
linux-image-generic 4.15.0.246.230
Available with Ubuntu Pro
linux-image-kvm 4.15.0.1170.161
Available with Ubuntu Pro
linux-image-lowlatency 4.15.0.246.230
Available with Ubuntu Pro
linux-image-oracle-4.15 4.15.0.1150.155
Available with Ubuntu Pro
linux-image-oracle-lts-18.04 4.15.0.1150.155
Available with Ubuntu Pro
linux-image-virtual 4.15.0.246.230
Available with Ubuntu Pro
Ubuntu 16.04 LTS
linux-image-4.15.0-1150-oracle 4.15.0-1150.161~16.04.1
Available with Ubuntu Pro
linux-image-4.15.0-1188-aws 4.15.0-1188.201~16.04.1
Available with Ubuntu Pro
linux-image-4.15.0-246-generic 4.15.0-246.258~16.04.1
Available with Ubuntu Pro
linux-image-4.15.0-246-lowlatency 4.15.0-246.258~16.04.1
Available with Ubuntu Pro
linux-image-aws-hwe 4.15.0.1188.201~16.04.1
Available with Ubuntu Pro
linux-image-generic-hwe-16.04 4.15.0.246.258~16.04.1
Available with Ubuntu Pro
linux-image-lowlatency-hwe-16.04 4.15.0.246.258~16.04.1
Available with Ubuntu Pro
linux-image-oem 4.15.0.246.258~16.04.1
Available with Ubuntu Pro
linux-image-oracle 4.15.0.1150.161~16.04.1
Available with Ubuntu Pro
linux-image-virtual-hwe-16.04 4.15.0.246.258~16.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7988-1
CVE-2022-48986, CVE-2024-27078, CVE-2024-49959, CVE-2024-50195,
CVE-2024-56606, CVE-2024-56756, CVE-2025-39993
[LSN-0117-1] Linux kernel vulnerability
Linux kernel vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary
Several security issues were fixed in the kernel.
Software Description
- linux - Linux kernel
- linux-aws - Linux kernel for Amazon Web Services (AWS) systems
- linux-azure - Linux kernel for Microsoft Azure Cloud systems
- linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
- linux-ibm - Linux kernel for IBM cloud systems
- linux-oracle - Linux kernel for Oracle Cloud systems
Details
In the Linux kernel, the following vulnerability has been resolved:
e100: Fix possible use after free in e100_xmit_prepare In
e100_xmit_prepare(), if we can’t map the skb, then return -ENOMEM, so
e100_xmit_frame() will return NETDEV_TX_BUSY and the upper layer will
resend the skb. (CVE-2022-49026)
In the Linux kernel, the following vulnerability has been resolved:
macsec: fix UAF bug for real_dev Create a new macsec device but not get
reference to real_dev. (CVE-2022-49390)
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath12k: fix firmware crash due to invalid peer nss Currently, if
the access point receives an association request containing an Extended
HE Capabilities Information Element with an invalid MCS-NSS, it triggers
a firmware crash. (CVE-2024-46827)
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/oa: Fix overflow in oa batch buffer By default xe_bb_create_job()
appends a MI_BATCH_BUFFER_END to batch buffer, this is not a problem if
batch buffer is only used once but oa reuses the batch buffer for the
same metric and at each call it appends a MI_BATCH_BUFFER_END, printing
the warning below and then overflowing. (CVE-2024-50090)
In the Linux kernel, the following vulnerability has been resolved:
NFSD: Prevent NULL dereference in nfsd4_process_cb_update() @ses is
initialized to NULL. (CVE-2024-53217)
In the Linux kernel, the following vulnerability has been resolved: KVM:
Explicitly verify target vCPU is online in kvm_get_vcpu() Explicitly
verify the target vCPU is fully online prior to clamping the index in
kvm_get_vcpu(). (CVE-2024-58083)
In the Linux kernel, the following vulnerability has been resolved:
sched: sch_cake: add bounds checks to host bulk flow fairness counts
Even though we fixed a logic error in the commit cited below, syzbot
still managed to trigger an underflow of the per-host bulk flow
counters, leading to an out of bounds memory access. (CVE-2025-21647)
In the Linux kernel, the following vulnerability has been resolved: net:
sched: fix ets qdisc OOB Indexing Haowei Yan g1042620637@gmail.com found
that ets_class_from_arg() can index an Out- Of-Bound class in
ets_class_from_arg() when passed clid of 0. (CVE-2025-21692)
In the Linux kernel, the following vulnerability has been resolved: usb:
cdc-acm: Check control transfer buffer size before access If the first
fragment is shorter than struct usb_cdc_notification, we can’t calculate
an expected_size. (CVE-2025-21704)
In the Linux kernel, the following vulnerability has been resolved: net:
davicom: fix UAF in dm9000_drv_remove dm is netdev private data and it
cannot be used after free_netdev() call. (CVE-2025-21715)
In the Linux kernel, the following vulnerability has been resolved:
exfat: fix random stack corruption after get_block When get_block is
called with a buffer_head allocated on the stack, such as
do_mpage_readpage, stack corruption due to buffer_head UAF may occur in
the following race condition situation. (CVE-2025-22036)
Update instructions
The problem can be corrected by updating your kernel livepatch to the
following versions:
Ubuntu 20.04 LTS
aws - 117.4
aws - 117.5
azure - 117.5
gcp - 117.5
generic - 117.4
generic - 117.5
ibm - 117.5
lowlatency - 117.4
lowlatency - 117.5
oracle - 117.5
Ubuntu 18.04 LTS
aws - 117.4
azure - 117.4
gcp - 117.4
generic - 117.4
lowlatency - 117.4
oracle - 117.4
Ubuntu 24.04 LTS
aws - 117.4
azure - 117.4
gcp - 117.4
generic - 117.4
ibm - 117.4
oracle - 117.4
Ubuntu 22.04 LTS
aws - 117.5
azure - 117.5
gcp - 117.5
gcp - 117.6
generic - 117.5
generic - 117.6
oracle - 117.5
oracle - 117.6
Support Information
Livepatches for supported LTS kernels will receive upgrades for a period
of up to 13 months after the build date of the kernel.
Livepatches for supported HWE kernels which are not based on an LTS
kernel version will receive upgrades for a period of up to 9 months
after the build date of the kernel, or until the end of support for that
kernel’s non-LTS distro release version, whichever is sooner.
References
- CVE-2022-49026
- CVE-2022-49390
- CVE-2024-46827
- CVE-2024-50090
- CVE-2024-53217
- CVE-2024-58083
- CVE-2025-21647
- CVE-2025-21692
- CVE-2025-21704
- CVE-2025-21715
- CVE-2025-22036
[USN-7987-2] Linux kernel (FIPS) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7987-2
January 29, 2026
linux-fips vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-fips: Linux kernel with FIPS
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- InfiniBand drivers;
- Media drivers;
- File systems infrastructure;
- Timer subsystem;
- Packet sockets;
- Network traffic control;
(CVE-2021-47485, CVE-2024-49959, CVE-2024-50195, CVE-2024-53164,
CVE-2024-56606, CVE-2025-39993)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS
linux-image-4.4.0-1121-fips 4.4.0-1121.128
Available with Ubuntu Pro
linux-image-fips 4.4.0.1121.122
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7987-2
https://ubuntu.com/security/notices/USN-7987-1
CVE-2021-47485, CVE-2024-49959, CVE-2024-50195, CVE-2024-53164,
CVE-2024-56606, CVE-2025-39993
Package Information:
https://launchpad.net/ubuntu/+source/linux-fips/4.4.0-1121.128
[USN-7987-1] Linux kernel vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7987-1
January 29, 2026
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-kvm: Linux kernel for cloud environments
- linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- InfiniBand drivers;
- Media drivers;
- File systems infrastructure;
- Timer subsystem;
- Packet sockets;
- Network traffic control;
(CVE-2021-47485, CVE-2024-49959, CVE-2024-50195, CVE-2024-53164,
CVE-2024-56606, CVE-2025-39993)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS
linux-image-4.4.0-1152-kvm 4.4.0-1152.163
Available with Ubuntu Pro
linux-image-4.4.0-1189-aws 4.4.0-1189.204
Available with Ubuntu Pro
linux-image-4.4.0-277-generic 4.4.0-277.311
Available with Ubuntu Pro
linux-image-4.4.0-277-lowlatency 4.4.0-277.311
Available with Ubuntu Pro
linux-image-aws 4.4.0.1189.193
Available with Ubuntu Pro
linux-image-generic 4.4.0.277.283
Available with Ubuntu Pro
linux-image-generic-lts-xenial 4.4.0.277.283
Available with Ubuntu Pro
linux-image-kvm 4.4.0.1152.149
Available with Ubuntu Pro
linux-image-lowlatency 4.4.0.277.283
Available with Ubuntu Pro
linux-image-lowlatency-lts-xenial 4.4.0.277.283
Available with Ubuntu Pro
linux-image-virtual 4.4.0.277.283
Available with Ubuntu Pro
linux-image-virtual-lts-xenial 4.4.0.277.283
Available with Ubuntu Pro
Ubuntu 14.04 LTS
linux-image-4.4.0-1151-aws 4.4.0-1151.157
Available with Ubuntu Pro
linux-image-4.4.0-277-generic 4.4.0-277.311~14.04.1
Available with Ubuntu Pro
linux-image-4.4.0-277-lowlatency 4.4.0-277.311~14.04.1
Available with Ubuntu Pro
linux-image-aws 4.4.0.1151.148
Available with Ubuntu Pro
linux-image-generic-lts-xenial 4.4.0.277.311~14.04.1
Available with Ubuntu Pro
linux-image-lowlatency-lts-xenial 4.4.0.277.311~14.04.1
Available with Ubuntu Pro
linux-image-virtual-lts-xenial 4.4.0.277.311~14.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7987-1
CVE-2021-47485, CVE-2024-49959, CVE-2024-50195, CVE-2024-53164,
CVE-2024-56606, CVE-2025-39993
[USN-7986-1] Linux kernel vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7986-1
January 29, 2026
linux vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Ceph distributed file system;
- JFFS2 file system;
- Timer subsystem;
- USB sound devices;
(CVE-2024-26689, CVE-2024-53197, CVE-2024-57850, CVE-2025-38352)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS
linux-image-3.13.0-210-generic 3.13.0-210.261
Available with Ubuntu Pro
linux-image-3.13.0-210-lowlatency 3.13.0-210.261
Available with Ubuntu Pro
linux-image-generic 3.13.0.210.220
Available with Ubuntu Pro
linux-image-generic-lts-trusty 3.13.0.210.220
Available with Ubuntu Pro
linux-image-lowlatency 3.13.0.210.220
Available with Ubuntu Pro
linux-image-server 3.13.0.210.220
Available with Ubuntu Pro
linux-image-virtual 3.13.0.210.220
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7986-1
CVE-2024-26689, CVE-2024-53197, CVE-2024-57850, CVE-2025-38352
[USN-7988-2] Linux kernel (FIPS) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7988-2
January 29, 2026
linux-aws-fips, linux-fips vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws-fips: Linux kernel for Amazon Web Services (AWS) systems with FIPS
- linux-fips: Linux kernel with FIPS
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Media drivers;
- NVME drivers;
- File systems infrastructure;
- Timer subsystem;
- Memory management;
- Packet sockets;
(CVE-2022-48986, CVE-2024-27078, CVE-2024-49959, CVE-2024-50195,
CVE-2024-56606, CVE-2024-56756, CVE-2025-39993)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
linux-image-4.15.0-1143-fips 4.15.0-1143.155
Available with Ubuntu Pro
linux-image-4.15.0-2126-aws-fips 4.15.0-2126.132
Available with Ubuntu Pro
linux-image-aws-fips 4.15.0.2126.120
Available with Ubuntu Pro
linux-image-aws-fips-4.15 4.15.0.2126.120
Available with Ubuntu Pro
linux-image-fips 4.15.0.1143.140
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7988-2
https://ubuntu.com/security/notices/USN-7988-1
CVE-2022-48986, CVE-2024-27078, CVE-2024-49959, CVE-2024-50195,
CVE-2024-56606, CVE-2024-56756, CVE-2025-39993
Package Information:
https://launchpad.net/ubuntu/+source/linux-aws-fips/4.15.0-2126.132
https://launchpad.net/ubuntu/+source/linux-fips/4.15.0-1143.155
