Alerts This Week
Warning Icon 1 1,109
Alerts This Week
Warning Icon 1 1,109

Ubuntu 22.04: linux-kvm Critical Insufficient Isolation CVE-2025-40300

ubuntu
Calendar Grey December 15, 2025
Dist Ubuntu Esm H88
Address security risks in Ubuntu 22.04 LTS regarding kernel vulnerabilities and their fixes in linux-kvm.
Several security issues were fixed in the Linux kernel.

Summary

Several security issues were fixed in the Linux kernel.

Software Description:

- linux-kvm: Linux kernel for cloud environments

Details:

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered

that the Linux kernel contained insufficient branch predictor isolation

between a guest and a userspace hypervisor for certain processors. This

flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this

to expose sensitive information from the host OS. (CVE-2025-40300)

Several security issues were discovered in the Linux kernel.

An attacker could possibly use these to compromise the system.

This update corrects flaws in the following subsystems:

- ARM32 architecture;

- ARM64 architecture;

- MIPS architecture;

- PowerPC architecture;

- RISC-V architecture;

- S390 architecture;

- x86 architecture;

- Block layer subsystem;

- ACPI drivers;

- ATM drivers;

- DRBD Distributed Replicated Block Device drivers;

- Bus devices;

...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
   linux-image-5.15.0-1089-kvm     5.15.0-1089.94
   linux-image-kvm                 5.15.0.1089.85
   linux-image-kvm-5.15            5.15.0.1089.85

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

https://ubuntu.com/security/notices/USN-7933-1

CVE-2022-50070, CVE-2022-50327, CVE-2023-52593, CVE-2023-52935,

CVE-2023-53074, CVE-2024-26700, CVE-2024-26896, CVE-2024-50061,

CVE-2024-53068, CVE-2025-37925, CVE-2025-37968, CVE-2025-38095,

CVE-2025-38148, CVE-2025-38165, CVE-2025-38335, CVE-2025-38347,

CVE-2025-38468, CVE-2025-38470, CVE-2025-38473, CVE-2025-38474,

CVE-2025-38476, CVE-2025-38477, CVE-2025-38478, CVE-2025-38480,

CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38487,

CVE-2025-38488, CVE-2025-38494, CVE-2025-38495, CVE-2025-38497,

CVE-2025-38499, CVE-2025-38502, CVE-2025-38527, CVE-2025-38528,

CVE-2025-38529, CVE-2025-38530, CVE-2025-38535, CVE-2025-38538,

CVE-2025-38539, CVE-2025-38548, CVE-2025-38550, CVE-2025-38553,

CVE-2025-38555, CVE-2025-38563, CVE-2025-38565, CVE-2025-38569,

CVE-2025-38572, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577,

CVE-2025-38578, CVE-2025-38579, CVE-2025-38581, CVE-2025-38583,

CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38608,

CVE-2025-38609, CVE-2025-38612, CVE-2025-38614, CVE-2025-38617,

CVE-2025-38618, CVE-2025-38622, CVE-2025-38623, CVE-2025-38624,

CVE-2025-38630, CVE-2025-38634, CVE-2025-38635, CVE-2025-38639,

CVE-2025-38645, CVE-2025-38650, CVE-2025-38652, CVE-2025-38663,

CVE-2025-38664, CVE-2025-38666, CVE-2025-38668, CVE-2025-38670,

CVE-2025-38671, CVE-2025-38676, CVE-2025-38677, CVE-2025-38678,

CVE-2025-38680, CVE-2025-38681, CVE-2025-38683, CVE-2025-38684,

CVE-2025-38685, CVE-2025-38687, CVE-2025-38691, CVE-2025-38693,

CVE-2025-38694, CVE-2025-38695, CVE-2025-38696, CVE-2025-38697,

CVE-2025-38698, CVE-2025-38699, CVE-2025-38700, CVE-2025-38701,

CVE-2025-38706, CVE-2025-38707, CVE-2025-38708, CVE-2025-38711,

CVE-2025-38712, CVE-2025-38713, CVE-2025-38714, CVE-2025-38715,

CVE-2025-38718, CVE-2025-38721, CVE-2025-38724, CVE-2025-38725,

CVE-2025-38727, CVE-2025-38729, CVE-2025-38732, CVE-2025-39673,

CVE-2025-39675, CVE-2025-39676, CVE-2025-39681, CVE-2025-39683,

CVE-2025-39684, CVE-2025-39685, CVE-2025-39686, CVE-2025-39687,

CVE-2025-39689, CVE-2025-39691, CVE-2025-39693, CVE-2025-39697,

CVE-2025-39702, CVE-2025-39703, CVE-2025-39709, CVE-2025-39710,

CVE-2025-39713, CVE-2025-39714, CVE-2025-39724, CVE-2025-39730,

CVE-2025-39734, CVE-2025-39736, CVE-2025-39737, CVE-2025-39738,

CVE-2025-39742, CVE-2025-39743, CVE-2025-39749, CVE-2025-39752,

CVE-2025-39756, CVE-2025-39757, CVE-2025-39760, CVE-2025-39766,

CVE-2025-39772, CVE-2025-39773, CVE-2025-39776, CVE-2025-39782,

CVE-2025-39783, CVE-2025-39787, CVE-2025-39788, CVE-2025-39790,

CVE-2025-39794, CVE-2025-39795, CVE-2025-39798, CVE-2025-39801,

CVE-2025-39806, CVE-2025-39808, CVE-2025-39812, CVE-2025-39813,

CVE-2025-39817, CVE-2025-39823, CVE-2025-39824, CVE-2025-39828,

CVE-2025-39835, CVE-2025-39839, CVE-2025-39841, CVE-2025-39844,

CVE-2025-39845, CVE-2025-39846, CVE-2025-39847, CVE-2025-39848,

CVE-2025-39853, CVE-2025-39860, CVE-2025-39864, CVE-2025-39865,

CVE-2025-39866, CVE-2025-39891, CVE-2025-39894, CVE-2025-39902,

CVE-2025-39920, CVE-2025-40300

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7933-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here