Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Ubuntu 22.04 LTS USN-7597-2 critical: linux-azure-fips access issue

ubuntu
Calendar Grey June 24, 2025
Dist Ubuntu Esm H88
A number of vulnerabilities have been addressed in the Linux kernel for Azure FIPS within Ubuntu 22.04 LTS, notably including a permissions oversight.
Several security issues were fixed in the Linux kernel.

Summary

Several security issues were fixed in the Linux kernel.

Software Description:

- linux-azure-fips: Linux kernel for Microsoft Azure Cloud systems with FIPS

Details:

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux

Kernel contained an improper access control vulnerability. A nearby

attacker could use this to connect a rougue device and possibly execute

arbitrary code. (CVE-2024-8805)

Several security issues were discovered in the Linux kernel.

An attacker could possibly use these to compromise the system.

This update corrects flaws in the following subsystems:

- PowerPC architecture;

- x86 architecture;

- ACPI drivers;

- Clock framework and drivers;

- GPU drivers;

- HID subsystem;

- InfiniBand drivers;

- Media drivers;

- MemoryStick subsystem;

- Network drivers;

- Mellanox network drivers;

- NTB driver;

- PCI subsystem;

- Voltage and Current Regulator drivers;

- Remote Processor ...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
   linux-image-5.15.0-1091-azure-fips  5.15.0-1091.100+fips1
                                   Available with Ubuntu Pro
   linux-image-azure-fips          5.15.0.1091.76
                                   Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

https://ubuntu.com/security/notices/USN-7597-2

https://ubuntu.com/security/notices/USN-7597-1

CVE-2022-49636, CVE-2022-49728, CVE-2023-53034, CVE-2024-36945,

CVE-2024-42230, CVE-2024-46753, CVE-2024-46812, CVE-2024-46821,

CVE-2024-53144, CVE-2024-56664, CVE-2024-58093, CVE-2024-8805,

CVE-2025-21941, CVE-2025-21956, CVE-2025-21957, CVE-2025-21959,

CVE-2025-21962, CVE-2025-21963, CVE-2025-21964, CVE-2025-21968,

CVE-2025-21970, CVE-2025-21975, CVE-2025-21981, CVE-2025-21991,

CVE-2025-21992, CVE-2025-21994, CVE-2025-21996, CVE-2025-21999,

CVE-2025-22004, CVE-2025-22005, CVE-2025-22007, CVE-2025-22008,

CVE-2025-22010, CVE-2025-22014, CVE-2025-22018, CVE-2025-22020,

CVE-2025-22021, CVE-2025-22025, CVE-2025-22035, CVE-2025-22044,

CVE-2025-22045, CVE-2025-22050, CVE-2025-22054, CVE-2025-22055,

CVE-2025-22056, CVE-2025-22060, CVE-2025-22063, CVE-2025-22066,

CVE-2025-22071, CVE-2025-22073, CVE-2025-22075, CVE-2025-22079,

CVE-2025-22081, CVE-2025-22086, CVE-2025-22089, CVE-2025-22097,

CVE-2025-23136, CVE-2025-23138, CVE-2025-37785, CVE-2025-37889,

CVE-2025-37937, CVE-2025-38152, CVE-2025-38575, CVE-2025-38637,

CVE-2025-39728, CVE-2025-39735

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7597-2

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here