Alerts This Week
Warning Icon 1 775
Alerts This Week
Warning Icon 1 775

Ubuntu 25.04 USN-7860-1: Linux Kernel Critical Info Leak CVE-2025-40300

ubuntu
Calendar Grey November 6, 2025
Dist Ubuntu Esm H88
A critical vulnerability in the Linux kernel may expose sensitive information on Ubuntu systems. Update urgently.
The system could be made to expose sensitive information.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.04 - Ubuntu 24.04 LTS Summary: The system could be made to expose sensitive information. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi systems - linux-realtime: Linux kernel for Real-time systems - linux-aws-6.14: Linux kernel for Amazon Web Services (AWS) systems - linux-gcp-6.14: Linux kernel for Google Cloud Platform (GCP) systems - linux-oem-6.14: Linux kernel for OEM systems - linux-oracle-6.14: Linux kernel for Oracle Cloud systems Details: Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory Ubuntu system update information exposure Linux kernel vmscape

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 linux-image-6.14.0-1015-realtime 6.14.0-1015.15 linux-image-6.14.0-1016-aws 6.14.0-1016.16 linux-image-6.14.0-1016-aws-64k 6.14.0-1016.16 linux-image-6.14.0-1016-oracle 6.14.0-1016.16 linux-image-6.14.0-1016-oracle-64k 6.14.0-1016.16 linux-image-6.14.0-1017-raspi 6.14.0-1017.17 linux-image-6.14.0-1019-gcp 6.14.0-1019.20 linux-image-6.14.0-1019-gcp-64k 6.14.0-1019.20 linux-image-6.14.0-35-generic 6.14.0-35.35 linux-image-6.14.0-35-generic-64k 6.14.0-35.35 linux-image-aws 6.14.0-1016.16 linux-image-aws-6.14 6.14.0-1016.16 linux-image-aws-64k 6.14.0-1016.16 linux-image-aws-64k-6.14 6.14.0-1016.16 linux-image-gcp 6.14.0-1019.20 linux-image-gcp-6.14 6.14.0-1019.20 linux-image-gcp-64k 6.14.0-1019.20 linux-image-gcp-64k-6.14 6.14.0-1019.20 linux-image-generic 6.14.0-35.35 linux-image-generic-6.14 6.14.0-35.35 linux-image-generic-64k 6.14.0-35.35 linux-image-generic-64k-6.14 6.14.0-35.35 linux-image-oracle 6.14.0-1016.16 linux-image-oracle-6.14 6.14.0-1016.16 linux-image-oracle-64k 6.14.0-1016.16 linux-image-oracle-64k-6.14 6.14.0-1016.16 linux-image-raspi 6.14.0-1017.17 linux-image-raspi-6.14 6.14.0-1017.17 linux-image-realtime 6.14.0-1015.15 linux-image-realtime-6.14 6.14.0-1015.15 linux-image-virtual 6.14.0-35.35 linux-image-virtual-6.14 6.14.0-35.35 Ubuntu 24.04 LTS linux-image-6.14.0-1015-oem 6.14.0-1015.15 linux-image-6.14.0-1016-aws 6.14.0-1016.16~24.04.1 linux-image-6.14.0-1016-aws-64k 6.14.0-1016.16~24.04.1 linux-image-6.14.0-1016-oracle 6.14.0-1016.16~24.04.1 linux-image-6.14.0-1016-oracle-64k 6.14.0-1016.16~24.04.1 linux-image-6.14.0-1019-gcp 6.14.0-1019.20~24.04.1 linux-image-6.14.0-1019-gcp-64k 6.14.0-1019.20~24.04.1 linux-image-aws 6.14.0-1016.16~24.04.1 linux-image-aws-6.14 6.14.0-1016.16~24.04.1 linux-image-aws-64k 6.14.0-1016.16~24.04.1 linux-image-aws-64k-6.14 6.14.0-1016.16~24.04.1 linux-image-gcp 6.14.0-1019.20~24.04.1 linux-image-gcp-6.14 6.14.0-1019.20~24.04.1 linux-image-gcp-64k 6.14.0-1019.20~24.04.1 linux-image-gcp-64k-6.14 6.14.0-1019.20~24.04.1 linux-image-oem-24.04 6.14.0-1015.15 linux-image-oem-24.04a 6.14.0-1015.15 linux-image-oem-24.04b 6.14.0-1015.15 linux-image-oem-24.04c 6.14.0-1015.15 linux-image-oem-6.14 6.14.0-1015.15 linux-image-oracle 6.14.0-1016.16~24.04.1 linux-image-oracle-6.14 6.14.0-1016.16~24.04.1 linux-image-oracle-64k 6.14.0-1016.16~24.04.1 linux-image-oracle-64k-6.14 6.14.0-1016.16~24.04.1 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

References

https://ubuntu.com/security/notices/USN-7860-1

CVE-2025-40300

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7860-1

Topics%20covered

Topics Covered

security advisory Ubuntu system update information exposure Linux kernel vmscape

Package Information

https://launchpad.net/ubuntu/+source/linux/6.14.0-35.35 https://launchpad.net/ubuntu/+source/linux-aws/6.14.0-1016.16 https://launchpad.net/ubuntu/+source/linux-oracle/6.14.0-1016.16 https://launchpad.net/ubuntu/+source/linux-raspi/6.14.0-1017.17 https://launchpad.net/ubuntu/+source/linux-aws-6.14/6.14.0-1016.16~24.04.1 https://launchpad.net/ubuntu/+source/linux-gcp-6.14/6.14.0-1019.20~24.04.1 https://launchpad.net/ubuntu/+source/linux-oem-6.14/6.14.0-1015.15 https://launchpad.net/ubuntu/+source/linux-oracle-6.14/6.14.0-1016.16~24.04.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here