Ubuntu 20.04 LTS Linux-GCP OverlayFS Privilege Escalation USN-8297-1
ubuntu
May 22, 2026
Several security issues were fixed in the Linux kernel.
Summary
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-gcp-5.15: Linux kernel for Google Cloud Platform (GCP) systems
Details:
Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS
implementation in the Ubuntu Linux kernel did not properly perform
permission checks in certain situations. A local attacker could possibly
use this to gain elevated privileges. (CVE-2023-2640)
Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in
the Ubuntu Linux kernel did not properly perform permission checks in
certain situations. A local attacker could possibly use this to gain
elevated privileges. (CVE-2023-32629)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- Block layer subsystem;
- Drivers core;
- Bluetooth drivers;
- DMA engine subsystem;
- GPU dri...
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.15.0-1106-gcp 5.15.0-1106.115~20.04.1
Available with Ubuntu Pro
linux-image-gcp 5.15.0.1106.115~20.04.1
Available with Ubuntu Pro
linux-image-gcp-5.15 5.15.0.1106.115~20.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.References
https://ubuntu.com/security/notices/USN-8297-1
CVE-2023-2640, CVE-2023-32629, CVE-2023-53421, CVE-2023-53520,
CVE-2023-53662, CVE-2023-54207, CVE-2025-38057, CVE-2025-38125,
CVE-2025-38232, CVE-2025-38408, CVE-2025-38591, CVE-2025-40149,
CVE-2025-40164, CVE-2025-68211, CVE-2025-68340, CVE-2025-68365,
CVE-2025-68725, CVE-2025-68817, CVE-2025-71162, CVE-2025-71163,
CVE-2025-71185, CVE-2025-71186, CVE-2025-71188, CVE-2025-71190,
CVE-2025-71191, CVE-2025-71194, CVE-2025-71196, CVE-2025-71197,
CVE-2025-71199, CVE-2026-22997, CVE-2026-22998, CVE-2026-22999,
CVE-2026-23001, CVE-2026-23003, CVE-2026-23011, CVE-2026-23026,
CVE-2026-23033, CVE-2026-23037, CVE-2026-23038, CVE-2026-23049,
CVE-2026-23056, CVE-2026-23058, CVE-2026-23061, CVE-2026-23063,
CVE-2026-23064, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075,
CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083,
CVE-2026-23084, CVE-2026-23085, CVE-2026-23087, CVE-2026-23089,
CVE-2026-23090, CVE-2026-23091, CVE-2026-23093, CVE-2026-23095,
CVE-2026-23096, CVE-2026-23097, CVE-2026-23098, CVE-2026-23099,
CVE-2026-23101, CVE-2026-23103, CVE-2026-23105, CVE-2026-23108,
CVE-2026-23112, CVE-2026-23119, CVE-2026-23120, CVE-2026-23121,
CVE-2026-23124, CVE-2026-23125, CVE-2026-23128, CVE-2026-23133,
CVE-2026-23145, CVE-2026-23146, CVE-2026-23150, CVE-2026-23164,
CVE-2026-23167, CVE-2026-23170, CVE-2026-23209
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-8297-1
Topics Covered
Package Information
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!