Ubuntu 18.04 LTS Linux Kernel Critical Privilege Escalation USN-8390-1
Jun 04, 2026
•
LinuxSecurity Advisories
2 - 4 min read
Topics Covered
The system could be made to run programs as an administrator.
==========================================================================
Ubuntu Security Notice USN-8390-1
June 04, 2026
linux, linux-azure, linux-azure-4.15, linux-azure-fips, linux-fips,
linux-gcp-4.15, linux-gcp-fips, linux-kvm, linux-oracle vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 14.04 LTS
Summary:
The system could be made to run programs as an administrator.
Software Description:
- linux: Linux kernel
- linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems
- linux-azure-fips: Linux kernel for Microsoft Azure Cloud systems with FIPS
- linux-fips: Linux kernel with FIPS
- linux-gcp-4.15: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gcp-fips: Linux kernel for Google Cloud Platform (GCP) systems with
FIPS
- linux-kvm: Linux kernel for cloud environments
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
Details:
It was discovered that the Linux kernel did not properly handle shared page
fragments during socket buffer operations, collectively known as Dirty
Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the
RxRPC networking subsystem when processing paged fragments. A local
attacker could use this to escalate privileges, or possibly escape a
container.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
linux-image-4.15.0-1148-fips 4.15.0-1148.160
Available with Ubuntu Pro
linux-image-4.15.0-1155-oracle 4.15.0-1155.166
Available with Ubuntu Pro
linux-image-4.15.0-1175-kvm 4.15.0-1175.180
Available with Ubuntu Pro
linux-image-4.15.0-1186-gcp 4.15.0-1186.203
Available with Ubuntu Pro
linux-image-4.15.0-1202-azure 4.15.0-1202.217
Available with Ubuntu Pro
linux-image-4.15.0-2094-gcp-fips 4.15.0-2094.100
Available with Ubuntu Pro
linux-image-4.15.0-2111-azure-fips 4.15.0-2111.117
Available with Ubuntu Pro
linux-image-4.15.0-251-generic 4.15.0-251.263
Available with Ubuntu Pro
linux-image-4.15.0-251-lowlatency 4.15.0-251.263
Available with Ubuntu Pro
linux-image-azure-4.15 4.15.0.1202.170
Available with Ubuntu Pro
linux-image-azure-fips 4.15.0.2111.107
Available with Ubuntu Pro
linux-image-azure-fips-4.15 4.15.0.2111.107
Available with Ubuntu Pro
linux-image-azure-lts-18.04 4.15.0.1202.170
Available with Ubuntu Pro
linux-image-fips 4.15.0.1148.145
Available with Ubuntu Pro
linux-image-gcp-4.15 4.15.0.1186.199
Available with Ubuntu Pro
linux-image-gcp-fips 4.15.0.2094.92
Available with Ubuntu Pro
linux-image-gcp-fips-4.15 4.15.0.2094.92
Available with Ubuntu Pro
linux-image-gcp-lts-18.04 4.15.0.1186.199
Available with Ubuntu Pro
linux-image-generic 4.15.0.251.235
Available with Ubuntu Pro
linux-image-kvm 4.15.0.1175.166
Available with Ubuntu Pro
linux-image-lowlatency 4.15.0.251.235
Available with Ubuntu Pro
linux-image-oracle-4.15 4.15.0.1155.160
Available with Ubuntu Pro
linux-image-oracle-lts-18.04 4.15.0.1155.160
Available with Ubuntu Pro
linux-image-virtual 4.15.0.251.235
Available with Ubuntu Pro
Ubuntu 14.04 LTS
linux-image-4.15.0-1202-azure 4.15.0-1202.217~14.04.1
Available with Ubuntu Pro
linux-image-azure 4.15.0.1202.217~14.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8390-1
CVE-2026-43284
PREVIOUS
NEXT
Ubuntu 18.04 LTS Linux Kernel Critical Privilege Escalation USN-8390-1
ubuntu
June 4, 2026
The system could be made to run programs as an administrator.
Summary
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 14.04 LTS Summary: The system could be made to run programs as an administrator. Software Description: - linux: Linux kernel - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fips: Linux kernel for Microsoft Azure Cloud systems with FIPS - linux-fips: Linux kernel with FIPS - linux-gcp-4.15: Linux kernel for Google Cloud Platform (GCP) systems - linux-gcp-fips: Linux kernel for Google Cloud Platform (GCP) systems with FIPS - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems Details: It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processi...
Read the Full Advisory
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS linux-image-4.15.0-1148-fips 4.15.0-1148.160 Available with Ubuntu Pro linux-image-4.15.0-1155-oracle 4.15.0-1155.166 Available with Ubuntu Pro linux-image-4.15.0-1175-kvm 4.15.0-1175.180 Available with Ubuntu Pro linux-image-4.15.0-1186-gcp 4.15.0-1186.203 Available with Ubuntu Pro linux-image-4.15.0-1202-azure 4.15.0-1202.217 Available with Ubuntu Pro linux-image-4.15.0-2094-gcp-fips 4.15.0-2094.100 Available with Ubuntu Pro linux-image-4.15.0-2111-azure-fips 4.15.0-2111.117 Available with Ubuntu Pro linux-image-4.15.0-251-generic 4.15.0-251.263 Available with Ubuntu Pro linux-image-4.15.0-251-lowlatency 4.15.0-251.263 Available with Ubuntu Pro linux-image-azure-4.15 4.15.0.1202.170 Available with Ubuntu Pro linux-image-azure-fips 4.15.0.2111.107 Available with Ubuntu Pro linux-image-azure-fips-4.15 4.15.0.2111.107 Available with Ubuntu Pro linux-image-azure-lts-18.04 4.15.0.1202.170 Available with Ubuntu Pro linux-image-fips 4.15.0.1148.145 Available with Ubuntu Pro linux-image-gcp-4.15 4.15.0.1186.199 Available with Ubuntu Pro linux-image-gcp-fips 4.15.0.2094.92 Available with Ubuntu Pro linux-image-gcp-fips-4.15 4.15.0.2094.92 Available with Ubuntu Pro linux-image-gcp-lts-18.04 4.15.0.1186.199 Available with Ubuntu Pro linux-image-generic 4.15.0.251.235 Available with Ubuntu Pro linux-image-kvm 4.15.0.1175.166 Available with Ubuntu Pro linux-image-lowlatency 4.15.0.251.235 Available with Ubuntu Pro linux-image-oracle-4.15 4.15.0.1155.160 Available with Ubuntu Pro linux-image-oracle-lts-18.04 4.15.0.1155.160 Available with Ubuntu Pro linux-image-virtual 4.15.0.251.235 Available with Ubuntu Pro Ubuntu 14.04 LTS linux-image-4.15.0-1202-azure 4.15.0-1202.217~14.04.1 Available with Ubuntu Pro linux-image-azure 4.15.0.1202.217~14.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References
https://ubuntu.com/security/notices/USN-8390-1
CVE-2026-43284
Severity
critical
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-8390-1
Topics Covered
Package Information
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!