Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
172
security advisorysystem integrityubuntuUbuntu 20.04 LTS: USN-7516-3 critical: kernel security issues
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-7516-3 May 20, 2025 linux-azure, linux-kvm vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-kvm: Linux kernel for cloud environments Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver; - Character device driver; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Media drivers; - Network drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SCSI subsystem; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - File systems infrastructure; - BTRFS file system; - NILFS2 file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Process Accounting mechanism; - printk logging mechanism; - Scheduler infrastructure; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Tomoyo securitymodule; (CVE-2025-21719, CVE-2024-58069, CVE-2025-21914, CVE-2025-21928, CVE-2025-21909, CVE-2025-21772, CVE-2025-21814, CVE-2025-21721, CVE-2024-50055, CVE-2025-21917, CVE-2025-21862, CVE-2025-21806, CVE-2025-21647, CVE-2024-58051, CVE-2024-57986, CVE-2024-57981, CVE-2025-21904, CVE-2025-21925, CVE-2025-21859, CVE-2025-21948, CVE-2024-58052, CVE-2025-21922, CVE-2024-26996, CVE-2024-26982, CVE-2025-21858, CVE-2024-58090, CVE-2024-58085, CVE-2025-21718, CVE-2025-21762, CVE-2025-21753, CVE-2025-21763, CVE-2025-21760, CVE-2024-58010, CVE-2025-21920, CVE-2025-21916, CVE-2025-21776, CVE-2025-21728, CVE-2024-58002, CVE-2025-21781, CVE-2024-58072, CVE-2025-21735, CVE-2025-21749, CVE-2025-21731, CVE-2025-21835, CVE-2024-56599, CVE-2025-21877, CVE-2025-21785, CVE-2025-21704, CVE-2024-57979, CVE-2024-58007, CVE-2024-57977, CVE-2025-21761, CVE-2025-21787, CVE-2025-21846, CVE-2024-58063, CVE-2025-21898, CVE-2025-21791, CVE-2025-21934, CVE-2025-21926, CVE-2025-21764, CVE-2025-21811, CVE-2025-21722, CVE-2025-21715, CVE-2024-58020, CVE-2024-58001, CVE-2024-58071, CVE-2025-21905, CVE-2024-58014, CVE-2025-21736, CVE-2025-21865, CVE-2023-52741, CVE-2025-21935, CVE-2025-21910, CVE-2024-57980, CVE-2025-21744, CVE-2024-58055, CVE-2025-21823, CVE-2021-47191, CVE-2025-21866, CVE-2024-58083, CVE-2025-21871, CVE-2025-21782, CVE-2025-21848, CVE-2024-58009, CVE-2025-21971, CVE-2024-58058, CVE-2024-58017, CVE-2025-21765, CVE-2024-57973, CVE-2025-21708) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS linux-image-5.4.0-1133-kvm 5.4.0-1133.142 linux-image-5.4.0-1151-azure 5.4.0-1151.158 linux-image-azure-lts-20.04 5.4.0.1151.145 linux-image-kvm 5.4.0.1133.129 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernelmodules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7516-3 https://ubuntu.com/security/notices/USN-7516-2 https://ubuntu.com/security/notices/USN-7516-1 CVE-2021-47191, CVE-2023-52741, CVE-2024-26982, CVE-2024-26996, CVE-2024-50055, CVE-2024-56599, CVE-2024-57973, CVE-2024-57977, CVE-2024-57979, CVE-2024-57980, CVE-2024-57981, CVE-2024-57986, CVE-2024-58001, CVE-2024-58002, CVE-2024-58007, CVE-2024-58009, CVE-2024-58010, CVE-2024-58014, CVE-2024-58017, CVE-2024-58020, CVE-2024-58051, CVE-2024-58052, CVE-2024-58055, CVE-2024-58058, CVE-2024-58063, CVE-2024-58069, CVE-2024-58071, CVE-2024-58072, CVE-2024-58083, CVE-2024-58085, CVE-2024-58090, CVE-2025-21647, CVE-2025-21704, CVE-2025-21708, CVE-2025-21715, CVE-2025-21718, CVE-2025-21719, CVE-2025-21721, CVE-2025-21722, CVE-2025-21728, CVE-2025-21731, CVE-2025-21735, CVE-2025-21736, CVE-2025-21744, CVE-2025-21749, CVE-2025-21753, CVE-2025-21760, CVE-2025-21761, CVE-2025-21762, CVE-2025-21763, CVE-2025-21764, CVE-2025-21765, CVE-2025-21772, CVE-2025-21776, CVE-2025-21781, CVE-2025-21782, CVE-2025-21785, CVE-2025-21787, CVE-2025-21791, CVE-2025-21806, CVE-2025-21811, CVE-2025-21814, CVE-2025-21823, CVE-2025-21835, CVE-2025-21846, CVE-2025-21848, CVE-2025-21858, CVE-2025-21859, CVE-2025-21862, CVE-2025-21865, CVE-2025-21866, CVE-2025-21871, CVE-2025-21877, CVE-2025-21898, CVE-2025-21904, CVE-2025-21905, CVE-2025-21909, CVE-2025-21910, CVE-2025-21914, CVE-2025-21916, CVE-2025-21917, CVE-2025-21920, CVE-2025-21922, CVE-2025-21925, CVE-2025-21926, CVE-2025-21928, CVE-2025-21934, CVE-2025-21935, CVE-2025-21948, CVE-2025-21971 Package Information: https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1151.158 https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1133.142 .Numerous critical vulnerabilities in the Linux core for Ubuntu 20.04 LTS have been addressed. Ensure that your system is updated without delay.. Ubuntu Security Notice, Kernel Update, Linux Integrity, Linux Azure Security. . Severity: Critical. LinuxSecurity.com Team
May 20, 2025
•Critical
Ubuntu
172
security advisorycriticalubuntuUbuntu 18.04 LTS USN-5985-1 Critical: Kernel Denial Of Service Risks
Several security issues were fixed in the Linux kernel.. =========================================================================Ubuntu Security Notice USN-5985-1 March 29, 2023 linux-aws-5.4, linux-azure-5.4, linux-gcp-5.4, linux-hwe-5.4, linux-ibm-5.4, linux-oracle-5.4, linux-raspi-5.4 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-aws-5.4: Linux kernel for Amazon Web Services (AWS) systems - linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems - linux-gcp-5.4: Linux kernel for Google Cloud Platform (GCP) systems - linux-hwe-5.4: Linux hardware enablement (HWE) kernel - linux-ibm-5.4: Linux kernel for IBM cloud systems - linux-oracle-5.4: Linux kernel for Oracle Cloud systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Details: It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. (CVE-2022-2196) Gerald Lee discovered that the USB Gadget file system implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4382) It was discovered that the RNDIS USB driver in the Linux kernel contained an integer overflow vulnerability. A local attacker with physical access could plug in a malicious USB device tocause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-23559) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: linux-image-5.4.0-1046-ibm 5.4.0-1046.51~18.04.1 linux-image-5.4.0-1082-raspi 5.4.0-1082.93~18.04.1 linux-image-5.4.0-1098-oracle 5.4.0-1098.107~18.04.1 linux-image-5.4.0-1099-aws 5.4.0-1099.107~18.04.1 linux-image-5.4.0-1102-gcp 5.4.0-1102.111~18.04.2 linux-image-5.4.0-1105-azure 5.4.0-1105.111~18.04.1 linux-image-5.4.0-146-generic 5.4.0-146.163~18.04.1 linux-image-5.4.0-146-generic-lpae 5.4.0-146.163~18.04.1 linux-image-5.4.0-146-lowlatency 5.4.0-146.163~18.04.1 linux-image-aws 5.4.0.1099.77 linux-image-azure 5.4.0.1105.78 linux-image-gcp 5.4.0.1102.78 linux-image-generic-hwe-18.04 5.4.0.146.163~18.04.117 linux-image-generic-lpae-hwe-18.04 5.4.0.146.163~18.04.117 linux-image-ibm 5.4.0.1046.57 linux-image-lowlatency-hwe-18.04 5.4.0.146.163~18.04.117 linux-image-oem 5.4.0.146.163~18.04.117 linux-image-oem-osp1 5.4.0.146.163~18.04.117 linux-image-oracle 5.4.0.1098.107~18.04.70 linux-image-raspi-hwe-18.04 5.4.0.1082.79 linux-image-snapdragon-hwe-18.04 5.4.0.146.163~18.04.117 linux-image-virtual-hwe-18.04 5.4.0.146.163~18.04.117 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-5985-1 CVE-2021-3669, CVE-2022-2196, CVE-2022-4382, CVE-2023-23559 Package Information: https://launchpad.net/ubuntu/+source/linux-aws-5.4/5.4.0-1099.107~18.04.1 https://launchpad.net/ubuntu/+source/linux-azure-5.4/5.4.0-1105.111~18.04.1 https://launchpad.net/ubuntu/+source/linux-gcp-5.4/5.4.0-1102.111~18.04.2 https://launchpad.net/ubuntu/+source/linux-hwe-5.4/5.4.0-146.163~18.04.1 https://launchpad.net/ubuntu/+source/linux-ibm-5.4/5.4.0-1046.51~18.04.1 https://launchpad.net/ubuntu/+source/linux-oracle-5.4/5.4.0-1098.107~18.04.1 https://launchpad.net/ubuntu/+source/linux-raspi-5.4/5.4.0-1082.93~18.04.1 . Several vulnerabilities within the Linux kernel on Ubuntu have been addressed through updates and patches, aiming to improve overall system robustness.. Ubuntu Kernel Issues, Cloud Security, Linux System Update. . Severity: Critical. LinuxSecurity.com Team
Mar 29, 2023
•Critical
Ubuntu
172
security advisoryDoSkernel patchUbuntu 16.04 LTS: USN-3740-2 Moderate: Memory Exposure Risks
Several security issues were fixed in the Linux kernel.. =========================================================================Ubuntu Security Notice USN-3740-2 August 14, 2018 linux-hwe, linux-azure, linux-gcp vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-hwe: Linux hardware enablement (HWE) kernel Details: USN-3740-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local attacker in a guest virtual machine could use this to expose sensitive information (memory from other guests or the host OS). (CVE-2018-3646) It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local attacker could use this to expose sensitive information (memory from the kernel or other processes). (CVE-2018-3620) Juha-Matti Tilli discovered that the IP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packet fragments. A remote attacker could use this to cause a denial of service. (CVE-2018-5391) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: linux-image-4.15.0-1017-gcp 4.15.0-1017.18~16.04.1 linux-image-4.15.0-1021-azure 4.15.0-1021.21~16.04.1 linux-image-4.15.0-32-generic 4.15.0-32.35~16.04.1 linux-image-4.15.0-32-generic-lpae 4.15.0-32.35~16.04.1 linux-image-4.15.0-32-lowlatency 4.15.0-32.35~16.04.1 linux-image-azure 4.15.0.1021.27 linux-image-gcp 4.15.0.1017.29 linux-image-generic-hwe-16.04 4.15.0.32.54 linux-image-generic-lpae-hwe-16.04 4.15.0.32.54 linux-image-gke 4.15.0.1017.29 linux-image-lowlatency-hwe-16.04 4.15.0.32.54 linux-image-virtual-hwe-16.04 4.15.0.32.54 Please note that the recommended mitigation for CVE-2018-3646 involves updating processor microcode in addition to updating the kernel; however, the kernel includes a fallback for processors that have not received microcode updates. After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-3740-2 https://ubuntu.com/security/notices/USN-3740-1 CVE-2018-3620, CVE-2018-3646, CVE-2018-5391, https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/L1TF Package Information: https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1021.21~16.04.1 https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1017.18~16.04.1 https://launchpad.net/ubuntu/+source/linux-hwe/4.15.0-32.35~16.04.1 . Ubuntu Security Notice USN-3740-2 August 14, 2018 linux-hwe, linux-azure, linux-gcp vulnerabilities . security, linux, kernel, ============================================. . LinuxSecurity.com Team
Aug 14, 2018
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!