SecurityHome.eu [USN-7879-1] Linux kernel vulnerabilities

Home / mailings PDF

[USN-7879-1] Linux kernel vulnerabilities
Posted on 21 November 2025
Ubuntu Security
==========================================================================Ubuntu Security Notice USN-7879-1
November 21, 2025

linux, linux-aws, linux-gcp, linux-hwe-6.14, linux-oracle, linux-realtime
vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04
- Ubuntu 24.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-realtime: Linux kernel for Real-time systems
- linux-hwe-6.14: Linux hardware enablement (HWE) kernel

Details:

It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- S390 architecture;
- x86 architecture;
- Network block device driver;
- Character device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- Hardware crypto device drivers;
- Device frequency scaling framework;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- I2C subsystem;
- IIO subsystem;
- IIO ADC drivers;
- InfiniBand drivers;
- Input Device core drivers;
- Multiple devices driver;
- Media drivers;
- Network drivers;
- Mellanox network drivers;
- PCI subsystem;
- PHY drivers;
- Pin controllers subsystem;
- x86 platform drivers;
- Power supply drivers;
- Powercap sysfs driver;
- Voltage and Current Regulator drivers;
- S/390 drivers;
- ASPEED SoC drivers;
- SPI subsystem;
- small TFT LCD display modules;
- Media staging drivers;
- USB Gadget drivers;
- vDPA drivers;
- VFIO drivers;
- Framebuffer layer;
- Xen hypervisor drivers;
- BTRFS file system;
- Ceph distributed file system;
- EFI Variable file system;
- File systems infrastructure;
- F2FS file system;
- GFS2 file system;
- Network file systems library;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- NTFS3 file system;
- Proc file system;
- SMB network file system;
- DRM display driver;
- io_uring subsystem;
- Internal shared memory driver;
- padata parallel execution mechanism;
- Networking subsytem;
- Bluetooth subsystem;
- Netfilter;
- UDP network protocol;
- Tracing infrastructure;
- BPF subsystem;
- Perf events;
- Padata parallel execution mechanism;
- Codetag library;
- KASAN memory debugging framework;
- Memory management;
- 802.1Q VLAN protocol;
- Appletalk network protocol;
- Asynchronous Transfer Mode (ATM) subsystem;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- Multipath TCP;
- Netlink;
- RxRPC session sockets;
- Network traffic control;
- SMC sockets;
- Sun RPC protocol;
- TIPC protocol;
- TLS protocol;
- VMware vSockets driver;
- Wireless networking;
- XFRM subsystem;
- ADI SoundPort AD1816A based soundcard drivers;
- MediaTek ASoC drivers;
- SOF drivers;
- USB sound devices;
- KVM subsystem;
(CVE-2025-38335, CVE-2025-38349, CVE-2025-38351, CVE-2025-38437,
CVE-2025-38438, CVE-2025-38439, CVE-2025-38440, CVE-2025-38441,
CVE-2025-38443, CVE-2025-38444, CVE-2025-38445, CVE-2025-38446,
CVE-2025-38448, CVE-2025-38449, CVE-2025-38450, CVE-2025-38451,
CVE-2025-38452, CVE-2025-38453, CVE-2025-38454, CVE-2025-38455,
CVE-2025-38456, CVE-2025-38457, CVE-2025-38458, CVE-2025-38459,
CVE-2025-38460, CVE-2025-38461, CVE-2025-38462, CVE-2025-38463,
CVE-2025-38464, CVE-2025-38465, CVE-2025-38466, CVE-2025-38467,
CVE-2025-38468, CVE-2025-38469, CVE-2025-38470, CVE-2025-38471,
CVE-2025-38472, CVE-2025-38473, CVE-2025-38474, CVE-2025-38475,
CVE-2025-38476, CVE-2025-38478, CVE-2025-38480, CVE-2025-38481,
CVE-2025-38482, CVE-2025-38483, CVE-2025-38484, CVE-2025-38485,
CVE-2025-38487, CVE-2025-38488, CVE-2025-38489, CVE-2025-38490,
CVE-2025-38491, CVE-2025-38492, CVE-2025-38493, CVE-2025-38494,
CVE-2025-38495, CVE-2025-38496, CVE-2025-38497, CVE-2025-38501,
CVE-2025-38503, CVE-2025-38505, CVE-2025-38506, CVE-2025-38507,
CVE-2025-38508, CVE-2025-38509, CVE-2025-38510, CVE-2025-38511,
CVE-2025-38512, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515,
CVE-2025-38516, CVE-2025-38517, CVE-2025-38520, CVE-2025-38521,
CVE-2025-38524, CVE-2025-38525, CVE-2025-38526, CVE-2025-38527,
CVE-2025-38528, CVE-2025-38529, CVE-2025-38530, CVE-2025-38531,
CVE-2025-38532, CVE-2025-38533, CVE-2025-38534, CVE-2025-38535,
CVE-2025-38537, CVE-2025-38538, CVE-2025-38539, CVE-2025-38540,
CVE-2025-38542, CVE-2025-38543, CVE-2025-38544, CVE-2025-38545,
CVE-2025-38546, CVE-2025-38547, CVE-2025-38548, CVE-2025-38549,
CVE-2025-38550, CVE-2025-38551, CVE-2025-38552, CVE-2025-38553,
CVE-2025-38555, CVE-2025-38556, CVE-2025-38557, CVE-2025-38558,
CVE-2025-38559, CVE-2025-38560, CVE-2025-38561, CVE-2025-38562,
CVE-2025-38563, CVE-2025-38565, CVE-2025-38566, CVE-2025-38567,
CVE-2025-38568, CVE-2025-38569, CVE-2025-38570, CVE-2025-38571,
CVE-2025-38572, CVE-2025-38573, CVE-2025-38574, CVE-2025-38576,
CVE-2025-38577, CVE-2025-38578, CVE-2025-38579, CVE-2025-38581,
CVE-2025-38582, CVE-2025-38583, CVE-2025-38584, CVE-2025-38585,
CVE-2025-38586, CVE-2025-38587, CVE-2025-38588, CVE-2025-38589,
CVE-2025-38590, CVE-2025-38593, CVE-2025-38595, CVE-2025-38601,
CVE-2025-38602, CVE-2025-38604, CVE-2025-38605, CVE-2025-38606,
CVE-2025-38608, CVE-2025-38609, CVE-2025-38610, CVE-2025-38612,
CVE-2025-38615, CVE-2025-38616, CVE-2025-38619, CVE-2025-38622,
CVE-2025-38623, CVE-2025-38624, CVE-2025-38625, CVE-2025-38626,
CVE-2025-38628, CVE-2025-38629, CVE-2025-38630, CVE-2025-38631,
CVE-2025-38632, CVE-2025-38634, CVE-2025-38635, CVE-2025-38639,
CVE-2025-38640, CVE-2025-38642, CVE-2025-38643, CVE-2025-38644,
CVE-2025-38645, CVE-2025-38646, CVE-2025-38648, CVE-2025-38649,
CVE-2025-38650, CVE-2025-38652, CVE-2025-38653, CVE-2025-38654,
CVE-2025-38655, CVE-2025-38659, CVE-2025-38660, CVE-2025-38662,
CVE-2025-38663, CVE-2025-38664, CVE-2025-38665, CVE-2025-38666,
CVE-2025-38668, CVE-2025-38670, CVE-2025-38671, CVE-2025-38675,
CVE-2025-38678, CVE-2025-39725, CVE-2025-39726, CVE-2025-39727,
CVE-2025-39730, CVE-2025-39731, CVE-2025-39732, CVE-2025-39734,
CVE-2025-39809, CVE-2025-39818, CVE-2025-40157)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
linux-image-6.14.0-1016-realtime 6.14.0-1016.16
linux-image-6.14.0-1017-aws 6.14.0-1017.17
linux-image-6.14.0-1017-aws-64k 6.14.0-1017.17
linux-image-6.14.0-1017-oracle 6.14.0-1017.17
linux-image-6.14.0-1017-oracle-64k 6.14.0-1017.17
linux-image-6.14.0-1020-gcp 6.14.0-1020.21
linux-image-6.14.0-1020-gcp-64k 6.14.0-1020.21
linux-image-6.14.0-36-generic 6.14.0-36.36
linux-image-6.14.0-36-generic-64k 6.14.0-36.36
linux-image-aws 6.14.0-1017.17
linux-image-aws-6.14 6.14.0-1017.17
linux-image-aws-64k 6.14.0-1017.17
linux-image-aws-64k-6.14 6.14.0-1017.17
linux-image-gcp 6.14.0-1020.21
linux-image-gcp-6.14 6.14.0-1020.21
linux-image-gcp-64k 6.14.0-1020.21
linux-image-gcp-64k-6.14 6.14.0-1020.21
linux-image-generic 6.14.0-36.36
linux-image-generic-6.14 6.14.0-36.36
linux-image-generic-64k 6.14.0-36.36
linux-image-generic-64k-6.14 6.14.0-36.36
linux-image-oem-24.04 6.14.0-36.36
linux-image-oem-24.04a 6.14.0-36.36
linux-image-oracle 6.14.0-1017.17
linux-image-oracle-6.14 6.14.0-1017.17
linux-image-oracle-64k 6.14.0-1017.17
linux-image-oracle-64k-6.14 6.14.0-1017.17
linux-image-realtime 6.14.0-1016.16
linux-image-realtime-6.14 6.14.0-1016.16
linux-image-virtual 6.14.0-36.36
linux-image-virtual-6.14 6.14.0-36.36

Ubuntu 24.04 LTS
linux-image-6.14.0-36-generic 6.14.0-36.36~24.04.1
linux-image-6.14.0-36-generic-64k 6.14.0-36.36~24.04.1
linux-image-generic-6.14 6.14.0-36.36~24.04.1
linux-image-generic-64k-6.14 6.14.0-36.36~24.04.1
linux-image-generic-64k-hwe-24.04 6.14.0-36.36~24.04.1
linux-image-generic-hwe-24.04 6.14.0-36.36~24.04.1
linux-image-virtual-6.14 6.14.0-36.36~24.04.1
linux-image-virtual-hwe-24.04 6.14.0-36.36~24.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7879-1
CVE-2024-36331, CVE-2025-38335, CVE-2025-38349, CVE-2025-38351,
CVE-2025-38437, CVE-2025-38438, CVE-2025-38439, CVE-2025-38440,
CVE-2025-38441, CVE-2025-38443, CVE-2025-38444, CVE-2025-38445,
CVE-2025-38446, CVE-2025-38448, CVE-2025-38449, CVE-2025-38450,
CVE-2025-38451, CVE-2025-38452, CVE-2025-38453, CVE-2025-38454,
CVE-2025-38455, CVE-2025-38456, CVE-2025-38457, CVE-2025-38458,
CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462,
CVE-2025-38463, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466,
CVE-2025-38467, CVE-2025-38468, CVE-2025-38469, CVE-2025-38470,
CVE-2025-38471, CVE-2025-38472, CVE-2025-38473, CVE-2025-38474,
CVE-2025-38475, CVE-2025-38476, CVE-2025-38478, CVE-2025-38480,
CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38484,
CVE-2025-38485, CVE-2025-38487, CVE-2025-38488, CVE-2025-38489,
CVE-2025-38490, CVE-2025-38491, CVE-2025-38492, CVE-2025-38493,
CVE-2025-38494, CVE-2025-38495, CVE-2025-38496, CVE-2025-38497,
CVE-2025-38501, CVE-2025-38503, CVE-2025-38505, CVE-2025-38506,
CVE-2025-38507, CVE-2025-38508, CVE-2025-38509, CVE-2025-38510,
CVE-2025-38511, CVE-2025-38512, CVE-2025-38513, CVE-2025-38514,
CVE-2025-38515, CVE-2025-38516, CVE-2025-38517, CVE-2025-38520,
CVE-2025-38521, CVE-2025-38524, CVE-2025-38525, CVE-2025-38526,
CVE-2025-38527, CVE-2025-38528, CVE-2025-38529, CVE-2025-38530,
CVE-2025-38531, CVE-2025-38532, CVE-2025-38533, CVE-2025-38534,
CVE-2025-38535, CVE-2025-38537, CVE-2025-38538, CVE-2025-38539,
CVE-2025-38540, CVE-2025-38542, CVE-2025-38543, CVE-2025-38544,
CVE-2025-38545, CVE-2025-38546, CVE-2025-38547, CVE-2025-38548,
CVE-2025-38549, CVE-2025-38550, CVE-2025-38551, CVE-2025-38552,
CVE-2025-38553, CVE-2025-38555, CVE-2025-38556, CVE-2025-38557,
CVE-2025-38558, CVE-2025-38559, CVE-2025-38560, CVE-2025-38561,
CVE-2025-38562, CVE-2025-38563, CVE-2025-38565, CVE-2025-38566,
CVE-2025-38567, CVE-2025-38568, CVE-2025-38569, CVE-2025-38570,
CVE-2025-38571, CVE-2025-38572, CVE-2025-38573, CVE-2025-38574,
CVE-2025-38576, CVE-2025-38577, CVE-2025-38578, CVE-2025-38579,
CVE-2025-38581, CVE-2025-38582, CVE-2025-38583, CVE-2025-38584,
CVE-2025-38585, CVE-2025-38586, CVE-2025-38587, CVE-2025-38588,
CVE-2025-38589, CVE-2025-38590, CVE-2025-38593, CVE-2025-38595,
CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38605,
CVE-2025-38606, CVE-2025-38608, CVE-2025-38609, CVE-2025-38610,
CVE-2025-38612, CVE-2025-38615, CVE-2025-38616, CVE-2025-38619,
CVE-2025-38622, CVE-2025-38623, CVE-2025-38624, CVE-2025-38625,
CVE-2025-38626, CVE-2025-38628, CVE-2025-38629, CVE-2025-38630,
CVE-2025-38631, CVE-2025-38632, CVE-2025-38634, CVE-2025-38635,
CVE-2025-38639, CVE-2025-38640, CVE-2025-38642, CVE-2025-38643,
CVE-2025-38644, CVE-2025-38645, CVE-2025-38646, CVE-2025-38648,
CVE-2025-38649, CVE-2025-38650, CVE-2025-38652, CVE-2025-38653,
CVE-2025-38654, CVE-2025-38655, CVE-2025-38659, CVE-2025-38660,
CVE-2025-38662, CVE-2025-38663, CVE-2025-38664, CVE-2025-38665,
CVE-2025-38666, CVE-2025-38668, CVE-2025-38670, CVE-2025-38671,
CVE-2025-38675, CVE-2025-38678, CVE-2025-39725, CVE-2025-39726,
CVE-2025-39727, CVE-2025-39730, CVE-2025-39731, CVE-2025-39732,
CVE-2025-39734, CVE-2025-39809, CVE-2025-39818, CVE-2025-40157

Package Information:
https://launchpad.net/ubuntu/+source/linux/6.14.0-36.36
https://launchpad.net/ubuntu/+source/linux-aws/6.14.0-1017.17
https://launchpad.net/ubuntu/+source/linux-gcp/6.14.0-1020.21
https://launchpad.net/ubuntu/+source/linux-oracle/6.14.0-1017.17
https://launchpad.net/ubuntu/+source/linux-realtime/6.14.0-1016.16
https://launchpad.net/ubuntu/+source/linux-hwe-6.14/6.14.0-36.36~24.04.1

--=-=-=Content-Type: application/pgp-signature; name="signature.asc"

TOP

Mailings :

Last 20

Exploits :

Last 20