Home / mailingsPDF  

[USN-8490-1] Linux kernel vulnerabilities

Posted on 01 July 2026
Ubuntu Security

==========================================================================Ubuntu Security Notice USN-8490-1
July 01, 2026

linux vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.10

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- Block layer subsystem;
- Cryptographic API;
- DMA engine subsystem;
- InfiniBand drivers;
- STMicroelectronics network drivers;
- Network drivers;
- NVME drivers;
- SCSI subsystem;
- USB over IP driver;
- File systems infrastructure;
- Ext4 file system;
- Network file system (NFS) server daemon;
- SMB network file system;
- Kernel thread helper (kthread);
- IPv6 networking;
- Tracing infrastructure;
- Kernel exit() syscall;
- Scatterlist API;
- B.A.T.M.A.N. meshing protocol;
- Ethernet bridge;
- Ceph Core library;
- IPv4 networking;
- Multipath TCP;
- Netfilter;
- RxRPC session sockets;
- SMC sockets;
- X.25 network layer;
(CVE-2026-22984, CVE-2026-23272, CVE-2026-23278, CVE-2026-23392,
CVE-2026-23427, CVE-2026-23428, CVE-2026-23450, CVE-2026-23455,
CVE-2026-31402, CVE-2026-31418, CVE-2026-31436, CVE-2026-31448,
CVE-2026-31478, CVE-2026-31607, CVE-2026-31635, CVE-2026-31637,
CVE-2026-31649, CVE-2026-31657, CVE-2026-31659, CVE-2026-31668,
CVE-2026-31669, CVE-2026-31682, CVE-2026-31685, CVE-2026-31718,
CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43071,
CVE-2026-43083, CVE-2026-43114, CVE-2026-43117, CVE-2026-43125,
CVE-2026-43186, CVE-2026-43197, CVE-2026-43304, CVE-2026-43341,
CVE-2026-43376, CVE-2026-43378, CVE-2026-43383, CVE-2026-43384,
CVE-2026-43402, CVE-2026-43406, CVE-2026-43407, CVE-2026-43414,
CVE-2026-43493, CVE-2026-43501, CVE-2026-45898, CVE-2026-45988,
CVE-2026-46039, CVE-2026-46043, CVE-2026-46115, CVE-2026-46119,
CVE-2026-46135, CVE-2026-46185, CVE-2026-46195, CVE-2026-46243,
CVE-2026-46244, CVE-2026-46266, CVE-2026-46289, CVE-2026-46316,
CVE-2026-46325)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
linux-image-6.17.0-40-generic 6.17.0-40.40
linux-image-6.17.0-40-generic-64k 6.17.0-40.40
linux-image-generic 6.17.0-40.40
linux-image-generic-6.17 6.17.0-40.40
linux-image-generic-64k 6.17.0-40.40
linux-image-generic-64k-6.17 6.17.0-40.40
linux-image-oem-24.04 6.17.0-40.40
linux-image-oem-24.04c 6.17.0-40.40
linux-image-virtual 6.17.0-40.40
linux-image-virtual-6.17 6.17.0-40.40

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-8490-1
CVE-2026-22984, CVE-2026-23272, CVE-2026-23278, CVE-2026-23392,
CVE-2026-23427, CVE-2026-23428, CVE-2026-23450, CVE-2026-23455,
CVE-2026-31402, CVE-2026-31418, CVE-2026-31436, CVE-2026-31448,
CVE-2026-31478, CVE-2026-31607, CVE-2026-31635, CVE-2026-31637,
CVE-2026-31649, CVE-2026-31657, CVE-2026-31659, CVE-2026-31668,
CVE-2026-31669, CVE-2026-31682, CVE-2026-31685, CVE-2026-31718,
CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43071,
CVE-2026-43083, CVE-2026-43114, CVE-2026-43117, CVE-2026-43125,
CVE-2026-43186, CVE-2026-43197, CVE-2026-43304, CVE-2026-43341,
CVE-2026-43376, CVE-2026-43378, CVE-2026-43383, CVE-2026-43384,
CVE-2026-43402, CVE-2026-43406, CVE-2026-43407, CVE-2026-43414,
CVE-2026-43493, CVE-2026-43501, CVE-2026-45898, CVE-2026-45988,
CVE-2026-46039, CVE-2026-46043, CVE-2026-46115, CVE-2026-46119,
CVE-2026-46135, CVE-2026-46185, CVE-2026-46195, CVE-2026-46243,
CVE-2026-46244, CVE-2026-46266, CVE-2026-46289, CVE-2026-46316,
CVE-2026-46325

Package Information:
https://launchpad.net/ubuntu/+source/linux/6.17.0-40.40


--=-=-=Content-Type: application/pgp-signature; name="signature.asc"

 

TOP