Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2025-40279 | In the Linux kernel, the following vulnerability has been resolved: net: sched: act_connmark: initialize struct tc_ife to fix kernel leak In tcf_co | linux linux-hwe-6.17 |
| CVE | CVE-2025-40278 | In the Linux kernel, the following vulnerability has been resolved: net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak Fix | linux linux-hwe-6.17 |
| CVE | CVE-2025-68209 | In the Linux kernel, the following vulnerability has been resolved: mlx5: Fix default values in create CQ Currently, CQs without a completion funct | linux linux-hwe-6.17 |
| CVE | CVE-2025-68206 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: add seqadj extension for natted connections Sequence adjustm | linux linux-hwe-6.17 |
| CVE | CVE-2025-40277 | In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE This dat | linux linux-hwe-6.17 |
| CVE | CVE-2025-40276 | In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Flush shmem writes before mapping buffers CPU-uncached The shmem l | linux linux-hwe-6.17 |
| CVE | CVE-2025-68243 | In the Linux kernel, the following vulnerability has been resolved: NFS: Check the TLS certificate fields in nfs_match_client() If the TLS security | linux linux-hwe-6.17 |
| CVE | CVE-2025-68242 | In the Linux kernel, the following vulnerability has been resolved: NFS: Fix LTP test failures when timestamps are delegated The utimes01 and utime | linux linux-hwe-6.17 |
| CVE | CVE-2025-40275 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd In | linux linux-hwe-6.17 |
| CVE | CVE-2025-68200 | In the Linux kernel, the following vulnerability has been resolved: bpf: Add bpf_prog_run_data_pointers() syzbot found that cls_bpf_classify() is a | linux linux-hwe-6.17 |
| CVE | CVE-2025-68208 | In the Linux kernel, the following vulnerability has been resolved: bpf: account for current allocated stack depth in widen_imprecise_scalars() The | linux linux-hwe-6.17 |
| CVE | CVE-2025-68247 | In the Linux kernel, the following vulnerability has been resolved: posix-timers: Plug potential memory leak in do_timer_create() When posix timer | linux linux-hwe-6.17 |
| CVE | CVE-2025-68239 | In the Linux kernel, the following vulnerability has been resolved: binfmt_misc: restore write access before closing files opened by open_exec() bm | linux linux-hwe-6.17 |
| CVE | CVE-2025-68202 | In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix unsafe locking in the scx_dump_state() For built with CONFIG_PRE | linux linux-hwe-6.17 |
| CVE | CVE-2025-40274 | In the Linux kernel, the following vulnerability has been resolved: KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying When u | linux linux-hwe-6.17 |
| CVE | CVE-2025-40212 | In the Linux kernel, the following vulnerability has been resolved: nfsd: fix refcount leak in nfsd_set_fh_dentry() nfsd exports a "pseudo root fil | linux linux-hwe-6.17 |
| CVE | CVE-2025-40273 | In the Linux kernel, the following vulnerability has been resolved: NFSD: free copynotify stateid in nfs4_free_ol_stateid() Typically copynotify st | linux linux-hwe-6.17 |
| CVE | CVE-2025-68246 | In the Linux kernel, the following vulnerability has been resolved: ksmbd: close accepted socket when per-IP limit rejects connection When the per- | linux linux-hwe-6.17 |
| CVE | CVE-2025-68211 | In the Linux kernel, the following vulnerability has been resolved: ksm: use range-walk function to jump over holes in scan_get_next_rmap_item Curr | linux linux-hwe-6.17 |
| CVE | CVE-2025-68241 | In the Linux kernel, the following vulnerability has been resolved: ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe The sit driv | linux linux-hwe-6.17 |
About
-
Send Feedback to @ubuntu_updates
