UbuntuUpdates

Bugs addressed in recent updates

Origin	Bug number	Title	Packages
CVE	CVE-2025-71233	In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creati	linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8
CVE	CVE-2026-23242	In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix potential NULL pointer dereference in header processing If siw_ge	linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8
CVE	CVE-2026-23243	In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative data_len in ib_umad_write ib_umad_write computes dat	linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8
CVE	CVE-2026-31411	In the Linux kernel, the following vulnerability has been resolved: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() Reproducer av	linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8
CVE	CVE-2025-71239	In the Linux kernel, the following vulnerability has been resolved: audit: add fchmodat2() to change attributes class fchmodat2(), introduced in ve	linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8
CVE	CVE-2026-23241	In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr() and li	linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8
CVE	CVE-2025-71266	In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check return value of indx_find to avoid infinite loop We found an i	linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8
CVE	CVE-2025-71265	In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata W	linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8
CVE	CVE-2025-71267	In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST We found an infi	linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8
CVE	CVE-2026-23249	In the Linux kernel, the following vulnerability has been resolved: xfs: check for deleted cursors when revalidating two btrees The free space and	linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8
Launchpad	2148260	Noble update: upstream stable patchset 2026-04-13	linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8
Launchpad	2148714	Noble update: upstream stable patchset 2026-04-17	linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8
Launchpad	2150809	Noble update: upstream stable patchset 2026-05-01	linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8
Launchpad	2141536	Some powerpc test from ubuntu_kernel_selftests timeout with 45 seconds	linux linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8
CVE	CVE-2026-31504	In the Linux kernel, the following vulnerability has been resolved: net: fix fanout UAF in packet_release() via NETDEV_UP race `packet_release()` h	linux linux linux linux-riscv linux linux-riscv-6.17 linux linux-nvidia-tegra linux-riscv-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux linux-hwe-6.17 linux-nvidia-tegra-igx linux-riscv linux linux-riscv-6.17 linux-hwe-6.17 linux linux-nvidia-tegra linux-riscv-6.8 linux-lowlatency-hwe-6.8 linux linux-nvidia-tegra-igx linux-nvidia-tegra linux linux-nvidia-tegra linux-hwe-6.17 linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux linux-hwe-6.17 linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8 linux-riscv
CVE	CVE-2026-31533	In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption The -EBUS	linux linux linux linux-riscv linux linux-riscv-6.17 linux linux-nvidia-tegra linux-riscv-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux linux-hwe-6.17 linux-nvidia-tegra-igx linux-riscv linux linux-riscv-6.17 linux-hwe-6.17 linux linux-nvidia-tegra linux-riscv-6.8 linux-lowlatency-hwe-6.8 linux linux-nvidia-tegra-igx linux-nvidia-tegra linux linux-nvidia-tegra linux-hwe-6.17 linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux linux-hwe-6.17 linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8 linux-riscv
CVE	CVE-2026-31419	In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bond_xmit_broadcast() bond_xmit_broadcast()	linux linux linux linux-riscv linux linux-riscv-6.17 linux linux-nvidia-tegra linux-riscv-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux linux-hwe-6.17 linux-nvidia-tegra-igx linux-riscv linux linux-riscv-6.17 linux-hwe-6.17 linux linux-nvidia-tegra linux-riscv-6.8 linux-lowlatency-hwe-6.8 linux linux-nvidia-tegra-igx linux-nvidia-tegra linux linux-nvidia-tegra linux-hwe-6.17 linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux linux-hwe-6.17 linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8 linux-riscv
CVE	CVE-2026-23278	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: always walk all pending catchall elements During transact	linux linux linux linux linux-hwe-6.17 linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux linux-hwe-6.17 linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8 linux-riscv
CVE	CVE-2026-23392	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release flowtable after rcu grace period on error Call sy	linux linux linux-hwe-6.17 linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux linux-hwe-6.17 linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8 linux-riscv
CVE	CVE-2026-31418	In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtype_del mtype_del() counts	linux linux linux linux linux-hwe-6.17 linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-xilinx linux linux-hwe-6.17 linux-lowlatency-hwe-6.8 linux-xilinx linux-riscv-6.8 linux-riscv

About - Send Feedback to @ubuntu_updates

Bugs addressed in recent updates

Share this page

Bookmarks

Latest updates

proposed

PPA updates