Ubuntu alert USN-7684-3 (linux-aws, linux-lts-xenial)
| From: | Giampaolo Fresi Roglia <giampaolo.fresi.roglia@canonical.com> | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7684-3] Linux kernel vulnerabilities | |
| Date: | Thu, 31 Jul 2025 11:30:17 +0200 | |
| Message-ID: | <87y0s4btcm.fsf@canonical.com> |
========================================================================== Ubuntu Security Notice USN-7684-3 July 31, 2025 linux-aws, linux-lts-xenial vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SCSI subsystem; - TTY drivers; - Ext4 file system; - Bluetooth subsystem; - USB sound devices; (CVE-2024-49950, CVE-2024-49883, CVE-2024-53239, CVE-2024-50073, CVE-2023-52975) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS linux-image-4.4.0-1146-aws 4.4.0-1146.152 Available with Ubuntu Pro linux-image-4.4.0-271-generic 4.4.0-271.305~14.04.1 Available with Ubuntu Pro linux-image-4.4.0-271-lowlatency 4.4.0-271.305~14.04.1 Available with Ubuntu Pro linux-image-aws 4.4.0.1146.143 Available with Ubuntu Pro linux-image-generic-lts-xenial 4.4.0.271.305~14.04.1 Available with Ubuntu Pro linux-image-lowlatency-lts-xenial 4.4.0.271.305~14.04.1 Available with Ubuntu Pro linux-image-virtual-lts-xenial 4.4.0.271.305~14.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7684-3 https://ubuntu.com/security/notices/USN-7684-2 https://ubuntu.com/security/notices/USN-7684-1 CVE-2023-52975, CVE-2024-49883, CVE-2024-49950, CVE-2024-50073, CVE-2024-53239
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQHZBAEBCgBDFiEEBcMY+nwS2CY71sUWc4vdAqvdlsYFAmiLN6klHGdpYW1wYW9s by5mcmVzaS5yb2dsaWFAY2Fub25pY2FsLmNvbQAKCRBzi90Cq92Wxjh3DACaX7IJ npvm5CMwx0Di3SZ+yWZFnmlIv68DNdnaaYD1iV3Izc7PzNftw1AvqqAgha7M9pji F6uKsVqX5UomeqmV6FjApXW+0JTAHaaLSEwj5aRg6xo/I/iXAmsKThlAypa7I9TV lgh0wJCY6yzeeWEnrjRzeYGgxMN/O2AMFW6a1DVo09XgcWTHtZqIQVYYKkrzGMl4 blvfIIELhzHwUvJkorfyktynuBTJcjZ7pwFqyldHKfL+fAAtuizSvq9kf8ghI9Pj iXN2CrtNfVkYycCLLB9/XQBNIXwogmCIRmF7AYLfTnudMkiJ/a5gmiuyLKOL2oYe PyYgQK1VYr7zVTIlBG7enKHELtDE/4k7S8aUrwd6tKmmgBtfOQW6uCZ0ZHBhCit8 Fu+ptc9eqwW8cCXvI6PHuobzcyfSDggATHvnu73DwCki/6rz6mciBZ0btZohfcxB WaCA/Lu4hl/hIwKX1oaefr4MB3EnxeEd8Ovxd3h4kU54rDP0vus0jqV8h44= =g1s2 -----END PGP SIGNATURE-----