Ubuntu alert USN-7701-2 (linux-aws-fips, linux-fips, linux-gcp-fips)
| From: | Giampaolo Fresi Roglia <giampaolo.fresi.roglia@canonical.com> | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7701-2] Linux kernel (FIPS) vulnerabilities | |
| Date: | Wed, 20 Aug 2025 09:52:05 +0200 | |
| Message-ID: | <87qzx6juqi.fsf@canonical.com> |
========================================================================== Ubuntu Security Notice USN-7701-2 August 20, 2025 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-aws-fips: Linux kernel for Amazon Web Services (AWS) systems with FIPS - linux-fips: Linux kernel with FIPS - linux-gcp-fips: Linux kernel for Google Cloud Platform (GCP) systems with FIPS Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - SMB network file system; - Bluetooth subsystem; - Network traffic control; (CVE-2023-52757, CVE-2024-49950, CVE-2024-38541, CVE-2023-52975, CVE-2024-50073, CVE-2025-38083, CVE-2025-37797) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS linux-image-5.4.0-1123-fips 5.4.0-1123.133 Available with Ubuntu Pro linux-image-5.4.0-1149-aws-fips 5.4.0-1149.159+fips1 Available with Ubuntu Pro linux-image-5.4.0-1152-gcp-fips 5.4.0-1152.161+fips1 Available with Ubuntu Pro linux-image-aws-fips 5.4.0.1149.96 Available with Ubuntu Pro linux-image-aws-fips-5.4 5.4.0.1149.96 Available with Ubuntu Pro linux-image-fips 5.4.0.1123.120 Available with Ubuntu Pro linux-image-fips-5.4 5.4.0.1123.120 Available with Ubuntu Pro linux-image-gcp-fips 5.4.0.1152.94 Available with Ubuntu Pro linux-image-gcp-fips-5.4 5.4.0.1152.94 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7701-2 https://ubuntu.com/security/notices/USN-7701-1 CVE-2023-52757, CVE-2023-52975, CVE-2024-38541, CVE-2024-49950, CVE-2024-50073, CVE-2025-37797, CVE-2025-38083 Package Information: https://launchpad.net/ubuntu/+source/linux-aws-fips/5.4.0... https://launchpad.net/ubuntu/+source/linux-fips/5.4.0-112... https://launchpad.net/ubuntu/+source/linux-gcp-fips/5.4.0...
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQHZBAEBCgBDFiEEBcMY+nwS2CY71sUWc4vdAqvdlsYFAmilfqUlHGdpYW1wYW9s by5mcmVzaS5yb2dsaWFAY2Fub25pY2FsLmNvbQAKCRBzi90Cq92WxrqBC/9F51KD gRM6Fc7b7hCwp5VvqFNVXfHTt6Ba+QDeGFIdNd7V3/yn80PI/PwQk2Ofe7Re5kAG udgr8zv+eoPJbYLtnpYNtGboWKZsgjGkZJNWRoTzGDirK2Kd++lFuC6dQ9ydMDPN Bs8uW7Plb1rCJt9IMsO+rxawYbdf+I4dmYGaEeR+9nV5K4c187sgD1mVpAKiFWRY NepcmZAKLbHoyPUG9eXFzc3V5at/U6yj2cmvYs2F3x9aOZZzUrVQl/MEIG9KlHRJ EuEG8diTx3aws7+6mtW+n5w0ntcWAl1kE+neC2CF3m9cYJZXgdVeLMpLol0c3SFG Py2+l8/KZENqnZbGksBe7OB4z9QqRFy2f7OZ3HgaeG5kf1G2HeaTmZeH7wTevbTX Q76KhAvVefDjWsnjH5oic/kSk0H9GlSGVnrvVSEiATs32RWfbriKsVvRzPOjkCph 2w/2q7txVRyKhjYjbs82xhVNEUxw9CIGxD01wqetXjPB2dX//xWoGBLzgaQ= =Fi/+ -----END PGP SIGNATURE-----