|
|
Subscribe / Log in / New account

Ubuntu alert USN-7755-3 (linux-aws-fips)



From:
              Giampaolo Fresi Roglia <giampaolo.fresi.roglia@canonical.com>


To:
              ubuntu-security-announce@lists.ubuntu.com


Subject:
              [USN-7755-3] Linux kernel (AWS FIPS) vulnerabilities


Date:
              Wed, 24 Sep 2025 09:33:16 +0200


Message-ID:
              <87wm5o9uf7.fsf@canonical.com>


==========================================================================
Ubuntu Security Notice USN-7755-3
September 24, 2025

linux-aws-fips vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-aws-fips: Linux kernel for Amazon Web Services (AWS) systems with FIPS

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
  - Media drivers;
  - SPI subsystem;
  - USB core drivers;
  - NILFS2 file system;
  - IPv6 networking;
  - Network traffic control;
(CVE-2025-38350, CVE-2024-47685, CVE-2024-57996, CVE-2024-53130,
CVE-2025-37752, CVE-2023-52477, CVE-2024-53131, CVE-2024-50202,
CVE-2024-27074, CVE-2024-50051)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS
  linux-image-4.15.0-2122-aws-fips  4.15.0-2122.128
                                  Available with Ubuntu Pro
  linux-image-aws-fips            4.15.0.2122.116
                                  Available with Ubuntu Pro
  linux-image-aws-fips-4.15       4.15.0.2122.116
                                  Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
  https://ubuntu.com/security/notices/USN-7755-3
  https://ubuntu.com/security/notices/USN-7755-2
  https://ubuntu.com/security/notices/USN-7755-1
  CVE-2023-52477, CVE-2024-27074, CVE-2024-47685, CVE-2024-50051,
  CVE-2024-50202, CVE-2024-53130, CVE-2024-53131, CVE-2024-57996,
  CVE-2025-37752, CVE-2025-38350

Package Information:
  https://launchpad.net/ubuntu/+source/linux-aws-fips/4.15....





Attachment: signature.asc (type=application/pgp-signature)

-----BEGIN PGP SIGNATURE-----

iQHZBAEBCgBDFiEEBcMY+nwS2CY71sUWc4vdAqvdlsYFAmjTnrwlHGdpYW1wYW9s
by5mcmVzaS5yb2dsaWFAY2Fub25pY2FsLmNvbQAKCRBzi90Cq92WxpeOC/9V5bf1
CG3xJ4ivE5I8pFRxuV8oWB1ygPvk8imWhbwaUpOErpMBToxuwCM/d2e9GmqzKXLj
Oc0GMt7M3SoJC/oh4e7EABphGIEbCcMi8p2/KdouiFxUeL1g4DFxBy3hOWzuRQIh
D8atNtseNz6bOUKcTKgv2m6K5Bp2MFWqx2EgajRjhxwIvqC3d/JRzYaxvLTc6xGN
Q2fFPheZPcikzLKwHcf3xYgxmNFeAVZGnfLs3zRmaQqSP+J073PrSGLApyOs2B5h
wfqAnyYY6XDlCNLGndf1ZOP/0Uvob6Y9VuliqMNW0JgTr84eXiCyUDpEiRH42u1G
2yn+a3ppOZ3tWtttEAHWimxV+xcN68iD/VxFDqjHjvquPVeyVnadUGiiROMsAxnI
rGRu6Eku/FTy0aWniiqXEs29FxLxoR21GR9FyKLrENK7qSrevJ8yBO5DdqmXEgEK
udDAGcasekuSSkMR59oAZP9j2iYnkXZpTHrPuiS/Wghfa3vwqCauQO0Ncs8=
=swb2
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds