Ubuntu alert USN-7769-1 (linux, linux-aws, linux-gcp, linux-gcp-6.14, linux-oracle, linux-realtime, linux-riscv, linux-riscv-6.14)

From:
             
 
Giampaolo Fresi Roglia <giampaolo.fresi.roglia@canonical.com>
To:
             
 
ubuntu-security-announce@lists.ubuntu.com
Subject:
             
 
[USN-7769-1] Linux kernel vulnerabilities
Date:
             
 
Wed, 24 Sep 2025 15:22:21 +0200
Message-ID:
             
 
<87ikh89e9e.fsf@canonical.com>
==========================================================================
Ubuntu Security Notice USN-7769-1
September 24, 2025

linux, linux-aws, linux-gcp, linux-gcp-6.14, linux-oracle, linux-realtime,
linux-riscv, linux-riscv-6.14 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04
- Ubuntu 24.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-realtime: Linux kernel for Real-time systems
- linux-riscv: Linux kernel for RISC-V systems
- linux-gcp-6.14: Linux kernel for Google Cloud Platform (GCP) systems
- linux-riscv-6.14: Linux kernel for RISC-V systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
  - ARM64 architecture;
  - PowerPC architecture;
  - x86 architecture;
  - Block layer subsystem;
  - Cryptographic API;
  - ACPI drivers;
  - Android drivers;
  - Bluetooth drivers;
  - Bus devices;
  - Clock framework and drivers;
  - CPU frequency scaling framework;
  - Hardware crypto device drivers;
  - DMA engine subsystem;
  - EDAC drivers;
  - Arm Firmware Framework for ARMv8-A(FFA);
  - FPGA Framework;
  - GPIO subsystem;
  - GPU drivers;
  - HID subsystem;
  - Hardware monitoring drivers;
  - HW tracing;
  - InfiniBand drivers;
  - IOMMU subsystem;
  - Multiple devices driver;
  - Media drivers;
  - VMware VMCI Driver;
  - MTD block device drivers;
  - Network drivers;
  - Mellanox network drivers;
  - STMicroelectronics network drivers;
  - NVDIMM (Non-Volatile Memory Device) drivers;
  - NVME drivers;
  - NVMEM (Non Volatile Memory) drivers;
  - PCI subsystem;
  - Amlogic Meson DDR PMU;
  - NI-700 PMU driver;
  - PHY drivers;
  - Pin controllers subsystem;
  - x86 platform drivers;
  - PTP clock framework;
  - SCSI subsystem;
  - ASPEED SoC drivers;
  - SPI subsystem;
  - TCM subsystem;
  - Thunderbolt and USB4 drivers;
  - TTY drivers;
  - UFS subsystem;
  - USB core drivers;
  - USB Gadget drivers;
  - Renesas USBHS Controller drivers;
  - USB Type-C Port Controller Manager driver;
  - VFIO drivers;
  - Virtio Host (VHOST) subsystem;
  - Backlight driver;
  - Framebuffer layer;
  - Virtio drivers;
  - BTRFS file system;
  - EROFS file system;
  - F2FS file system;
  - File systems infrastructure;
  - Network file systems library;
  - NTFS3 file system;
  - SMB network file system;
  - Codetag library;
  - BPF subsystem;
  - LZO compression library;
  - Mellanox drivers;
  - IPv4 networking;
  - Bluetooth subsystem;
  - Network sockets;
  - XFRM subsystem;
  - Digital Audio (PCM) driver;
  - Tracing infrastructure;
  - io_uring subsystem;
  - Padata parallel execution mechanism;
  - DVFS energy model driver;
  - Restartable seuqences system call mechanism;
  - Timer subsystem;
  - Memory management;
  - KASAN memory debugging framework;
  - CAN network layer;
  - Networking core;
  - IPv6 networking;
  - Netfilter;
  - NetLabel subsystem;
  - Open vSwitch;
  - Network traffic control;
  - TIPC protocol;
  - TLS protocol;
  - ALSA framework;
  - sma1307 audio codecs;
  - Intel ASoC drivers;
  - MediaTek ASoC drivers;
  - USB sound devices;
(CVE-2025-38122, CVE-2025-38119, CVE-2025-38071, CVE-2025-38310,
CVE-2025-38166, CVE-2025-38055, CVE-2025-38292, CVE-2025-38078,
CVE-2025-38134, CVE-2025-38063, CVE-2025-38282, CVE-2025-38059,
CVE-2025-38112, CVE-2025-38082, CVE-2025-38296, CVE-2025-38126,
CVE-2025-38136, CVE-2025-38075, CVE-2025-38042, CVE-2025-38113,
CVE-2025-38003, CVE-2025-38318, CVE-2025-38156, CVE-2025-38290,
CVE-2025-38102, CVE-2025-38076, CVE-2025-38097, CVE-2025-38313,
CVE-2025-38298, CVE-2025-38300, CVE-2025-38169, CVE-2025-38131,
CVE-2025-38301, CVE-2025-38050, CVE-2025-38139, CVE-2025-38305,
CVE-2025-38317, CVE-2025-38045, CVE-2025-38040, CVE-2025-38279,
CVE-2025-38123, CVE-2025-38074, CVE-2025-38111, CVE-2025-38117,
CVE-2025-38069, CVE-2025-38035, CVE-2025-38128, CVE-2025-38277,
CVE-2025-38061, CVE-2025-38306, CVE-2025-38051, CVE-2025-38124,
CVE-2025-38291, CVE-2025-38130, CVE-2025-38319, CVE-2025-38272,
CVE-2025-38175, CVE-2025-38176, CVE-2025-38070, CVE-2025-38032,
CVE-2025-38151, CVE-2025-38107, CVE-2025-38103, CVE-2025-38274,
CVE-2025-38163, CVE-2025-38293, CVE-2025-38064, CVE-2025-38498,
CVE-2025-38039, CVE-2025-38173, CVE-2025-38038, CVE-2025-38135,
CVE-2025-38149, CVE-2025-38142, CVE-2025-38414, CVE-2025-38120,
CVE-2025-38106, CVE-2025-38092, CVE-2025-38091, CVE-2025-38415,
CVE-2025-38294, CVE-2025-38043, CVE-2025-38147, CVE-2025-38037,
CVE-2025-38108, CVE-2025-38088, CVE-2025-38316, CVE-2025-38312,
CVE-2025-38352, CVE-2025-38115, CVE-2025-38161, CVE-2025-38036,
CVE-2025-38275, CVE-2025-38098, CVE-2025-38132, CVE-2025-38146,
CVE-2025-38288, CVE-2025-38143, CVE-2025-38278, CVE-2025-38155,
CVE-2025-38047, CVE-2025-38160, CVE-2025-38053, CVE-2025-38072,
CVE-2025-38140, CVE-2025-38141, CVE-2025-38068, CVE-2025-38058,
CVE-2025-38062, CVE-2025-38303, CVE-2025-38164, CVE-2025-38101,
CVE-2025-38145, CVE-2025-38105, CVE-2025-38295, CVE-2025-38284,
CVE-2025-38137, CVE-2025-38073, CVE-2025-38269, CVE-2025-38118,
CVE-2025-38165, CVE-2025-38162, CVE-2025-38170, CVE-2025-38114,
CVE-2025-38066, CVE-2025-38116, CVE-2025-38315, CVE-2025-38153,
CVE-2025-38031, CVE-2025-38041, CVE-2025-38168, CVE-2025-38499,
CVE-2025-38048, CVE-2025-38158, CVE-2025-38060, CVE-2025-38299,
CVE-2025-38286, CVE-2025-38125, CVE-2025-38297, CVE-2025-38270,
CVE-2025-38044, CVE-2025-38080, CVE-2025-38096, CVE-2025-38314,
CVE-2025-38307, CVE-2025-38174, CVE-2025-38267, CVE-2025-38304,
CVE-2025-38057, CVE-2025-38065, CVE-2025-38311, CVE-2025-38302,
CVE-2025-38138, CVE-2025-38033, CVE-2025-38079, CVE-2025-38280,
CVE-2025-38109, CVE-2025-38287, CVE-2025-38159, CVE-2025-38289,
CVE-2025-38283, CVE-2025-38081, CVE-2025-38172, CVE-2025-38148,
CVE-2025-38285, CVE-2025-38034, CVE-2025-38154, CVE-2025-38077,
CVE-2025-38054, CVE-2025-38029, CVE-2025-38127, CVE-2025-38281,
CVE-2025-38100, CVE-2025-38129, CVE-2025-38004, CVE-2025-38099,
CVE-2025-38157, CVE-2025-38067, CVE-2025-38265, CVE-2025-38052,
CVE-2025-38110, CVE-2025-38268, CVE-2025-38167)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
  linux-image-6.14.0-1012-realtime  6.14.0-1012.12
                                  Available with Ubuntu Pro
  linux-image-6.14.0-1013-aws     6.14.0-1013.13
  linux-image-6.14.0-1013-aws-64k  6.14.0-1013.13
  linux-image-6.14.0-1013-oracle  6.14.0-1013.13
  linux-image-6.14.0-1013-oracle-64k  6.14.0-1013.13
  linux-image-6.14.0-1016-gcp     6.14.0-1016.17
  linux-image-6.14.0-1016-gcp-64k  6.14.0-1016.17
  linux-image-6.14.0-32-generic   6.14.0-32.32
  linux-image-6.14.0-32-generic-64k  6.14.0-32.32
  linux-image-aws                 6.14.0-1013.13
  linux-image-aws-6.14            6.14.0-1013.13
  linux-image-aws-64k             6.14.0-1013.13
  linux-image-aws-64k-6.14        6.14.0-1013.13
  linux-image-gcp                 6.14.0-1016.17
  linux-image-gcp-6.14            6.14.0-1016.17
  linux-image-gcp-64k             6.14.0-1016.17
  linux-image-gcp-64k-6.14        6.14.0-1016.17
  linux-image-generic             6.14.0-32.32.1
  linux-image-generic-6.14        6.14.0-32.32.1
  linux-image-generic-64k         6.14.0-32.32
  linux-image-generic-64k-6.14    6.14.0-32.32
  linux-image-oracle              6.14.0-1013.13
  linux-image-oracle-6.14         6.14.0-1013.13
  linux-image-oracle-64k          6.14.0-1013.13
  linux-image-oracle-64k-6.14     6.14.0-1013.13
  linux-image-realtime            6.14.0-1012.12
                                  Available with Ubuntu Pro
  linux-image-realtime-6.14       6.14.0-1012.12
                                  Available with Ubuntu Pro
  linux-image-virtual             6.14.0-32.32.1
  linux-image-virtual-6.14        6.14.0-32.32.1

Ubuntu 24.04 LTS
  linux-image-6.14.0-1016-gcp     6.14.0-1016.17~24.04.1
  linux-image-6.14.0-1016-gcp-64k  6.14.0-1016.17~24.04.1
  linux-image-6.14.0-32-generic   6.14.0-32.32.1~24.04.1
  linux-image-gcp                 6.14.0-1016.17~24.04.1
  linux-image-gcp-6.14            6.14.0-1016.17~24.04.1
  linux-image-gcp-64k             6.14.0-1016.17~24.04.1
  linux-image-gcp-64k-6.14        6.14.0-1016.17~24.04.1
  linux-image-generic             6.14.0-32.32.1~24.04.1
  linux-image-generic-6.14        6.14.0-32.32.1~24.04.1
  linux-image-virtual             6.14.0-32.32.1~24.04.1
  linux-image-virtual-6.14        6.14.0-32.32.1~24.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
  https://ubuntu.com/security/notices/USN-7769-1
  CVE-2025-38003, CVE-2025-38004, CVE-2025-38029, CVE-2025-38031,
  CVE-2025-38032, CVE-2025-38033, CVE-2025-38034, CVE-2025-38035,
  CVE-2025-38036, CVE-2025-38037, CVE-2025-38038, CVE-2025-38039,
  CVE-2025-38040, CVE-2025-38041, CVE-2025-38042, CVE-2025-38043,
  CVE-2025-38044, CVE-2025-38045, CVE-2025-38047, CVE-2025-38048,
  CVE-2025-38050, CVE-2025-38051, CVE-2025-38052, CVE-2025-38053,
  CVE-2025-38054, CVE-2025-38055, CVE-2025-38057, CVE-2025-38058,
  CVE-2025-38059, CVE-2025-38060, CVE-2025-38061, CVE-2025-38062,
  CVE-2025-38063, CVE-2025-38064, CVE-2025-38065, CVE-2025-38066,
  CVE-2025-38067, CVE-2025-38068, CVE-2025-38069, CVE-2025-38070,
  CVE-2025-38071, CVE-2025-38072, CVE-2025-38073, CVE-2025-38074,
  CVE-2025-38075, CVE-2025-38076, CVE-2025-38077, CVE-2025-38078,
  CVE-2025-38079, CVE-2025-38080, CVE-2025-38081, CVE-2025-38082,
  CVE-2025-38088, CVE-2025-38091, CVE-2025-38092, CVE-2025-38096,
  CVE-2025-38097, CVE-2025-38098, CVE-2025-38099, CVE-2025-38100,
  CVE-2025-38101, CVE-2025-38102, CVE-2025-38103, CVE-2025-38105,
  CVE-2025-38106, CVE-2025-38107, CVE-2025-38108, CVE-2025-38109,
  CVE-2025-38110, CVE-2025-38111, CVE-2025-38112, CVE-2025-38113,
  CVE-2025-38114, CVE-2025-38115, CVE-2025-38116, CVE-2025-38117,
  CVE-2025-38118, CVE-2025-38119, CVE-2025-38120, CVE-2025-38122,
  CVE-2025-38123, CVE-2025-38124, CVE-2025-38125, CVE-2025-38126,
  CVE-2025-38127, CVE-2025-38128, CVE-2025-38129, CVE-2025-38130,
  CVE-2025-38131, CVE-2025-38132, CVE-2025-38134, CVE-2025-38135,
  CVE-2025-38136, CVE-2025-38137, CVE-2025-38138, CVE-2025-38139,
  CVE-2025-38140, CVE-2025-38141, CVE-2025-38142, CVE-2025-38143,
  CVE-2025-38145, CVE-2025-38146, CVE-2025-38147, CVE-2025-38148,
  CVE-2025-38149, CVE-2025-38151, CVE-2025-38153, CVE-2025-38154,
  CVE-2025-38155, CVE-2025-38156, CVE-2025-38157, CVE-2025-38158,
  CVE-2025-38159, CVE-2025-38160, CVE-2025-38161, CVE-2025-38162,
  CVE-2025-38163, CVE-2025-38164, CVE-2025-38165, CVE-2025-38166,
  CVE-2025-38167, CVE-2025-38168, CVE-2025-38169, CVE-2025-38170,
  CVE-2025-38172, CVE-2025-38173, CVE-2025-38174, CVE-2025-38175,
  CVE-2025-38176, CVE-2025-38265, CVE-2025-38267, CVE-2025-38268,
  CVE-2025-38269, CVE-2025-38270, CVE-2025-38272, CVE-2025-38274,
  CVE-2025-38275, CVE-2025-38277, CVE-2025-38278, CVE-2025-38279,
  CVE-2025-38280, CVE-2025-38281, CVE-2025-38282, CVE-2025-38283,
  CVE-2025-38284, CVE-2025-38285, CVE-2025-38286, CVE-2025-38287,
  CVE-2025-38288, CVE-2025-38289, CVE-2025-38290, CVE-2025-38291,
  CVE-2025-38292, CVE-2025-38293, CVE-2025-38294, CVE-2025-38295,
  CVE-2025-38296, CVE-2025-38297, CVE-2025-38298, CVE-2025-38299,
  CVE-2025-38300, CVE-2025-38301, CVE-2025-38302, CVE-2025-38303,
  CVE-2025-38304, CVE-2025-38305, CVE-2025-38306, CVE-2025-38307,
  CVE-2025-38310, CVE-2025-38311, CVE-2025-38312, CVE-2025-38313,
  CVE-2025-38314, CVE-2025-38315, CVE-2025-38316, CVE-2025-38317,
  CVE-2025-38318, CVE-2025-38319, CVE-2025-38352, CVE-2025-38414,
  CVE-2025-38415, CVE-2025-38498, CVE-2025-38499

Package Information:
  https://launchpad.net/ubuntu/+source/linux/6.14.0-32.32
  https://launchpad.net/ubuntu/+source/linux-aws/6.14.0-101...
  https://launchpad.net/ubuntu/+source/linux-gcp/6.14.0-101...
  https://launchpad.net/ubuntu/+source/linux-oracle/6.14.0-...
  https://launchpad.net/ubuntu/+source/linux-realtime/6.14....
  https://launchpad.net/ubuntu/+source/linux-riscv/6.14.0-3...
  https://launchpad.net/ubuntu/+source/linux-gcp-6.14/6.14....
  https://launchpad.net/ubuntu/+source/linux-riscv-6.14/6.1...



Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE-----

iQHZBAEBCgBDFiEEBcMY+nwS2CY71sUWc4vdAqvdlsYFAmjT8I0lHGdpYW1wYW9s
by5mcmVzaS5yb2dsaWFAY2Fub25pY2FsLmNvbQAKCRBzi90Cq92Wxv8qC/sG6ZZy
VtjeJXz4pfucPhVVIEPG87N1930FK5TS5PjJe0AXIbwcHilTBVLLGod5mKk7ETlp
1RH/tNPi/FCNVMkLunM+u8qEGtXKoh4otWDtEiJN3+/qhcgKXEgZh161XL2ME/mC
23H6ctVwQP/o7bIQtmDROCP9AarEshhwaGfoEO8Q9R2BNdy26YAjoyDxYHRIj/ys
L1raBlWBK1/99zKyPmAxt4UuyjO+hi5bGN+DH3V1STSqAnTbfAYH82FkpLsVU80q
0epXpbYVyKDGD/xnGyqNCAjRiPYqH9RNzxxR6F2UysJLqPq1yTkSmBkehJxg4SpV
LTVuP4HYEWWeJLbVmmrfXFYVB5YsK1NkoNetnEJci7zEtEa8I7/FiuA4Kh3DrEwd
WLtbpeFA9JxkqPgAwSsoe2WdOYzlz44k606nPzUsdcIu32eP6QI+5QDoBsaBVDPs
ryvPnqswl8tZPwHpvOKHQBJsETTVfhI0a+Q/S4agwbn8uYe6GMnnEXtRHh4=
=F9UI
-----END PGP SIGNATURE-----