Ubuntu alert USN-7774-3 (linux-intel-iot-realtime, linux-realtime)
| From: | Giampaolo Fresi Roglia <giampaolo.fresi.roglia@canonical.com> | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7774-3] Linux kernel (Real-time) vulnerabilities | |
| Date: | Thu, 25 Sep 2025 12:41:05 +0200 | |
| Message-ID: | <87ikh6ak72.fsf@canonical.com> |
========================================================================== Ubuntu Security Notice USN-7774-3 September 25, 2025 linux-intel-iot-realtime, linux-realtime vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-intel-iot-realtime: Linux kernel for Intel IoT Real-time platforms - linux-realtime: Linux kernel for Real-time systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - MTD block device drivers; - Network drivers; - Pin controllers subsystem; - x86 platform drivers; - PTP clock framework; - RapidIO drivers; - Voltage and Current Regulator drivers; - Remote Processor subsystem; - S/390 drivers; - SCSI subsystem; - ASPEED SoC drivers; - TCM subsystem; - Thermal drivers; - Thunderbolt and USB4 drivers; - TTY drivers; - UFS subsystem; - USB Gadget drivers; - Renesas USBHS Controller drivers; - USB Type-C support driver; - Virtio Host (VHOST) subsystem; - Backlight driver; - Framebuffer layer; - BTRFS file system; - File systems infrastructure; - Ext4 file system; - F2FS file system; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NTFS3 file system; - DRM display driver; - Memory Management; - Mellanox drivers; - Memory management; - Netfilter; - Network sockets; - IPC subsystem; - BPF subsystem; - Perf events; - Kernel exit() syscall; - Restartable seuqences system call mechanism; - Timer subsystem; - Tracing infrastructure; - Appletalk network protocol; - Asynchronous Transfer Mode (ATM) subsystem; - Networking core; - IPv6 networking; - MultiProtocol Label Switching driver; - NetLabel subsystem; - Netlink; - NFC subsystem; - Open vSwitch; - Rose network layer; - RxRPC session sockets; - Network traffic control; - TIPC protocol; - VMware vSockets driver; - USB sound devices; (CVE-2025-38399, CVE-2025-38391, CVE-2025-38412, CVE-2025-38393, CVE-2025-38163, CVE-2025-38167, CVE-2025-38319, CVE-2025-38135, CVE-2025-37963, CVE-2025-38226, CVE-2025-38147, CVE-2025-38513, CVE-2025-38161, CVE-2025-38146, CVE-2025-38352, CVE-2025-38458, CVE-2025-38444, CVE-2025-38430, CVE-2025-38418, CVE-2025-38206, CVE-2025-38160, CVE-2025-38461, CVE-2025-38465, CVE-2025-38119, CVE-2025-38459, CVE-2025-38410, CVE-2025-38111, CVE-2025-38222, CVE-2025-38313, CVE-2025-38285, CVE-2025-38067, CVE-2025-38143, CVE-2025-38200, CVE-2024-44939, CVE-2025-38219, CVE-2024-26775, CVE-2025-38090, CVE-2025-38262, CVE-2025-38332, CVE-2025-38345, CVE-2025-38337, CVE-2025-38403, CVE-2025-38085, CVE-2025-38229, CVE-2025-38540, CVE-2025-38362, CVE-2025-38384, CVE-2025-38115, CVE-2025-38136, CVE-2025-38445, CVE-2025-38424, CVE-2025-38328, CVE-2025-38389, CVE-2025-38428, CVE-2025-38516, CVE-2025-38336, CVE-2025-38184, CVE-2025-38293, CVE-2025-38346, CVE-2025-38464, CVE-2025-38251, CVE-2025-38112, CVE-2025-38194, CVE-2025-38375, CVE-2025-38466, CVE-2025-38157, CVE-2025-38457, CVE-2025-38320, CVE-2025-38406, CVE-2025-37948, CVE-2025-38145, CVE-2025-38395, CVE-2025-38218, CVE-2025-38154, CVE-2025-38401, CVE-2025-38103, CVE-2025-38088, CVE-2025-38298, CVE-2025-38108, CVE-2025-38120, CVE-2025-38086, CVE-2025-38415, CVE-2025-38443, CVE-2025-38245, CVE-2025-38400, CVE-2025-38371, CVE-2025-38084, CVE-2022-48703, CVE-2025-38237, CVE-2025-38324, CVE-2025-38515, CVE-2025-38107, CVE-2025-38448, CVE-2025-38153, CVE-2025-38342, CVE-2025-38102, CVE-2025-38173, CVE-2025-38441, CVE-2025-38138, CVE-2025-38257, CVE-2025-38386, CVE-2025-38514, CVE-2025-38363, CVE-2025-38231, CVE-2025-38159, CVE-2025-38203, CVE-2025-38344, CVE-2025-38211, CVE-2025-38286, CVE-2025-38498, CVE-2025-38312, CVE-2025-38420, CVE-2025-38212, CVE-2025-38122, CVE-2025-38542, CVE-2025-38348, CVE-2025-38263, CVE-2025-38462, CVE-2025-38204, CVE-2025-38387, CVE-2025-38439, CVE-2025-38227, CVE-2024-26726, CVE-2025-38074, CVE-2025-38174, CVE-2025-38326, CVE-2025-38310, CVE-2025-38197, CVE-2025-37958, CVE-2025-38100, CVE-2025-38305, CVE-2025-38273, CVE-2025-38181, CVE-2025-38280, CVE-2025-38377, CVE-2025-38249, CVE-2024-57883, CVE-2025-38460, CVE-2025-38467, CVE-2025-38419, CVE-2025-21888, CVE-2025-38416) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS linux-image-5.15.0-1085-intel-iot-realtime 5.15.0-1085.87 Available with Ubuntu Pro linux-image-5.15.0-1092-realtime 5.15.0-1092.101 Available with Ubuntu Pro linux-image-intel-iot-realtime 5.15.0.1085.89 Available with Ubuntu Pro linux-image-intel-iot-realtime-5.15 5.15.0.1085.89 Available with Ubuntu Pro linux-image-realtime 5.15.0.1092.96 Available with Ubuntu Pro linux-image-realtime-5.15 5.15.0.1092.96 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7774-3 https://ubuntu.com/security/notices/USN-7774-2 https://ubuntu.com/security/notices/USN-7774-1 CVE-2022-48703, CVE-2024-26726, CVE-2024-26775, CVE-2024-44939, CVE-2024-57883, CVE-2025-21888, CVE-2025-37948, CVE-2025-37958, CVE-2025-37963, CVE-2025-38067, CVE-2025-38074, CVE-2025-38084, CVE-2025-38085, CVE-2025-38086, CVE-2025-38088, CVE-2025-38090, CVE-2025-38100, CVE-2025-38102, CVE-2025-38103, CVE-2025-38107, CVE-2025-38108, CVE-2025-38111, CVE-2025-38112, CVE-2025-38115, CVE-2025-38119, CVE-2025-38120, CVE-2025-38122, CVE-2025-38135, CVE-2025-38136, CVE-2025-38138, CVE-2025-38143, CVE-2025-38145, CVE-2025-38146, CVE-2025-38147, CVE-2025-38153, CVE-2025-38154, CVE-2025-38157, CVE-2025-38159, CVE-2025-38160, CVE-2025-38161, CVE-2025-38163, CVE-2025-38167, CVE-2025-38173, CVE-2025-38174, CVE-2025-38181, CVE-2025-38184, CVE-2025-38194, CVE-2025-38197, CVE-2025-38200, CVE-2025-38203, CVE-2025-38204, CVE-2025-38206, CVE-2025-38211, CVE-2025-38212, CVE-2025-38218, CVE-2025-38219, CVE-2025-38222, CVE-2025-38226, CVE-2025-38227, CVE-2025-38229, CVE-2025-38231, CVE-2025-38237, CVE-2025-38245, CVE-2025-38249, CVE-2025-38251, CVE-2025-38257, CVE-2025-38262, CVE-2025-38263, CVE-2025-38273, CVE-2025-38280, CVE-2025-38285, CVE-2025-38286, CVE-2025-38293, CVE-2025-38298, CVE-2025-38305, CVE-2025-38310, CVE-2025-38312, CVE-2025-38313, CVE-2025-38319, CVE-2025-38320, CVE-2025-38324, CVE-2025-38326, CVE-2025-38328, CVE-2025-38332, CVE-2025-38336, CVE-2025-38337, CVE-2025-38342, CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38348, CVE-2025-38352, CVE-2025-38362, CVE-2025-38363, CVE-2025-38371, CVE-2025-38375, CVE-2025-38377, CVE-2025-38384, CVE-2025-38386, CVE-2025-38387, CVE-2025-38389, CVE-2025-38391, CVE-2025-38393, CVE-2025-38395, CVE-2025-38399, CVE-2025-38400, CVE-2025-38401, CVE-2025-38403, CVE-2025-38406, CVE-2025-38410, CVE-2025-38412, CVE-2025-38415, CVE-2025-38416, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420, CVE-2025-38424, CVE-2025-38428, CVE-2025-38430, CVE-2025-38439, CVE-2025-38441, CVE-2025-38443, CVE-2025-38444, CVE-2025-38445, CVE-2025-38448, CVE-2025-38457, CVE-2025-38458, CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466, CVE-2025-38467, CVE-2025-38498, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515, CVE-2025-38516, CVE-2025-38540, CVE-2025-38542 Package Information: https://launchpad.net/ubuntu/+source/linux-intel-iot-real... https://launchpad.net/ubuntu/+source/linux-realtime/5.15....
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQHZBAEBCgBDFiEEBcMY+nwS2CY71sUWc4vdAqvdlsYFAmjVHEElHGdpYW1wYW9s by5mcmVzaS5yb2dsaWFAY2Fub25pY2FsLmNvbQAKCRBzi90Cq92WxtZ5C/96AsO0 RFbUy53KWx5VwoXlcSbhG+c5tmdyGlZiH1WPP1gCFRoAes2HWIjW1jwiy8JUNPTT 0/GiMP5kUVy99Al9l5MrCBLkAdVZ9sX/XWsRjRv4SyrGdS1WMODINEKz1IvKOGwf 7cGJ93N3JRN55CQmzs4hJczfGyXGrhfGJ5jInHZE9lao/7gkJNGuf7uvCHPuNb1/ A6Y3A/jjHlBqhYoIAickA6B/UdZ8KUKbeMUHKkylfUbQQ+36hvtOies03s6z4Rmx jsDp3/7QgoL3YbBKWzdyBqQwKWEVQZaKlYqqoyhjZ0nrva9/+btKBw07nnaPzzXM sCcvS1lFX7svq+VNwJoZgoxyFOf4nbFGPHOnmka+acsEq642iwgWVw7lWyRgSCFy 8QTgiCc/UQoHUTBJ8ydDtkxzmVnJF2qGV0ZhKUf5Ga9Sam4PbejMrNXD2ekSF4zY TwlFErbAhZafuu4Ll46FPJWaFJLihtVzrrmSW9ZYvaa5shmq0cX3ggur4Fw= =S30g -----END PGP SIGNATURE-----