Ubuntu alert USN-7988-2 (linux-aws-fips, linux-fips)
| From: | Rodrigo Figueiredo Zaiden <rodrigo.zaiden@canonical.com> | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7988-2] Linux kernel (FIPS) vulnerabilities | |
| Date: | Thu, 29 Jan 2026 20:27:42 -0300 | |
| Message-ID: | <fb671850-b493-48cd-beb1-9b84e9ffbc05@canonical.com> |
========================================================================== Ubuntu Security Notice USN-7988-2 January 29, 2026 linux-aws-fips, linux-fips vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-aws-fips: Linux kernel for Amazon Web Services (AWS) systems with FIPS - linux-fips: Linux kernel with FIPS Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - NVME drivers; - File systems infrastructure; - Timer subsystem; - Memory management; - Packet sockets; (CVE-2022-48986, CVE-2024-27078, CVE-2024-49959, CVE-2024-50195, CVE-2024-56606, CVE-2024-56756, CVE-2025-39993) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS linux-image-4.15.0-1143-fips 4.15.0-1143.155 Available with Ubuntu Pro linux-image-4.15.0-2126-aws-fips 4.15.0-2126.132 Available with Ubuntu Pro linux-image-aws-fips 4.15.0.2126.120 Available with Ubuntu Pro linux-image-aws-fips-4.15 4.15.0.2126.120 Available with Ubuntu Pro linux-image-fips 4.15.0.1143.140 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7988-2 https://ubuntu.com/security/notices/USN-7988-1 CVE-2022-48986, CVE-2024-27078, CVE-2024-49959, CVE-2024-50195, CVE-2024-56606, CVE-2024-56756, CVE-2025-39993 Package Information: https://launchpad.net/ubuntu/+source/linux-aws-fips/4.15.... https://launchpad.net/ubuntu/+source/linux-fips/4.15.0-11...
Attachment: OpenPGP_signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAml77O4FAwAAAAAACgkQZ0GeRcM5nt1I ygf+PB8JL27+Mtegz9VF+mZ16ufY07E3AbTUzJQpQRbvHZyB1L30MDLGbF8g/swHCdPOdLltTBF3 tfaPsEIFwYZGDD+SqycMJt4ljdk5lOCv1kFXv7ThJiZlkY1/eaN2jC+Fep2jbQM6f5BGqDVB4Efm DYKyJGK39iMJIFAWqv9r0c0pGIMDF/QH8F3SFn1sZLLpIXUU0ZJXF0YTddWe1aUGHO4qRDe2Fm4+ lzn4KLPzNXvzlKW1h6XhrgdEibCVTQ3NhnRkNEEXSb3Ei8mAvbAZOymvV95RLd7rOrzZbHo8ZVqo 19xbdRBAKCbeMq51uRe2plEsd3jI0rwcz53v9dEOoA== =6zeq -----END PGP SIGNATURE-----