Ubuntu alert USN-8279-3 (linux-nvidia-tegra-igx)

From:
             
 
Rodrigo Figueiredo Zaiden <rodrigo.zaiden@canonical.com>
To:
             
 
ubuntu-security-announce@lists.ubuntu.com
Subject:
             
 
[USN-8279-3] Linux kernel (NVIDIA Tegra IGX) vulnerabilities
Date:
             
 
Mon, 25 May 2026 19:56:28 -0300
Message-ID:
             
 
<fa664655-f46b-446a-80b4-cf5a3cda130e@canonical.com>
==========================================================================
Ubuntu Security Notice USN-8279-3
May 25, 2026

linux-nvidia-tegra-igx vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-nvidia-tegra-igx: Linux kernel for NVIDIA Tegra IGX systems

Details:

It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
   - Cryptographic API;
   - Ethernet bonding driver;
   - SMB network file system;
   - Netfilter;
   - io_uring subsystem;
   - Packet sockets;
   - TLS protocol;
(CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351,
CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033,
CVE-2026-43077, CVE-2026-43078)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
   linux-image-5.15.0-1049-nvidia-tegra-igx  5.15.0-1049.49
   linux-image-5.15.0-1049-nvidia-tegra-igx-rt  5.15.0-1049.49
   linux-image-nvidia-tegra-igx    5.15.0.1049.51
   linux-image-nvidia-tegra-igx-5.15  5.15.0.1049.51
   linux-image-nvidia-tegra-igx-rt  5.15.0.1049.51
   linux-image-nvidia-tegra-igx-rt-5.15  5.15.0.1049.51

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
   https://ubuntu.com/security/notices/USN-8279-3
   https://ubuntu.com/security/notices/USN-8279-2
   https://ubuntu.com/security/notices/USN-8279-1
   CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351,
   CVE-2026-31419, CVE-2026-31431, CVE-2026-31504, CVE-2026-31533,
   CVE-2026-43033, CVE-2026-43077, CVE-2026-43078

Package Information:
   https://launchpad.net/ubuntu/+source/linux-nvidia-tegra-i...



Attachment: OpenPGP_signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE-----

wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmoU05wFAwAAAAAACgkQZ0GeRcM5nt0e
OAf+KN2u9pPdAHri+NfdJGiHt0o2Ri6mP88gIe7CG0atEt/lIwLFjjeuctpvA5Kbe4gQE9q+FV3f
Z/E3FCQcPepjEpKLq2AhpBZkRSDabxpq7k0o126/1oUENoaZcmkXmYy4pTY/7dEA+EBjkOt2xcaP
qn7ILkGahk7Nh0O2ESBydjcUMlRmXDno11t8plD78hKOh8GII955TBgG6lQLTr/2yl6SaLw9/q5Z
gdYFaQHtKNEm8bE5T2jVquuL2SVbcD/JFHk/CT2oltpku6NhLqlijBGO9T0PZjTF6G9l2E83xNoT
QrKOlAuG8512sY2gyDWk9J4VGyLP0BqAnGqErKtv4w==
=96aO
-----END PGP SIGNATURE-----