Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2025-21683 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpf_sk_select_reuseport() memory leak As pointed out in the original c | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2025-21681 | In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix lockup on tx to unregistering netdev with carrier Commit in a | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2025-21680 | In the Linux kernel, the following vulnerability has been resolved: pktgen: Avoid out-of-bounds access in get_imix_entries Passing a sufficient amo | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2025-21678 | In the Linux kernel, the following vulnerability has been resolved: gtp: Destroy device along with udp socket's netns dismantle. gtp_newlink() link | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2025-21676 | In the Linux kernel, the following vulnerability has been resolved: net: fec: handle page_pool_dev_alloc_pages error The fec_enet_update_cbd functi | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2025-21675 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Clear port select structure when fail to create Clear the port select | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2025-21674 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel Attempt | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2025-21697 | In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Ensure job pointer is set to NULL after job completion After a job com | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2025-21673 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double free of TCP_Server_Info::hostname When shutting down th | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2024-57948 | In the Linux kernel, the following vulnerability has been resolved: mac802154: check local interfaces before deleting sdata list syzkaller reported | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2025-21667 | In the Linux kernel, the following vulnerability has been resolved: iomap: avoid avoid truncating 64-bit offset to 32 bits on 32-bit kernels, iomap | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2025-21670 | In the Linux kernel, the following vulnerability has been resolved: vsock/bpf: return early if transport is not assigned Some of the core functions | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2025-21669 | In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: discard packets if the transport changes If the socket has been d | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2025-21666 | In the Linux kernel, the following vulnerability has been resolved: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] Recent reports hav | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2025-21665 | In the Linux kernel, the following vulnerability has been resolved: filemap: avoid truncating 64-bit offset to 32 bits On 32-bit kernels, folio_see | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2025-21694 | In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix softlockup in __read_vmcore (part 2) Since commit 5cbcb62dddf5 ("f | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2025-21668 | In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: add missing loop break condition Currently imx8mp_bl | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2024-57949 | In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Don't enable interrupts in its_irq_set_vcpu_affinity() The | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2024-57951 | In the Linux kernel, the following vulnerability has been resolved: hrtimers: Handle CPU state correctly on hotplug Consider a scenario where a CPU | linux linux linux-hwe-6.8 linux-gcp-6.8 |
| CVE | CVE-2025-21682 | In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: always recalculate features after XDP clearing, fix null-deref Recal | linux linux linux-hwe-6.8 linux-gcp-6.8 |
About
-
Send Feedback to @ubuntu_updates
