Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2025-39952 | In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: avoid buffer overflow in WID string configuration Fix the follo | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-39957 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: increase scan_ies_len for S1G Currently the S1G capability elem | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-39953 | In the Linux kernel, the following vulnerability has been resolved: cgroup: split cgroup_destroy_wq into 3 workqueues A hung task can occur during | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-39951 | In the Linux kernel, the following vulnerability has been resolved: um: virtio_uml: Fix use-after-free after put_device in probe When register_virt | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-39949 | In the Linux kernel, the following vulnerability has been resolved: qed: Don't collect too many protection override GRC elements In the protection | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-39947 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Harden uplink netdev access against device unbind The function mlx5_ | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-39955 | In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). syzbot reported the sp | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-39945 | In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnic_delete_task The original code uses cancel | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-39944 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() The original code r | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-39943 | In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_ | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-39942 | In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: verify remaining_data_length respects max_fragmented_recv_size | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-39938 | In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph faile | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-39937 | In the Linux kernel, the following vulnerability has been resolved: net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer Since | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-39934 | In the Linux kernel, the following vulnerability has been resolved: drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ If the interr | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-39931 | In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Set merge to zero early in af_alg_sendmsg If an error causes a | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-39929 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path During t | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-22106 | In the Linux kernel, the following vulnerability has been resolved: vmxnet3: unregister xdp rxq info in the reset path vmxnet3 does not unregister | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-39961 | In the Linux kernel, the following vulnerability has been resolved: iommu/amd/pgtbl: Fix possible race while increase page table level The AMD IOMM | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-39950 | In the Linux kernel, the following vulnerability has been resolved: net/tcp: Fix a NULL pointer dereference when using TCP-AO with TCP_REPAIR A NUL | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-39948 | In the Linux kernel, the following vulnerability has been resolved: ice: fix Rx page leak on multi-buffer frames The ice_put_rx_mbuf() function han | linux linux linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
About
-
Send Feedback to @ubuntu_updates
