ubuntu jammy v1.990

Metadata:

BOSH Agent Version: 2.784.0
Kernel Version: 5.15.0.161.157

USNs:

Title: USN-7852-1 -- libxml2 vulnerability
URL: https://ubuntu.com/security/notices/USN-7852-1
Priorities: medium
Description:
It was discovered that libxslt, used by libxml2, incorrectly handled certain attributes. An attacker could use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. This update adds a fix to libxml2 to mitigate the libxslt vulnerability. Update Instructions: Run sudo pro fix USN-7852-1 to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxml2 - 2.9.13+dfsg-1ubuntu0.10 libxml2-dev - 2.9.13+dfsg-1ubuntu0.10 libxml2-doc - 2.9.13+dfsg-1ubuntu0.10 libxml2-utils - 2.9.13+dfsg-1ubuntu0.10 python3-libxml2 - 2.9.13+dfsg-1ubuntu0.10 No subscription required
CVEs:

• https://ubuntu.com/security/CVE-2025-7425

Title: USN-7862-1 -- Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-7862-1
Priorities: high
Description:
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this to expose sensitive information from the host OS. Update Instructions: Run sudo pro fix USN-7862-1 to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1079-gkeop - 5.15.0-1079.87 linux-cloud-tools-5.15.0-1079-gkeop - 5.15.0-1079.87 linux-gkeop-cloud-tools-5.15.0-1079 - 5.15.0-1079.87 linux-gkeop-headers-5.15.0-1079 - 5.15.0-1079.87 linux-gkeop-tools-5.15.0-1079 - 5.15.0-1079.87 linux-headers-5.15.0-1079-gkeop - 5.15.0-1079.87 linux-image-5.15.0-1079-gkeop - 5.15.0-1079.87 linux-image-unsigned-5.15.0-1079-gkeop - 5.15.0-1079.87 linux-modules-5.15.0-1079-gkeop - 5.15.0-1079.87 linux-modules-extra-5.15.0-1079-gkeop - 5.15.0-1079.87 linux-tools-5.15.0-1079-gkeop - 5.15.0-1079.87 No subscription required linux-buildinfo-5.15.0-1090-ibm - 5.15.0-1090.93 linux-headers-5.15.0-1090-ibm - 5.15.0-1090.93 linux-ibm-cloud-tools-common - 5.15.0-1090.93 linux-ibm-headers-5.15.0-1090 - 5.15.0-1090.93 linux-ibm-source-5.15.0 - 5.15.0-1090.93 linux-ibm-tools-5.15.0-1090 - 5.15.0-1090.93 linux-ibm-tools-common - 5.15.0-1090.93 linux-image-5.15.0-1090-ibm - 5.15.0-1090.93 linux-image-unsigned-5.15.0-1090-ibm - 5.15.0-1090.93 linux-modules-5.15.0-1090-ibm - 5.15.0-1090.93 linux-modules-extra-5.15.0-1090-ibm - 5.15.0-1090.93 linux-tools-5.15.0-1090-ibm - 5.15.0-1090.93 No subscription required linux-buildinfo-5.15.0-1091-nvidia - 5.15.0-1091.92 linux-buildinfo-5.15.0-1091-nvidia-lowlatency - 5.15.0-1091.92 linux-cloud-tools-5.15.0-1091-nvidia - 5.15.0-1091.92 linux-cloud-tools-5.15.0-1091-nvidia-lowlatency - 5.15.0-1091.92 linux-headers-5.15.0-1091-nvidia - 5.15.0-1091.92 linux-headers-5.15.0-1091-nvidia-lowlatency - 5.15.0-1091.92 linux-image-5.15.0-1091-nvidia - 5.15.0-1091.92 linux-image-5.15.0-1091-nvidia-lowlatency - 5.15.0-1091.92 linux-image-unsigned-5.15.0-1091-nvidia - 5.15.0-1091.92 linux-image-unsigned-5.15.0-1091-nvidia-lowlatency - 5.15.0-1091.92 linux-modules-5.15.0-1091-nvidia - 5.15.0-1091.92 linux-modules-5.15.0-1091-nvidia-lowlatency - 5.15.0-1091.92 linux-modules-extra-5.15.0-1091-nvidia - 5.15.0-1091.92 linux-modules-nvidia-fs-5.15.0-1091-nvidia - 5.15.0-1091.92 linux-modules-nvidia-fs-5.15.0-1091-nvidia-lowlatency - 5.15.0-1091.92 linux-nvidia-cloud-tools-5.15.0-1091 - 5.15.0-1091.92 linux-nvidia-cloud-tools-common - 5.15.0-1091.92 linux-nvidia-headers-5.15.0-1091 - 5.15.0-1091.92 linux-nvidia-tools-5.15.0-1091 - 5.15.0-1091.92 linux-nvidia-tools-common - 5.15.0-1091.92 linux-nvidia-tools-host - 5.15.0-1091.92 linux-tools-5.15.0-1091-nvidia - 5.15.0-1091.92 linux-tools-5.15.0-1091-nvidia-lowlatency - 5.15.0-1091.92 No subscription required linux-buildinfo-5.15.0-1091-intel-iotg - 5.15.0-1091.97 linux-cloud-tools-5.15.0-1091-intel-iotg - 5.15.0-1091.97 linux-headers-5.15.0-1091-intel-iotg - 5.15.0-1091.97 linux-image-5.15.0-1091-intel-iotg - 5.15.0-1091.97 linux-image-unsigned-5.15.0-1091-intel-iotg - 5.15.0-1091.97 linux-intel-iotg-cloud-tools-5.15.0-1091 - 5.15.0-1091.97 linux-intel-iotg-cloud-tools-common - 5.15.0-1091.97 linux-intel-iotg-headers-5.15.0-1091 - 5.15.0-1091.97 linux-intel-iotg-tools-5.15.0-1091 - 5.15.0-1091.97 linux-intel-iotg-tools-common - 5.15.0-1091.97 linux-intel-iotg-tools-host - 5.15.0-1091.97 linux-modules-5.15.0-1091-intel-iotg - 5.15.0-1091.97 linux-modules-extra-5.15.0-1091-intel-iotg - 5.15.0-1091.97 linux-modules-iwlwifi-5.15.0-1091-intel-iotg - 5.15.0-1091.97 linux-tools-5.15.0-1091-intel-iotg - 5.15.0-1091.97 No subscription required linux-buildinfo-5.15.0-1092-gke - 5.15.0-1092.98 linux-gke-headers-5.15.0-1092 - 5.15.0-1092.98 linux-gke-tools-5.15.0-1092 - 5.15.0-1092.98 linux-headers-5.15.0-1092-gke - 5.15.0-1092.98 linux-image-5.15.0-1092-gke - 5.15.0-1092.98 linux-image-unsigned-5.15.0-1092-gke - 5.15.0-1092.98 linux-modules-5.15.0-1092-gke - 5.15.0-1092.98 linux-modules-extra-5.15.0-1092-gke - 5.15.0-1092.98 linux-tools-5.15.0-1092-gke - 5.15.0-1092.98 No subscription required linux-buildinfo-5.15.0-1093-oracle - 5.15.0-1093.99 linux-headers-5.15.0-1093-oracle - 5.15.0-1093.99 linux-image-5.15.0-1093-oracle - 5.15.0-1093.99 linux-image-unsigned-5.15.0-1093-oracle - 5.15.0-1093.99 linux-modules-5.15.0-1093-oracle - 5.15.0-1093.99 linux-modules-extra-5.15.0-1093-oracle - 5.15.0-1093.99 linux-oracle-headers-5.15.0-1093 - 5.15.0-1093.99 linux-oracle-tools-5.15.0-1093 - 5.15.0-1093.99 linux-tools-5.15.0-1093-oracle - 5.15.0-1093.99 No subscription required linux-aws-cloud-tools-5.15.0-1096 - 5.15.0-1096.103 linux-aws-headers-5.15.0-1096 - 5.15.0-1096.103 linux-aws-tools-5.15.0-1096 - 5.15.0-1096.103 linux-buildinfo-5.15.0-1096-aws - 5.15.0-1096.103 linux-buildinfo-5.15.0-1096-aws-64k - 5.15.0-1096.103 linux-cloud-tools-5.15.0-1096-aws - 5.15.0-1096.103 linux-cloud-tools-5.15.0-1096-aws-64k - 5.15.0-1096.103 linux-headers-5.15.0-1096-aws - 5.15.0-1096.103 linux-headers-5.15.0-1096-aws-64k - 5.15.0-1096.103 linux-image-5.15.0-1096-aws - 5.15.0-1096.103 linux-image-5.15.0-1096-aws-64k - 5.15.0-1096.103 linux-image-unsigned-5.15.0-1096-aws - 5.15.0-1096.103 linux-image-unsigned-5.15.0-1096-aws-64k - 5.15.0-1096.103 linux-modules-5.15.0-1096-aws - 5.15.0-1096.103 linux-modules-5.15.0-1096-aws-64k - 5.15.0-1096.103 linux-modules-extra-5.15.0-1096-aws - 5.15.0-1096.103 linux-modules-extra-5.15.0-1096-aws-64k - 5.15.0-1096.103 linux-tools-5.15.0-1096-aws - 5.15.0-1096.103 linux-tools-5.15.0-1096-aws-64k - 5.15.0-1096.103 No subscription required linux-buildinfo-5.15.0-1096-gcp - 5.15.0-1096.105 linux-gcp-headers-5.15.0-1096 - 5.15.0-1096.105 linux-gcp-tools-5.15.0-1096 - 5.15.0-1096.105 linux-headers-5.15.0-1096-gcp - 5.15.0-1096.105 linux-image-5.15.0-1096-gcp - 5.15.0-1096.105 linux-image-unsigned-5.15.0-1096-gcp - 5.15.0-1096.105 linux-modules-5.15.0-1096-gcp - 5.15.0-1096.105 linux-modules-extra-5.15.0-1096-gcp - 5.15.0-1096.105 linux-tools-5.15.0-1096-gcp - 5.15.0-1096.105 No subscription required linux-buildinfo-5.15.0-161-generic - 5.15.0-161.171 linux-buildinfo-5.15.0-161-generic-64k - 5.15.0-161.171 linux-buildinfo-5.15.0-161-generic-lpae - 5.15.0-161.171 linux-buildinfo-5.15.0-161-lowlatency - 5.15.0-161.171 linux-buildinfo-5.15.0-161-lowlatency-64k - 5.15.0-161.171 linux-cloud-tools-5.15.0-161 - 5.15.0-161.171 linux-cloud-tools-5.15.0-161-generic - 5.15.0-161.171 linux-cloud-tools-5.15.0-161-lowlatency - 5.15.0-161.171 linux-cloud-tools-common - 5.15.0-161.171 linux-doc - 5.15.0-161.171 linux-headers-5.15.0-161 - 5.15.0-161.171 linux-headers-5.15.0-161-generic - 5.15.0-161.171 linux-headers-5.15.0-161-generic-64k - 5.15.0-161.171 linux-headers-5.15.0-161-generic-lpae - 5.15.0-161.171 linux-headers-5.15.0-161-lowlatency - 5.15.0-161.171 linux-headers-5.15.0-161-lowlatency-64k - 5.15.0-161.171 linux-image-5.15.0-161-generic - 5.15.0-161.171 linux-image-5.15.0-161-generic-64k - 5.15.0-161.171 linux-image-5.15.0-161-generic-lpae - 5.15.0-161.171 linux-image-5.15.0-161-lowlatency - 5.15.0-161.171 linux-image-5.15.0-161-lowlatency-64k - 5.15.0-161.171 linux-image-unsigned-5.15.0-161-generic - 5.15.0-161.171 linux-image-unsigned-5.15.0-161-generic-64k - 5.15.0-161.171 linux-image-unsigned-5.15.0-161-lowlatency - 5.15.0-161.171 linux-image-unsigned-5.15.0-161-lowlatency-64k - 5.15.0-161.171 linux-libc-dev - 5.15.0-161.171 linux-lowlatency-cloud-tools-5.15.0-161 - 5.15.0-161.171 linux-lowlatency-headers-5.15.0-161 - 5.15.0-161.171 linux-lowlatency-tools-5.15.0-161 - 5.15.0-161.171 linux-modules-5.15.0-161-generic - 5.15.0-161.171 linux-modules-5.15.0-161-generic-64k - 5.15.0-161.171 linux-modules-5.15.0-161-generic-lpae - 5.15.0-161.171 linux-modules-5.15.0-161-lowlatency - 5.15.0-161.171 linux-modules-5.15.0-161-lowlatency-64k - 5.15.0-161.171 linux-modules-extra-5.15.0-161-generic - 5.15.0-161.171 linux-modules-iwlwifi-5.15.0-161-generic - 5.15.0-161.171 linux-modules-iwlwifi-5.15.0-161-lowlatency - 5.15.0-161.171 linux-source-5.15.0 - 5.15.0-161.171 linux-tools-5.15.0-161 - 5.15.0-161.171 linux-tools-5.15.0-161-generic - 5.15.0-161.171 linux-tools-5.15.0-161-generic-64k - 5.15.0-161.171 linux-tools-5.15.0-161-generic-lpae - 5.15.0-161.171 linux-tools-5.15.0-161-lowlatency - 5.15.0-161.171 linux-tools-5.15.0-161-lowlatency-64k - 5.15.0-161.171 linux-tools-common - 5.15.0-161.171 linux-tools-host - 5.15.0-161.171 No subscription required linux-cloud-tools-gkeop - 5.15.0.1079.78 linux-cloud-tools-gkeop-5.15 - 5.15.0.1079.78 linux-gkeop - 5.15.0.1079.78 linux-gkeop-5.15 - 5.15.0.1079.78 linux-headers-gkeop - 5.15.0.1079.78 linux-headers-gkeop-5.15 - 5.15.0.1079.78 linux-image-gkeop - 5.15.0.1079.78 linux-image-gkeop-5.15 - 5.15.0.1079.78 linux-modules-extra-gkeop - 5.15.0.1079.78 linux-modules-extra-gkeop-5.15 - 5.15.0.1079.78 linux-tools-gkeop - 5.15.0.1079.78 linux-tools-gkeop-5.15 - 5.15.0.1079.78 No subscription required linux-headers-ibm - 5.15.0.1090.86 linux-headers-ibm-5.15 - 5.15.0.1090.86 linux-ibm - 5.15.0.1090.86 linux-ibm-5.15 - 5.15.0.1090.86 linux-image-ibm - 5.15.0.1090.86 linux-image-ibm-5.15 - 5.15.0.1090.86 linux-tools-ibm - 5.15.0.1090.86 linux-tools-ibm-5.15 - 5.15.0.1090.86 No subscription required linux-cloud-tools-nvidia - 5.15.0.1091.91 linux-cloud-tools-nvidia-5.15 - 5.15.0.1091.91 linux-cloud-tools-nvidia-lowlatency - 5.15.0.1091.91 linux-cloud-tools-nvidia-lowlatency-5.15 - 5.15.0.1091.91 linux-headers-intel-iotg - 5.15.0.1091.91 linux-headers-intel-iotg-5.15 - 5.15.0.1091.91 linux-headers-nvidia - 5.15.0.1091.91 linux-headers-nvidia-5.15 - 5.15.0.1091.91 linux-headers-nvidia-lowlatency - 5.15.0.1091.91 linux-headers-nvidia-lowlatency-5.15 - 5.15.0.1091.91 linux-image-intel-iotg - 5.15.0.1091.91 linux-image-intel-iotg-5.15 - 5.15.0.1091.91 linux-image-nvidia - 5.15.0.1091.91 linux-image-nvidia-5.15 - 5.15.0.1091.91 linux-image-nvidia-lowlatency - 5.15.0.1091.91 linux-image-nvidia-lowlatency-5.15 - 5.15.0.1091.91 linux-intel-iotg - 5.15.0.1091.91 linux-intel-iotg-5.15 - 5.15.0.1091.91 linux-nvidia - 5.15.0.1091.91 linux-nvidia-5.15 - 5.15.0.1091.91 linux-nvidia-lowlatency - 5.15.0.1091.91 linux-nvidia-lowlatency-5.15 - 5.15.0.1091.91 linux-tools-intel-iotg - 5.15.0.1091.91 linux-tools-intel-iotg-5.15 - 5.15.0.1091.91 linux-tools-nvidia - 5.15.0.1091.91 linux-tools-nvidia-5.15 - 5.15.0.1091.91 linux-tools-nvidia-lowlatency - 5.15.0.1091.91 linux-tools-nvidia-lowlatency-5.15 - 5.15.0.1091.91 No subscription required linux-gke - 5.15.0.1092.91 linux-gke-5.15 - 5.15.0.1092.91 linux-headers-gke - 5.15.0.1092.91 linux-headers-gke-5.15 - 5.15.0.1092.91 linux-image-gke - 5.15.0.1092.91 linux-image-gke-5.15 - 5.15.0.1092.91 linux-tools-gke - 5.15.0.1092.91 linux-tools-gke-5.15 - 5.15.0.1092.91 No subscription required linux-headers-oracle-5.15 - 5.15.0.1093.89 linux-headers-oracle-lts-22.04 - 5.15.0.1093.89 linux-image-oracle-5.15 - 5.15.0.1093.89 linux-image-oracle-lts-22.04 - 5.15.0.1093.89 linux-oracle-5.15 - 5.15.0.1093.89 linux-oracle-lts-22.04 - 5.15.0.1093.89 linux-tools-oracle-5.15 - 5.15.0.1093.89 linux-tools-oracle-lts-22.04 - 5.15.0.1093.89 No subscription required linux-gcp-5.15 - 5.15.0.1096.92 linux-gcp-lts-22.04 - 5.15.0.1096.92 linux-headers-gcp-5.15 - 5.15.0.1096.92 linux-headers-gcp-lts-22.04 - 5.15.0.1096.92 linux-image-gcp-5.15 - 5.15.0.1096.92 linux-image-gcp-lts-22.04 - 5.15.0.1096.92 linux-modules-extra-gcp-5.15 - 5.15.0.1096.92 linux-modules-extra-gcp-lts-22.04 - 5.15.0.1096.92 linux-tools-gcp-5.15 - 5.15.0.1096.92 linux-tools-gcp-lts-22.04 - 5.15.0.1096.92 No subscription required linux-aws-5.15 - 5.15.0.1096.99 linux-aws-64k-5.15 - 5.15.0.1096.99 linux-aws-64k-lts-22.04 - 5.15.0.1096.99 linux-aws-lts-22.04 - 5.15.0.1096.99 linux-headers-aws-5.15 - 5.15.0.1096.99 linux-headers-aws-64k-5.15 - 5.15.0.1096.99 linux-headers-aws-64k-lts-22.04 - 5.15.0.1096.99 linux-headers-aws-lts-22.04 - 5.15.0.1096.99 linux-image-aws-5.15 - 5.15.0.1096.99 linux-image-aws-64k-5.15 - 5.15.0.1096.99 linux-image-aws-64k-lts-22.04 - 5.15.0.1096.99 linux-image-aws-lts-22.04 - 5.15.0.1096.99 linux-modules-extra-aws-5.15 - 5.15.0.1096.99 linux-modules-extra-aws-64k-5.15 - 5.15.0.1096.99 linux-modules-extra-aws-64k-lts-22.04 - 5.15.0.1096.99 linux-modules-extra-aws-lts-22.04 - 5.15.0.1096.99 linux-tools-aws-5.15 - 5.15.0.1096.99 linux-tools-aws-64k-5.15 - 5.15.0.1096.99 linux-tools-aws-64k-lts-22.04 - 5.15.0.1096.99 linux-tools-aws-lts-22.04 - 5.15.0.1096.99 No subscription required linux-cloud-tools-lowlatency - 5.15.0.161.139 linux-cloud-tools-lowlatency-5.15 - 5.15.0.161.139 linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.161.139 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.161.139 linux-headers-lowlatency - 5.15.0.161.139 linux-headers-lowlatency-5.15 - 5.15.0.161.139 linux-headers-lowlatency-64k - 5.15.0.161.139 linux-headers-lowlatency-64k-5.15 - 5.15.0.161.139 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.161.139 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.161.139 linux-headers-lowlatency-hwe-20.04 - 5.15.0.161.139 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.161.139 linux-image-lowlatency - 5.15.0.161.139 linux-image-lowlatency-5.15 - 5.15.0.161.139 linux-image-lowlatency-64k - 5.15.0.161.139 linux-image-lowlatency-64k-5.15 - 5.15.0.161.139 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.161.139 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.161.139 linux-image-lowlatency-hwe-20.04 - 5.15.0.161.139 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.161.139 linux-lowlatency - 5.15.0.161.139 linux-lowlatency-5.15 - 5.15.0.161.139 linux-lowlatency-64k - 5.15.0.161.139 linux-lowlatency-64k-5.15 - 5.15.0.161.139 linux-lowlatency-64k-hwe-20.04 - 5.15.0.161.139 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.161.139 linux-lowlatency-hwe-20.04 - 5.15.0.161.139 linux-lowlatency-hwe-20.04-edge - 5.15.0.161.139 linux-tools-lowlatency - 5.15.0.161.139 linux-tools-lowlatency-5.15 - 5.15.0.161.139 linux-tools-lowlatency-64k - 5.15.0.161.139 linux-tools-lowlatency-64k-5.15 - 5.15.0.161.139 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.161.139 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.161.139 linux-tools-lowlatency-hwe-20.04 - 5.15.0.161.139 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.161.139 No subscription required linux-cloud-tools-generic - 5.15.0.161.157 linux-cloud-tools-generic-5.15 - 5.15.0.161.157 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.161.157 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.161.157 linux-cloud-tools-virtual - 5.15.0.161.157 linux-cloud-tools-virtual-5.15 - 5.15.0.161.157 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.161.157 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.161.157 linux-crashdump - 5.15.0.161.157 linux-generic - 5.15.0.161.157 linux-generic-5.15 - 5.15.0.161.157 linux-generic-64k - 5.15.0.161.157 linux-generic-64k-5.15 - 5.15.0.161.157 linux-generic-64k-hwe-20.04 - 5.15.0.161.157 linux-generic-64k-hwe-20.04-edge - 5.15.0.161.157 linux-generic-hwe-20.04 - 5.15.0.161.157 linux-generic-hwe-20.04-edge - 5.15.0.161.157 linux-generic-lpae - 5.15.0.161.157 linux-generic-lpae-5.15 - 5.15.0.161.157 linux-generic-lpae-hwe-20.04 - 5.15.0.161.157 linux-generic-lpae-hwe-20.04-edge - 5.15.0.161.157 linux-headers-generic - 5.15.0.161.157 linux-headers-generic-5.15 - 5.15.0.161.157 linux-headers-generic-64k - 5.15.0.161.157 linux-headers-generic-64k-5.15 - 5.15.0.161.157 linux-headers-generic-64k-hwe-20.04 - 5.15.0.161.157 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.161.157 linux-headers-generic-hwe-20.04 - 5.15.0.161.157 linux-headers-generic-hwe-20.04-edge - 5.15.0.161.157 linux-headers-generic-lpae - 5.15.0.161.157 linux-headers-generic-lpae-5.15 - 5.15.0.161.157 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.161.157 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.161.157 linux-headers-oem-20.04 - 5.15.0.161.157 linux-headers-virtual - 5.15.0.161.157 linux-headers-virtual-5.15 - 5.15.0.161.157 linux-headers-virtual-hwe-20.04 - 5.15.0.161.157 linux-headers-virtual-hwe-20.04-edge - 5.15.0.161.157 linux-image-extra-virtual - 5.15.0.161.157 linux-image-extra-virtual-5.15 - 5.15.0.161.157 linux-image-extra-virtual-hwe-20.04 - 5.15.0.161.157 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.161.157 linux-image-generic - 5.15.0.161.157 linux-image-generic-5.15 - 5.15.0.161.157 linux-image-generic-64k - 5.15.0.161.157 linux-image-generic-64k-5.15 - 5.15.0.161.157 linux-image-generic-64k-hwe-20.04 - 5.15.0.161.157 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.161.157 linux-image-generic-hwe-20.04 - 5.15.0.161.157 linux-image-generic-hwe-20.04-edge - 5.15.0.161.157 linux-image-generic-lpae - 5.15.0.161.157 linux-image-generic-lpae-5.15 - 5.15.0.161.157 linux-image-generic-lpae-hwe-20.04 - 5.15.0.161.157 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.161.157 linux-image-oem-20.04 - 5.15.0.161.157 linux-image-virtual - 5.15.0.161.157 linux-image-virtual-5.15 - 5.15.0.161.157 linux-image-virtual-hwe-20.04 - 5.15.0.161.157 linux-image-virtual-hwe-20.04-edge - 5.15.0.161.157 linux-modules-iwlwifi-generic - 5.15.0.161.157 linux-modules-iwlwifi-generic-5.15 - 5.15.0.161.157 linux-oem-20.04 - 5.15.0.161.157 linux-source - 5.15.0.161.157 linux-tools-generic - 5.15.0.161.157 linux-tools-generic-5.15 - 5.15.0.161.157 linux-tools-generic-64k - 5.15.0.161.157 linux-tools-generic-64k-5.15 - 5.15.0.161.157 linux-tools-generic-64k-hwe-20.04 - 5.15.0.161.157 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.161.157 linux-tools-generic-hwe-20.04 - 5.15.0.161.157 linux-tools-generic-hwe-20.04-edge - 5.15.0.161.157 linux-tools-generic-lpae - 5.15.0.161.157 linux-tools-generic-lpae-5.15 - 5.15.0.161.157 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.161.157 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.161.157 linux-tools-oem-20.04 - 5.15.0.161.157 linux-tools-virtual - 5.15.0.161.157 linux-tools-virtual-5.15 - 5.15.0.161.157 linux-tools-virtual-hwe-20.04 - 5.15.0.161.157 linux-tools-virtual-hwe-20.04-edge - 5.15.0.161.157 linux-virtual - 5.15.0.161.157 linux-virtual-5.15 - 5.15.0.161.157 linux-virtual-hwe-20.04 - 5.15.0.161.157 linux-virtual-hwe-20.04-edge - 5.15.0.161.157 No subscription required
CVEs:

• https://ubuntu.com/security/CVE-2025-40300

Title: USN-7866-1 -- Intel Microcode vulnerabilities
URL: https://ubuntu.com/security/notices/USN-7866-1
Priorities: medium
Description:
Barak Gross discovered that some Intel® Xeon® processors with SGX enabled did not properly handle buffer restrictions. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-20053) Avinash Maddy discovered that some Intel® processors did not properly isolate or compartmentalize the stream cache mechanisms. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-20109) Joseph Nuzman discovered that some Intel® Xeon® processors did not properly manage references to active allocate resources. A local authenticated user could potentially use this issue to cause a denial of service (system crash). (CVE-2025-21090) It was discovered that some Intel® Xeon® 6 processors did not properly provide sufficient granularity of access control in the out of band management service module (OOB-MSM). An authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-22839) It was discovered that some Intel® Xeon® 6 Scalable processors did not properly handle a specific sequence of processor instructions, leading to unexpected behavior. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-22840) Joseph Nuzman discovered that some Intel® Xeon® 6 processors with Intel® Trust Domain Extensions (Intel® TDX) did not properly handle overlap between protected memory ranges. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-22889) Avraham Shalev discovered that some Intel® Xeon® processors did not properly provide sufficient control flow management in the Alias Checking Trusted Module (ACTM) firmware. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-24305) Aviv Eisen and Avraham Shalev discovered that some Intel® Xeon® 6 processors when using Intel® SGX or Intel® TDX did not properly protect against out-of-bounds writes in the memory subsystem. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-26403) Aviv Eisen and Avraham Shalev discovered that some Intel® Xeon® 6 processors when using Intel® SGX or Intel® TDX did not properly implement security checks in the DDRIO configuration. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-32086) Update Instructions: Run sudo pro fix USN-7866-1 to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20250812.0ubuntu0.22.04.1 No subscription required
CVEs:

• https://ubuntu.com/security/CVE-2025-20053
• https://ubuntu.com/security/CVE-2025-22839
• https://ubuntu.com/security/CVE-2025-22840
• https://ubuntu.com/security/CVE-2025-20109
• https://ubuntu.com/security/CVE-2025-24305
• https://ubuntu.com/security/CVE-2025-26403
• https://ubuntu.com/security/CVE-2025-21090
• https://ubuntu.com/security/CVE-2025-32086
• https://ubuntu.com/security/CVE-2025-22889

Title: USN-7886-1 -- Python vulnerabilities
URL: https://ubuntu.com/security/notices/USN-7886-1
Priorities: medium
Description:
It was discovered that Python inefficiently handled expanding system environment variables. An attacker could possibly use this issue to cause Python to consume excessive resources, leading to a denial of service. (CVE-2025-6075) Caleb Brown discovered that Python incorrectly handled the ZIP64 End of Central Directory (EOCD) Locator record offset value. An attacker could possibly use this issue to obfuscate malicious content. (CVE-2025-8291) Update Instructions: Run sudo pro fix USN-7886-1 to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python3.10 - 3.10.12-122.04.12 libpython3.10 - 3.10.12-122.04.12 libpython3.10-dev - 3.10.12-122.04.12 libpython3.10-minimal - 3.10.12-122.04.12 libpython3.10-stdlib - 3.10.12-122.04.12 libpython3.10-testsuite - 3.10.12-122.04.12 python3.10 - 3.10.12-122.04.12 python3.10-dev - 3.10.12-122.04.12 python3.10-doc - 3.10.12-122.04.12 python3.10-examples - 3.10.12-122.04.12 python3.10-full - 3.10.12-122.04.12 python3.10-minimal - 3.10.12-122.04.12 python3.10-nopie - 3.10.12-122.04.12 python3.10-venv - 3.10.12-122.04.12 No subscription required idle-python3.11 - 3.11.0rc1-122.04.1esm6 libpython3.11 - 3.11.0rc1-122.04.1esm6 libpython3.11-dev - 3.11.0rc1-122.04.1esm6 libpython3.11-minimal - 3.11.0rc1-122.04.1esm6 libpython3.11-stdlib - 3.11.0rc1-122.04.1esm6 libpython3.11-testsuite - 3.11.0rc1-122.04.1esm6 python3.11 - 3.11.0rc1-122.04.1esm6 python3.11-dev - 3.11.0rc1-122.04.1esm6 python3.11-doc - 3.11.0rc1-122.04.1esm6 python3.11-examples - 3.11.0rc1-122.04.1esm6 python3.11-full - 3.11.0rc1-122.04.1esm6 python3.11-minimal - 3.11.0rc1-122.04.1esm6 python3.11-nopie - 3.11.0rc1-122.04.1esm6 python3.11-venv - 3.11.0rc1-122.04.1esm6 No subscription required
CVEs:

• https://ubuntu.com/security/CVE-2025-8291
• https://ubuntu.com/security/CVE-2025-6075