LSN-120-1

Project Discussion Kernel LSN
, ,
1

Linux kernel vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 LTS
  • Ubuntu 24.04 LTS
  • Ubuntu 22.04 LTS

Summary

Several security issues were fixed in the kernel.

Software Description

  • linux - Linux kernel
  • linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  • linux-azure - Linux kernel for Microsoft Azure Cloud systems
  • linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
  • linux-gke - Linux kernel for Google Container Engine (GKE) systems
  • linux-ibm - Linux kernel for IBM cloud systems
  • linux-oracle - Linux kernel for Oracle Cloud systems

Details

In the Linux kernel, the following vulnerability has been
resolved: KVM: arm64: Tear down vGIC on failed vCPU creation If
kvm_arch_vcpu_create() fails to share the vCPU page with the hypervisor, we
propagate the error back to the ioctl but leave the vGIC vCPU data
initialised. (CVE-2025-37849)

In the Linux kernel, the following vulnerability has been
resolved: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec
nvmet_tcp_build_pdu_iovec() could walk past cmd->req.sg when a PDU length
or offset exceeds sg_cnt and then use bogus sg->length/offset values,
leading to _copy_to_iter() GPF/KASAN. (CVE-2026-23112)

It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)

Update instructions

The problem can be corrected by updating your kernel livepatch to the following
versions:

Ubuntu 20.04 LTS

  • aws - 120.2
  • azure - 120.2
  • gcp - 120.2
  • generic - 120.2
  • ibm - 120.2
  • lowlatency - 120.2
  • oracle - 120.2

Ubuntu 18.04 LTS

  • aws - 120.2
  • azure - 120.2
  • gcp - 120.2
  • generic - 120.2
  • lowlatency - 120.2
  • oracle - 120.2

Ubuntu 24.04 LTS

  • aws - 120.2
  • azure - 120.2
  • gcp - 120.2
  • generic - 120.2
  • ibm - 120.2
  • oracle - 120.2

Ubuntu 22.04 LTS

  • aws - 120.2
  • azure - 120.2
  • gcp - 120.2
  • generic - 120.2
  • gke - 120.2
  • ibm - 120.2
  • oracle - 120.2

Support Information

Livepatches for supported LTS kernels will receive upgrades for
a period of up to 13 months after the build date of the kernel.

Livepatches for supported HWE kernels which are not based on
an LTS kernel version will receive upgrades for a period of
up to 9 months after the build date of the kernel, or until the end
of support for that kernel’s non-LTS distro release version,
whichever is sooner.

References