Ubuntu Security Notices
LSN-0115-1

LSN-0115-1: Kernel Live Patch Security Notice

Publication date

8 October 2025

Overview

Several security issues were fixed in the kernel.

Releases

24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS 14.04 LTS

Software description

aws – Linux kernel for Amazon Web Services (AWS) systems - (>= 4.15.0-1159, >= 5.4.0-1009, >= 5.4.0-1061, >= 5.15.0-1000, >= 6.8.0-1008, >= 4.4.0-1159)
aws-5.15 – Linux kernel for Amazon Web Services (AWS) systems - (>= 5.15.0-1000)
aws-hwe – Linux kernel for Amazon Web Services (AWS-HWE) systems - (>= 4.15.0-1126)
azure – Linux kernel for Microsoft Azure Cloud systems - (>= 5.15.0-1000, >= 6.8.0-1007, >= 4.15.0-1114)
azure-4.15 – Linux kernel for Microsoft Azure Cloud systems - (>= 4.15.0-1168)
azure-5.15 – Linux kernel for Microsoft Azure cloud systems - (>= 5.15.0-1069)
gcp – Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.15.0-1000, >= 6.8.0-1007, >= 4.15.0-1118)
gcp-4.15 – Linux kernel for Google Cloud Platform (GCP) systems - (>= 4.15.0-1154)
gcp-5.15 – Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.15.0-1000)
generic-4.15 – Linux hardware enablement (HWE) kernel - (>= 4.15.0-214, >= 4.15.0-143)
generic-4.4 – Linux kernel - (>= 4.4.0-168, >= 4.4.0-243)

aws – Linux kernel for Amazon Web Services (AWS) systems - (>= 4.15.0-1159, >= 5.4.0-1009, >= 5.4.0-1061, >= 5.15.0-1000, >= 6.8.0-1008, >= 4.4.0-1159)
aws-5.15 – Linux kernel for Amazon Web Services (AWS) systems - (>= 5.15.0-1000)
aws-hwe – Linux kernel for Amazon Web Services (AWS-HWE) systems - (>= 4.15.0-1126)
azure – Linux kernel for Microsoft Azure Cloud systems - (>= 5.15.0-1000, >= 6.8.0-1007, >= 4.15.0-1114)
azure-4.15 – Linux kernel for Microsoft Azure Cloud systems - (>= 4.15.0-1168)
azure-5.15 – Linux kernel for Microsoft Azure cloud systems - (>= 5.15.0-1069)
gcp – Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.15.0-1000, >= 6.8.0-1007, >= 4.15.0-1118)
gcp-4.15 – Linux kernel for Google Cloud Platform (GCP) systems - (>= 4.15.0-1154)
gcp-5.15 – Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.15.0-1000)
generic-4.15 – Linux hardware enablement (HWE) kernel - (>= 4.15.0-214, >= 4.15.0-143)
generic-4.4 – Linux kernel - (>= 4.4.0-168, >= 4.4.0-243)
generic-5.15 – Linux hardware enablement (HWE) kernel - (>= 5.15.0-0)
generic-5.4 – Linux kernel - (>= 5.4.0-150, >= 5.4.0-26)
gke – Linux kernel for Google Container Engine (GKE) systems - (>= 5.15.0-1000)
ibm – Linux kernel for IBM cloud systems - (>= 5.15.0-1000, >= 6.8.0-1005)
ibm-5.15 – Linux kernel for IBM cloud systems - (>= 5.15.0-1000)
linux – Linux kernel - (>= 5.15.0-71, >= 5.15.0-24, >= 6.8.0-1)
lowlatency-4.15 – Linux hardware enablement (HWE) kernel - (>= 4.15.0-214, >= 4.15.0-143)
lowlatency-4.4 – Linux kernel - (>= 4.4.0-168, >= 4.4.0-243)
lowlatency-5.15 – Linux hardware enablement (HWE) kernel - (>= 5.15.0-0)
lowlatency-5.4 – Linux kernel - (>= 5.4.0-150, >= 5.4.0-26)
oracle – Linux kernel for Oracle Cloud systems - (>= 4.15.0-1129, >= 5.15.0-1055, >= 6.8.0-1005)
oracle-5.15 – Linux kernel for Oracle Cloud systems - (>= 5.15.0-1055)

Details

In the Linux kernel, the following vulnerability has been
resolved: fs/ntfs3: Fixed overflow check in mi_enum_attr())(CVE-2024-27407).

In the Linux kernel, the following vulnerability has been
resolved: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() syzbot
reported that nf_reject_ip6_tcphdr_put() was possibly sending garbage on
the four reserved tcp bits (th->res1) Use skb_put_zero() to clear the whole
TCP header, as done in nf_reject_ip_tcphdr_put() BUG: KMSAN: uninit-value
in nf_reject_ip6_tcphdr_put+0x688/0x6c0
net/ipv6/netfilter/nf_reject_ipv6.c:255
nf_reject_ip6_tcphdr_put+0x688/0x6c0
net/ipv6/netfilter/nf_reject_ipv6.c:255 nf_send_reset6+0xd84/0x15b0
net/ipv6/netfilter/nf_reject_ipv6.c:344 nft_reject_inet_eval+0x3c1/0x880
net/netfilter/nft_reject_inet.c:48 expr_call_ops_eval
net/netfilter/nf_tables_core.c:240 .

In the Linux kernel, the following vulnerability has...

In the Linux kernel, the following vulnerability has been
resolved: fs/ntfs3: Fixed overflow check in mi_enum_attr())(CVE-2024-27407).

In the Linux kernel, the following vulnerability has been
resolved: smb: client: fix UAF in async decryption Doing an async
decryption (large read) crashes with a slab-use-after-free way down in the
crypto API.

In the Linux kernel, the following vulnerability has been
resolved: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in
ovl_link_up The issue was caused by dput(upper) being called before
ovl_dentry_update_reval(), while upper->d_flags was still accessed in
ovl_dentry_remote().

In the Linux kernel, the following vulnerability has been
resolved: RDMA/erdma: Prevent use-after-free in erdma_accept_newconn()
After the erdma_cep_put(new_cep) being called, new_cep will be freed, and
the following dereference will cause a UAF problem.

Checking update status

To check your kernel type and Livepatch version, enter this command:

canonical-livepatch status

The problem can be corrected in these Livepatch versions:

Kernel type	24.04	22.04	20.04	18.04	16.04	14.04
aws	115.1	115.1	115.1	115.1	115.1	—
aws-5.15	—	—	115.1	—	—	—
aws-hwe	—	—	—	—	115.1	—
azure	115.1	115.1	—	—	115.1	—
azure-4.15	—	—	—	115.1	—	—
azure-5.15	—	—	115.1	—	—	—
gcp	115.1	115.1	—	—	115.1	—
gcp-4.15	—	—	—	115.1	—	—
gcp-5.15	—	—	115.1	—	—	—
generic-4.15	—	—	—	115.1	115.1	—
generic-4.4	—	—	—	—	115.1	115.1
generic-5.15	—	—	115.1	—	—	—
generic-5.4	—	—	115.1	115.1	—	—
gke	—	115.1	—	—	—	—
ibm	115.1	115.1	—	—	—	—
ibm-5.15	—	—	115.1	—	—	—
linux	115.1	115.1	—	—	—	—
lowlatency-4.15	—	—	—	115.1	115.1	—
lowlatency-4.4	—	—	—	—	115.1	115.1
lowlatency-5.15	—	—	115.1	—	—	—
lowlatency-5.4	—	—	115.1	115.1	—	—
oracle	115.1	115.1	—	115.1	—	—
oracle-5.15	—	—	115.1	—	—	—

References

Have additional questions?

Talk to a member of the team ›