Ubuntu Security Notices
USN-7853-1

USN-7853-1: Linux kernel vulnerabilities

Publication date

30 October 2025

Overview

Several security issues were fixed in the Linux kernel.

Releases

18.04 LTS 16.04 LTS

Packages

linux - Linux kernel
linux-aws - Linux kernel for Amazon Web Services (AWS) systems
linux-aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems
linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
linux-gcp-4.15 - Linux kernel for Google Cloud Platform (GCP) systems
linux-hwe - Linux hardware enablement (HWE) kernel
linux-oracle - Linux kernel for Oracle Cloud systems

Details

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain processors. This
flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this
to expose sensitive information from the host OS. (CVE-2025-40300)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

DMA engine subsystem;
GPU drivers;
HSI subsystem;
Ethernet team driver;
Ext4 file system;
Timer subsystem;
DCCP (Datagram Congestion Control Protocol);
IPv6 networking;
NET/ROM layer;
SCTP protocol;
USB sound devices

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

DMA engine subsystem;
GPU drivers;
HSI subsystem;
Ethernet team driver;
Ext4 file system;
Timer subsystem;
DCCP (Datagram Congestion Control Protocol);
IPv6 networking;
NET/ROM layer;
SCTP protocol;
USB sound devices

Update instructions

After a standard system update you need to reboot your computer to make all the necessary changes.

Learn more about how to get the fixes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release	Package Version
18.04 LTS bionic	linux-image-4.15.0-1148-oracle – 4.15.0-1148.159
	linux-image-4.15.0-1179-gcp – 4.15.0-1179.196
	linux-image-4.15.0-1186-aws – 4.15.0-1186.199
	linux-image-4.15.0-243-generic – 4.15.0-243.255
	linux-image-4.15.0-243-lowlatency – 4.15.0-243.255
	linux-image-aws-4.15 – 4.15.0.1186.184
	linux-image-aws-lts-18.04 – 4.15.0.1186.184
	linux-image-gcp-4.15 – 4.15.0.1179.192
	linux-image-gcp-lts-18.04 – 4.15.0.1179.192
	linux-image-generic – 4.15.0.243.227
	linux-image-lowlatency – 4.15.0.243.227
	linux-image-oracle-4.15 – 4.15.0.1148.153
	linux-image-oracle-lts-18.04 – 4.15.0.1148.153
	linux-image-virtual – 4.15.0.243.227
16.04 LTS xenial	linux-image-4.15.0-1179-gcp – 4.15.0-1179.196~16.04.1
	linux-image-4.15.0-1186-aws – 4.15.0-1186.199~16.04.1
	linux-image-4.15.0-243-generic – 4.15.0-243.255~16.04.1
	linux-image-4.15.0-243-lowlatency – 4.15.0-243.255~16.04.1
	linux-image-aws-hwe – 4.15.0.1186.199~16.04.1
	linux-image-gcp – 4.15.0.1179.196~16.04.1
	linux-image-generic-hwe-16.04 – 4.15.0.243.255~16.04.1
	linux-image-gke – 4.15.0.1179.196~16.04.1
	linux-image-lowlatency-hwe-16.04 – 4.15.0.243.255~16.04.1
	linux-image-oem – 4.15.0.243.255~16.04.1
	linux-image-virtual-hwe-16.04 – 4.15.0.243.255~16.04.1

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

USN-7854-1
USN-7853-2
USN-7850-1
USN-7789-1
USN-7789-2
USN-7776-1
USN-7775-1
USN-7775-2
USN-7775-3
USN-7774-1
USN-7774-2
USN-7774-3
USN-7774-4
USN-7774-5
USN-7771-1
USN-7770-1
USN-7769-1
USN-7769-2
USN-7769-3
USN-7712-1
USN-7712-2
USN-7711-1
USN-7686-1
USN-7655-1
USN-7654-1
USN-7654-2
USN-7654-3
USN-7654-4
USN-7654-5
USN-7653-1
USN-7596-2
USN-7596-1
USN-7595-2
USN-7595-1
USN-7595-4
USN-7595-3
USN-7595-5
USN-7594-1
USN-7594-2
USN-7594-3
USN-7540-1
USN-7539-1
USN-7524-1
USN-7523-1
USN-7522-1
USN-7515-1
USN-7515-2
USN-7514-1
USN-7513-1
USN-7513-2
USN-7513-3
USN-7513-4
USN-7513-5
USN-7468-1
USN-7463-1
USN-7459-1
USN-7459-2
USN-7458-1
USN-7453-1
USN-7452-1
USN-7451-1
USN-7450-1
USN-7449-1
USN-7449-2
USN-7421-1
USN-7413-1
USN-7407-1
USN-7403-1
USN-7401-1
USN-7393-1
USN-7392-1
USN-7392-2
USN-7392-4
USN-7392-3
USN-7391-1
USN-7390-1
USN-7389-1
USN-7388-1
USN-7387-1
USN-7387-3
USN-7387-2
USN-7386-1
USN-7385-1
USN-7384-1
USN-7384-2
USN-7382-1
USN-7381-1
USN-7380-1
USN-7379-1
USN-7379-2
USN-7331-1
USN-7311-1
USN-7310-1
USN-7308-1
USN-7305-1
USN-7304-1
USN-7303-1
USN-7303-2
USN-7303-3
USN-7301-1
USN-7295-1
USN-7294-1
USN-7294-2
USN-7294-3
USN-7294-4
USN-7293-1
USN-7291-1
USN-7289-1
USN-7289-2
USN-7289-3
USN-7289-4
USN-7288-1
USN-7288-2
USN-7277-1
USN-7276-1
USN-7194-1
USN-7186-1
USN-7186-2
USN-7166-1
USN-7166-2
USN-7166-3
USN-7166-4
USN-7029-1
USN-7019-1
USN-7009-1
USN-7009-2
USN-7008-1
USN-7007-1
USN-7007-2
USN-7007-3
USN-7006-1
USN-7005-1
USN-7005-2
USN-7004-1
USN-7003-1
USN-7003-2
USN-7003-3
USN-7003-4
USN-7003-5
USN-6999-1
USN-6999-2
USN-6919-1
USN-6896-1
USN-6896-2
USN-6896-3
USN-6896-4
USN-6896-5
USN-6892-1
USN-6878-1
USN-6871-1
USN-6828-1
USN-6821-1
USN-6821-2
USN-6821-3
USN-6821-4
USN-6820-1
USN-6820-2
USN-6817-1
USN-6817-2
USN-6817-3
USN-6816-1
LSN-0112-1

Have additional questions?

Talk to a member of the team ›