LSN-0118-1
Vulnerability Summary
Timeline
Description
Kernel Live Patch Security Notice In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. In the Linux kernel, the following vulnerability has been resolved: padata: avoid UAF for reorder_work Although the previous patch can avoid ps and ps UAF for _do_serial, it can not avoid potential UAF issue for reorder_work. In the Linux kernel, the following vulnerability has been resolved: exfat: fix random stack corruption after get_block When get_block is called with a buffer_head allocated on the stack, such as do_mpage_readpage, stack corruption due to buffer_head UAF may occur in the following race condition situation. In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in crypt_message when using async crypto The CVE-2024-50047 fix removed asynchronous crypto handling from crypt_message(), assuming all crypto operations are synchronous. In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue race condition If client send multiple session setup requests to ksmbd, Preauh_HashValue race condition could happen. In the Linux kernel, the following vulnerability has been resolved: io_uring/futex: ensure io_futex_wait() cleans up properly on failure The io_futex_data is allocated upfront and assigned to the io_kiocb async_data field, but the request isn't marked with REQ_F_ASYNC_DATA at that point. In the Linux kernel, the following vulnerability has been resolved: af_unix: Initialise scc_index in unix_add_edge().
Affected Systems
- ubuntu•linux
all | all | < 5.4.0-225.245 | < 5.15.0-168.178 | < 6.8.0-100.100 | < 6.17.0-12.12
- ubuntu•linux-aws
all | < 5.4.0-1154.164 | < 5.15.0-1099.106 | < 6.8.0-1046.49
- ubuntu•linux-aws-5.15
all | < 5.15.0-1099.106~20.04.1
- ubuntu•linux-aws-6.8
all | < 6.8.0-1046.49~22.04.1
- ubuntu•linux-azure
all | < 5.15.0-1103.112 | < 6.8.0-1046.52
- ubuntu•linux-azure-5.15
all | < 5.15.0-1103.112~20.04.1
- ubuntu•linux-gcp
all | < 5.15.0-1099.108 | < 6.8.0-1047.50
- ubuntu•linux-gcp-5.15
all | < 5.15.0-1099.108~20.04.1
- ubuntu•linux-gcp-6.8
all | < 6.8.0-1047.50~22.04.2
- ubuntu•linux-gke
all | < 5.15.0-1095.101
- ubuntu•linux-hwe-5.15
all | < 5.15.0-168.178~20.04.1
- ubuntu•linux-hwe-5.4
all | < 5.4.0-225.245~18.04.1
- ubuntu•linux-ibm
all | < 5.15.0-1093.96 | < 6.8.0-1044.44
- ubuntu•linux-ibm-5.15
all | < 5.15.0-1093.96~20.04.1
- ubuntu•linux-ibm-6.8
all | < 6.8.0-1044.44~22.04.1
- ubuntu•linux-lowlatency-hwe-5.15
all | < 5.15.0-168.178~20.04.1
- ubuntu•linux-oracle
all | < 5.15.0-1096.102 | < 6.8.0-1043.44
- ubuntu•linux-oracle-5.15
all | < 5.15.0-1096.102~20.04.1
References (8)
- https://ubuntu.com/security/notices/LSN-0118-1
- https://ubuntu.com/security/CVE-2024-50047
- https://ubuntu.com/security/CVE-2025-21726
- https://ubuntu.com/security/CVE-2025-22036
- https://ubuntu.com/security/CVE-2025-38488
- https://ubuntu.com/security/CVE-2025-38561
- https://ubuntu.com/security/CVE-2025-39698
- https://ubuntu.com/security/CVE-2025-40214