USN-8277-1
Vulnerability Summary
Timeline
Description
linux, linux-aws, linux-hwe-6.17, linux-oem-6.17, linux-oracle, linux-raspi, linux-realtime, linux-realtime-6.17 vulnerabilities It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - S390 architecture; - Cryptographic API; - GPU drivers; - Ethernet bonding driver; - Network file system (NFS) server daemon; - Distributed Switch Architecture; - Netfilter; - Control group (cgroup); - Kernel kexec() syscall; - Memory management; - MAC80211 subsystem; - Multipath TCP; - Packet sockets; - TLS protocol; - Unix domain sockets; (CVE-2025-71088, CVE-2025-71090, CVE-2025-71127, CVE-2025-71134, CVE-2025-71139, CVE-2025-71141, CVE-2025-71142, CVE-2025-71144, CVE-2025-71152, CVE-2025-71155, CVE-2026-23274, CVE-2026-23351, CVE-2026-23394, CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078)
Affected Systems
- ubuntu•linux
< 6.17.0-29.29
- ubuntu•linux-aws
< 6.17.0-1015.15
- ubuntu•linux-hwe-6.17
< 6.17.0-29.29~24.04.1
- ubuntu•linux-oem-6.17
< 6.17.0-1023.23
- ubuntu•linux-oracle
< 6.17.0-1014.14
- ubuntu•linux-raspi
< 6.17.0-1017.17
- ubuntu•linux-realtime
< 6.17.0-1013.15
- ubuntu•linux-realtime-6.17
< 6.17.0-1013.15~24.04.1
References (21)
- https://ubuntu.com/security/notices/USN-8277-1
- https://ubuntu.com/security/CVE-2025-71088
- https://ubuntu.com/security/CVE-2025-71090
- https://ubuntu.com/security/CVE-2025-71127
- https://ubuntu.com/security/CVE-2025-71134
- https://ubuntu.com/security/CVE-2025-71139
- https://ubuntu.com/security/CVE-2025-71141
- https://ubuntu.com/security/CVE-2025-71142
- https://ubuntu.com/security/CVE-2025-71144
- https://ubuntu.com/security/CVE-2025-71152
- https://ubuntu.com/security/CVE-2025-71155
- https://ubuntu.com/security/CVE-2026-23274
- https://ubuntu.com/security/CVE-2026-23351
- https://ubuntu.com/security/CVE-2026-23394
- https://ubuntu.com/security/CVE-2026-31419
- https://ubuntu.com/security/CVE-2026-31431
- https://ubuntu.com/security/CVE-2026-31504
- https://ubuntu.com/security/CVE-2026-31533
- https://ubuntu.com/security/CVE-2026-43033
- https://ubuntu.com/security/CVE-2026-43077
- https://ubuntu.com/security/CVE-2026-43078