USN-7654-3

Source
https://ubuntu.com/security/notices/USN-7654-3
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7654-3.json
JSON Data
https://api.osv.dev/v1/vulns/USN-7654-3
Upstream
Related
Published
2025-07-18T09:43:29.919361Z
Modified
2025-07-18T20:15:43.587319Z
Summary
linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities
Details

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Serial ATA and Parallel ATA drivers; - Bluetooth drivers; - Bus devices; - CPU frequency scaling framework; - Buffer Sharing and Synchronization framework; - DMA engine subsystem; - ARM SCMI message protocol; - GPU drivers; - HID subsystem; - HSI subsystem; - I2C subsystem; - I3C subsystem; - IIO subsystem; - InfiniBand drivers; - IOMMU subsystem; - IRQ chip drivers; - MCB driver; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - PCI Endpoint Test driver; - MTD block device drivers; - Network drivers; - Device tree and open firmware driver; - PCI subsystem; - TI SCI PM domains driver; - PWM drivers; - S/390 drivers; - SCSI subsystem; - Samsung SoC drivers; - TCM subsystem; - UFS subsystem; - Cadence USB3 driver; - ChipIdea USB driver; - USB Device Class drivers; - DesignWare USB3 driver; - USB Gadget drivers; - USB Type-C support driver; - USB Type-C Connector System Software Interface driver; - Backlight driver; - Framebuffer layer; - Xen hypervisor drivers; - BTRFS file system; - Ext4 file system; - F2FS file system; - File systems infrastructure; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - Proc file system; - SMB network file system; - Kernel stack handling interfaces; - Bluetooth subsystem; - Network traffic control; - SCTP protocol; - BPF subsystem; - Kernel command line parsing driver; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - Networking core; - IPv6 networking; - MAC80211 subsystem; - Management Component Transport Protocol (MCTP); - Multipath TCP; - Netfilter; - Open vSwitch; - Phonet protocol; - TIPC protocol; - TLS protocol; - Virtio sound driver; - CPU Power monitoring subsystem; (CVE-2022-49535, CVE-2025-37773, CVE-2025-37982, CVE-2025-37990, CVE-2025-37859, CVE-2025-37765, CVE-2025-37768, CVE-2025-23142, CVE-2025-37911, CVE-2024-56751, CVE-2025-37767, CVE-2025-37940, CVE-2024-50272, CVE-2025-37858, CVE-2025-38094, CVE-2025-37905, CVE-2025-37994, CVE-2025-38024, CVE-2024-26686, CVE-2025-37992, CVE-2025-37983, CVE-2025-23157, CVE-2025-37867, CVE-2025-37771, CVE-2025-38005, CVE-2025-37989, CVE-2025-37991, CVE-2025-37796, CVE-2025-23151, CVE-2025-37738, CVE-2025-37790, CVE-2023-52757, CVE-2025-37949, CVE-2025-37969, CVE-2025-37823, CVE-2023-52572, CVE-2025-37844, CVE-2024-46816, CVE-2025-37851, CVE-2024-53128, CVE-2025-37927, CVE-2025-23147, CVE-2025-37930, CVE-2024-49989, CVE-2022-49168, CVE-2025-37794, CVE-2025-37998, CVE-2025-37810, CVE-2024-46751, CVE-2025-37995, CVE-2025-37742, CVE-2025-37883, CVE-2024-46742, CVE-2024-54458, CVE-2025-37964, CVE-2025-38023, CVE-2025-37780, CVE-2022-49063, CVE-2025-37740, CVE-2025-37915, CVE-2025-37850, CVE-2025-37758, CVE-2025-23159, CVE-2024-50258, CVE-2025-37811, CVE-2025-37885, CVE-2025-23158, CVE-2025-37787, CVE-2025-37792, CVE-2025-23144, CVE-2025-37805, CVE-2025-21853, CVE-2025-23145, CVE-2025-37803, CVE-2025-37739, CVE-2025-37749, CVE-2025-37841, CVE-2022-21546, CVE-2025-37923, CVE-2025-22027, CVE-2025-37836, CVE-2022-48893, CVE-2025-37797, CVE-2025-23161, CVE-2024-50125, CVE-2025-37857, CVE-2025-23163, CVE-2024-49960, CVE-2025-37808, CVE-2025-37766, CVE-2025-23140, CVE-2025-23150, CVE-2025-22062, CVE-2025-23148, CVE-2025-37875, CVE-2025-37819, CVE-2025-37817, CVE-2025-37824, CVE-2024-35867, CVE-2025-37781, CVE-2024-35790, CVE-2025-21839, CVE-2025-37829, CVE-2025-37788, CVE-2024-35943, CVE-2025-37892, CVE-2024-38540, CVE-2025-37830, CVE-2025-37757, CVE-2025-37871, CVE-2024-26739, CVE-2024-27402, CVE-2025-37756, CVE-2024-46774, CVE-2025-37914, CVE-2024-50280, CVE-2025-37909, CVE-2025-37812, CVE-2024-53203, CVE-2025-37912, CVE-2025-38009, CVE-2024-38541, CVE-2025-37881, CVE-2025-37838, CVE-2024-35866, CVE-2025-37789, CVE-2025-37913, CVE-2025-37985, CVE-2025-37970, CVE-2025-37840, CVE-2025-37770, CVE-2025-37862, CVE-2025-23156, CVE-2025-37967, CVE-2025-37741, CVE-2024-36908, CVE-2024-42322, CVE-2025-23146, CVE-2025-37839)

References

Affected packages

Ubuntu:Pro:FIPS-updates:22.04:LTS / linux-aws-fips

Package

Name
linux-aws-fips
Purl
pkg:deb/ubuntu/linux-aws-fips@5.15.0-1088.95+fips1?arch=source&distro=fips-updates/jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.0-1088.95+fips1

Affected versions

5.*

5.15.0-1051.56+fips1
5.15.0-1052.57+fips1
5.15.0-1053.58+fips1
5.15.0-1055.60+fips1
5.15.0-1056.61+fips1
5.15.0-1057.63+fips1
5.15.0-1060.66+fips1
5.15.0-1061.67+fips1
5.15.0-1062.68+fips1
5.15.0-1063.69+fips1
5.15.0-1064.70+fips1
5.15.0-1065.71+fips1
5.15.0-1066.72+fips1
5.15.0-1067.73+fips1
5.15.0-1068.74+fips1
5.15.0-1069.75+fips1
5.15.0-1070.76+fips1
5.15.0-1071.77+fips1
5.15.0-1072.78+fips1
5.15.0-1073.79+fips1
5.15.0-1076.83+fips1
5.15.0-1077.84+fips1
5.15.0-1078.85+fips1
5.15.0-1079.86+fips1
5.15.0-1080.87+fips1
5.15.0-1081.88+fips1
5.15.0-1082.89+fips1
5.15.0-1083.90+fips1
5.15.0-1084.91+fips1
5.15.0-1085.92+fips1
5.15.0-1086.93+fips1
5.15.0-1087.94+fips1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_name": "linux-aws-fips-cloud-tools-5.15.0-1088",
            "binary_version": "5.15.0-1088.95+fips1"
        },
        {
            "binary_name": "linux-aws-fips-headers-5.15.0-1088",
            "binary_version": "5.15.0-1088.95+fips1"
        },
        {
            "binary_name": "linux-aws-fips-tools-5.15.0-1088",
            "binary_version": "5.15.0-1088.95+fips1"
        },
        {
            "binary_name": "linux-buildinfo-5.15.0-1088-aws-fips",
            "binary_version": "5.15.0-1088.95+fips1"
        },
        {
            "binary_name": "linux-cloud-tools-5.15.0-1088-aws-fips",
            "binary_version": "5.15.0-1088.95+fips1"
        },
        {
            "binary_name": "linux-headers-5.15.0-1088-aws-fips",
            "binary_version": "5.15.0-1088.95+fips1"
        },
        {
            "binary_name": "linux-image-unsigned-5.15.0-1088-aws-fips",
            "binary_version": "5.15.0-1088.95+fips1"
        },
        {
            "binary_name": "linux-image-unsigned-5.15.0-1088-aws-fips-dbgsym",
            "binary_version": "5.15.0-1088.95+fips1"
        },
        {
            "binary_name": "linux-image-unsigned-hmac-5.15.0-1088-aws-fips",
            "binary_version": "5.15.0-1088.95+fips1"
        },
        {
            "binary_name": "linux-modules-5.15.0-1088-aws-fips",
            "binary_version": "5.15.0-1088.95+fips1"
        },
        {
            "binary_name": "linux-modules-extra-5.15.0-1088-aws-fips",
            "binary_version": "5.15.0-1088.95+fips1"
        },
        {
            "binary_name": "linux-tools-5.15.0-1088-aws-fips",
            "binary_version": "5.15.0-1088.95+fips1"
        }
    ]
}

Ubuntu:Pro:FIPS-updates:22.04:LTS / linux-fips

Package

Name
linux-fips
Purl
pkg:deb/ubuntu/linux-fips@5.15.0-144.157+fips1?arch=source&distro=fips-updates/jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.0-144.157+fips1

Affected versions

5.*

5.15.0-73.80+fips1
5.15.0-92.102+fips1
5.15.0-94.104+fips1
5.15.0-97.107+fips1
5.15.0-100.110+fips1
5.15.0-101.111+fips1
5.15.0-102.112+fips1
5.15.0-105.115+fips1
5.15.0-106.116+fips1
5.15.0-107.117+fips1
5.15.0-111.121+fips1
5.15.0-113.123+fips1
5.15.0-115.125+fips1
5.15.0-117.127+fips1
5.15.0-118.128+fips1
5.15.0-119.129+fips1
5.15.0-121.131+fips1
5.15.0-122.132+fips1
5.15.0-124.134+fips1
5.15.0-125.135+fips1
5.15.0-127.137+fips1
5.15.0-128.138+fips1
5.15.0-130.140+fips1
5.15.0-131.141+fips1
5.15.0-133.144+fips1
5.15.0-134.145+fips1
5.15.0-135.146+fips1
5.15.0-136.147+fips1
5.15.0-138.148+fips1
5.15.0-139.149+fips1
5.15.0-140.150+fips1
5.15.0-141.151+fips1
5.15.0-142.152+fips1
5.15.0-143.153+fips1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_name": "linux-buildinfo-5.15.0-144-fips",
            "binary_version": "5.15.0-144.157+fips1"
        },
        {
            "binary_name": "linux-fips-headers-5.15.0-144",
            "binary_version": "5.15.0-144.157+fips1"
        },
        {
            "binary_name": "linux-fips-tools-5.15.0-144",
            "binary_version": "5.15.0-144.157+fips1"
        },
        {
            "binary_name": "linux-headers-5.15.0-144-fips",
            "binary_version": "5.15.0-144.157+fips1"
        },
        {
            "binary_name": "linux-image-unsigned-5.15.0-144-fips",
            "binary_version": "5.15.0-144.157+fips1"
        },
        {
            "binary_name": "linux-image-unsigned-5.15.0-144-fips-dbgsym",
            "binary_version": "5.15.0-144.157+fips1"
        },
        {
            "binary_name": "linux-image-unsigned-hmac-5.15.0-144-fips",
            "binary_version": "5.15.0-144.157+fips1"
        },
        {
            "binary_name": "linux-modules-5.15.0-144-fips",
            "binary_version": "5.15.0-144.157+fips1"
        },
        {
            "binary_name": "linux-modules-extra-5.15.0-144-fips",
            "binary_version": "5.15.0-144.157+fips1"
        },
        {
            "binary_name": "linux-modules-iwlwifi-5.15.0-144-fips",
            "binary_version": "5.15.0-144.157+fips1"
        },
        {
            "binary_name": "linux-tools-5.15.0-144-fips",
            "binary_version": "5.15.0-144.157+fips1"
        }
    ]
}

Ubuntu:Pro:FIPS-updates:22.04:LTS / linux-gcp-fips

Package

Name
linux-gcp-fips
Purl
pkg:deb/ubuntu/linux-gcp-fips@5.15.0-1087.96+fips1?arch=source&distro=fips-updates/jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.0-1087.96+fips1

Affected versions

5.*

5.15.0-1048.56+fips1
5.15.0-1055.63+fips2
5.15.0-1058.66+fips1
5.15.0-1059.67+fips1
5.15.0-1060.68+fips1
5.15.0-1062.70+fips1
5.15.0-1063.71+fips1
5.15.0-1064.72+fips1
5.15.0-1065.73+fips1
5.15.0-1066.74+fips1
5.15.0-1067.75+fips1
5.15.0-1068.76+fips1
5.15.0-1069.77+fips1
5.15.0-1070.78+fips1
5.15.0-1071.79+fips1
5.15.0-1072.80+fips1
5.15.0-1073.81+fips1
5.15.0-1074.83+fips1
5.15.0-1075.84+fips1
5.15.0-1077.86+fips1
5.15.0-1078.87+fips1
5.15.0-1079.88+fips1
5.15.0-1080.89+fips1
5.15.0-1081.90+fips1
5.15.0-1082.91+fips1
5.15.0-1083.92+fips1
5.15.0-1084.93+fips1
5.15.0-1085.94+fips1
5.15.0-1086.95+fips1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_name": "linux-buildinfo-5.15.0-1087-gcp-fips",
            "binary_version": "5.15.0-1087.96+fips1"
        },
        {
            "binary_name": "linux-gcp-fips-headers-5.15.0-1087",
            "binary_version": "5.15.0-1087.96+fips1"
        },
        {
            "binary_name": "linux-gcp-fips-tools-5.15.0-1087",
            "binary_version": "5.15.0-1087.96+fips1"
        },
        {
            "binary_name": "linux-headers-5.15.0-1087-gcp-fips",
            "binary_version": "5.15.0-1087.96+fips1"
        },
        {
            "binary_name": "linux-image-unsigned-5.15.0-1087-gcp-fips",
            "binary_version": "5.15.0-1087.96+fips1"
        },
        {
            "binary_name": "linux-image-unsigned-5.15.0-1087-gcp-fips-dbgsym",
            "binary_version": "5.15.0-1087.96+fips1"
        },
        {
            "binary_name": "linux-image-unsigned-hmac-5.15.0-1087-gcp-fips",
            "binary_version": "5.15.0-1087.96+fips1"
        },
        {
            "binary_name": "linux-modules-5.15.0-1087-gcp-fips",
            "binary_version": "5.15.0-1087.96+fips1"
        },
        {
            "binary_name": "linux-modules-extra-5.15.0-1087-gcp-fips",
            "binary_version": "5.15.0-1087.96+fips1"
        },
        {
            "binary_name": "linux-tools-5.15.0-1087-gcp-fips",
            "binary_version": "5.15.0-1087.96+fips1"
        }
    ]
}