Ubuntu Security Notices
USN-8255-1

USN-8255-1: Linux kernel vulnerabilities

Publication date

7 May 2026

Overview

Several security issues were fixed in the Linux kernel.

Releases

22.04 LTS 20.04 LTS

Packages

linux - Linux kernel
linux-aws - Linux kernel for Amazon Web Services (AWS) systems
linux-aws-5.15 - Linux kernel for Amazon Web Services (AWS) systems
linux-aws-fips - Linux kernel for Amazon Web Services (AWS) systems with FIPS
linux-azure - Linux kernel for Microsoft Azure Cloud systems
linux-azure-fips - Linux kernel for Microsoft Azure Cloud systems with FIPS
linux-fips - Linux kernel with FIPS
linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
linux-gcp-fips - Linux kernel for Google Cloud Platform (GCP) systems with FIPS
linux-gke - Linux kernel for Google Container Engine (GKE) systems
linux-gkeop - Linux kernel for Google Container Engine (GKE) systems
linux-hwe-5.15 - Linux hardware enablement (HWE) kernel
linux-ibm - Linux kernel for IBM cloud systems
linux-ibm-5.15 - Linux kernel for IBM cloud systems
linux-intel-iot-realtime - Linux kernel for Intel IoT Real-time platforms
linux-intel-iotg - Linux kernel for Intel IoT platforms
linux-intel-iotg-5.15 - Linux kernel for Intel IoT platforms
linux-kvm - Linux kernel for cloud environments
linux-lowlatency - Linux low latency kernel
linux-lowlatency-hwe-5.15 - Linux low latency kernel
linux-nvidia - Linux kernel for NVIDIA systems
linux-nvidia-tegra - Linux kernel for NVIDIA Tegra systems
linux-nvidia-tegra-igx - Linux kernel for NVIDIA Tegra IGX systems
linux-oracle - Linux kernel for Oracle Cloud systems
linux-realtime - Linux kernel for Real-time systems

Details

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS
implementation in the Ubuntu Linux kernel did not properly perform
permission checks in certain situations. A local attacker could possibly
use this to gain elevated privileges. (CVE-2023-2640)

Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in
the Ubuntu Linux kernel did not properly perform permission checks in
certain situations. A local attacker could possibly use this to gain
elevated privileges. (CVE-2023-32629)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

Network drivers;
NVME drivers

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

Network drivers;
NVME drivers

Update instructions

After a standard system update you need to reboot your computer to make all the necessary changes.

Learn more about how to get the fixes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release	Package Version
22.04 LTS jammy	linux-image-5.15.0-1047-nvidia-tegra-igx – 5.15.0-1047.47
	linux-image-5.15.0-1047-nvidia-tegra-igx-rt – 5.15.0-1047.47
	linux-image-5.15.0-1058-nvidia-tegra – 5.15.0-1058.58
	linux-image-5.15.0-1058-nvidia-tegra-rt – 5.15.0-1058.58
	linux-image-5.15.0-1089-gkeop – 5.15.0-1089.97
	linux-image-5.15.0-1098-intel-iot-realtime – 5.15.0-1098.100
	linux-image-5.15.0-1098-kvm – 5.15.0-1098.103
	linux-image-5.15.0-1100-ibm – 5.15.0-1100.103
	linux-image-5.15.0-1101-intel-iotg – 5.15.0-1101.107
	linux-image-5.15.0-1101-nvidia – 5.15.0-1101.102
	linux-image-5.15.0-1101-nvidia-lowlatency – 5.15.0-1101.102
	linux-image-5.15.0-1102-gke – 5.15.0-1102.108
	linux-image-5.15.0-1103-oracle – 5.15.0-1103.109
	linux-image-5.15.0-1105-realtime – 5.15.0-1105.114
	linux-image-5.15.0-1106-aws – 5.15.0-1106.113
	linux-image-5.15.0-1106-aws-64k – 5.15.0-1106.113
	linux-image-5.15.0-1106-aws-fips – 5.15.0-1106.113+fips1
	linux-image-5.15.0-1106-gcp – 5.15.0-1106.115
	linux-image-5.15.0-1106-gcp-fips – 5.15.0-1106.115+fips1
	linux-image-5.15.0-1111-azure – 5.15.0-1111.120
	linux-image-5.15.0-1111-azure-fips – 5.15.0-1111.120+fips1
	linux-image-5.15.0-177-fips – 5.15.0-177.187+fips1
	linux-image-5.15.0-177-generic – 5.15.0-177.187
	linux-image-5.15.0-177-generic-64k – 5.15.0-177.187
	linux-image-5.15.0-177-generic-lpae – 5.15.0-177.187
	linux-image-5.15.0-177-lowlatency – 5.15.0-177.187
	linux-image-5.15.0-177-lowlatency-64k – 5.15.0-177.187
	linux-image-aws-5.15 – 5.15.0.1106.109
	linux-image-aws-64k-5.15 – 5.15.0.1106.109
	linux-image-aws-64k-lts-22.04 – 5.15.0.1106.109
	linux-image-aws-fips – 5.15.0.1106.102
	linux-image-aws-fips-5.15 – 5.15.0.1106.102
	linux-image-aws-lts-22.04 – 5.15.0.1106.109
	linux-image-azure-5.15 – 5.15.0.1111.109
	linux-image-azure-fips – 5.15.0.1111.96
	linux-image-azure-fips-5.15 – 5.15.0.1111.96
	linux-image-azure-lts-22.04 – 5.15.0.1111.109
	linux-image-fips – 5.15.0.177.103
	linux-image-fips-5.15 – 5.15.0.177.103
	linux-image-gcp-5.15 – 5.15.0.1106.102
	linux-image-gcp-fips – 5.15.0.1106.96
	linux-image-gcp-fips-5.15 – 5.15.0.1106.96
	linux-image-gcp-lts-22.04 – 5.15.0.1106.102
	linux-image-generic – 5.15.0.177.162
	linux-image-generic-5.15 – 5.15.0.177.162
	linux-image-generic-64k – 5.15.0.177.162
	linux-image-generic-64k-5.15 – 5.15.0.177.162
	linux-image-generic-lpae – 5.15.0.177.162
	linux-image-generic-lpae-5.15 – 5.15.0.177.162
	linux-image-gke – 5.15.0.1102.101
	linux-image-gke-5.15 – 5.15.0.1102.101
	linux-image-gkeop – 5.15.0.1089.88
	linux-image-gkeop-5.15 – 5.15.0.1089.88
	linux-image-ibm – 5.15.0.1100.96
	linux-image-ibm-5.15 – 5.15.0.1100.96
	linux-image-intel-iot-realtime – 5.15.0.1098.102
	linux-image-intel-iot-realtime-5.15 – 5.15.0.1098.102
	linux-image-intel-iotg – 5.15.0.1101.100
	linux-image-intel-iotg-5.15 – 5.15.0.1101.100
	linux-image-kvm – 5.15.0.1098.94
	linux-image-kvm-5.15 – 5.15.0.1098.94
	linux-image-lowlatency – 5.15.0.177.149
	linux-image-lowlatency-5.15 – 5.15.0.177.149
	linux-image-lowlatency-64k – 5.15.0.177.149
linux-image-lowlatency-64k-5.15 – 5.15.0.177.149
linux-image-nvidia – 5.15.0.1101.101
linux-image-nvidia-5.15 – 5.15.0.1101.101
linux-image-nvidia-lowlatency – 5.15.0.1101.101
linux-image-nvidia-lowlatency-5.15 – 5.15.0.1101.101
linux-image-nvidia-tegra – 5.15.0.1058.58
linux-image-nvidia-tegra-5.15 – 5.15.0.1058.58
linux-image-nvidia-tegra-igx – 5.15.0.1047.49
linux-image-nvidia-tegra-igx-5.15 – 5.15.0.1047.49
linux-image-nvidia-tegra-igx-rt – 5.15.0.1047.49
linux-image-nvidia-tegra-igx-rt-5.15 – 5.15.0.1047.49
linux-image-nvidia-tegra-rt – 5.15.0.1058.58
linux-image-nvidia-tegra-rt-5.15 – 5.15.0.1058.58
linux-image-oracle-5.15 – 5.15.0.1103.99
linux-image-oracle-lts-22.04 – 5.15.0.1103.99
linux-image-realtime – 5.15.0.1105.109
linux-image-realtime-5.15 – 5.15.0.1105.109
linux-image-virtual – 5.15.0.177.162
linux-image-virtual-5.15 – 5.15.0.177.162
20.04 LTS focal	linux-image-5.15.0-1100-ibm – 5.15.0-1100.103~20.04.1
	linux-image-5.15.0-1101-intel-iotg – 5.15.0-1101.107~20.04.1
	linux-image-5.15.0-1106-aws – 5.15.0-1106.113~20.04.1
	linux-image-5.15.0-177-generic – 5.15.0-177.187~20.04.1
	linux-image-5.15.0-177-generic-64k – 5.15.0-177.187~20.04.1
	linux-image-5.15.0-177-generic-lpae – 5.15.0-177.187~20.04.1
	linux-image-5.15.0-177-lowlatency – 5.15.0-177.187~20.04.1
	linux-image-5.15.0-177-lowlatency-64k – 5.15.0-177.187~20.04.1
	linux-image-aws – 5.15.0.1106.113~20.04.1
	linux-image-aws-5.15 – 5.15.0.1106.113~20.04.1
	linux-image-generic-5.15 – 5.15.0.177.187~20.04.1
	linux-image-generic-64k-5.15 – 5.15.0.177.187~20.04.1
	linux-image-generic-64k-hwe-20.04 – 5.15.0.177.187~20.04.1
	linux-image-generic-hwe-20.04 – 5.15.0.177.187~20.04.1
	linux-image-generic-lpae-5.15 – 5.15.0.177.187~20.04.1
	linux-image-generic-lpae-hwe-20.04 – 5.15.0.177.187~20.04.1
	linux-image-ibm – 5.15.0.1100.103~20.04.1
	linux-image-ibm-5.15 – 5.15.0.1100.103~20.04.1
	linux-image-intel – 5.15.0.1101.107~20.04.1
	linux-image-intel-iotg – 5.15.0.1101.107~20.04.1
	linux-image-intel-iotg-5.15 – 5.15.0.1101.107~20.04.1
	linux-image-lowlatency-5.15 – 5.15.0.177.187~20.04.1
	linux-image-lowlatency-64k-5.15 – 5.15.0.177.187~20.04.1
	linux-image-lowlatency-64k-hwe-20.04 – 5.15.0.177.187~20.04.1
	linux-image-lowlatency-hwe-20.04 – 5.15.0.177.187~20.04.1
	linux-image-oem-20.04 – 5.15.0.177.187~20.04.1
	linux-image-oem-20.04b – 5.15.0.177.187~20.04.1
	linux-image-oem-20.04c – 5.15.0.177.187~20.04.1
	linux-image-oem-20.04d – 5.15.0.177.187~20.04.1
	linux-image-virtual-5.15 – 5.15.0.177.187~20.04.1
	linux-image-virtual-hwe-20.04 – 5.15.0.177.187~20.04.1

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

Have additional questions?

Talk to a member of the team ›