USN-7889-3

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; (CVE-2025-21729, CVE-2025-38227, CVE-2025-38616, CVE-2025-38678)

References

Affected packages

Ubuntu:Pro:22.04:LTS:Realtime:Kernel / linux-realtime-6.8

Package

Name: linux-realtime-6.8
Purl: pkg:deb/ubuntu/linux-realtime-6.8@6.8.1-1038.39~22.04.1?arch=source&distro=realtime/jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.8.1-1038.39~22.04.1

Affected versions

6.*

6.8.1-1004.4~22.04.1

6.8.1-1005.5~22.04.2

6.8.1-1006.6~22.04.1

6.8.1-1007.7~22.04.1

6.8.1-1008.8~22.04.1

6.8.1-1009.9~22.04.1

6.8.1-1010.10~22.04.1

6.8.1-1011.11~22.04.1

6.8.1-1012.12~22.04.1

6.8.1-1013.14~22.04.1

6.8.1-1014.15~22.04.1

6.8.1-1015.16~22.04.1

6.8.1-1016.17~22.04.1

6.8.1-1017.18~22.04.1

6.8.1-1018.19~22.04.1

6.8.1-1019.20~22.04.1

6.8.1-1020.21~22.04.1

6.8.1-1021.22~22.04.1

6.8.1-1022.23~22.04.1

6.8.1-1023.24~22.04.1

6.8.1-1024.25~22.04.1

6.8.1-1025.26~22.04.1

6.8.1-1026.27~22.04.1

6.8.1-1030.31~22.04.1

6.8.1-1031.32~22.04.1

6.8.1-1034.35~22.04.1

6.8.1-1035.36~22.04.1

6.8.1-1036.37~22.04.1

6.8.1-1037.38~22.04.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "linux-buildinfo-6.8.1-1038-realtime",
            "binary_version": "6.8.1-1038.39~22.04.1"
        },
        {
            "binary_name": "linux-cloud-tools-6.8.1-1038-realtime",
            "binary_version": "6.8.1-1038.39~22.04.1"
        },
        {
            "binary_name": "linux-headers-6.8.1-1038-realtime",
            "binary_version": "6.8.1-1038.39~22.04.1"
        },
        {
            "binary_name": "linux-image-unsigned-6.8.1-1038-realtime",
            "binary_version": "6.8.1-1038.39~22.04.1"
        },
        {
            "binary_name": "linux-modules-6.8.1-1038-realtime",
            "binary_version": "6.8.1-1038.39~22.04.1"
        },
        {
            "binary_name": "linux-modules-extra-6.8.1-1038-realtime",
            "binary_version": "6.8.1-1038.39~22.04.1"
        },
        {
            "binary_name": "linux-modules-iwlwifi-6.8.1-1038-realtime",
            "binary_version": "6.8.1-1038.39~22.04.1"
        },
        {
            "binary_name": "linux-realtime-6.8-cloud-tools-6.8.1-1038",
            "binary_version": "6.8.1-1038.39~22.04.1"
        },
        {
            "binary_name": "linux-realtime-6.8-headers-6.8.1-1038",
            "binary_version": "6.8.1-1038.39~22.04.1"
        },
        {
            "binary_name": "linux-realtime-6.8-tools-6.8.1-1038",
            "binary_version": "6.8.1-1038.39~22.04.1"
        },
        {
            "binary_name": "linux-tools-6.8.1-1038-realtime",
            "binary_version": "6.8.1-1038.39~22.04.1"
        }
    ],
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}

Database specific

cves_map

{
    "ecosystem": "Ubuntu:Pro:22.04:LTS:Realtime:Kernel",
    "cves": [
        {
            "severity": [
                {
                    "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2025-21729"
        },
        {
            "severity": [
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2025-38227"
        },
        {
            "severity": [
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2025-38616"
        },
        {
            "severity": [
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2025-38678"
        }
    ]
}

Ubuntu:Pro:24.04:LTS:Realtime:Kernel / linux-realtime

Package

Name: linux-realtime
Purl: pkg:deb/ubuntu/linux-realtime@6.8.1-1038.39?arch=source&distro=realtime/noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.8.1-1038.39

Affected versions

6.*

6.8.0-1008.19

6.8.1-1001.1

6.8.1-1002.2

6.8.1-1003.3

6.8.1-1004.4

6.8.1-1005.5

6.8.1-1006.6

6.8.1-1007.7

6.8.1-1008.8

6.8.1-1009.9

6.8.1-1010.10

6.8.1-1011.11

6.8.1-1012.12

6.8.1-1013.14

6.8.1-1014.15

6.8.1-1015.16

6.8.1-1016.17

6.8.1-1017.18

6.8.1-1018.19

6.8.1-1019.20

6.8.1-1020.21

6.8.1-1021.22

6.8.1-1022.23

6.8.1-1023.24

6.8.1-1024.25

6.8.1-1025.26

6.8.1-1026.27

6.8.1-1030.31

6.8.1-1031.32

6.8.1-1033.34

6.8.1-1034.35

6.8.1-1035.36

6.8.1-1036.37

6.8.1-1037.38

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "linux-buildinfo-6.8.1-1038-realtime",
            "binary_version": "6.8.1-1038.39"
        },
        {
            "binary_name": "linux-cloud-tools-6.8.1-1038-realtime",
            "binary_version": "6.8.1-1038.39"
        },
        {
            "binary_name": "linux-headers-6.8.1-1038-realtime",
            "binary_version": "6.8.1-1038.39"
        },
        {
            "binary_name": "linux-image-unsigned-6.8.1-1038-realtime",
            "binary_version": "6.8.1-1038.39"
        },
        {
            "binary_name": "linux-modules-6.8.1-1038-realtime",
            "binary_version": "6.8.1-1038.39"
        },
        {
            "binary_name": "linux-modules-extra-6.8.1-1038-realtime",
            "binary_version": "6.8.1-1038.39"
        },
        {
            "binary_name": "linux-modules-iwlwifi-6.8.1-1038-realtime",
            "binary_version": "6.8.1-1038.39"
        },
        {
            "binary_name": "linux-realtime-cloud-tools-6.8.1-1038",
            "binary_version": "6.8.1-1038.39"
        },
        {
            "binary_name": "linux-realtime-headers-6.8.1-1038",
            "binary_version": "6.8.1-1038.39"
        },
        {
            "binary_name": "linux-realtime-tools-6.8.1-1038",
            "binary_version": "6.8.1-1038.39"
        },
        {
            "binary_name": "linux-tools-6.8.1-1038-realtime",
            "binary_version": "6.8.1-1038.39"
        }
    ],
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}

Database specific

cves_map

{
    "ecosystem": "Ubuntu:Pro:24.04:LTS:Realtime:Kernel",
    "cves": [
        {
            "severity": [
                {
                    "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2025-21729"
        },
        {
            "severity": [
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2025-38227"
        },
        {
            "severity": [
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2025-38616"
        },
        {
            "severity": [
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2025-38678"
        }
    ]
}