USN-7853-2
- Source
- https://ubuntu.com/security/notices/USN-7853-2
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7853-2.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/USN-7853-2
- Upstream
- Related
- Published
- 2025-10-30T20:03:59.992129Z
- Modified
- 2025-10-31T10:02:44.863675Z
- Summary
- linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
- Details
-
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this to expose sensitive information from the host OS. (CVE-2025-40300)
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - DMA engine subsystem; - GPU drivers; - HSI subsystem; - Ethernet team driver; - Ext4 file system; - Timer subsystem; - DCCP (Datagram Congestion Control Protocol); - IPv6 networking; - NET/ROM layer; - SCTP protocol; - USB sound devices; (CVE-2023-52574, CVE-2023-52650, CVE-2024-41006, CVE-2024-50006, CVE-2024-50299, CVE-2024-53124, CVE-2024-53150, CVE-2024-56767, CVE-2025-37838, CVE-2025-38352)
- References
-
- https://ubuntu.com/security/notices/USN-7853-2
- https://ubuntu.com/security/CVE-2023-52574
- https://ubuntu.com/security/CVE-2023-52650
- https://ubuntu.com/security/CVE-2024-41006
- https://ubuntu.com/security/CVE-2024-50006
- https://ubuntu.com/security/CVE-2024-50299
- https://ubuntu.com/security/CVE-2024-53124
- https://ubuntu.com/security/CVE-2024-53150
- https://ubuntu.com/security/CVE-2024-56767
- https://ubuntu.com/security/CVE-2025-37838
- https://ubuntu.com/security/CVE-2025-38352
- https://ubuntu.com/security/CVE-2025-40300
Affected packages
Ubuntu:Pro:FIPS-updates:18.04:LTS / linux-aws-fips
Package
- Name
- linux-aws-fips
- Purl
- pkg:deb/ubuntu/linux-aws-fips@4.15.0-2124.130?arch=source&distro=fips-updates/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.15.0-2124.130
Affected versions
4.*
4.15.0-2000.4
4.15.0-2018.18
4.15.0-2021.21
4.15.0-2022.22
4.15.0-2024.24
4.15.0-2025.25
4.15.0-2026.26
4.15.0-2027.27
4.15.0-2030.31
4.15.0-2031.32
4.15.0-2033.34
4.15.0-2034.35
4.15.0-2035.37
4.15.0-2036.38
4.15.0-2037.39
4.15.0-2038.40
4.15.0-2039.41
4.15.0-2040.42
4.15.0-2041.43
4.15.0-2042.44
4.15.0-2044.46
4.15.0-2045.47
4.15.0-2048.50
4.15.0-2051.53
4.15.0-2052.54
4.15.0-2053.55
4.15.0-2054.56
4.15.0-2055.57
4.15.0-2056.58
4.15.0-2057.59
4.15.0-2059.61
4.15.0-2060.62
4.15.0-2061.63
4.15.0-2063.66
4.15.0-2064.67
4.15.0-2065.68
4.15.0-2066.69
4.15.0-2067.70
4.15.0-2069.72
4.15.0-2072.76
4.15.0-2075.80
4.15.0-2076.81
4.15.0-2078.83
4.15.0-2079.84
4.15.0-2080.85
4.15.0-2081.87
4.15.0-2082.88
4.15.0-2083.89
4.15.0-2085.91
4.15.0-2087.93
4.15.0-2089.95
4.15.0-2090.96
4.15.0-2092.98
4.15.0-2093.99
4.15.0-2094.100
4.15.0-2095.101
4.15.0-2096.102
4.15.0-2097.103
4.15.0-2098.104
4.15.0-2099.105
4.15.0-2100.106
4.15.0-2101.107
4.15.0-2102.108
4.15.0-2103.109
4.15.0-2104.110
4.15.0-2105.111
4.15.0-2106.112
4.15.0-2107.113
4.15.0-2108.114
4.15.0-2109.115
4.15.0-2110.116
4.15.0-2111.117
4.15.0-2112.118
4.15.0-2113.119
4.15.0-2114.120
4.15.0-2115.121
4.15.0-2116.122
4.15.0-2117.123
4.15.0-2118.124
4.15.0-2119.125
4.15.0-2120.126
4.15.0-2121.127
4.15.0-2122.128
4.15.0-2123.129
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "linux-aws-fips-headers-4.15.0-2124",
"binary_version": "4.15.0-2124.130"
},
{
"binary_name": "linux-aws-fips-tools-4.15.0-2124",
"binary_version": "4.15.0-2124.130"
},
{
"binary_name": "linux-buildinfo-4.15.0-2124-aws-fips",
"binary_version": "4.15.0-2124.130"
},
{
"binary_name": "linux-headers-4.15.0-2124-aws-fips",
"binary_version": "4.15.0-2124.130"
},
{
"binary_name": "linux-image-unsigned-4.15.0-2124-aws-fips",
"binary_version": "4.15.0-2124.130"
},
{
"binary_name": "linux-image-unsigned-hmac-4.15.0-2124-aws-fips",
"binary_version": "4.15.0-2124.130"
},
{
"binary_name": "linux-modules-4.15.0-2124-aws-fips",
"binary_version": "4.15.0-2124.130"
},
{
"binary_name": "linux-modules-extra-4.15.0-2124-aws-fips",
"binary_version": "4.15.0-2124.130"
},
{
"binary_name": "linux-tools-4.15.0-2124-aws-fips",
"binary_version": "4.15.0-2124.130"
}
]
}
Database specific
cves_map
{
"cves": [
{
"id": "CVE-2023-52574",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2023-52650",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-41006",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-50006",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-50299",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2024-53124",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-53150",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2024-56767",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-37838",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-38352",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2025-40300",
"severity": [
{
"type": "Ubuntu",
"score": "high"
}
]
}
],
"ecosystem": "Ubuntu:Pro:FIPS-updates:18.04:LTS"
}
Ubuntu:Pro:FIPS-updates:18.04:LTS / linux-fips
Package
- Name
- linux-fips
- Purl
- pkg:deb/ubuntu/linux-fips@4.15.0-1141.153?arch=source&distro=fips-updates/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.15.0-1141.153
Affected versions
4.*
4.15.0-1027.32
4.15.0-1029.34
4.15.0-1034.39
4.15.0-1035.40
4.15.0-1037.42
4.15.0-1038.43
4.15.0-1039.44
4.15.0-1040.45
4.15.0-1041.46
4.15.0-1044.50
4.15.0-1045.52
4.15.0-1046.53
4.15.0-1048.55
4.15.0-1049.56
4.15.0-1050.58
4.15.0-1051.59
4.15.0-1052.60
4.15.0-1053.61
4.15.0-1054.62
4.15.0-1055.63
4.15.0-1056.64
4.15.0-1057.65
4.15.0-1058.66
4.15.0-1059.67
4.15.0-1060.68
4.15.0-1063.71
4.15.0-1066.75
4.15.0-1067.76
4.15.0-1068.77
4.15.0-1069.78
4.15.0-1070.79
4.15.0-1071.80
4.15.0-1072.81
4.15.0-1073.82
4.15.0-1075.84
4.15.0-1076.85
4.15.0-1078.87
4.15.0-1080.89
4.15.0-1081.90
4.15.0-1083.92
4.15.0-1084.93
4.15.0-1085.94
4.15.0-1087.96
4.15.0-1090.100
4.15.0-1093.104
4.15.0-1094.105
4.15.0-1096.107
4.15.0-1097.108
4.15.0-1098.109
4.15.0-1099.110
4.15.0-1100.111
4.15.0-1103.114
4.15.0-1104.115
4.15.0-1105.116
4.15.0-1107.118
4.15.0-1108.119
4.15.0-1109.120
4.15.0-1110.121
4.15.0-1111.122
4.15.0-1112.123
4.15.0-1113.124
4.15.0-1114.125
4.15.0-1115.126
4.15.0-1116.127
4.15.0-1117.128
4.15.0-1118.129
4.15.0-1119.130
4.15.0-1121.132
4.15.0-1122.133
4.15.0-1123.134
4.15.0-1124.135
4.15.0-1125.136
4.15.0-1126.137
4.15.0-1127.138
4.15.0-1128.139
4.15.0-1129.140
4.15.0-1130.141
4.15.0-1131.142
4.15.0-1132.143
4.15.0-1133.144
4.15.0-1134.145
4.15.0-1135.146
4.15.0-1136.147
4.15.0-1137.148
4.15.0-1138.149
4.15.0-1139.150
4.15.0-1140.151
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "linux-buildinfo-4.15.0-1141-fips",
"binary_version": "4.15.0-1141.153"
},
{
"binary_name": "linux-fips-headers-4.15.0-1141",
"binary_version": "4.15.0-1141.153"
},
{
"binary_name": "linux-fips-tools-4.15.0-1141",
"binary_version": "4.15.0-1141.153"
},
{
"binary_name": "linux-fips-tools-host",
"binary_version": "4.15.0-1141.153"
},
{
"binary_name": "linux-headers-4.15.0-1141-fips",
"binary_version": "4.15.0-1141.153"
},
{
"binary_name": "linux-image-4.15.0-1141-fips",
"binary_version": "4.15.0-1141.153"
},
{
"binary_name": "linux-image-hmac-4.15.0-1141-fips",
"binary_version": "4.15.0-1141.153"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1141-fips",
"binary_version": "4.15.0-1141.153"
},
{
"binary_name": "linux-image-unsigned-hmac-4.15.0-1141-fips",
"binary_version": "4.15.0-1141.153"
},
{
"binary_name": "linux-modules-4.15.0-1141-fips",
"binary_version": "4.15.0-1141.153"
},
{
"binary_name": "linux-modules-extra-4.15.0-1141-fips",
"binary_version": "4.15.0-1141.153"
},
{
"binary_name": "linux-tools-4.15.0-1141-fips",
"binary_version": "4.15.0-1141.153"
}
]
}
Database specific
cves_map
{
"cves": [
{
"id": "CVE-2023-52574",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2023-52650",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-41006",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-50006",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-50299",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2024-53124",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-53150",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2024-56767",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-37838",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-38352",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2025-40300",
"severity": [
{
"type": "Ubuntu",
"score": "high"
}
]
}
],
"ecosystem": "Ubuntu:Pro:FIPS-updates:18.04:LTS"
}
Ubuntu:Pro:FIPS-updates:18.04:LTS / linux-gcp-fips
Package
- Name
- linux-gcp-fips
- Purl
- pkg:deb/ubuntu/linux-gcp-fips@4.15.0-2087.93?arch=source&distro=fips-updates/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.15.0-2087.93
Affected versions
4.*
4.15.0-2013.14
4.15.0-2016.18
4.15.0-2017.19
4.15.0-2018.20
4.15.0-2019.21
4.15.0-2020.22
4.15.0-2021.23
4.15.0-2022.24
4.15.0-2024.26
4.15.0-2025.27
4.15.0-2026.28
4.15.0-2028.31
4.15.0-2029.32
4.15.0-2030.33
4.15.0-2031.34
4.15.0-2032.35
4.15.0-2034.37
4.15.0-2037.41
4.15.0-2040.45
4.15.0-2041.46
4.15.0-2043.48
4.15.0-2044.49
4.15.0-2045.50
4.15.0-2047.52
4.15.0-2050.55
4.15.0-2052.57
4.15.0-2054.59
4.15.0-2055.60
4.15.0-2056.61
4.15.0-2057.62
4.15.0-2058.63
4.15.0-2059.64
4.15.0-2060.65
4.15.0-2061.66
4.15.0-2062.67
4.15.0-2063.68
4.15.0-2064.69
4.15.0-2065.70
4.15.0-2066.71
4.15.0-2067.72
4.15.0-2068.73
4.15.0-2069.74
4.15.0-2070.75
4.15.0-2071.76
4.15.0-2072.77
4.15.0-2073.78
4.15.0-2074.79
4.15.0-2075.80
4.15.0-2076.81
4.15.0-2077.83
4.15.0-2078.84
4.15.0-2079.85
4.15.0-2080.86
4.15.0-2081.87
4.15.0-2082.88
4.15.0-2083.89
4.15.0-2084.90
4.15.0-2085.91
4.15.0-2086.92
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "linux-buildinfo-4.15.0-2087-gcp-fips",
"binary_version": "4.15.0-2087.93"
},
{
"binary_name": "linux-gcp-fips-headers-4.15.0-2087",
"binary_version": "4.15.0-2087.93"
},
{
"binary_name": "linux-gcp-fips-tools-4.15.0-2087",
"binary_version": "4.15.0-2087.93"
},
{
"binary_name": "linux-headers-4.15.0-2087-gcp-fips",
"binary_version": "4.15.0-2087.93"
},
{
"binary_name": "linux-image-unsigned-4.15.0-2087-gcp-fips",
"binary_version": "4.15.0-2087.93"
},
{
"binary_name": "linux-image-unsigned-hmac-4.15.0-2087-gcp-fips",
"binary_version": "4.15.0-2087.93"
},
{
"binary_name": "linux-modules-4.15.0-2087-gcp-fips",
"binary_version": "4.15.0-2087.93"
},
{
"binary_name": "linux-modules-extra-4.15.0-2087-gcp-fips",
"binary_version": "4.15.0-2087.93"
},
{
"binary_name": "linux-tools-4.15.0-2087-gcp-fips",
"binary_version": "4.15.0-2087.93"
}
]
}
Database specific
cves_map
{
"cves": [
{
"id": "CVE-2023-52574",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2023-52650",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-41006",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-50006",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-50299",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2024-53124",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-53150",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2024-56767",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-37838",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-38352",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2025-40300",
"severity": [
{
"type": "Ubuntu",
"score": "high"
}
]
}
],
"ecosystem": "Ubuntu:Pro:FIPS-updates:18.04:LTS"
}