USN-7937-1
- Source
- https://ubuntu.com/security/notices/USN-7937-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7937-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/USN-7937-1
- Upstream
- Related
- Published
- 2025-12-16T00:21:35.561084Z
- Modified
- 2025-12-18T23:30:01.235024Z
- Summary
- linux-azure-fips vulnerabilities
- Details
-
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this to expose sensitive information from the host OS. (CVE-2025-40300)
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - DMA engine subsystem; - GPU drivers; - HSI subsystem; - Hardware monitoring drivers; - InfiniBand drivers; - Mailbox framework; - Network drivers; - Ethernet team driver; - AFS file system; - Ceph distributed file system; - Ext4 file system; - Network file system (NFS) server daemon; - NILFS2 file system; - File systems infrastructure; - KVM subsystem; - L3 Master device support module; - Timer subsystem; - Tracing infrastructure; - Memory management; - Appletalk network protocol; - DCCP (Datagram Congestion Control Protocol); - IPv6 networking; - Netfilter; - NET/ROM layer; - Open vSwitch; - SCTP protocol; - USB sound devices; (CVE-2021-47385, CVE-2022-49026, CVE-2022-49390, CVE-2023-52574, CVE-2023-52650, CVE-2024-41006, CVE-2024-49935, CVE-2024-49963, CVE-2024-50006, CVE-2024-50067, CVE-2024-50095, CVE-2024-50179, CVE-2024-50299, CVE-2024-53090, CVE-2024-53112, CVE-2024-53124, CVE-2024-53150, CVE-2024-53217, CVE-2024-56767, CVE-2024-58083, CVE-2025-21715, CVE-2025-21722, CVE-2025-21761, CVE-2025-21791, CVE-2025-21811, CVE-2025-21855, CVE-2025-37838, CVE-2025-37958, CVE-2025-38352, CVE-2025-38666, CVE-2025-39964, CVE-2025-40018)
- References
-
- https://ubuntu.com/security/notices/USN-7937-1
- https://ubuntu.com/security/CVE-2021-47385
- https://ubuntu.com/security/CVE-2022-49026
- https://ubuntu.com/security/CVE-2022-49390
- https://ubuntu.com/security/CVE-2023-52574
- https://ubuntu.com/security/CVE-2023-52650
- https://ubuntu.com/security/CVE-2024-41006
- https://ubuntu.com/security/CVE-2024-49935
- https://ubuntu.com/security/CVE-2024-49963
- https://ubuntu.com/security/CVE-2024-50006
- https://ubuntu.com/security/CVE-2024-50067
- https://ubuntu.com/security/CVE-2024-50095
- https://ubuntu.com/security/CVE-2024-50179
- https://ubuntu.com/security/CVE-2024-50299
- https://ubuntu.com/security/CVE-2024-53090
- https://ubuntu.com/security/CVE-2024-53112
- https://ubuntu.com/security/CVE-2024-53124
- https://ubuntu.com/security/CVE-2024-53150
- https://ubuntu.com/security/CVE-2024-53217
- https://ubuntu.com/security/CVE-2024-56767
- https://ubuntu.com/security/CVE-2024-58083
- https://ubuntu.com/security/CVE-2025-21715
- https://ubuntu.com/security/CVE-2025-21722
- https://ubuntu.com/security/CVE-2025-21761
- https://ubuntu.com/security/CVE-2025-21791
- https://ubuntu.com/security/CVE-2025-21811
- https://ubuntu.com/security/CVE-2025-21855
- https://ubuntu.com/security/CVE-2025-37838
- https://ubuntu.com/security/CVE-2025-37958
- https://ubuntu.com/security/CVE-2025-38352
- https://ubuntu.com/security/CVE-2025-38666
- https://ubuntu.com/security/CVE-2025-39964
- https://ubuntu.com/security/CVE-2025-40018
- https://ubuntu.com/security/CVE-2025-40300
Affected packages
Ubuntu:Pro:FIPS-updates:18.04:LTS / linux-azure-fips
Package
- Name
- linux-azure-fips
- Purl
- pkg:deb/ubuntu/linux-azure-fips@4.15.0-2104.110?arch=source&distro=fips-updates/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.15.0-2104.110
Affected versions
4.*
4.15.0-1002.2
4.15.0-2006.7
4.15.0-2007.8
4.15.0-2008.9
4.15.0-2009.10
4.15.0-2012.14
4.15.0-2013.15
4.15.0-2015.17
4.15.0-2016.18
4.15.0-2017.20
4.15.0-2018.21
4.15.0-2020.23
4.15.0-2021.24
4.15.0-2022.25
4.15.0-2023.26
4.15.0-2024.27
4.15.0-2025.28
4.15.0-2026.29
4.15.0-2027.30
4.15.0-2030.33
4.15.0-2033.37
4.15.0-2034.38
4.15.0-2035.39
4.15.0-2036.40
4.15.0-2037.41
4.15.0-2038.42
4.15.0-2039.43
4.15.0-2041.45
4.15.0-2042.46
4.15.0-2043.47
4.15.0-2045.49
4.15.0-2046.50
4.15.0-2047.51
4.15.0-2048.52
4.15.0-2049.53
4.15.0-2050.54
4.15.0-2053.58
4.15.0-2056.62
4.15.0-2057.63
4.15.0-2059.65
4.15.0-2060.66
4.15.0-2062.68
4.15.0-2066.72
4.15.0-2067.73
4.15.0-2068.74
4.15.0-2070.76
4.15.0-2071.77
4.15.0-2072.78
4.15.0-2073.79
4.15.0-2074.80
4.15.0-2075.81
4.15.0-2076.82
4.15.0-2077.83
4.15.0-2078.84
4.15.0-2079.85
4.15.0-2080.86
4.15.0-2081.87
4.15.0-2082.88
4.15.0-2084.90
4.15.0-2085.91
4.15.0-2086.92
4.15.0-2087.93
4.15.0-2088.94
4.15.0-2089.95
4.15.0-2090.96
4.15.0-2091.97
4.15.0-2092.98
4.15.0-2093.99
4.15.0-2094.100
4.15.0-2095.101
4.15.0-2096.102
4.15.0-2097.103
4.15.0-2098.104
4.15.0-2099.105
4.15.0-2100.106
4.15.0-2101.107
4.15.0-2102.108
Ecosystem specific
{
"binaries": [
{
"binary_version": "4.15.0-2104.110",
"binary_name": "linux-azure-fips-cloud-tools-4.15.0-2104"
},
{
"binary_version": "4.15.0-2104.110",
"binary_name": "linux-azure-fips-headers-4.15.0-2104"
},
{
"binary_version": "4.15.0-2104.110",
"binary_name": "linux-azure-fips-tools-4.15.0-2104"
},
{
"binary_version": "4.15.0-2104.110",
"binary_name": "linux-buildinfo-4.15.0-2104-azure-fips"
},
{
"binary_version": "4.15.0-2104.110",
"binary_name": "linux-cloud-tools-4.15.0-2104-azure-fips"
},
{
"binary_version": "4.15.0-2104.110",
"binary_name": "linux-headers-4.15.0-2104-azure-fips"
},
{
"binary_version": "4.15.0-2104.110",
"binary_name": "linux-image-unsigned-4.15.0-2104-azure-fips"
},
{
"binary_version": "4.15.0-2104.110",
"binary_name": "linux-image-unsigned-hmac-4.15.0-2104-azure-fips"
},
{
"binary_version": "4.15.0-2104.110",
"binary_name": "linux-modules-4.15.0-2104-azure-fips"
},
{
"binary_version": "4.15.0-2104.110",
"binary_name": "linux-modules-extra-4.15.0-2104-azure-fips"
},
{
"binary_version": "4.15.0-2104.110",
"binary_name": "linux-tools-4.15.0-2104-azure-fips"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}
Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7937-1.json"
cves_map
{
"cves": [
{
"id": "CVE-2021-47385",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2022-49026",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2022-49390",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2023-52574",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2023-52650",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-41006",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-49935",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-49963",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-50006",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-50067",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-50095",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-50179",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-50299",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2024-53090",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-53112",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-53124",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-53150",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2024-53217",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2024-56767",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-58083",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2025-21715",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2025-21722",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-21761",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2025-21791",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2025-21811",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-21855",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-37838",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-37958",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-38352",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2025-38666",
"severity": [
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2025-39964",
"severity": [
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-40018",
"severity": [
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-40300",
"severity": [
{
"type": "Ubuntu",
"score": "high"
}
]
}
],
"ecosystem": "Ubuntu:Pro:FIPS-updates:18.04:LTS"
}