USN-8060-3

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - MMC subsystem; (CVE-2022-49267, CVE-2025-21780)

References

Affected packages

Ubuntu:Pro:FIPS-updates:22.04:LTS / linux-gcp-fips

Package

Name: linux-gcp-fips
Purl: pkg:deb/ubuntu/linux-gcp-fips@5.15.0-1101.110+fips1?arch=source&distro=fips-updates/jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.15.0-1101.110+fips1

Affected versions

5.*

5.15.0-1048.56+fips1

5.15.0-1055.63+fips2

5.15.0-1058.66+fips1

5.15.0-1059.67+fips1

5.15.0-1060.68+fips1

5.15.0-1062.70+fips1

5.15.0-1063.71+fips1

5.15.0-1064.72+fips1

5.15.0-1065.73+fips1

5.15.0-1066.74+fips1

5.15.0-1067.75+fips1

5.15.0-1068.76+fips1

5.15.0-1069.77+fips1

5.15.0-1070.78+fips1

5.15.0-1071.79+fips1

5.15.0-1072.80+fips1

5.15.0-1073.81+fips1

5.15.0-1074.83+fips1

5.15.0-1075.84+fips1

5.15.0-1077.86+fips1

5.15.0-1078.87+fips1

5.15.0-1079.88+fips1

5.15.0-1080.89+fips1

5.15.0-1081.90+fips1

5.15.0-1082.91+fips1

5.15.0-1083.92+fips1

5.15.0-1084.93+fips1

5.15.0-1085.94+fips1

5.15.0-1086.95+fips1

5.15.0-1087.96+fips1

5.15.0-1088.97+fips1

5.15.0-1090.99+fips1

5.15.0-1091.100+fips1

5.15.0-1092.101+fips1

5.15.0-1093.102+fips1

5.15.0-1095.104+fips1

5.15.0-1096.105+fips1

5.15.0-1097.106+fips1

5.15.0-1098.107+fips1

5.15.0-1099.108+fips1

5.15.0-1100.109+fips1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "linux-buildinfo-5.15.0-1101-gcp-fips",
            "binary_version": "5.15.0-1101.110+fips1"
        },
        {
            "binary_name": "linux-gcp-fips-headers-5.15.0-1101",
            "binary_version": "5.15.0-1101.110+fips1"
        },
        {
            "binary_name": "linux-gcp-fips-tools-5.15.0-1101",
            "binary_version": "5.15.0-1101.110+fips1"
        },
        {
            "binary_name": "linux-headers-5.15.0-1101-gcp-fips",
            "binary_version": "5.15.0-1101.110+fips1"
        },
        {
            "binary_name": "linux-image-unsigned-5.15.0-1101-gcp-fips",
            "binary_version": "5.15.0-1101.110+fips1"
        },
        {
            "binary_name": "linux-image-unsigned-hmac-5.15.0-1101-gcp-fips",
            "binary_version": "5.15.0-1101.110+fips1"
        },
        {
            "binary_name": "linux-modules-5.15.0-1101-gcp-fips",
            "binary_version": "5.15.0-1101.110+fips1"
        },
        {
            "binary_name": "linux-modules-extra-5.15.0-1101-gcp-fips",
            "binary_version": "5.15.0-1101.110+fips1"
        },
        {
            "binary_name": "linux-tools-5.15.0-1101-gcp-fips",
            "binary_version": "5.15.0-1101.110+fips1"
        }
    ],
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}

Database specific

cves_map

{
    "ecosystem": "Ubuntu:Pro:FIPS-updates:22.04:LTS",
    "cves": [
        {
            "severity": [
                {
                    "type": "CVSS_V3",
                    "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                },
                {
                    "type": "Ubuntu",
                    "score": "medium"
                }
            ],
            "id": "CVE-2022-49267"
        },
        {
            "severity": [
                {
                    "type": "CVSS_V3",
                    "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                },
                {
                    "type": "CVSS_V3",
                    "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                },
                {
                    "type": "Ubuntu",
                    "score": "high"
                }
            ],
            "id": "CVE-2025-21780"
        }
    ]
}

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8060-3.json"