USN-8281-2
- Source
- https://ubuntu.com/security/notices/USN-8281-2
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8281-2.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/USN-8281-2
- Upstream
- Related
- Published
- 2026-05-22T19:17:13Z
- Modified
- 2026-06-03T13:34:36.936238105Z
- Summary
- linux-azure-4.15, linux-azure-fips vulnerabilities
- Details
-
It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431)
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Packet sockets; (CVE-2026-31504, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078)
- References
Affected packages
Ubuntu:Pro:18.04:LTS / linux-azure-4.15
Package
- Name
- linux-azure-4.15
- Purl
- pkg:deb/ubuntu/linux-azure-4.15?arch=source&distro=esm-infra%2Fbionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.15.0-1201.216
Affected versions
4.*
4.15.0-1082.92
4.15.0-1083.93
4.15.0-1089.99
4.15.0-1091.101
4.15.0-1092.102
4.15.0-1093.103
4.15.0-1095.105
4.15.0-1096.106
4.15.0-1099.110
4.15.0-1100.111
4.15.0-1102.113
4.15.0-1103.114
4.15.0-1104.116
4.15.0-1106.118
4.15.0-1108.120
4.15.0-1109.121
4.15.0-1110.122
4.15.0-1111.123
4.15.0-1112.125
4.15.0-1113.126
4.15.0-1114.127
4.15.0-1115.128
4.15.0-1118.131
4.15.0-1121.134
4.15.0-1122.135
4.15.0-1123.136
4.15.0-1124.137
4.15.0-1125.138
4.15.0-1126.139
4.15.0-1127.140
4.15.0-1129.142
4.15.0-1130.143
4.15.0-1131.144
4.15.0-1133.146
4.15.0-1134.147
4.15.0-1136.149
4.15.0-1137.150
4.15.0-1138.151
4.15.0-1139.152
4.15.0-1142.156
4.15.0-1145.160
4.15.0-1146.161
4.15.0-1149.164
4.15.0-1150.165
4.15.0-1151.166
4.15.0-1153.168
4.15.0-1157.172
4.15.0-1158.173
4.15.0-1159.174
4.15.0-1161.176
4.15.0-1162.177
4.15.0-1163.178
4.15.0-1164.179
4.15.0-1165.180
4.15.0-1166.181
4.15.0-1167.182
4.15.0-1168.183
4.15.0-1169.184
4.15.0-1170.185
4.15.0-1171.186
4.15.0-1172.187
4.15.0-1173.188
4.15.0-1174.189
4.15.0-1175.190
4.15.0-1176.191
4.15.0-1177.192
4.15.0-1178.193
4.15.0-1179.194
4.15.0-1180.195
4.15.0-1181.196
4.15.0-1182.197
4.15.0-1183.198
4.15.0-1184.199
4.15.0-1185.200
4.15.0-1186.201
4.15.0-1187.202
4.15.0-1188.203
4.15.0-1189.204
4.15.0-1190.205
4.15.0-1191.206
4.15.0-1192.207
4.15.0-1193.208
4.15.0-1194.209
4.15.0-1195.210
4.15.0-1196.211
4.15.0-1197.212
4.15.0-1199.214
4.15.0-1200.215
Ecosystem specific
{
"binaries": [
{
"binary_name": "linux-azure-4.15-cloud-tools-4.15.0-1201",
"binary_version": "4.15.0-1201.216"
},
{
"binary_name": "linux-azure-4.15-headers-4.15.0-1201",
"binary_version": "4.15.0-1201.216"
},
{
"binary_name": "linux-azure-4.15-tools-4.15.0-1201",
"binary_version": "4.15.0-1201.216"
},
{
"binary_name": "linux-buildinfo-4.15.0-1201-azure",
"binary_version": "4.15.0-1201.216"
},
{
"binary_name": "linux-cloud-tools-4.15.0-1201-azure",
"binary_version": "4.15.0-1201.216"
},
{
"binary_name": "linux-headers-4.15.0-1201-azure",
"binary_version": "4.15.0-1201.216"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1201-azure",
"binary_version": "4.15.0-1201.216"
},
{
"binary_name": "linux-modules-4.15.0-1201-azure",
"binary_version": "4.15.0-1201.216"
},
{
"binary_name": "linux-modules-extra-4.15.0-1201-azure",
"binary_version": "4.15.0-1201.216"
},
{
"binary_name": "linux-tools-4.15.0-1201-azure",
"binary_version": "4.15.0-1201.216"
}
],
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"cves": [
{
"id": "CVE-2026-31431",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "high",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-31504",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-43033",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-43077",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-43078",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
]
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8281-2.json"
Ubuntu:Pro:FIPS-updates:18.04:LTS / linux-azure-fips
Package
- Name
- linux-azure-fips
- Purl
- pkg:deb/ubuntu/linux-azure-fips?arch=source&distro=fips-updates%2Fbionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.15.0-2110.116
Affected versions
4.*
4.15.0-1002.2
4.15.0-2006.7
4.15.0-2007.8
4.15.0-2008.9
4.15.0-2009.10
4.15.0-2012.14
4.15.0-2013.15
4.15.0-2015.17
4.15.0-2016.18
4.15.0-2017.20
4.15.0-2018.21
4.15.0-2020.23
4.15.0-2021.24
4.15.0-2022.25
4.15.0-2023.26
4.15.0-2024.27
4.15.0-2025.28
4.15.0-2026.29
4.15.0-2027.30
4.15.0-2030.33
4.15.0-2033.37
4.15.0-2034.38
4.15.0-2035.39
4.15.0-2036.40
4.15.0-2037.41
4.15.0-2038.42
4.15.0-2039.43
4.15.0-2041.45
4.15.0-2042.46
4.15.0-2043.47
4.15.0-2045.49
4.15.0-2046.50
4.15.0-2047.51
4.15.0-2048.52
4.15.0-2049.53
4.15.0-2050.54
4.15.0-2053.58
4.15.0-2056.62
4.15.0-2057.63
4.15.0-2059.65
4.15.0-2060.66
4.15.0-2062.68
4.15.0-2066.72
4.15.0-2067.73
4.15.0-2068.74
4.15.0-2070.76
4.15.0-2071.77
4.15.0-2072.78
4.15.0-2073.79
4.15.0-2074.80
4.15.0-2075.81
4.15.0-2076.82
4.15.0-2077.83
4.15.0-2078.84
4.15.0-2079.85
4.15.0-2080.86
4.15.0-2081.87
4.15.0-2082.88
4.15.0-2084.90
4.15.0-2085.91
4.15.0-2086.92
4.15.0-2087.93
4.15.0-2088.94
4.15.0-2089.95
4.15.0-2090.96
4.15.0-2091.97
4.15.0-2092.98
4.15.0-2093.99
4.15.0-2094.100
4.15.0-2095.101
4.15.0-2096.102
4.15.0-2097.103
4.15.0-2098.104
4.15.0-2099.105
4.15.0-2100.106
4.15.0-2101.107
4.15.0-2102.108
4.15.0-2104.110
4.15.0-2105.111
4.15.0-2106.112
4.15.0-2109.115
Ecosystem specific
{
"binaries": [
{
"binary_name": "linux-azure-fips-cloud-tools-4.15.0-2110",
"binary_version": "4.15.0-2110.116"
},
{
"binary_name": "linux-azure-fips-headers-4.15.0-2110",
"binary_version": "4.15.0-2110.116"
},
{
"binary_name": "linux-azure-fips-tools-4.15.0-2110",
"binary_version": "4.15.0-2110.116"
},
{
"binary_name": "linux-buildinfo-4.15.0-2110-azure-fips",
"binary_version": "4.15.0-2110.116"
},
{
"binary_name": "linux-cloud-tools-4.15.0-2110-azure-fips",
"binary_version": "4.15.0-2110.116"
},
{
"binary_name": "linux-headers-4.15.0-2110-azure-fips",
"binary_version": "4.15.0-2110.116"
},
{
"binary_name": "linux-image-unsigned-4.15.0-2110-azure-fips",
"binary_version": "4.15.0-2110.116"
},
{
"binary_name": "linux-image-unsigned-hmac-4.15.0-2110-azure-fips",
"binary_version": "4.15.0-2110.116"
},
{
"binary_name": "linux-modules-4.15.0-2110-azure-fips",
"binary_version": "4.15.0-2110.116"
},
{
"binary_name": "linux-modules-extra-4.15.0-2110-azure-fips",
"binary_version": "4.15.0-2110.116"
},
{
"binary_name": "linux-tools-4.15.0-2110-azure-fips",
"binary_version": "4.15.0-2110.116"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:Pro:FIPS-updates:18.04:LTS",
"cves": [
{
"id": "CVE-2026-31431",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "high",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-31504",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-43033",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-43077",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-43078",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
]
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8281-2.json"