USN-8297-1

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/notices/USN-8297-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8297-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/USN-8297-1
Upstream
Related
Published
2026-05-22T20:56:35Z
Modified
2026-05-23T01:32:18.515721331Z
Summary
linux-gcp-5.15 vulnerabilities
Details

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-2640)

Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-32629)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU drivers; - HID subsystem; - Intel Trace Hub HW tracing drivers; - IIO ADC drivers; - IRQ chip drivers; - Modular ISDN driver; - LED subsystem; - UACCE accelerator framework; - Ethernet bonding driver; - Network drivers; - STMicroelectronics network drivers; - Ethernet team driver; - NVME drivers; - PHY drivers; - SLIMbus drivers; - W1 Dallas's 1-wire bus driver; - Xen hypervisor drivers; - BTRFS file system; - Ext4 file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NTFS3 file system; - SMB network file system; - NFC subsystem; - BPF subsystem; - IRQ subsystem; - Memory management; - Bluetooth subsystem; - CAN network layer; - Networking core; - IPv4 networking; - IPv6 networking; - L2TP protocol; - NET/ROM layer; - Network traffic control; - SCTP protocol; - TLS protocol; - XFRM subsystem; - Creative Sound Blaster X-Fi driver; - USB sound devices; (CVE-2023-53421, CVE-2023-53520, CVE-2023-53662, CVE-2023-54207, CVE-2025-38057, CVE-2025-38125, CVE-2025-38232, CVE-2025-38408, CVE-2025-38591, CVE-2025-40149, CVE-2025-40164, CVE-2025-68211, CVE-2025-68340, CVE-2025-68365, CVE-2025-68725, CVE-2025-68817, CVE-2025-71162, CVE-2025-71163, CVE-2025-71185, CVE-2025-71186, CVE-2025-71188, CVE-2025-71190, CVE-2025-71191, CVE-2025-71194, CVE-2025-71196, CVE-2025-71197, CVE-2025-71199, CVE-2026-22997, CVE-2026-22998, CVE-2026-22999, CVE-2026-23001, CVE-2026-23003, CVE-2026-23011, CVE-2026-23026, CVE-2026-23033, CVE-2026-23037, CVE-2026-23038, CVE-2026-23049, CVE-2026-23056, CVE-2026-23058, CVE-2026-23061, CVE-2026-23063, CVE-2026-23064, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075, CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083, CVE-2026-23084, CVE-2026-23085, CVE-2026-23087, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091, CVE-2026-23093, CVE-2026-23095, CVE-2026-23096, CVE-2026-23097, CVE-2026-23098, CVE-2026-23099, CVE-2026-23101, CVE-2026-23103, CVE-2026-23105, CVE-2026-23108, CVE-2026-23112, CVE-2026-23119, CVE-2026-23120, CVE-2026-23121, CVE-2026-23124, CVE-2026-23125, CVE-2026-23128, CVE-2026-23133, CVE-2026-23145, CVE-2026-23146, CVE-2026-23150, CVE-2026-23164, CVE-2026-23167, CVE-2026-23170, CVE-2026-23209)

References

Affected packages

Ubuntu:Pro:20.04:LTS / linux-gcp-5.15

Package

Name
linux-gcp-5.15
Purl
pkg:deb/ubuntu/linux-gcp-5.15?arch=source&distro=esm-infra%2Ffocal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.0-1106.115~20.04.1

Affected versions

5.*
5.15.0-1006.9~20.04.1
5.15.0-1012.17~20.04.1
5.15.0-1013.18~20.04.1
5.15.0-1016.21~20.04.1
5.15.0-1017.23~20.04.2
5.15.0-1018.24~20.04.1
5.15.0-1021.28~20.04.1
5.15.0-1022.29~20.04.1
5.15.0-1025.32~20.04.2
5.15.0-1026.33~20.04.1
5.15.0-1027.34~20.04.1
5.15.0-1029.36~20.04.1
5.15.0-1030.37~20.04.1
5.15.0-1031.38~20.04.1
5.15.0-1032.40~20.04.1
5.15.0-1033.41~20.04.1
5.15.0-1034.42~20.04.1
5.15.0-1035.43~20.04.1
5.15.0-1036.44~20.04.1
5.15.0-1037.45~20.04.1
5.15.0-1038.46~20.04.1
5.15.0-1039.47~20.04.1
5.15.0-1040.48~20.04.1
5.15.0-1041.49~20.04.1
5.15.0-1042.50~20.04.1
5.15.0-1044.52~20.04.1
5.15.0-1045.53~20.04.2
5.15.0-1046.54~20.04.1
5.15.0-1047.55~20.04.1
5.15.0-1048.56~20.04.1
5.15.0-1049.57~20.04.1
5.15.0-1051.59~20.04.1
5.15.0-1052.60~20.04.1
5.15.0-1053.61~20.04.1
5.15.0-1054.62~20.04.1
5.15.0-1055.63~20.04.1
5.15.0-1058.66~20.04.1
5.15.0-1059.67~20.04.1
5.15.0-1060.68~20.04.1
5.15.0-1062.70~20.04.1
5.15.0-1065.73~20.04.1
5.15.0-1066.74~20.04.1
5.15.0-1067.75~20.04.1
5.15.0-1068.76~20.04.1
5.15.0-1069.77~20.04.1
5.15.0-1070.78~20.04.1
5.15.0-1071.79~20.04.1
5.15.0-1072.80~20.04.1
5.15.0-1073.81~20.04.1
5.15.0-1074.83~20.04.1
5.15.0-1075.84~20.04.1
5.15.0-1077.86~20.04.1
5.15.0-1078.87~20.04.1
5.15.0-1081.90~20.04.1
5.15.0-1083.92~20.04.1
5.15.0-1085.94~20.04.1
5.15.0-1086.95~20.04.1
5.15.0-1087.96~20.04.2
5.15.0-1088.97~20.04.1
5.15.0-1090.99~20.04.1
5.15.0-1091.100~20.04.1
5.15.0-1092.101~20.04.1
5.15.0-1093.102~20.04.1
5.15.0-1095.104~20.04.1
5.15.0-1096.105~20.04.1
5.15.0-1097.106~20.04.1
5.15.0-1098.107~20.04.1
5.15.0-1099.108~20.04.1
5.15.0-1100.109~20.04.1
5.15.0-1101.110~20.04.1
5.15.0-1103.112~20.04.1
5.15.0-1104.113~20.04.1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "linux-buildinfo-5.15.0-1106-gcp",
            "binary_version": "5.15.0-1106.115~20.04.1"
        },
        {
            "binary_name": "linux-gcp-5.15-headers-5.15.0-1106",
            "binary_version": "5.15.0-1106.115~20.04.1"
        },
        {
            "binary_name": "linux-gcp-5.15-tools-5.15.0-1106",
            "binary_version": "5.15.0-1106.115~20.04.1"
        },
        {
            "binary_name": "linux-headers-5.15.0-1106-gcp",
            "binary_version": "5.15.0-1106.115~20.04.1"
        },
        {
            "binary_name": "linux-image-unsigned-5.15.0-1106-gcp",
            "binary_version": "5.15.0-1106.115~20.04.1"
        },
        {
            "binary_name": "linux-modules-5.15.0-1106-gcp",
            "binary_version": "5.15.0-1106.115~20.04.1"
        },
        {
            "binary_name": "linux-modules-extra-5.15.0-1106-gcp",
            "binary_version": "5.15.0-1106.115~20.04.1"
        },
        {
            "binary_name": "linux-modules-iwlwifi-5.15.0-1106-gcp",
            "binary_version": "5.15.0-1106.115~20.04.1"
        },
        {
            "binary_name": "linux-tools-5.15.0-1106-gcp",
            "binary_version": "5.15.0-1106.115~20.04.1"
        }
    ],
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"
}

Database specific

cves_map 
{
    "cves": [],
    "ecosystem": "Ubuntu:Pro:20.04:LTS"
}
source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8297-1.json"