It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer fragments. This flaw is known as Fragnesia. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-43503)
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - USB over IP driver; - Network file system (NFS) server daemon; - SMB network file system; - Tracing infrastructure; - Ethernet bridge; - Ceph Core library; - IPv4 networking; - IPv6 networking; - Netfilter; - RxRPC session sockets; - X.25 network layer; (CVE-2024-35896, CVE-2026-23455, CVE-2026-31402, CVE-2026-31607, CVE-2026-31637, CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43383, CVE-2026-43407, CVE-2026-45988, CVE-2026-46119, CVE-2026-46243)
{
"binaries": [
{
"binary_version": "3.13.0-214.265",
"binary_name": "block-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "crypto-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "fat-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "fb-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "firewire-core-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "floppy-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "fs-core-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "fs-secondary-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "input-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "ipmi-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "irda-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "kernel-image-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-buildinfo-3.13.0-214-generic"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-buildinfo-3.13.0-214-lowlatency"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-cloud-tools-3.13.0-214"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-cloud-tools-3.13.0-214-generic"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-cloud-tools-3.13.0-214-lowlatency"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-cloud-tools-common"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-headers-3.13.0-214"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-headers-3.13.0-214-generic"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-headers-3.13.0-214-lowlatency"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-image-unsigned-3.13.0-214-generic"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-image-unsigned-3.13.0-214-lowlatency"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-modules-3.13.0-214-generic"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-modules-3.13.0-214-lowlatency"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-modules-extra-3.13.0-214-generic"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-source-3.13.0"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-tools-3.13.0-214"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-tools-3.13.0-214-generic"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-tools-3.13.0-214-lowlatency"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-tools-common"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "linux-udebs-generic"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "md-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "message-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "mouse-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "multipath-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "nfs-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "nic-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "nic-pcmcia-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "nic-shared-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "nic-usb-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "parport-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "pata-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "pcmcia-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "pcmcia-storage-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "plip-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "ppp-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "sata-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "scsi-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "serial-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "speakup-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "squashfs-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "storage-core-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "usb-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "virtio-modules-3.13.0-214-generic-di"
},
{
"binary_version": "3.13.0-214.265",
"binary_name": "vlan-modules-3.13.0-214-generic-di"
}
],
"availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro"
}
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8501-1.json"
{
"cves": [
{
"id": "CVE-2024-35896",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-23455",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "high",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-31402",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "critical",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-31607",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "high",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-31637",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "critical",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-43011",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "critical",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-43037",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "critical",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-43038",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "critical",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-43383",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-43407",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "high",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-43503",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-45988",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "critical",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-46119",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "high",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-46243",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:Pro:14.04:LTS"
}