{"id":"USN-7428-2","summary":"linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips vulnerabilities","details":"Demi Marie Obenour and Simon Gaiser discovered that several Xen para-\nvirtualization device frontends did not properly restrict the access rights\nof device backends. An attacker could possibly use a malicious Xen backend\nto gain access to memory pages of a guest VM or cause a denial of service\nin the guest. (CVE-2022-23041)\n\nSeveral security issues were discovered in the Linux kernel.\nAn attacker could possibly use these to compromise the system.\nThis update corrects flaws in the following subsystems:\n  - HID subsystem;\n  - Network drivers;\n  - Mellanox network drivers;\n  - SCSI subsystem;\n  - SuperH / SH-Mobile drivers;\n  - File systems infrastructure;\n  - Ext4 file system;\n  - JFS file system;\n  - IP tunnels definitions;\n  - Network namespace;\n  - BPF subsystem;\n  - Networking core;\n  - HSR network protocol;\n  - IPv4 networking;\n  - IPv6 networking;\n  - Network traffic control;\n(CVE-2024-56615, CVE-2024-56600, CVE-2025-21700, CVE-2024-56658,\nCVE-2024-35960, CVE-2024-50265, CVE-2025-21702, CVE-2024-53227,\nCVE-2024-53165, CVE-2024-50167, CVE-2024-26863, CVE-2024-35973,\nCVE-2024-46826, CVE-2021-47119, CVE-2024-50302, CVE-2024-49952,\nCVE-2021-47101, CVE-2024-49948, CVE-2024-56595)\n","modified":"2026-04-27T17:53:09.884227Z","published":"2025-04-09T18:02:18Z","related":["UBUNTU-CVE-2021-47101","UBUNTU-CVE-2021-47119","UBUNTU-CVE-2022-23041","UBUNTU-CVE-2024-26863","UBUNTU-CVE-2024-35960","UBUNTU-CVE-2024-35973","UBUNTU-CVE-2024-46826","UBUNTU-CVE-2024-49948","UBUNTU-CVE-2024-49952","UBUNTU-CVE-2024-50167","UBUNTU-CVE-2024-50265","UBUNTU-CVE-2024-50302","UBUNTU-CVE-2024-53165","UBUNTU-CVE-2024-53227","UBUNTU-CVE-2024-56595","UBUNTU-CVE-2024-56600","UBUNTU-CVE-2024-56615","UBUNTU-CVE-2024-56658","UBUNTU-CVE-2025-21700","UBUNTU-CVE-2025-21702"],"upstream":["CVE-2021-47101","CVE-2021-47119","CVE-2022-23041","CVE-2024-26863","CVE-2024-35960","CVE-2024-35973","CVE-2024-46826","CVE-2024-49948","CVE-2024-49952","CVE-2024-50167","CVE-2024-50265","CVE-2024-50302","CVE-2024-53165","CVE-2024-53227","CVE-2024-56595","CVE-2024-56600","CVE-2024-56615","CVE-2024-56658","CVE-2025-21700","CVE-2025-21702","UBUNTU-CVE-2021-47101","UBUNTU-CVE-2021-47119","UBUNTU-CVE-2022-23041","UBUNTU-CVE-2024-26863","UBUNTU-CVE-2024-35960","UBUNTU-CVE-2024-35973","UBUNTU-CVE-2024-46826","UBUNTU-CVE-2024-49948","UBUNTU-CVE-2024-49952","UBUNTU-CVE-2024-50167","UBUNTU-CVE-2024-50265","UBUNTU-CVE-2024-50302","UBUNTU-CVE-2024-53165","UBUNTU-CVE-2024-53227","UBUNTU-CVE-2024-56595","UBUNTU-CVE-2024-56600","UBUNTU-CVE-2024-56615","UBUNTU-CVE-2024-56658","UBUNTU-CVE-2025-21700","UBUNTU-CVE-2025-21702"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7428-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-47101"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-47119"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-23041"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26863"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-35960"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-35973"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-46826"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-49948"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-49952"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-50167"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-50265"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-50302"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-53165"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-53227"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-56595"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-56600"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-56615"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-56658"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-21700"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-21702"}],"affected":[{"package":{"name":"linux-aws-fips","ecosystem":"Ubuntu:Pro:FIPS-updates:18.04:LTS","purl":"pkg:deb/ubuntu/linux-aws-fips@4.15.0-2117.123?arch=source&distro=fips-updates/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-2117.123"}]}],"versions":["4.15.0-2000.4","4.15.0-2018.18","4.15.0-2021.21","4.15.0-2022.22","4.15.0-2024.24","4.15.0-2025.25","4.15.0-2026.26","4.15.0-2027.27","4.15.0-2030.31","4.15.0-2031.32","4.15.0-2033.34","4.15.0-2034.35","4.15.0-2035.37","4.15.0-2036.38","4.15.0-2037.39","4.15.0-2038.40","4.15.0-2039.41","4.15.0-2040.42","4.15.0-2041.43","4.15.0-2042.44","4.15.0-2044.46","4.15.0-2045.47","4.15.0-2048.50","4.15.0-2051.53","4.15.0-2052.54","4.15.0-2053.55","4.15.0-2054.56","4.15.0-2055.57","4.15.0-2056.58","4.15.0-2057.59","4.15.0-2059.61","4.15.0-2060.62","4.15.0-2061.63","4.15.0-2063.66","4.15.0-2064.67","4.15.0-2065.68","4.15.0-2066.69","4.15.0-2067.70","4.15.0-2069.72","4.15.0-2072.76","4.15.0-2075.80","4.15.0-2076.81","4.15.0-2078.83","4.15.0-2079.84","4.15.0-2080.85","4.15.0-2081.87","4.15.0-2082.88","4.15.0-2083.89","4.15.0-2085.91","4.15.0-2087.93","4.15.0-2089.95","4.15.0-2090.96","4.15.0-2092.98","4.15.0-2093.99","4.15.0-2094.100","4.15.0-2095.101","4.15.0-2096.102","4.15.0-2097.103","4.15.0-2098.104","4.15.0-2099.105","4.15.0-2100.106","4.15.0-2101.107","4.15.0-2102.108","4.15.0-2103.109","4.15.0-2104.110","4.15.0-2105.111","4.15.0-2106.112","4.15.0-2107.113","4.15.0-2108.114","4.15.0-2109.115","4.15.0-2110.116","4.15.0-2111.117","4.15.0-2112.118","4.15.0-2113.119","4.15.0-2114.120","4.15.0-2115.121","4.15.0-2116.122"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_name":"linux-aws-fips-headers-4.15.0-2117","binary_version":"4.15.0-2117.123"},{"binary_name":"linux-aws-fips-tools-4.15.0-2117","binary_version":"4.15.0-2117.123"},{"binary_name":"linux-buildinfo-4.15.0-2117-aws-fips","binary_version":"4.15.0-2117.123"},{"binary_name":"linux-headers-4.15.0-2117-aws-fips","binary_version":"4.15.0-2117.123"},{"binary_name":"linux-image-unsigned-4.15.0-2117-aws-fips","binary_version":"4.15.0-2117.123"},{"binary_name":"linux-image-unsigned-hmac-4.15.0-2117-aws-fips","binary_version":"4.15.0-2117.123"},{"binary_name":"linux-modules-4.15.0-2117-aws-fips","binary_version":"4.15.0-2117.123"},{"binary_name":"linux-modules-extra-4.15.0-2117-aws-fips","binary_version":"4.15.0-2117.123"},{"binary_name":"linux-tools-4.15.0-2117-aws-fips","binary_version":"4.15.0-2117.123"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7428-2.json","cves_map":{"cves":[{"id":"CVE-2021-47101","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2021-47119","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-23041","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-26863","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-35960","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-35973","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-46826","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2024-49948","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-49952","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-50167","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-50265","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-50302","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2024-53165","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-53227","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-56595","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2024-56600","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-56615","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-56658","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2025-21700","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2025-21702","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}],"ecosystem":"Ubuntu:Pro:FIPS-updates:18.04:LTS"}}},{"package":{"name":"linux-azure-fips","ecosystem":"Ubuntu:Pro:FIPS-updates:18.04:LTS","purl":"pkg:deb/ubuntu/linux-azure-fips@4.15.0-2096.102?arch=source&distro=fips-updates/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-2096.102"}]}],"versions":["4.15.0-1002.2","4.15.0-2006.7","4.15.0-2007.8","4.15.0-2008.9","4.15.0-2009.10","4.15.0-2012.14","4.15.0-2013.15","4.15.0-2015.17","4.15.0-2016.18","4.15.0-2017.20","4.15.0-2018.21","4.15.0-2020.23","4.15.0-2021.24","4.15.0-2022.25","4.15.0-2023.26","4.15.0-2024.27","4.15.0-2025.28","4.15.0-2026.29","4.15.0-2027.30","4.15.0-2030.33","4.15.0-2033.37","4.15.0-2034.38","4.15.0-2035.39","4.15.0-2036.40","4.15.0-2037.41","4.15.0-2038.42","4.15.0-2039.43","4.15.0-2041.45","4.15.0-2042.46","4.15.0-2043.47","4.15.0-2045.49","4.15.0-2046.50","4.15.0-2047.51","4.15.0-2048.52","4.15.0-2049.53","4.15.0-2050.54","4.15.0-2053.58","4.15.0-2056.62","4.15.0-2057.63","4.15.0-2059.65","4.15.0-2060.66","4.15.0-2062.68","4.15.0-2066.72","4.15.0-2067.73","4.15.0-2068.74","4.15.0-2070.76","4.15.0-2071.77","4.15.0-2072.78","4.15.0-2073.79","4.15.0-2074.80","4.15.0-2075.81","4.15.0-2076.82","4.15.0-2077.83","4.15.0-2078.84","4.15.0-2079.85","4.15.0-2080.86","4.15.0-2081.87","4.15.0-2082.88","4.15.0-2084.90","4.15.0-2085.91","4.15.0-2086.92","4.15.0-2087.93","4.15.0-2088.94","4.15.0-2089.95","4.15.0-2090.96","4.15.0-2091.97","4.15.0-2092.98","4.15.0-2093.99","4.15.0-2094.100","4.15.0-2095.101"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_name":"linux-azure-fips-cloud-tools-4.15.0-2096","binary_version":"4.15.0-2096.102"},{"binary_name":"linux-azure-fips-headers-4.15.0-2096","binary_version":"4.15.0-2096.102"},{"binary_name":"linux-azure-fips-tools-4.15.0-2096","binary_version":"4.15.0-2096.102"},{"binary_name":"linux-buildinfo-4.15.0-2096-azure-fips","binary_version":"4.15.0-2096.102"},{"binary_name":"linux-cloud-tools-4.15.0-2096-azure-fips","binary_version":"4.15.0-2096.102"},{"binary_name":"linux-headers-4.15.0-2096-azure-fips","binary_version":"4.15.0-2096.102"},{"binary_name":"linux-image-unsigned-4.15.0-2096-azure-fips","binary_version":"4.15.0-2096.102"},{"binary_name":"linux-image-unsigned-hmac-4.15.0-2096-azure-fips","binary_version":"4.15.0-2096.102"},{"binary_name":"linux-modules-4.15.0-2096-azure-fips","binary_version":"4.15.0-2096.102"},{"binary_name":"linux-modules-extra-4.15.0-2096-azure-fips","binary_version":"4.15.0-2096.102"},{"binary_name":"linux-tools-4.15.0-2096-azure-fips","binary_version":"4.15.0-2096.102"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7428-2.json","cves_map":{"cves":[{"id":"CVE-2021-47101","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2021-47119","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-23041","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-26863","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-35960","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-35973","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-46826","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2024-49948","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-49952","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-50167","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-50265","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-50302","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2024-53165","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-53227","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-56595","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2024-56600","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-56615","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-56658","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2025-21700","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2025-21702","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}],"ecosystem":"Ubuntu:Pro:FIPS-updates:18.04:LTS"}}},{"package":{"name":"linux-fips","ecosystem":"Ubuntu:Pro:FIPS-updates:18.04:LTS","purl":"pkg:deb/ubuntu/linux-fips@4.15.0-1134.145?arch=source&distro=fips-updates/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1134.145"}]}],"versions":["4.15.0-1027.32","4.15.0-1029.34","4.15.0-1034.39","4.15.0-1035.40","4.15.0-1037.42","4.15.0-1038.43","4.15.0-1039.44","4.15.0-1040.45","4.15.0-1041.46","4.15.0-1044.50","4.15.0-1045.52","4.15.0-1046.53","4.15.0-1048.55","4.15.0-1049.56","4.15.0-1050.58","4.15.0-1051.59","4.15.0-1052.60","4.15.0-1053.61","4.15.0-1054.62","4.15.0-1055.63","4.15.0-1056.64","4.15.0-1057.65","4.15.0-1058.66","4.15.0-1059.67","4.15.0-1060.68","4.15.0-1063.71","4.15.0-1066.75","4.15.0-1067.76","4.15.0-1068.77","4.15.0-1069.78","4.15.0-1070.79","4.15.0-1071.80","4.15.0-1072.81","4.15.0-1073.82","4.15.0-1075.84","4.15.0-1076.85","4.15.0-1078.87","4.15.0-1080.89","4.15.0-1081.90","4.15.0-1083.92","4.15.0-1084.93","4.15.0-1085.94","4.15.0-1087.96","4.15.0-1090.100","4.15.0-1093.104","4.15.0-1094.105","4.15.0-1096.107","4.15.0-1097.108","4.15.0-1098.109","4.15.0-1099.110","4.15.0-1100.111","4.15.0-1103.114","4.15.0-1104.115","4.15.0-1105.116","4.15.0-1107.118","4.15.0-1108.119","4.15.0-1109.120","4.15.0-1110.121","4.15.0-1111.122","4.15.0-1112.123","4.15.0-1113.124","4.15.0-1114.125","4.15.0-1115.126","4.15.0-1116.127","4.15.0-1117.128","4.15.0-1118.129","4.15.0-1119.130","4.15.0-1121.132","4.15.0-1122.133","4.15.0-1123.134","4.15.0-1124.135","4.15.0-1125.136","4.15.0-1126.137","4.15.0-1127.138","4.15.0-1128.139","4.15.0-1129.140","4.15.0-1130.141","4.15.0-1131.142","4.15.0-1132.143","4.15.0-1133.144"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_name":"linux-buildinfo-4.15.0-1134-fips","binary_version":"4.15.0-1134.145"},{"binary_name":"linux-fips-headers-4.15.0-1134","binary_version":"4.15.0-1134.145"},{"binary_name":"linux-fips-tools-4.15.0-1134","binary_version":"4.15.0-1134.145"},{"binary_name":"linux-fips-tools-host","binary_version":"4.15.0-1134.145"},{"binary_name":"linux-headers-4.15.0-1134-fips","binary_version":"4.15.0-1134.145"},{"binary_name":"linux-image-4.15.0-1134-fips","binary_version":"4.15.0-1134.145"},{"binary_name":"linux-image-hmac-4.15.0-1134-fips","binary_version":"4.15.0-1134.145"},{"binary_name":"linux-image-unsigned-4.15.0-1134-fips","binary_version":"4.15.0-1134.145"},{"binary_name":"linux-image-unsigned-hmac-4.15.0-1134-fips","binary_version":"4.15.0-1134.145"},{"binary_name":"linux-modules-4.15.0-1134-fips","binary_version":"4.15.0-1134.145"},{"binary_name":"linux-modules-extra-4.15.0-1134-fips","binary_version":"4.15.0-1134.145"},{"binary_name":"linux-tools-4.15.0-1134-fips","binary_version":"4.15.0-1134.145"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7428-2.json","cves_map":{"cves":[{"id":"CVE-2021-47101","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2021-47119","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-23041","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-26863","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-35960","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-35973","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-46826","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2024-49948","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-49952","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-50167","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-50265","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-50302","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2024-53165","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-53227","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-56595","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2024-56600","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-56615","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-56658","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2025-21700","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2025-21702","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}],"ecosystem":"Ubuntu:Pro:FIPS-updates:18.04:LTS"}}},{"package":{"name":"linux-gcp-fips","ecosystem":"Ubuntu:Pro:FIPS-updates:18.04:LTS","purl":"pkg:deb/ubuntu/linux-gcp-fips@4.15.0-2080.86?arch=source&distro=fips-updates/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-2080.86"}]}],"versions":["4.15.0-2013.14","4.15.0-2016.18","4.15.0-2017.19","4.15.0-2018.20","4.15.0-2019.21","4.15.0-2020.22","4.15.0-2021.23","4.15.0-2022.24","4.15.0-2024.26","4.15.0-2025.27","4.15.0-2026.28","4.15.0-2028.31","4.15.0-2029.32","4.15.0-2030.33","4.15.0-2031.34","4.15.0-2032.35","4.15.0-2034.37","4.15.0-2037.41","4.15.0-2040.45","4.15.0-2041.46","4.15.0-2043.48","4.15.0-2044.49","4.15.0-2045.50","4.15.0-2047.52","4.15.0-2050.55","4.15.0-2052.57","4.15.0-2054.59","4.15.0-2055.60","4.15.0-2056.61","4.15.0-2057.62","4.15.0-2058.63","4.15.0-2059.64","4.15.0-2060.65","4.15.0-2061.66","4.15.0-2062.67","4.15.0-2063.68","4.15.0-2064.69","4.15.0-2065.70","4.15.0-2066.71","4.15.0-2067.72","4.15.0-2068.73","4.15.0-2069.74","4.15.0-2070.75","4.15.0-2071.76","4.15.0-2072.77","4.15.0-2073.78","4.15.0-2074.79","4.15.0-2075.80","4.15.0-2076.81","4.15.0-2077.83","4.15.0-2078.84","4.15.0-2079.85"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_name":"linux-buildinfo-4.15.0-2080-gcp-fips","binary_version":"4.15.0-2080.86"},{"binary_name":"linux-gcp-fips-headers-4.15.0-2080","binary_version":"4.15.0-2080.86"},{"binary_name":"linux-gcp-fips-tools-4.15.0-2080","binary_version":"4.15.0-2080.86"},{"binary_name":"linux-headers-4.15.0-2080-gcp-fips","binary_version":"4.15.0-2080.86"},{"binary_name":"linux-image-unsigned-4.15.0-2080-gcp-fips","binary_version":"4.15.0-2080.86"},{"binary_name":"linux-image-unsigned-hmac-4.15.0-2080-gcp-fips","binary_version":"4.15.0-2080.86"},{"binary_name":"linux-modules-4.15.0-2080-gcp-fips","binary_version":"4.15.0-2080.86"},{"binary_name":"linux-modules-extra-4.15.0-2080-gcp-fips","binary_version":"4.15.0-2080.86"},{"binary_name":"linux-tools-4.15.0-2080-gcp-fips","binary_version":"4.15.0-2080.86"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7428-2.json","cves_map":{"cves":[{"id":"CVE-2021-47101","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2021-47119","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-23041","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-26863","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-35960","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-35973","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-46826","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2024-49948","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-49952","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-50167","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-50265","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-50302","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2024-53165","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-53227","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-56595","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2024-56600","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-56615","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-56658","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2025-21700","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2025-21702","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}],"ecosystem":"Ubuntu:Pro:FIPS-updates:18.04:LTS"}}}],"schema_version":"1.7.5"}