{"id":"USN-7595-5","summary":"linux-gcp, linux-gcp-6.8 vulnerabilities","details":"It was discovered that the CIFS network file system implementation in the\nLinux kernel did not properly verify the target namespace when handling\nupcalls. An attacker could use this to expose sensitive information.\n(CVE-2025-2312)\n\nSeveral security issues were discovered in the Linux kernel.\nAn attacker could possibly use these to compromise the system.\nThis update corrects flaws in the following subsystems:\n  - GPIO subsystem;\n  - GPU drivers;\n  - InfiniBand drivers;\n  - IRQ chip drivers;\n  - Network drivers;\n  - Mellanox network drivers;\n  - i.MX PM domains;\n  - SCSI subsystem;\n  - USB Serial drivers;\n  - AFS file system;\n  - GFS2 file system;\n  - File systems infrastructure;\n  - File system notification infrastructure;\n  - Overlay file system;\n  - Proc file system;\n  - SMB network file system;\n  - Timer subsystem;\n  - Kernel CPU control infrastructure;\n  - Memory management;\n  - Networking core;\n  - DCCP (Datagram Congestion Control Protocol);\n  - IPv6 networking;\n  - IEEE 802.15.4 subsystem;\n  - Open vSwitch;\n  - Network traffic control;\n  - VMware vSockets driver;\n(CVE-2025-21943, CVE-2025-21672, CVE-2024-57952, CVE-2024-57949,\nCVE-2025-21683, CVE-2025-21690, CVE-2025-21699, CVE-2025-21676,\nCVE-2024-57924, CVE-2025-21694, CVE-2024-57948, CVE-2025-21675,\nCVE-2024-57951, CVE-2025-21692, CVE-2025-21684, CVE-2025-21668,\nCVE-2025-21665, CVE-2025-21667, CVE-2025-21670, CVE-2025-21674,\nCVE-2025-21697, CVE-2024-53124, CVE-2025-21666, CVE-2025-21682,\nCVE-2025-21680, CVE-2025-21681, CVE-2025-21691, CVE-2025-21669,\nCVE-2025-21673, CVE-2024-50157, CVE-2025-21689, CVE-2025-21678)\n","modified":"2026-04-24T10:17:20.099482044Z","published":"2025-06-30T17:40:08Z","related":["UBUNTU-CVE-2024-50157","UBUNTU-CVE-2024-53124","UBUNTU-CVE-2024-57924","UBUNTU-CVE-2024-57948","UBUNTU-CVE-2024-57949","UBUNTU-CVE-2024-57951","UBUNTU-CVE-2024-57952","UBUNTU-CVE-2025-21665","UBUNTU-CVE-2025-21666","UBUNTU-CVE-2025-21667","UBUNTU-CVE-2025-21668","UBUNTU-CVE-2025-21669","UBUNTU-CVE-2025-21670","UBUNTU-CVE-2025-21672","UBUNTU-CVE-2025-21673","UBUNTU-CVE-2025-21674","UBUNTU-CVE-2025-21675","UBUNTU-CVE-2025-21676","UBUNTU-CVE-2025-21678","UBUNTU-CVE-2025-21680","UBUNTU-CVE-2025-21681","UBUNTU-CVE-2025-21682","UBUNTU-CVE-2025-21683","UBUNTU-CVE-2025-21684","UBUNTU-CVE-2025-21689","UBUNTU-CVE-2025-21690","UBUNTU-CVE-2025-21691","UBUNTU-CVE-2025-21692","UBUNTU-CVE-2025-21694","UBUNTU-CVE-2025-21697","UBUNTU-CVE-2025-21699","UBUNTU-CVE-2025-21943","UBUNTU-CVE-2025-2312"],"upstream":["CVE-2024-50157","CVE-2024-57949","CVE-2025-21668","CVE-2025-21670","CVE-2025-21674","CVE-2025-21675","CVE-2025-21676","CVE-2025-21691","UBUNTU-CVE-2024-50157","UBUNTU-CVE-2024-57949","UBUNTU-CVE-2025-21668","UBUNTU-CVE-2025-21670","UBUNTU-CVE-2025-21674","UBUNTU-CVE-2025-21675","UBUNTU-CVE-2025-21676","UBUNTU-CVE-2025-21691"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7595-5"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-50157"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-57949"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-21668"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-21670"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-21674"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-21675"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-21676"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-21691"}],"affected":[{"package":{"name":"linux-gcp-6.8","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/linux-gcp-6.8@6.8.0-1031.33~22.04.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.8.0-1031.33~22.04.1"}]}],"versions":["6.8.0-1010.11~22.04.1","6.8.0-1011.12~22.04.1","6.8.0-1012.13~22.04.1","6.8.0-1013.14~22.04.1","6.8.0-1014.16~22.04.1","6.8.0-1015.17~22.04.1","6.8.0-1016.18~22.04.1","6.8.0-1017.19~22.04.1","6.8.0-1018.20~22.04.1","6.8.0-1019.21~22.04.1","6.8.0-1020.22~22.04.1","6.8.0-1021.23~22.04.1","6.8.0-1024.26~22.04.1","6.8.0-1025.27~22.04.1","6.8.0-1026.28~22.04.1","6.8.0-1027.29~22.04.1","6.8.0-1028.30~22.04.1","6.8.0-1029.31~22.04.1","6.8.0-1030.32~22.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"6.8.0-1031.33~22.04.1","binary_name":"linux-buildinfo-6.8.0-1031-gcp"},{"binary_name":"linux-buildinfo-6.8.0-1031-gcp-64k","binary_version":"6.8.0-1031.33~22.04.1"},{"binary_version":"6.8.0-1031.33~22.04.1","binary_name":"linux-gcp-6.8-headers-6.8.0-1031"},{"binary_version":"6.8.0-1031.33~22.04.1","binary_name":"linux-gcp-6.8-tools-6.8.0-1031"},{"binary_version":"6.8.0-1031.33~22.04.1","binary_name":"linux-headers-6.8.0-1031-gcp"},{"binary_version":"6.8.0-1031.33~22.04.1","binary_name":"linux-headers-6.8.0-1031-gcp-64k"},{"binary_version":"6.8.0-1031.33~22.04.1","binary_name":"linux-image-unsigned-6.8.0-1031-gcp"},{"binary_version":"6.8.0-1031.33~22.04.1","binary_name":"linux-image-unsigned-6.8.0-1031-gcp-64k"},{"binary_version":"6.8.0-1031.33~22.04.1","binary_name":"linux-modules-6.8.0-1031-gcp"},{"binary_version":"6.8.0-1031.33~22.04.1","binary_name":"linux-modules-6.8.0-1031-gcp-64k"},{"binary_version":"6.8.0-1031.33~22.04.1","binary_name":"linux-modules-extra-6.8.0-1031-gcp"},{"binary_version":"6.8.0-1031.33~22.04.1","binary_name":"linux-modules-extra-6.8.0-1031-gcp-64k"},{"binary_version":"6.8.0-1031.33~22.04.1","binary_name":"linux-tools-6.8.0-1031-gcp"},{"binary_version":"6.8.0-1031.33~22.04.1","binary_name":"linux-tools-6.8.0-1031-gcp-64k"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-50157"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-57949"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-21668"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-21670"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-21674"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-21675"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-21676"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-21691"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7595-5.json"}},{"package":{"name":"linux-gcp","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/linux-gcp@6.8.0-1031.33?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.8.0-1031.33"}]}],"versions":["6.5.0-1007.7","6.6.0-1001.1","6.8.0-1002.2","6.8.0-1005.5","6.8.0-1006.6","6.8.0-1007.7","6.8.0-1008.9","6.8.0-1009.10","6.8.0-1010.11","6.8.0-1011.12","6.8.0-1012.13","6.8.0-1013.14","6.8.0-1014.16","6.8.0-1015.17","6.8.0-1016.18","6.8.0-1017.19","6.8.0-1018.20","6.8.0-1019.21","6.8.0-1020.22","6.8.0-1021.23","6.8.0-1024.26","6.8.0-1025.27","6.8.0-1026.28","6.8.0-1027.29","6.8.0-1028.30","6.8.0-1029.31","6.8.0-1030.32"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"6.8.0-1031.33","binary_name":"linux-buildinfo-6.8.0-1031-gcp"},{"binary_version":"6.8.0-1031.33","binary_name":"linux-buildinfo-6.8.0-1031-gcp-64k"},{"binary_version":"6.8.0-1031.33","binary_name":"linux-gcp-headers-6.8.0-1031"},{"binary_version":"6.8.0-1031.33","binary_name":"linux-gcp-tools-6.8.0-1031"},{"binary_version":"6.8.0-1031.33","binary_name":"linux-headers-6.8.0-1031-gcp"},{"binary_version":"6.8.0-1031.33","binary_name":"linux-headers-6.8.0-1031-gcp-64k"},{"binary_version":"6.8.0-1031.33","binary_name":"linux-image-unsigned-6.8.0-1031-gcp"},{"binary_version":"6.8.0-1031.33","binary_name":"linux-image-unsigned-6.8.0-1031-gcp-64k"},{"binary_version":"6.8.0-1031.33","binary_name":"linux-modules-6.8.0-1031-gcp"},{"binary_version":"6.8.0-1031.33","binary_name":"linux-modules-6.8.0-1031-gcp-64k"},{"binary_version":"6.8.0-1031.33","binary_name":"linux-modules-extra-6.8.0-1031-gcp"},{"binary_version":"6.8.0-1031.33","binary_name":"linux-modules-extra-6.8.0-1031-gcp-64k"},{"binary_name":"linux-tools-6.8.0-1031-gcp","binary_version":"6.8.0-1031.33"},{"binary_version":"6.8.0-1031.33","binary_name":"linux-tools-6.8.0-1031-gcp-64k"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7595-5.json","cves_map":{"ecosystem":"Ubuntu:24.04:LTS","cves":[{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-50157"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-57949"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-21668"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-21670"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-21674"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-21675"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-21676"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-21691"}]}}}],"schema_version":"1.7.5"}