{"id":"USN-8145-2","summary":"linux-fips, linux-aws-fips vulnerabilities","details":"Several security issues were discovered in the Linux kernel.\nAn attacker could possibly use these to compromise the system.\nThis update corrects flaws in the following subsystems:\n  - ARM64 architecture;\n  - Cryptographic API;\n  - UDF file system;\n  - NFC subsystem;\n  - Network traffic control;\n(CVE-2024-46777, CVE-2025-21735, CVE-2025-37849, CVE-2026-23060,\nCVE-2026-23074)\n","modified":"2026-04-07T12:14:22.410207120Z","published":"2026-04-02T20:37:36Z","related":["UBUNTU-CVE-2024-46777","UBUNTU-CVE-2025-21735","UBUNTU-CVE-2025-37849","UBUNTU-CVE-2026-23060","UBUNTU-CVE-2026-23074"],"upstream":["CVE-2024-46777","CVE-2025-21735","CVE-2025-37849","CVE-2026-23060","CVE-2026-23074","UBUNTU-CVE-2024-46777","UBUNTU-CVE-2025-21735","UBUNTU-CVE-2025-37849","UBUNTU-CVE-2026-23060","UBUNTU-CVE-2026-23074"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-8145-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-46777"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-21735"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-37849"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-23060"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-23074"}],"affected":[{"package":{"name":"linux-aws-fips","ecosystem":"Ubuntu:Pro:FIPS-updates:18.04:LTS","purl":"pkg:deb/ubuntu/linux-aws-fips@4.15.0-2128.134?arch=source&distro=fips-updates/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-2128.134"}]}],"versions":["4.15.0-2000.4","4.15.0-2018.18","4.15.0-2021.21","4.15.0-2022.22","4.15.0-2024.24","4.15.0-2025.25","4.15.0-2026.26","4.15.0-2027.27","4.15.0-2030.31","4.15.0-2031.32","4.15.0-2033.34","4.15.0-2034.35","4.15.0-2035.37","4.15.0-2036.38","4.15.0-2037.39","4.15.0-2038.40","4.15.0-2039.41","4.15.0-2040.42","4.15.0-2041.43","4.15.0-2042.44","4.15.0-2044.46","4.15.0-2045.47","4.15.0-2048.50","4.15.0-2051.53","4.15.0-2052.54","4.15.0-2053.55","4.15.0-2054.56","4.15.0-2055.57","4.15.0-2056.58","4.15.0-2057.59","4.15.0-2059.61","4.15.0-2060.62","4.15.0-2061.63","4.15.0-2063.66","4.15.0-2064.67","4.15.0-2065.68","4.15.0-2066.69","4.15.0-2067.70","4.15.0-2069.72","4.15.0-2072.76","4.15.0-2075.80","4.15.0-2076.81","4.15.0-2078.83","4.15.0-2079.84","4.15.0-2080.85","4.15.0-2081.87","4.15.0-2082.88","4.15.0-2083.89","4.15.0-2085.91","4.15.0-2087.93","4.15.0-2089.95","4.15.0-2090.96","4.15.0-2092.98","4.15.0-2093.99","4.15.0-2094.100","4.15.0-2095.101","4.15.0-2096.102","4.15.0-2097.103","4.15.0-2098.104","4.15.0-2099.105","4.15.0-2100.106","4.15.0-2101.107","4.15.0-2102.108","4.15.0-2103.109","4.15.0-2104.110","4.15.0-2105.111","4.15.0-2106.112","4.15.0-2107.113","4.15.0-2108.114","4.15.0-2109.115","4.15.0-2110.116","4.15.0-2111.117","4.15.0-2112.118","4.15.0-2113.119","4.15.0-2114.120","4.15.0-2115.121","4.15.0-2116.122","4.15.0-2117.123","4.15.0-2118.124","4.15.0-2119.125","4.15.0-2120.126","4.15.0-2121.127","4.15.0-2122.128","4.15.0-2123.129","4.15.0-2124.130","4.15.0-2125.131","4.15.0-2126.132","4.15.0-2127.133"],"ecosystem_specific":{"binaries":[{"binary_version":"4.15.0-2128.134","binary_name":"linux-aws-fips-headers-4.15.0-2128"},{"binary_version":"4.15.0-2128.134","binary_name":"linux-aws-fips-tools-4.15.0-2128"},{"binary_version":"4.15.0-2128.134","binary_name":"linux-buildinfo-4.15.0-2128-aws-fips"},{"binary_version":"4.15.0-2128.134","binary_name":"linux-headers-4.15.0-2128-aws-fips"},{"binary_version":"4.15.0-2128.134","binary_name":"linux-image-unsigned-4.15.0-2128-aws-fips"},{"binary_version":"4.15.0-2128.134","binary_name":"linux-image-unsigned-hmac-4.15.0-2128-aws-fips"},{"binary_version":"4.15.0-2128.134","binary_name":"linux-modules-4.15.0-2128-aws-fips"},{"binary_version":"4.15.0-2128.134","binary_name":"linux-modules-extra-4.15.0-2128-aws-fips"},{"binary_version":"4.15.0-2128.134","binary_name":"linux-tools-4.15.0-2128-aws-fips"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8145-2.json","cves_map":{"cves":[{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-46777"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2025-21735"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2025-37849"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-23060"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-23074"}],"ecosystem":"Ubuntu:Pro:FIPS-updates:18.04:LTS"}}},{"package":{"name":"linux-fips","ecosystem":"Ubuntu:Pro:FIPS-updates:18.04:LTS","purl":"pkg:deb/ubuntu/linux-fips@4.15.0-1145.157?arch=source&distro=fips-updates/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1145.157"}]}],"versions":["4.15.0-1027.32","4.15.0-1029.34","4.15.0-1034.39","4.15.0-1035.40","4.15.0-1037.42","4.15.0-1038.43","4.15.0-1039.44","4.15.0-1040.45","4.15.0-1041.46","4.15.0-1044.50","4.15.0-1045.52","4.15.0-1046.53","4.15.0-1048.55","4.15.0-1049.56","4.15.0-1050.58","4.15.0-1051.59","4.15.0-1052.60","4.15.0-1053.61","4.15.0-1054.62","4.15.0-1055.63","4.15.0-1056.64","4.15.0-1057.65","4.15.0-1058.66","4.15.0-1059.67","4.15.0-1060.68","4.15.0-1063.71","4.15.0-1066.75","4.15.0-1067.76","4.15.0-1068.77","4.15.0-1069.78","4.15.0-1070.79","4.15.0-1071.80","4.15.0-1072.81","4.15.0-1073.82","4.15.0-1075.84","4.15.0-1076.85","4.15.0-1078.87","4.15.0-1080.89","4.15.0-1081.90","4.15.0-1083.92","4.15.0-1084.93","4.15.0-1085.94","4.15.0-1087.96","4.15.0-1090.100","4.15.0-1093.104","4.15.0-1094.105","4.15.0-1096.107","4.15.0-1097.108","4.15.0-1098.109","4.15.0-1099.110","4.15.0-1100.111","4.15.0-1103.114","4.15.0-1104.115","4.15.0-1105.116","4.15.0-1107.118","4.15.0-1108.119","4.15.0-1109.120","4.15.0-1110.121","4.15.0-1111.122","4.15.0-1112.123","4.15.0-1113.124","4.15.0-1114.125","4.15.0-1115.126","4.15.0-1116.127","4.15.0-1117.128","4.15.0-1118.129","4.15.0-1119.130","4.15.0-1121.132","4.15.0-1122.133","4.15.0-1123.134","4.15.0-1124.135","4.15.0-1125.136","4.15.0-1126.137","4.15.0-1127.138","4.15.0-1128.139","4.15.0-1129.140","4.15.0-1130.141","4.15.0-1131.142","4.15.0-1132.143","4.15.0-1133.144","4.15.0-1134.145","4.15.0-1135.146","4.15.0-1136.147","4.15.0-1137.148","4.15.0-1138.149","4.15.0-1139.150","4.15.0-1140.151","4.15.0-1141.153","4.15.0-1142.154","4.15.0-1143.155","4.15.0-1144.156"],"ecosystem_specific":{"binaries":[{"binary_version":"4.15.0-1145.157","binary_name":"linux-buildinfo-4.15.0-1145-fips"},{"binary_version":"4.15.0-1145.157","binary_name":"linux-fips-headers-4.15.0-1145"},{"binary_version":"4.15.0-1145.157","binary_name":"linux-fips-tools-4.15.0-1145"},{"binary_version":"4.15.0-1145.157","binary_name":"linux-fips-tools-host"},{"binary_version":"4.15.0-1145.157","binary_name":"linux-headers-4.15.0-1145-fips"},{"binary_version":"4.15.0-1145.157","binary_name":"linux-image-4.15.0-1145-fips"},{"binary_version":"4.15.0-1145.157","binary_name":"linux-image-hmac-4.15.0-1145-fips"},{"binary_version":"4.15.0-1145.157","binary_name":"linux-image-unsigned-4.15.0-1145-fips"},{"binary_version":"4.15.0-1145.157","binary_name":"linux-image-unsigned-hmac-4.15.0-1145-fips"},{"binary_version":"4.15.0-1145.157","binary_name":"linux-modules-4.15.0-1145-fips"},{"binary_version":"4.15.0-1145.157","binary_name":"linux-modules-extra-4.15.0-1145-fips"},{"binary_version":"4.15.0-1145.157","binary_name":"linux-tools-4.15.0-1145-fips"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8145-2.json","cves_map":{"cves":[{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-46777"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2025-21735"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2025-37849"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-23060"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-23074"}],"ecosystem":"Ubuntu:Pro:FIPS-updates:18.04:LTS"}}}],"schema_version":"1.7.5"}