{"id":"USN-8159-2","summary":"linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities","details":"Several security issues were discovered in the Linux kernel.\nAn attacker could possibly use these to compromise the system.\nThis update corrects flaws in the following subsystems:\n  - ARM64 architecture;\n  - Cryptographic API;\n  - Netfilter;\n  - Network traffic control;\n(CVE-2025-37849, CVE-2026-23060, CVE-2026-23074, CVE-2026-23111)\n","modified":"2026-04-13T12:59:20.427868291Z","published":"2026-04-08T23:34:56Z","related":["UBUNTU-CVE-2025-37849","UBUNTU-CVE-2026-23060","UBUNTU-CVE-2026-23074","UBUNTU-CVE-2026-23111"],"upstream":["CVE-2025-37849","CVE-2026-23060","CVE-2026-23074","CVE-2026-23111","UBUNTU-CVE-2025-37849","UBUNTU-CVE-2026-23060","UBUNTU-CVE-2026-23074","UBUNTU-CVE-2026-23111"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-8159-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-37849"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-23060"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-23074"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-23111"}],"affected":[{"package":{"name":"linux-aws-fips","ecosystem":"Ubuntu:Pro:FIPS-updates:22.04:LTS","purl":"pkg:deb/ubuntu/linux-aws-fips@5.15.0-1104.111+fips1?arch=source&distro=fips-updates/jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.0-1104.111+fips1"}]}],"versions":["5.15.0-1051.56+fips1","5.15.0-1052.57+fips1","5.15.0-1053.58+fips1","5.15.0-1055.60+fips1","5.15.0-1056.61+fips1","5.15.0-1057.63+fips1","5.15.0-1060.66+fips1","5.15.0-1061.67+fips1","5.15.0-1062.68+fips1","5.15.0-1063.69+fips1","5.15.0-1064.70+fips1","5.15.0-1065.71+fips1","5.15.0-1066.72+fips1","5.15.0-1067.73+fips1","5.15.0-1068.74+fips1","5.15.0-1069.75+fips1","5.15.0-1070.76+fips1","5.15.0-1071.77+fips1","5.15.0-1072.78+fips1","5.15.0-1073.79+fips1","5.15.0-1076.83+fips1","5.15.0-1077.84+fips1","5.15.0-1078.85+fips1","5.15.0-1079.86+fips1","5.15.0-1080.87+fips1","5.15.0-1081.88+fips1","5.15.0-1082.89+fips1","5.15.0-1083.90+fips1","5.15.0-1084.91+fips1","5.15.0-1085.92+fips1","5.15.0-1086.93+fips1","5.15.0-1087.94+fips1","5.15.0-1088.95+fips1","5.15.0-1089.96+fips1","5.15.0-1090.97+fips1","5.15.0-1091.98+fips1","5.15.0-1092.99+fips1","5.15.0-1093.100+fips1","5.15.0-1095.102+fips1","5.15.0-1096.103+fips1","5.15.0-1097.104+fips1","5.15.0-1098.105+fips1","5.15.0-1099.106+fips1","5.15.0-1100.107+fips1","5.15.0-1101.108+fips1","5.15.0-1103.110+fips1"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-aws-fips-cloud-tools-5.15.0-1104","binary_version":"5.15.0-1104.111+fips1"},{"binary_name":"linux-aws-fips-headers-5.15.0-1104","binary_version":"5.15.0-1104.111+fips1"},{"binary_name":"linux-aws-fips-tools-5.15.0-1104","binary_version":"5.15.0-1104.111+fips1"},{"binary_name":"linux-buildinfo-5.15.0-1104-aws-fips","binary_version":"5.15.0-1104.111+fips1"},{"binary_name":"linux-cloud-tools-5.15.0-1104-aws-fips","binary_version":"5.15.0-1104.111+fips1"},{"binary_name":"linux-headers-5.15.0-1104-aws-fips","binary_version":"5.15.0-1104.111+fips1"},{"binary_name":"linux-image-unsigned-5.15.0-1104-aws-fips","binary_version":"5.15.0-1104.111+fips1"},{"binary_name":"linux-image-unsigned-hmac-5.15.0-1104-aws-fips","binary_version":"5.15.0-1104.111+fips1"},{"binary_name":"linux-modules-5.15.0-1104-aws-fips","binary_version":"5.15.0-1104.111+fips1"},{"binary_name":"linux-modules-extra-5.15.0-1104-aws-fips","binary_version":"5.15.0-1104.111+fips1"},{"binary_name":"linux-tools-5.15.0-1104-aws-fips","binary_version":"5.15.0-1104.111+fips1"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8159-2.json","cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}],"id":"CVE-2025-37849"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2026-23060"},{"id":"CVE-2026-23074","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}],"id":"CVE-2026-23111"}],"ecosystem":"Ubuntu:Pro:FIPS-updates:22.04:LTS"}}},{"package":{"name":"linux-fips","ecosystem":"Ubuntu:Pro:FIPS-updates:22.04:LTS","purl":"pkg:deb/ubuntu/linux-fips@5.15.0-174.184+fips1?arch=source&distro=fips-updates/jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.0-174.184+fips1"}]}],"versions":["5.15.0-73.80+fips1","5.15.0-92.102+fips1","5.15.0-94.104+fips1","5.15.0-97.107+fips1","5.15.0-100.110+fips1","5.15.0-101.111+fips1","5.15.0-102.112+fips1","5.15.0-105.115+fips1","5.15.0-106.116+fips1","5.15.0-107.117+fips1","5.15.0-111.121+fips1","5.15.0-113.123+fips1","5.15.0-115.125+fips1","5.15.0-117.127+fips1","5.15.0-118.128+fips1","5.15.0-119.129+fips1","5.15.0-121.131+fips1","5.15.0-122.132+fips1","5.15.0-124.134+fips1","5.15.0-125.135+fips1","5.15.0-127.137+fips1","5.15.0-128.138+fips1","5.15.0-130.140+fips1","5.15.0-131.141+fips1","5.15.0-133.144+fips1","5.15.0-134.145+fips1","5.15.0-135.146+fips1","5.15.0-136.147+fips1","5.15.0-138.148+fips1","5.15.0-139.149+fips1","5.15.0-140.150+fips1","5.15.0-141.151+fips1","5.15.0-142.152+fips1","5.15.0-143.153+fips1","5.15.0-144.157+fips1","5.15.0-145.158+fips1","5.15.0-152.162+fips1","5.15.0-153.163+fips1","5.15.0-156.166+fips1","5.15.0-157.167+fips1","5.15.0-160.170+fips1","5.15.0-161.171+fips1","5.15.0-163.173+fips1","5.15.0-164.174+fips1","5.15.0-168.178+fips1","5.15.0-170.180+fips1","5.15.0-171.181+fips1","5.15.0-173.183+fips1"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-buildinfo-5.15.0-174-fips","binary_version":"5.15.0-174.184+fips1"},{"binary_name":"linux-cloud-tools-5.15.0-174-fips","binary_version":"5.15.0-174.184+fips1"},{"binary_name":"linux-fips-cloud-tools-5.15.0-174","binary_version":"5.15.0-174.184+fips1"},{"binary_name":"linux-fips-headers-5.15.0-174","binary_version":"5.15.0-174.184+fips1"},{"binary_name":"linux-fips-tools-5.15.0-174","binary_version":"5.15.0-174.184+fips1"},{"binary_name":"linux-headers-5.15.0-174-fips","binary_version":"5.15.0-174.184+fips1"},{"binary_name":"linux-image-unsigned-5.15.0-174-fips","binary_version":"5.15.0-174.184+fips1"},{"binary_name":"linux-image-unsigned-hmac-5.15.0-174-fips","binary_version":"5.15.0-174.184+fips1"},{"binary_name":"linux-modules-5.15.0-174-fips","binary_version":"5.15.0-174.184+fips1"},{"binary_name":"linux-modules-extra-5.15.0-174-fips","binary_version":"5.15.0-174.184+fips1"},{"binary_name":"linux-modules-iwlwifi-5.15.0-174-fips","binary_version":"5.15.0-174.184+fips1"},{"binary_name":"linux-tools-5.15.0-174-fips","binary_version":"5.15.0-174.184+fips1"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8159-2.json","cves_map":{"cves":[{"id":"CVE-2025-37849","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}]},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2026-23060"},{"id":"CVE-2026-23074","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}],"id":"CVE-2026-23111"}],"ecosystem":"Ubuntu:Pro:FIPS-updates:22.04:LTS"}}},{"package":{"name":"linux-gcp-fips","ecosystem":"Ubuntu:Pro:FIPS-updates:22.04:LTS","purl":"pkg:deb/ubuntu/linux-gcp-fips@5.15.0-1104.113+fips1?arch=source&distro=fips-updates/jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.0-1104.113+fips1"}]}],"versions":["5.15.0-1048.56+fips1","5.15.0-1055.63+fips2","5.15.0-1058.66+fips1","5.15.0-1059.67+fips1","5.15.0-1060.68+fips1","5.15.0-1062.70+fips1","5.15.0-1063.71+fips1","5.15.0-1064.72+fips1","5.15.0-1065.73+fips1","5.15.0-1066.74+fips1","5.15.0-1067.75+fips1","5.15.0-1068.76+fips1","5.15.0-1069.77+fips1","5.15.0-1070.78+fips1","5.15.0-1071.79+fips1","5.15.0-1072.80+fips1","5.15.0-1073.81+fips1","5.15.0-1074.83+fips1","5.15.0-1075.84+fips1","5.15.0-1077.86+fips1","5.15.0-1078.87+fips1","5.15.0-1079.88+fips1","5.15.0-1080.89+fips1","5.15.0-1081.90+fips1","5.15.0-1082.91+fips1","5.15.0-1083.92+fips1","5.15.0-1084.93+fips1","5.15.0-1085.94+fips1","5.15.0-1086.95+fips1","5.15.0-1087.96+fips1","5.15.0-1088.97+fips1","5.15.0-1090.99+fips1","5.15.0-1091.100+fips1","5.15.0-1092.101+fips1","5.15.0-1093.102+fips1","5.15.0-1095.104+fips1","5.15.0-1096.105+fips1","5.15.0-1097.106+fips1","5.15.0-1098.107+fips1","5.15.0-1099.108+fips1","5.15.0-1100.109+fips1","5.15.0-1101.110+fips1","5.15.0-1103.112+fips1"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-buildinfo-5.15.0-1104-gcp-fips","binary_version":"5.15.0-1104.113+fips1"},{"binary_name":"linux-gcp-fips-headers-5.15.0-1104","binary_version":"5.15.0-1104.113+fips1"},{"binary_name":"linux-gcp-fips-tools-5.15.0-1104","binary_version":"5.15.0-1104.113+fips1"},{"binary_name":"linux-headers-5.15.0-1104-gcp-fips","binary_version":"5.15.0-1104.113+fips1"},{"binary_name":"linux-image-unsigned-5.15.0-1104-gcp-fips","binary_version":"5.15.0-1104.113+fips1"},{"binary_name":"linux-image-unsigned-hmac-5.15.0-1104-gcp-fips","binary_version":"5.15.0-1104.113+fips1"},{"binary_name":"linux-modules-5.15.0-1104-gcp-fips","binary_version":"5.15.0-1104.113+fips1"},{"binary_name":"linux-modules-extra-5.15.0-1104-gcp-fips","binary_version":"5.15.0-1104.113+fips1"},{"binary_name":"linux-tools-5.15.0-1104-gcp-fips","binary_version":"5.15.0-1104.113+fips1"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8159-2.json","cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}],"id":"CVE-2025-37849"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2026-23060"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2026-23074"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}],"id":"CVE-2026-23111"}],"ecosystem":"Ubuntu:Pro:FIPS-updates:22.04:LTS"}}}],"schema_version":"1.7.5"}