Risk Scores
CVSS v3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu | Kernel |
Timeline
- Apr 14, 2026 CVE Published
=========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2026.3586 LSN-0119-1: Kernel Live Patch Security Notice 14 April 2026 =========================================================================== AUSCERT Security Bulletin Summary --------------------------------- Product: Kernel Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2026-23269 CVE-2024-56581 CVE-2024-56593 CVE-2026-23111 CVE-2025-21780 CVE-2025-21704 CVE-2024-56640 CVE-2026-23268 Original Bulletin: https://ubuntu.com/security/notices/LSN-0119-1 Comment: CVSS (Max): 7.8 CVE-2026-23268 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: Ubuntu Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H EPSS (Max): 0.1% (21st) CVE-2025-21780 2026-04-13 - --------------------------BEGIN INCLUDED TEXT-------------------- LSN-0119-1: Kernel Live Patch Security Notice Publication date 13 April 2026 Overview Several security issues were fixed in the kernel. Releases 25.10 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS --------------------------------------------------------------------------------- Open side navigation Software description o aws - Linux kernel for Amazon Web Services (AWS) systems - (>= 4.15.0-1159, >= 5.4.0-1009, >= 5.4.0-1061, >= 5.15.0-1000, >= 6.8.0-1008) o aws-5.15 - Linux kernel for Amazon Web Services (AWS) systems - (>= 5.15.0-1000) o aws-6.8 - Linux kernel for Amazon Web Services (AWS) systems - (>= 6.8.0-1000) o aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems - (>= 4.15.0-1126) o azure - Linux kernel for Microsoft Azure Cloud systems - (>= 5.15.0-1000, > = 6.8.0-1007, >= 4.15.0-1114) o azure-4.15 - Linux kernel for Microsoft Azure Cloud systems - (>= 4.15.0-1168) o azure-5.15 - Linux kernel for Microsoft Azure cloud systems - (>= 5.15.0-1069) o gcp - Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.15.0-1000, >= 6.8.0-1007) o gcp-4.15 - Linux kernel for Google Cloud Platform (GCP) systems - (>= 4.15.0-1154) o gcp-5.15 - Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.15.0-1000) o gcp-6.8 - Linux kernel for Google Cloud Platform (GCP) systems - (>= 6.8.0-1000) o aws - Linux kernel for Amazon Web Services (AWS) systems - (>= 4.15.0-1159, >= 5.4.0-1009, >= 5.4.0-1061, >= 5.15.0-1000, >= 6.8.0-1008) o aws-5.15 - Linux kernel for Amazon Web Services (AWS) systems - (>= 5.15.0-1000) o aws-6.8 - Linux kernel for Amazon Web Services (AWS) systems - (>= 6.8.0-1000) o aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems - (>= 4.15.0-1126) o azure - Linux kernel for Microsoft Azure Cloud systems - (>= 5.15.0-1000, > = 6.8.0-1007, >= 4.15.0-1114) o azure-4.15 - Linux kernel for Microsoft Azure Cloud systems - (>= 4.15.0-1168) o azure-5.15 - Linux kernel for Microsoft Azure cloud systems - (>= 5.15.0-1069) o gcp - Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.15.0-1000, >= 6.8.0-1007) o gcp-4.15 - Linux kernel for Google Cloud Platform (GCP) systems - (>= 4.15.0-1154) o gcp-5.15 - Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.15.0-1000) o gcp-6.8 - Linux kernel for Google Cloud Platform (GCP) systems - (>= 6.8.0-1000) o generic-4.15 - Linux hardware enablement (HWE) kernel - (>= 4.15.0-214, >= 4.15.0-143) o generic-5.15 - Linux hardware enablement (HWE) kernel - (>= 5.15.0-0) o generic-5.4 - Linux kernel - (>= 5.4.0-150, >= 5.4.0-26) o gke - Linux kernel for Google Container Engine (GKE) systems - (>= 5.15.0-1000) o ibm - Linux kernel for IBM cloud systems - (>= 5.15.0-1000, >= 6.8.0-1005) o ibm-5.15 - Linux kernel for IBM cloud systems - (>= 5.15.0-1000) o ibm-6.8 - Linux kernel for IBM cloud systems - (>= 6.8.0-1000) o linux - Linux kernel - (>= 5.15.0-71, >= 5.15.0-24, >= 6.8.0-1, >= 6.17.0-1) o lowlatency-4.15 - Linux hardware enablement (HWE) kernel - (>= 4.15.0-214, >= 4.15.0-143) o lowlatency-5.15 - Linux hardware enablement (HWE) kernel - (>= 5.15.0-0) o lowlatency-5.4 - Linux kernel - (>= 5.4.0-150, >= 5.4.0-26) o oracle - Linux kernel for Oracle Cloud systems - (>= 4.15.0-1129, >= 5.15.0-1055, >= 6.8.0-1005) o oracle-5.15 - Linux kernel for Oracle Cloud systems - (>= 5.15.0-1055) --------------------------------------------------------------------------------- Details In the Linux kernel, the following vulnerability has been resolved: btrfs: ref-verify: fix use-after-free after invalid ref action At btrfs_ref_tree_mod() after we successfully inserted the new ref entry (local variable 'ref') into the respective block entry's rbtree (local variable 'be'), if we find an unexpected action of BTRFS_DROP_DELAYED_REF, we error out and free the ref entry without removing it from the block entry's rbtree. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() This patch fixes a NULL pointer dereference bug in brcmfmac that occurs when a high 'sd_sgentry_align' value applies (e.g. 512) and a lot of queued SKBs are sent from the pkt queue. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix LGR and link use-after-free issue We encountered a LGR/link use-after-free issue, which manifested as the LGR/link refcnt reaching 0 early and entering the clear process, making resource access unsafe. In the Linux kernel, the following vulnerability has been resolved: usb: cdc-acm: Check control transfer buffer size before access If the first fragment is shorter than struct usb_cdc_notification, we can't calculate an expected_size. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() It malicious user provides a small pptable through sysfs and then a bigger pptable, it may cause buffer overflow attack in function smu_sys_set_pp_table().)( CVE-2025-21780 ). In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() nft_map_catchall_activate() has an inverted element activity check compared to its non-catchall counterpart nft_mapelem_activate() and compared to what is logically required. nft_map_catchall_activate() is called from the abort path to re-activate catchall map elements that were deactivated during a failed transaction. Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container.)( CVE-2026-23268 ) Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container.)( CVE-2026-23269 ) --------------------------------------------------------------------------------- Checking update status The problem can be corrected in these Livepatch versions: Kernel type 25.10 24.04 22.04 20.04 18.04 16.04 aws - 119.1 119.1 119.1 119.1 - aws-5.15 - - - 119.1 - - aws-6.8 - - 119.1 - - - aws-hwe - - - - - 119.1 azure - 119.1 119.1 - - 119.1 azure-4.15 - - - - 119.1 - azure-5.15 - - - 119.1 - - gcp - 119.1 119.1 - - - gcp-4.15 - - - - 119.1 - gcp-5.15 - - - 119.1 - - gcp-6.8 - - 119.1 - - - generic-4.15 - - - - 119.1 119.1 generic-5.15 - - - 119.1 - - generic-5.4 - - - 119.1 119.1 - gke - - 119.1 - - - ibm - 119.1 119.1 - - - ibm-5.15 - - - 119.1 - - ibm-6.8 - - 119.1 - - - linux 119.1 119.1 119.1 - - - lowlatency-4.15 - - - - 119.1 119.1 lowlatency-5.15 - - - 119.1 - - lowlatency-5.4 - - - 119.1 119.1 - oracle - 119.1 119.1 - 119.1 - oracle-5.15 - - - 119.1 - - References o CVE-2026-23269 o CVE-2026-23268 o CVE-2026-23111 o CVE-2025-21780 o CVE-2025-21704 o CVE-2024-56640 o CVE-2024-56593 o CVE-2024-56581 --------------------------------------------------------------------------------- - --------------------------END INCLUDED TEXT---------------------- You have received this e-mail bulletin as a result of your organisation's registration with AUSCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AUSCERT's members. As AUSCERT did not write the document quoted above, AUSCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AUSCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://portal.auscert.org.au/bulletins/ =========================================================================== AUSCERT The University of Queensland, Brisbane QLD 4072 Australia e: auscert@auscert.org.au t: +61 (0)7 3365 4417 Allies in Cyber Security ===========================================================================
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu | Kernel |