Risk Scores
CVSS v3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu | Linux kernel (Real-time) |
Timeline
- Apr 20, 2026 CVE Published
- Apr 20, 2026 Distribution Patch
=========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2026.3923 USN-8177-2: Linux kernel (Real-time) vulnerabilities 20 April 2026 =========================================================================== AUSCERT Security Bulletin Summary --------------------------------- Product: Linux kernel (Real-time) Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2025-68365 CVE-2025-68725 CVE-2025-68767 CVE-2025-68769 CVE-2025-68770 CVE-2025-68771 CVE-2025-68772 CVE-2025-68773 CVE-2025-68774 CVE-2025-68775 CVE-2025-68776 CVE-2025-68777 CVE-2025-68778 CVE-2025-68780 CVE-2025-68781 CVE-2025-68782 CVE-2025-68783 CVE-2025-68784 CVE-2025-68785 CVE-2025-68786 CVE-2025-68787 CVE-2025-68788 CVE-2025-68792 CVE-2025-68794 CVE-2025-68795 CVE-2025-68796 CVE-2025-68797 CVE-2025-68798 CVE-2025-68799 CVE-2025-68800 CVE-2025-68801 CVE-2025-68802 CVE-2025-68803 CVE-2025-68804 CVE-2025-68806 CVE-2025-68808 CVE-2025-68809 CVE-2025-68810 CVE-2025-68811 CVE-2025-68814 CVE-2025-68815 CVE-2025-68816 CVE-2025-68817 CVE-2025-68818 CVE-2025-68819 CVE-2025-68820 CVE-2025-68821 CVE-2025-68822 CVE-2025-71064 CVE-2025-71065 CVE-2025-71066 CVE-2025-71067 CVE-2025-71068 CVE-2025-71069 CVE-2025-71071 CVE-2025-71072 CVE-2025-71073 CVE-2025-71075 CVE-2025-71076 CVE-2025-71077 CVE-2025-71078 CVE-2025-71079 CVE-2025-71080 CVE-2025-71081 CVE-2025-71082 CVE-2025-71083 CVE-2025-71084 CVE-2025-71085 CVE-2025-71086 CVE-2025-71087 CVE-2025-71089 CVE-2025-71091 CVE-2025-71093 CVE-2025-71094 CVE-2025-71095 CVE-2025-71097 CVE-2025-71098 CVE-2025-71099 CVE-2025-71100 CVE-2025-71101 CVE-2025-71102 CVE-2025-71104 CVE-2025-71105 CVE-2025-71107 CVE-2025-71108 CVE-2025-71109 CVE-2025-71111 CVE-2025-71112 CVE-2025-71113 CVE-2025-71114 CVE-2025-71116 CVE-2025-71118 CVE-2025-71119 CVE-2025-71121 CVE-2025-71122 CVE-2025-71123 CVE-2025-71125 CVE-2025-71126 CVE-2025-71130 CVE-2025-71131 CVE-2025-71132 CVE-2025-71133 CVE-2025-71135 CVE-2025-71136 CVE-2025-71137 CVE-2025-71138 CVE-2025-71140 CVE-2025-71143 CVE-2025-71146 CVE-2025-71147 CVE-2025-71148 CVE-2025-71149 CVE-2025-71150 CVE-2025-71151 CVE-2025-71153 CVE-2025-71154 CVE-2025-71156 CVE-2025-71157 CVE-2026-23091 CVE-2025-68823 CVE-2026-23209 CVE-2025-68813 CVE-2025-71120 CVE-2025-71124 CVE-2025-71117 CVE-2025-71115 CVE-2025-71070 CVE-2025-68807 CVE-2025-68805 CVE-2025-68793 CVE-2025-68791 CVE-2025-68351 CVE-2025-68368 CVE-2025-68353 CVE-2025-68736 CVE-2025-71096 CVE-2024-36347 CVE-2025-68745 CVE-2025-68768 Original Bulletin: https://ubuntu.com/security/notices/USN-8177-2 Comment: CVSS (Max): 7.8 CVE-2026-23209 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: NIST, SUSE, Advanced Micro Devices Inc., [kernel.org], Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H EPSS (Max): 0.1% (21st) CVE-2025-68785 2026-04-19 - --------------------------BEGIN INCLUDED TEXT-------------------- USN-8177-2: Linux kernel (Real-time) vulnerabilities Publication date 17 April 2026 Overview Several security issues were fixed in the Linux kernel. Releases 24.04 LTS --------------------------------------------------------------------------------- Open side navigation Packages o linux-realtime-6.17 - Linux kernel for Real-time systems Details Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcode causing loss of integrity and confidentiality. ( CVE-2024-36347 ) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: o MIPS architecture; o PowerPC architecture; o User-Mode Linux (UML); o x86 architecture; o Block layer subsystem; o Cryptographic API; o ACPI drivers; o Ublk userspace block driver; o Bluetooth drivers; o Character device driver; o TPM device driver; o Clock framework and drivers; o GPU drivers; o Hardware monitoring drivers; o Intel Trace Hub HW tracing drivers; o InfiniBand drivers; o Input Device core drivers; o Input Device (Mouse) drivers; o IOMMU subsystem; o Multiple devices driver; o Media drivers; o Network drivers; o Mellanox network drivers; o STMicroelectronics network drivers; o Ethernet team driver; o PA-RISC drivers; o Chrome hardware platform drivers; o x86 platform drivers; o SCSI subsystem; o SPI subsystem; o TCM subsystem; o Freescale USB OTG Transceiver Driver; o USB Type-C Connector System Software Interface driver; o Watchdog drivers; o BTRFS file system; o exFAT file system; o Ext4 file system; o F2FS file system; o FUSE (File system in Userspace); o HFS+ file system; o File systems infrastructure; o Network file system (NFS) server daemon; o File system notification infrastructure; o NTFS3 file system; o OCFS2 file system; o SMB network file system; o XFS file system; o User-space API (UAPI); o io_uring subsystem; o Scheduler infrastructure; o Shadow Call Stack mechanism; o Tracing infrastructure; o Memory management; o BPF subsystem; o CAIF protocol; o Ceph Core library; o Networking core; o Ethtool driver; o Handshake API; o HSR network protocol; o IPv4 networking; o IPv6 networking; o Multipath TCP; o Netfilter; o NET/ROM layer; o NFC subsystem; o Open vSwitch; o Rose network layer; o Network traffic control; o Sun RPC protocol; o Key management; o Landlock security; o STMicroelectronics SoC drivers; o USB sound devices; o KVM subsystem --------------------------------------------------------------------------------- Update instructions ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. The problem can be corrected by updating your system to the following package versions: Ubuntu Package Version Release linux-image-6.17.0-1010-realtime - 6.17.0-1010.11~24.04.1 Real-time Real-time kernel available with Ubuntu Pro. 24.04 LTS linux-image-realtime-6.17 - 6.17.0-1010.11~24.04.1 Real-time noble Real-time kernel available with Ubuntu Pro. linux-image-realtime-hwe-24.04 - 6.17.0-1010.11~24.04.1 Real-time Real-time kernel available with Ubuntu Pro. --------------------------------------------------------------------------------- References o CVE-2026-23209 o CVE-2026-23091 o CVE-2025-71157 o CVE-2025-71156 o CVE-2025-71154 o CVE-2025-71153 o CVE-2025-71151 o CVE-2025-71150 o CVE-2025-71149 o CVE-2025-71148 o CVE-2025-71147 o CVE-2025-71146 o CVE-2025-71143 o CVE-2025-71140 o CVE-2025-71138 o CVE-2025-71137 o CVE-2025-71136 o CVE-2025-71135 o CVE-2025-71133 o CVE-2025-71132 o CVE-2025-71131 o CVE-2025-71130 o CVE-2025-71126 o CVE-2025-71125 o CVE-2025-71124 o CVE-2025-71123 o CVE-2025-71122 o CVE-2025-71121 o CVE-2025-71120 o CVE-2025-71119 o CVE-2025-71118 o CVE-2025-71117 o CVE-2025-71116 o CVE-2025-71115 o CVE-2025-71114 o CVE-2025-71113 o CVE-2025-71112 o CVE-2025-71111 o CVE-2025-71109 o CVE-2025-71108 o CVE-2025-71107 o CVE-2025-71105 o CVE-2025-71104 o CVE-2025-71102 o CVE-2025-71101 o CVE-2025-71100 o CVE-2025-71099 o CVE-2025-71098 o CVE-2025-71097 o CVE-2025-71096 o CVE-2025-71095 o CVE-2025-71094 o CVE-2025-71093 o CVE-2025-71091 o CVE-2025-71089 o CVE-2025-71087 o CVE-2025-71086 o CVE-2025-71085 o CVE-2025-71084 o CVE-2025-71083 o CVE-2025-71082 o CVE-2025-71081 o CVE-2025-71080 o CVE-2025-71079 o CVE-2025-71078 o CVE-2025-71077 o CVE-2025-71076 o CVE-2025-71075 o CVE-2025-71073 o CVE-2025-71072 o CVE-2025-71071 o CVE-2025-71070 o CVE-2025-71069 o CVE-2025-71068 o CVE-2025-71067 o CVE-2025-71066 o CVE-2025-71065 o CVE-2025-71064 o CVE-2025-68823 o CVE-2025-68822 o CVE-2025-68821 o CVE-2025-68820 o CVE-2025-68819 o CVE-2025-68818 o CVE-2025-68817 o CVE-2025-68816 o CVE-2025-68815 o CVE-2025-68814 o CVE-2025-68813 o CVE-2025-68811 o CVE-2025-68810 o CVE-2025-68809 o CVE-2025-68808 o CVE-2025-68807 o CVE-2025-68806 o CVE-2025-68805 o CVE-2025-68804 o CVE-2025-68803 o CVE-2025-68802 o CVE-2025-68801 o CVE-2025-68800 o CVE-2025-68799 o CVE-2025-68798 o CVE-2025-68797 o CVE-2025-68796 o CVE-2025-68795 o CVE-2025-68794 o CVE-2025-68793 o CVE-2025-68792 o CVE-2025-68791 o CVE-2025-68788 o CVE-2025-68787 o CVE-2025-68786 o CVE-2025-68785 o CVE-2025-68784 o CVE-2025-68783 o CVE-2025-68782 o CVE-2025-68781 o CVE-2025-68780 o CVE-2025-68778 o CVE-2025-68777 o CVE-2025-68776 o CVE-2025-68775 o CVE-2025-68774 o CVE-2025-68773 o CVE-2025-68772 o CVE-2025-68771 o CVE-2025-68770 o CVE-2025-68769 o CVE-2025-68768 o CVE-2025-68767 o CVE-2025-68745 o CVE-2025-68736 o CVE-2025-68725 o CVE-2025-68368 o CVE-2025-68365 o CVE-2025-68353 o CVE-2025-68351 o CVE-2024-36347 --------------------------------------------------------------------------------- Related notices o USN-8188-1 o USN-8187-1 o USN-8186-1 o USN-8185-1 o USN-8184-1 o USN-8183-1 o USN-8180-1 o USN-8180-2 o USN-8179-1 o USN-8179-2 o USN-8177-1 o USN-8163-1 o USN-8163-2 o USN-8162-1 o USN-8141-1 o USN-8116-1 o USN-8096-1 o USN-8096-2 o USN-8096-3 o USN-8096-4 o USN-8096-5 --------------------------------------------------------------------------------- - --------------------------END INCLUDED TEXT---------------------- You have received this e-mail bulletin as a result of your organisation's registration with AUSCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AUSCERT's members. As AUSCERT did not write the document quoted above, AUSCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AUSCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://portal.auscert.org.au/bulletins/ =========================================================================== AUSCERT The University of Queensland, Brisbane QLD 4072 Australia e: auscert@auscert.org.au t: +61 (0)7 3365 4417 Allies in Cyber Security ===========================================================================
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu | Linux kernel (Real-time) |