Risk Scores
CVSS v3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu | Linux kernel (Raspberry Pi Real-time) |
Timeline
- Apr 24, 2026 CVE Published
- Apr 24, 2026 Distribution Patch
=========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2026.4113 USN-8204-1: Linux kernel (Raspberry Pi Real-time) vulnerabilities 24 April 2026 =========================================================================== AUSCERT Security Bulletin Summary --------------------------------- Product: Linux kernel (Raspberry Pi Real-time) Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2025-40325 CVE-2025-68767 CVE-2025-68769 CVE-2025-68770 CVE-2025-68771 CVE-2025-68772 CVE-2025-68773 CVE-2025-68774 CVE-2025-68775 CVE-2025-68776 CVE-2025-68777 CVE-2025-68778 CVE-2025-68780 CVE-2025-68782 CVE-2025-68783 CVE-2025-68785 CVE-2025-68786 CVE-2025-68787 CVE-2025-68788 CVE-2025-68794 CVE-2025-68795 CVE-2025-68796 CVE-2025-68797 CVE-2025-68798 CVE-2025-68799 CVE-2025-68800 CVE-2025-68801 CVE-2025-68804 CVE-2025-68806 CVE-2025-68808 CVE-2025-68809 CVE-2025-68810 CVE-2025-68811 CVE-2025-68814 CVE-2025-68815 CVE-2025-68816 CVE-2025-68817 CVE-2025-68818 CVE-2025-68819 CVE-2025-68820 CVE-2025-68821 CVE-2025-71064 CVE-2025-71065 CVE-2025-71066 CVE-2025-71067 CVE-2025-71068 CVE-2025-71069 CVE-2025-71071 CVE-2025-71072 CVE-2025-71075 CVE-2025-71077 CVE-2025-71078 CVE-2025-71079 CVE-2025-71080 CVE-2025-71081 CVE-2025-71082 CVE-2025-71083 CVE-2025-71084 CVE-2025-71085 CVE-2025-71086 CVE-2025-71087 CVE-2025-71088 CVE-2025-71089 CVE-2025-71091 CVE-2025-71093 CVE-2025-71094 CVE-2025-71095 CVE-2025-71097 CVE-2025-71098 CVE-2025-71101 CVE-2025-71102 CVE-2025-71104 CVE-2025-71105 CVE-2025-71107 CVE-2025-71108 CVE-2025-71109 CVE-2025-71111 CVE-2025-71112 CVE-2025-71113 CVE-2025-71114 CVE-2025-71116 CVE-2025-71118 CVE-2025-71119 CVE-2025-71121 CVE-2025-71122 CVE-2025-71123 CVE-2025-71125 CVE-2025-71126 CVE-2025-71127 CVE-2025-71130 CVE-2025-71131 CVE-2025-71132 CVE-2025-71133 CVE-2025-71135 CVE-2025-71136 CVE-2025-71137 CVE-2025-71138 CVE-2025-71140 CVE-2025-71143 CVE-2025-71144 CVE-2025-71147 CVE-2025-71148 CVE-2025-71149 CVE-2025-71150 CVE-2025-71151 CVE-2025-71153 CVE-2025-71154 CVE-2025-38234 CVE-2025-38022 CVE-2025-68261 CVE-2025-68263 CVE-2025-68266 CVE-2025-68291 CVE-2025-68325 CVE-2025-68336 CVE-2025-68337 CVE-2025-68364 CVE-2025-68366 CVE-2025-68367 CVE-2025-68369 CVE-2025-68371 CVE-2025-68372 CVE-2025-68727 CVE-2025-68728 CVE-2025-68733 CVE-2025-68764 CVE-2025-68763 CVE-2026-23209 CVE-2025-68756 CVE-2025-68813 CVE-2025-71120 CVE-2025-68755 CVE-2025-68265 CVE-2024-57795 CVE-2025-68206 CVE-2025-68255 CVE-2025-68257 CVE-2025-68258 CVE-2025-68259 CVE-2025-68264 CVE-2025-68332 CVE-2025-68335 CVE-2025-40164 CVE-2025-68345 CVE-2025-68346 CVE-2025-68347 CVE-2025-68354 CVE-2025-68362 CVE-2025-68378 CVE-2025-68380 CVE-2025-68724 CVE-2025-68732 CVE-2025-68740 CVE-2025-68742 CVE-2025-68744 CVE-2025-68746 CVE-2025-68374 CVE-2025-68741 CVE-2025-68753 CVE-2025-68757 CVE-2025-68758 CVE-2025-68759 CVE-2025-68765 CVE-2025-68766 CVE-2025-68256 CVE-2025-68254 CVE-2025-68344 CVE-2025-68363 CVE-2025-71096 CVE-2024-36347 CVE-2025-68349 CVE-2025-22111 CVE-2025-68379 CVE-2025-71141 CVE-2025-22022 Original Bulletin: https://ubuntu.com/security/notices/USN-8204-1 Comment: CVSS (Max): 9.8 CVE-2025-68263 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: [Ubuntu], Red Hat, SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H EPSS (Max): 0.1% (31st) CVE-2025-22111 2026-04-23 - --------------------------BEGIN INCLUDED TEXT-------------------- USN-8204-1: Linux kernel (Raspberry Pi Real-time) vulnerabilities Publication date 23 April 2026 Overview Several security issues were fixed in the Linux kernel. Releases 24.04 LTS --------------------------------------------------------------------------------- Open side navigation Packages o linux-raspi-realtime - Linux kernel for Raspberry Pi Real-time systems Details Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcode causing loss of integrity and confidentiality. ( CVE-2024-36347 ) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: o MIPS architecture; o PowerPC architecture; o x86 architecture; o Block layer subsystem; o Cryptographic API; o ACPI drivers; o Network block device driver; o Bluetooth drivers; o Character device driver; o TPM device driver; o Clock framework and drivers; o Data acquisition framework and drivers; o Hardware crypto device drivers; o GPU drivers; o Hardware monitoring drivers; o InfiniBand drivers; o Input Device core drivers; o IOMMU subsystem; o IRQ chip drivers; o Macintosh device drivers; o Multiple devices driver; o Media drivers; o Network drivers; o Mellanox network drivers; o STMicroelectronics network drivers; o Ethernet team driver; o MediaTek network drivers; o NVME drivers; o PA-RISC drivers; o Chrome hardware platform drivers; o x86 platform drivers; o Voltage and Current Regulator drivers; o SCSI subsystem; o SPI subsystem; o Media Oriented Systems Transport (MOST) driver; o Realtek RTL8723BS SDIO drivers; o TCM subsystem; o USB Host Controller drivers; o USB Type-C Connector System Software Interface driver; o Backlight driver; o Watchdog drivers; o BFS file system; o BTRFS file system; o Ext4 file system; o F2FS file system; o FUSE (File system in Userspace); o HFS+ file system; o File systems infrastructure; o Journaling layer for block devices (JBD2); o Network file system (NFS) client; o File system notification infrastructure; o NTFS3 file system; o OCFS2 file system; o SMB network file system; o BPF subsystem; o Ethernet bridge; o io_uring subsystem; o Locking primitives; o Scheduler infrastructure; o Shadow Call Stack mechanism; o Tracing infrastructure; o Memory management; o CAIF protocol; o Ceph Core library; o Networking core; o Ethtool driver; o Handshake API; o HSR network protocol; o IPv4 networking; o IPv6 networking; o MAC80211 subsystem; o Multipath TCP; o Netfilter; o NET/ROM layer; o NFC subsystem; o Open vSwitch; o Rose network layer; o Network traffic control; o Network sockets; o Sun RPC protocol; o Integrity Measurement Architecture(IMA) framework; o Key management; o Simplified Mandatory Access Control Kernel framework; o FireWire sound drivers; o HD-audio driver; o Turtle Beach Wavefront ALSA driver; o STMicroelectronics SoC drivers; o USB sound devices; o KVM subsystem --------------------------------------------------------------------------------- Update instructions ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. The problem can be corrected by updating your system to the following package versions: Ubuntu Package Version Release linux-image-6.8.0-2042-raspi-realtime - 6.8.0-2042.43 Real-time Real-time kernel available with Ubuntu Pro. 24.04 LTS linux-image-raspi-realtime - 6.8.0-2042.43 Real-time Real-time noble kernel available with Ubuntu Pro. linux-image-raspi-realtime-6.8 - 6.8.0-2042.43 Real-time Real-time kernel available with Ubuntu Pro. --------------------------------------------------------------------------------- References o CVE-2026-23209 o CVE-2025-71154 o CVE-2025-71153 o CVE-2025-71151 o CVE-2025-71150 o CVE-2025-71149 o CVE-2025-71148 o CVE-2025-71147 o CVE-2025-71144 o CVE-2025-71143 o CVE-2025-71141 o CVE-2025-71140 o CVE-2025-71138 o CVE-2025-71137 o CVE-2025-71136 o CVE-2025-71135 o CVE-2025-71133 o CVE-2025-71132 o CVE-2025-71131 o CVE-2025-71130 o CVE-2025-71127 o CVE-2025-71126 o CVE-2025-71125 o CVE-2025-71123 o CVE-2025-71122 o CVE-2025-71121 o CVE-2025-71120 o CVE-2025-71119 o CVE-2025-71118 o CVE-2025-71116 o CVE-2025-71114 o CVE-2025-71113 o CVE-2025-71112 o CVE-2025-71111 o CVE-2025-71109 o CVE-2025-71108 o CVE-2025-71107 o CVE-2025-71105 o CVE-2025-71104 o CVE-2025-71102 o CVE-2025-71101 o CVE-2025-71098 o CVE-2025-71097 o CVE-2025-71096 o CVE-2025-71095 o CVE-2025-71094 o CVE-2025-71093 o CVE-2025-71091 o CVE-2025-71089 o CVE-2025-71088 o CVE-2025-71087 o CVE-2025-71086 o CVE-2025-71085 o CVE-2025-71084 o CVE-2025-71083 o CVE-2025-71082 o CVE-2025-71081 o CVE-2025-71080 o CVE-2025-71079 o CVE-2025-71078 o CVE-2025-71077 o CVE-2025-71075 o CVE-2025-71072 o CVE-2025-71071 o CVE-2025-71069 o CVE-2025-71068 o CVE-2025-71067 o CVE-2025-71066 o CVE-2025-71065 o CVE-2025-71064 o CVE-2025-68821 o CVE-2025-68820 o CVE-2025-68819 o CVE-2025-68818 o CVE-2025-68817 o CVE-2025-68816 o CVE-2025-68815 o CVE-2025-68814 o CVE-2025-68813 o CVE-2025-68811 o CVE-2025-68810 o CVE-2025-68809 o CVE-2025-68808 o CVE-2025-68806 o CVE-2025-68804 o CVE-2025-68801 o CVE-2025-68800 o CVE-2025-68799 o CVE-2025-68798 o CVE-2025-68797 o CVE-2025-68796 o CVE-2025-68795 o CVE-2025-68794 o CVE-2025-68788 o CVE-2025-68787 o CVE-2025-68786 o CVE-2025-68785 o CVE-2025-68783 o CVE-2025-68782 o CVE-2025-68780 o CVE-2025-68778 o CVE-2025-68777 o CVE-2025-68776 o CVE-2025-68775 o CVE-2025-68774 o CVE-2025-68773 o CVE-2025-68772 o CVE-2025-68771 o CVE-2025-68770 o CVE-2025-68769 o CVE-2025-68767 o CVE-2025-68766 o CVE-2025-68765 o CVE-2025-68764 o CVE-2025-68763 o CVE-2025-68759 o CVE-2025-68758 o CVE-2025-68757 o CVE-2025-68756 o CVE-2025-68755 o CVE-2025-68753 o CVE-2025-68746 o CVE-2025-68744 o CVE-2025-68742 o CVE-2025-68741 o CVE-2025-68740 o CVE-2025-68733 o CVE-2025-68732 o CVE-2025-68728 o CVE-2025-68727 o CVE-2025-68724 o CVE-2025-68380 o CVE-2025-68379 o CVE-2025-68378 o CVE-2025-68374 o CVE-2025-68372 o CVE-2025-68371 o CVE-2025-68369 o CVE-2025-68367 o CVE-2025-68366 o CVE-2025-68364 o CVE-2025-68363 o CVE-2025-68362 o CVE-2025-68354 o CVE-2025-68349 o CVE-2025-68347 o CVE-2025-68346 o CVE-2025-68345 o CVE-2025-68344 o CVE-2025-68337 o CVE-2025-68336 o CVE-2025-68335 o CVE-2025-68332 o CVE-2025-68325 o CVE-2025-68291 o CVE-2025-68266 o CVE-2025-68265 o CVE-2025-68264 o CVE-2025-68263 o CVE-2025-68261 o CVE-2025-68259 o CVE-2025-68258 o CVE-2025-68257 o CVE-2025-68256 o CVE-2025-68255 o CVE-2025-68254 o CVE-2025-68206 o CVE-2025-40325 o CVE-2025-40164 o CVE-2025-38234 o CVE-2025-38022 o CVE-2025-22111 o CVE-2025-22022 o CVE-2024-57795 o CVE-2024-36347 --------------------------------------------------------------------------------- Related notices o USN-8203-1 o USN-8188-1 o USN-8187-1 o USN-8186-1 o USN-8185-1 o USN-8184-1 o USN-8183-1 o USN-8183-2 o USN-8180-1 o USN-8180-2 o USN-8180-3 o USN-8180-4 o USN-8179-1 o USN-8179-2 o USN-8179-3 o USN-8177-1 o USN-8177-2 o USN-8163-1 o USN-8163-2 o USN-8162-1 o USN-8152-1 o USN-8141-1 o USN-8116-1 o USN-8096-1 o USN-8096-2 o USN-8096-3 o USN-8096-4 o USN-8096-5 o USN-8094-5 o USN-8094-1 o USN-8094-2 o USN-8094-3 o USN-8094-4 o USN-8048-1 o USN-8030-1 o USN-8029-1 o USN-8029-2 o USN-8029-3 o USN-8016-1 o USN-7856-1 o USN-7834-1 o USN-7833-1 o USN-7833-2 o USN-7833-3 o USN-7833-4 o USN-7721-1 o USN-7699-1 o USN-7699-2 o USN-7628-1 o USN-7606-1 o USN-7605-1 o USN-7605-2 o USN-7594-1 o USN-7594-2 o USN-7594-3 o USN-7382-1 o USN-7381-1 o USN-7380-1 o USN-7379-1 o USN-7379-2 --------------------------------------------------------------------------------- - --------------------------END INCLUDED TEXT---------------------- You have received this e-mail bulletin as a result of your organisation's registration with AUSCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AUSCERT's members. As AUSCERT did not write the document quoted above, AUSCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AUSCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://portal.auscert.org.au/bulletins/ =========================================================================== AUSCERT The University of Queensland, Brisbane QLD 4072 Australia e: auscert@auscert.org.au t: +61 (0)7 3365 4417 Allies in Cyber Security ===========================================================================
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu | Linux kernel (Raspberry Pi Real-time) |