Published: July 1, 2025
Overview: High-Risk Linux Kernel Vulnerabilities Addressed
The Linux kernel (Real-time) has been patched to resolve multiple critical security flaws that could allow attackers to compromise systems, escalate privileges, or execute arbitrary code.
This update addresses vulnerabilities across key subsystems, including GPU drivers, SMB file sharing, memory management, Netfilter, and network traffic control.
🚨 Urgent Action Required: System administrators must apply these patches immediately to mitigate exploitation risks.
Affected Packages & Update Instructions
Patched Linux Kernel (Real-time) Versions
| Ubuntu Release | Package Version |
|---|---|
| 22.04 (Jammy) | linux-image-5.15.0-1087-realtime – 5.15.0-1087.96 |
| 22.04 (Jammy) | linux-image-realtime – 5.15.0.1087.91 |
How to Apply the Update
Run a standard system update:
sudo apt update && sudo apt upgradeReboot your system to activate the new kernel.
Recompile third-party kernel modules (if applicable) due to an unavoidable ABI change.
⚠ Important Note: If you manually removed standard kernel metapackages (e.g., linux-generic), ensure proper reinstallation to avoid boot issues.
Key Security Vulnerabilities Fixed (CVE List)
This update resolves critical flaws, including:
CVE-2025-38001: GPU driver privilege escalation
CVE-2025-38000: SMB file system remote code execution
CVE-2025-37997: Memory management corruption
CVE-2025-37932: Netfilter firewall bypass
CVE-2025-37890: Network traffic control denial-of-service
🔍 Full CVE Details: Ubuntu Security Notices
How to Reduce Future Security Risks
Upgrading to Ubuntu Pro extends security coverage to 25,000+ packages for 10 years, including Main and Universe repositories.
✅ Free for up to 5 machines – Get Ubuntu Pro Now
FAQ: Linux Kernel Security Update
Q: Do I need to reboot after updating?
A: Yes, a reboot is mandatory to load the new kernel.
Q: What if I use custom kernel modules?
A: Recompile and reinstall them due to ABI changes.
Q: How do I check my current kernel version?
A: Run:
uname -r
Nenhum comentário:
Postar um comentário