USN-7328-1

Details

Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems:

Block layer subsystem; (CVE-2024-56672)

Affected Packages

Ubuntu:20.04:LTSlinux-intel-iotg-5.15

Fixed in:

5.15.0-1074.80~20.04.1

Ubuntu:20.04:LTSlinux-oracle-5.15

Fixed in:

5.15.0-1076.82~20.04.1

Ubuntu:22.04:LTSlinux-aws

Fixed in:

5.15.0-1079.86

Ubuntu:22.04:LTSlinux-gkeop

Fixed in:

5.15.0-1061.69

Ubuntu:22.04:LTSlinux-ibm

Fixed in:

5.15.0-1071.74

Ubuntu:22.04:LTSlinux-intel-iotg

Fixed in:

5.15.0-1074.80

Ubuntu:22.04:LTSlinux-oracle

Fixed in:

5.15.0-1076.82

Ubuntu:22.04:LTSlinux-raspi

Fixed in:

5.15.0-1073.76

References

REPORThttps://ubuntu.com/security/CVE-2024-56672 REPORThttps://ubuntu.com/security/CVE-2025-0927 ADVISORYhttps://ubuntu.com/security/notices/USN-7328-1

USN-7328-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline