Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this to expose sensitive information from the host OS. (CVE-2025-40300)
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems:
5.4.0-1152.162~18.04.15.4.0-1155.164~18.04.15.4.0-223.243~18.04.15.4.0-1098.103~18.04.15.4.0-1150.160~18.04.15.4.0-1135.148~18.04.15.4.0-223.2435.4.0-1152.1625.4.0-1155.1645.4.0-1098.103