USN-8094-2

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853)

It was discovered that some AMD Zen 5 processors supporting RDSEED instruction did not properly handle entropy, potentially resulting in the consumption of insufficiently random values. A local attacker could possibly use this issue to influence the values returned by the RDSEED instruction causing loss of confidentiality and integrity. (CVE-2025-62626)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems:

• ARM64 architecture;
• S390 architecture;
• x86 architecture;
• Block layer subsystem;
• Cryptographic API;
• Compute Acceleration Framework;
• ATM drivers;
• Network block device driver;
• Bluetooth drivers;
• Data acquisition framework and drivers;
• Hardware crypto device drivers;
• Device frequency scaling framework;
• Intel Stratix 10 firmware drivers;
• GPIO subsystem;
• GPU drivers;
• Microsoft Hyper-V drivers;
• CoreSight HW tracing drivers;
• IIO subsystem;
• InfiniBand drivers;
• Input Device core drivers;
• Input Device (Tablet) drivers;
• IOMMU subsystem;
• IRQ chip drivers;
• Macintosh device drivers;
• Multiple devices driver;
• MOST (Media Oriented Systems Transport) drivers;
• MTD block device drivers;
• Network drivers;
• Mellanox network drivers;
• Texas Instruments network drivers;
• Ethernet team driver;
• MediaTek network drivers;
• NVME drivers;
• Pin controllers subsystem;
• x86 platform drivers;
• Voltage and Current Regulator drivers;
• Real Time Clock drivers;
• S/390...