USN-8277-1

Details

It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems:

S390 architecture;
Cryptographic API;
GPU drivers;
Ethernet bonding driver;
Network file system (NFS) server daemon;
Distributed Switch Architecture;
Netfilter;
Control group (cgroup);
Kernel kexec() syscall;
Memory management;
MAC80211 subsystem;
Multipath TCP;
Packet sockets;
TLS protocol;
Unix domain sockets; (CVE-2025-71088, CVE-2025-71090, CVE-2025-71127, CVE-2025-71134, CVE-2025-71139, CVE-2025-71141, CVE-2025-71142, CVE-2025-71144, CVE-2025-71152, CVE-2025-71155, CVE-2026-23274, CVE-2026-23351, CVE-2026-23394, CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078)

Affected Packages

linux-hwe-6.17

Ubuntu 24.04 LTS

Fixed in:

6.17.0-29.29~24.04.1

linux-oem-6.17

Ubuntu 24.04 LTS

Fixed in:

6.17.0-1023.23

linux

Ubuntu 25.10

Fixed in:

6.17.0-29.29

linux-aws

Ubuntu 25.10

Fixed in:

6.17.0-1015.15

linux-oracle

Ubuntu 25.10

Fixed in:

6.17.0-1014.14

linux-raspi

Ubuntu 25.10

Fixed in:

6.17.0-1017.17

linux-realtime

Ubuntu 25.10

Fixed in:

6.17.0-1013.15

linux-realtime-6.17

Ubuntu Pro Realtime 24.04 LTS

Fixed in:

6.17.0-1013.15~24.04.1

References

ADVISORY

https://ubuntu.com/security/notices/USN-8277-1