[Ksplice][Ubuntu-22.04-Updates] New Ksplice updates for Ubuntu 22.04 Jammy (USN-8033-1)

Tue Mar 10 02:10:51 UTC 2026

Synopsis: USN-8033-1 can now be patched using Ksplice
CVEs: CVE-2025-38236 CVE-2025-38248 CVE-2025-39880 CVE-2025-39885 CVE-2025-39955 CVE-2025-39973 CVE-2025-40027 CVE-2025-40044 CVE-2025-40055 CVE-2025-40068 CVE-2025-40087 CVE-2025-40105 CVE-2025-40111 CVE-2025-40134 CVE-2025-40173 CVE-2025-40186 CVE-2025-40187 CVE-2025-40204 CVE-2025-40205 CVE-2025-40215 CVE-2025-40231 CVE-2025-40233 CVE-2025-40240 CVE-2025-40256

Systems running Ubuntu 22.04 Jammy can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-8033-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 22.04
Jammy install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

DESCRIPTION

* CVE-2025-38236: Out-of-bounds memory access in Unix domain sockets driver.

* CVE-2025-38248: Use-after-free in 802.1d Ethernet Bridge driver.

* CVE-2025-39880: Kernel crash in Ceph core library driver.

* CVE-2025-39885: Deadlock in OCFS2 filesystem driver.

* CVE-2025-39955, CVE-2025-40186: Dropped packets in TCP/IP networking driver.

* CVE-2025-39973: Out-of-bounds memory access in Intel(R) Ethernet Controller XL710 Family driver.

* CVE-2025-40027: Use-after-free in 9P protocol stack.

* CVE-2025-40044: Out-of-bounds memory access in UDF filesystem.

* CVE-2025-40055: Use-after-free in OCFS2 filesystem.

* CVE-2025-40068: Integer overflow in NTFS filesystem driver.

* CVE-2025-40087: Remote null pointer dereference in Parallel NFS FlexFile server driver.

* CVE-2025-40105: Memory leak in core filesystem layer.

* CVE-2025-40111: Use-after-free in VMware vGPU driver.

* CVE-2025-40134: Null pointer dereference in multi-device driver (RAID/LVM).

* CVE-2025-40173: Use-after-free in IPv6 networking stack.

* CVE-2025-40187: Null pointer dereference in SCTP Protocol driver.

* CVE-2025-40204: Variable-time MAC check in SCTP Protocol driver.

* CVE-2025-40205: Out-of-bounds memory access in BTRFS filesystem.

* CVE-2025-40231: Deadlock in Virtual Socket protocol driver.

* CVE-2025-40233: Kernel crash in OCFS2 filesystem driver.

* CVE-2025-40240: Remote null pointer dereference in SCTP Protocol driver.

* CVE-2025-40256, CVE-2025-40215: Race condition in XFRM subsystem.

* Logic error in Transport Layer Security driver.

* Note: Oracle has determined some CVEs are not applicable.

The kernel is not affected by the following CVEs
since the code under consideration is not compiled.

CVE-2024-56538, CVE-2025-39869, CVE-2025-39873, CVE-2025-39876,
CVE-2025-39923, CVE-2025-39934, CVE-2025-39951, CVE-2025-39986,
CVE-2025-40029, CVE-2025-40060, CVE-2025-40081, CVE-2025-40112,
CVE-2025-40124, CVE-2025-40126, CVE-2025-40127, CVE-2025-40188,
CVE-2025-40245, CVE-2025-40346

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.