[Ksplice][Ubuntu-24.04-Updates] New Ksplice updates for Ubuntu 24.04 Noble (USN-7835-1)

[Oracle Ksplice]

Synopsis: USN-7835-1 can now be patched using Ksplice
CVEs: CVE-2025-22036 CVE-2025-22038 CVE-2025-22041 CVE-2025-22057 CVE-2025-22068 CVE-2025-22070 CVE-2025-22079 CVE-2025-22083 CVE-2025-39682 CVE-2025-39735

Systems running Ubuntu 24.04 Noble can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-7835-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running Ubuntu 24.04
Noble install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2025-22036: Privilege escalation in exFAT filesystem driver.

* CVE-2025-22038: Out-of-bounds memory access in KSMBD SMB3 server driver.

* CVE-2025-22041: Use-after-free when using SMB in multichannel mode in KSMBD SMB3 server driver.

* CVE-2025-22057: Privilege escalation in Networking driver.

* CVE-2025-22068: Use-after-free in Userspace block driver.

* CVE-2025-22070: Denial-of-service in Plan 9 Resource Sharing driver.

* CVE-2025-22079: Out-of-bounds access in OCFS2 file system driver.

* CVE-2025-22083: Privilege escalation in Vhost kernel TCM fabric driver for virtio SCSI.

* CVE-2025-39682: Use-after-free in Transport Layer Security driver.

* CVE-2025-39735: Out-of-bounds memory access in JFS filesystem driver.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.