From gregory.herrero at oracle.com Wed May 6 19:27:09 2026 From: gregory.herrero at oracle.com (Oracle Ksplice) Date: Wed, 06 May 2026 19:27:09 -0000 Subject: [Ksplice][Ubuntu-24.04-Updates] New Ksplice updates for Ubuntu 24.04 Noble (USN-8148-1) Message-ID: <9bf94fc0c9aca8e00e50188a2551d5e0@ksplice.com> Synopsis: USN-8148-1 can now be patched using Ksplice CVEs: CVE-2026-23060 CVE-2026-23074 CVE-2026-23111 Systems running Ubuntu 24.04 Noble can now use Ksplice to patch against the latest Ubuntu Security Notice, USN-8148-1. INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running Ubuntu 24.04 Noble install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2026-23060: Null pointer dereference in Authenc driver. * CVE-2026-23074: Use-after-free in TEQL network scheduler. * CVE-2026-23111: Use-after-free in Netfilter driver. SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From gregory.herrero at oracle.com Tue May 26 13:07:07 2026 From: gregory.herrero at oracle.com (Oracle Ksplice) Date: Tue, 26 May 2026 13:07:07 +0000 Subject: [Ksplice][Ubuntu-24.04-Updates] New Ksplice updates for Ubuntu 24.04 Noble (USN-8179-1) Message-ID: <6813b0b3331f008094299a26ea915e10@ksplice.com> Synopsis: USN-8179-1 can now be patched using Ksplice CVEs: CVE-2024-57795 CVE-2025-38022 CVE-2025-68741 CVE-2025-68764 CVE-2025-68775 CVE-2025-68776 CVE-2025-68788 CVE-2025-68794 CVE-2025-68798 CVE-2025-68810 CVE-2025-68811 CVE-2025-68813 CVE-2025-71066 CVE-2025-71068 CVE-2025-71084 CVE-2025-71089 CVE-2025-71097 CVE-2025-71098 CVE-2025-71104 CVE-2025-71120 CVE-2025-71131 CVE-2025-71147 CVE-2026-23209 CVE-2026-23273 Systems running Ubuntu 24.04 Noble can now use Ksplice to patch against the latest Ubuntu Security Notice, USN-8179-1. INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running Ubuntu 24.04 Noble install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2024-57795: Use-after-free in InfiniBand driver. * CVE-2025-38022: Use-after-free in InfiniBand driver. * CVE-2025-68741: Use-after-free in QLogic QLA2XXX Fibre Channel driver. * CVE-2025-68764: Insufficient privilege checks in NFS client driver. * CVE-2025-68775: Use-after-free in Generic netlink handshake service. * CVE-2025-68776: Null pointer dereference in High-availability Seamless Redundancy (HSR & PRP) driver. * CVE-2025-68788: Information leak in fsnotify. * CVE-2025-68794: Out-of-bounds memory access in block layer driver. * CVE-2025-68798: Kernel crash in AMD Performance Monitoring Unit. * CVE-2025-68810: Use-after-free in KVM. * CVE-2025-68811: Out-of-bounds memory access in RPC-over-RDMA transport driver. * CVE-2025-68813: Null pointer dereference in IP virtual server driver. * CVE-2025-71066: Use-after-free in ETS network scheduler. * CVE-2025-71068: Out-of-bounds memory access in RPC-over-RDMA transport driver. * CVE-2025-71084: Reference count leak in InfiniBand driver. * CVE-2025-71089: Use-after-free in IOMMU Shared Virtual Addressing. * CVE-2025-71097: Reference count leak in TCP/IP networking driver. * CVE-2025-71098: Kernel panic in IPv6 GRE tunnel driver. * CVE-2025-71104: Hard lockup in KVM. * CVE-2025-71120: Null pointer dereference in SunRPC GSS. * CVE-2025-71131: Use-after-free in Sequence Number IV Generator driver. * CVE-2025-71147: Memory leak in TPM-based trusted keys driver. * CVE-2026-23209, CVE-2026-23273: Use-after-free in MAC-VLAN driver. SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com.