[Ksplice][Ubuntu-24.04-Updates] New Ksplice updates for Ubuntu 24.04 Noble (USN-8179-1)
Oracle Ksplice
gregory.herrero at oracle.com
Tue May 26 13:07:07 UTC 2026
Synopsis: USN-8179-1 can now be patched using Ksplice
CVEs: CVE-2024-57795 CVE-2025-38022 CVE-2025-68741 CVE-2025-68764 CVE-2025-68775 CVE-2025-68776 CVE-2025-68788 CVE-2025-68794 CVE-2025-68798 CVE-2025-68810 CVE-2025-68811 CVE-2025-68813 CVE-2025-71066 CVE-2025-71068 CVE-2025-71084 CVE-2025-71089 CVE-2025-71097 CVE-2025-71098 CVE-2025-71104 CVE-2025-71120 CVE-2025-71131 CVE-2025-71147 CVE-2026-23209 CVE-2026-23273
Systems running Ubuntu 24.04 Noble can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-8179-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running Ubuntu 24.04
Noble install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2024-57795: Use-after-free in InfiniBand driver.
* CVE-2025-38022: Use-after-free in InfiniBand driver.
* CVE-2025-68741: Use-after-free in QLogic QLA2XXX Fibre Channel driver.
* CVE-2025-68764: Insufficient privilege checks in NFS client driver.
* CVE-2025-68775: Use-after-free in Generic netlink handshake service.
* CVE-2025-68776: Null pointer dereference in High-availability Seamless Redundancy (HSR & PRP) driver.
* CVE-2025-68788: Information leak in fsnotify.
* CVE-2025-68794: Out-of-bounds memory access in block layer driver.
* CVE-2025-68798: Kernel crash in AMD Performance Monitoring Unit.
* CVE-2025-68810: Use-after-free in KVM.
* CVE-2025-68811: Out-of-bounds memory access in RPC-over-RDMA transport driver.
* CVE-2025-68813: Null pointer dereference in IP virtual server driver.
* CVE-2025-71066: Use-after-free in ETS network scheduler.
* CVE-2025-71068: Out-of-bounds memory access in RPC-over-RDMA transport driver.
* CVE-2025-71084: Reference count leak in InfiniBand driver.
* CVE-2025-71089: Use-after-free in IOMMU Shared Virtual Addressing.
* CVE-2025-71097: Reference count leak in TCP/IP networking driver.
* CVE-2025-71098: Kernel panic in IPv6 GRE tunnel driver.
* CVE-2025-71104: Hard lockup in KVM.
* CVE-2025-71120: Null pointer dereference in SunRPC GSS.
* CVE-2025-71131: Use-after-free in Sequence Number IV Generator driver.
* CVE-2025-71147: Memory leak in TPM-based trusted keys driver.
* CVE-2026-23209, CVE-2026-23273: Use-after-free in MAC-VLAN driver.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-24.04-updates
mailing list