Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this to expose sensitive information from the host OS. (CVE-2025-40300) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Virtio block driver; - DMA engine subsystem; - GPU drivers; - HSI subsystem; - Media drivers; - Network drivers; - Ethernet team driver; - TTY drivers; - Framebuffer layer; - BTRFS file system; - Ext4 file system; - Network file system (NFS) server daemon; - Timer subsystem; - DCCP (Datagram Congestion Control Protocol); - IPv6 networking; - NET/ROM layer; - Packet sockets; - SCTP protocol; - VMware vSockets driver; - USB sound devices; (CVE-2021-47149, CVE-2021-47294, CVE-2021-47319, CVE-2021-47330, CVE-2021-47589, CVE-2023-52574, CVE-2023-52650, CVE-2024-27078, CVE-2024-35849, CVE-2024-49924, CVE-2024-50006, CVE-2024-50299, CVE-2024-53124, CVE-2024-53150, CVE-2024-56767, CVE-2025-21796, CVE-2025-37785, CVE-2025-37838, CVE-2025-38352, CVE-2025-38617, CVE-2025-38618)
Continue reading...
Continue reading...
