On June 6, 2025, an important security update (USN-7553-3) was released for the Linux kernel with FIPS (Federal Information Processing Standards) compliance for Ubuntu 18.04 LTS. This update addresses multiple security vulnerabilities that could potentially allow attackers to compromise the system.
The update specifically targets several subsystems within the Linux kernel, including the clock framework, GPU and parport drivers, various file systems (Ext4, JFFS2, JFS), the Sun RPC protocol, and USB sound devices. The vulnerabilities are linked to multiple CVEs (Common Vulnerabilities and Exposures), indicating a range of security issues that have been identified and rectified.
To apply the update, users of Ubuntu 18.04 LTS must upgrade to specific package versions, which include:
- linux-image-4.15.0-1136-fips version 4.15.0-1136.147
- linux-image-fips version 4.15.0.1136.133 (available via Ubuntu Pro)
It's important to note that due to a necessary ABI (Application Binary Interface) change, users will need to recompile and reinstall any third-party kernel modules that they have previously installed. A standard system upgrade typically handles this automatically, provided that the standard kernel metapackages remain installed.
For further details and to ensure your system is secure, users can refer to the provided links for security notices and package information.
Extension:
To maintain system security, users should regularly monitor their systems for updates and vulnerabilities. It’s advisable to subscribe to Ubuntu's security notices and keep track of newly released patches. Moreover, for organizations relying on Ubuntu 18.04 LTS, planning an upgrade to a newer version of Ubuntu may be beneficial, as long-term support (LTS) versions receive updates for five years from their release date. Transitioning to a more current version can enhance security and access more advanced features, reflecting ongoing improvements in the kernel and associated software components. Additionally, users should consider implementing robust monitoring tools to detect unusual activities that may indicate a security breach, thus augmenting their preventive measures in conjunction with regular updates
The update specifically targets several subsystems within the Linux kernel, including the clock framework, GPU and parport drivers, various file systems (Ext4, JFFS2, JFS), the Sun RPC protocol, and USB sound devices. The vulnerabilities are linked to multiple CVEs (Common Vulnerabilities and Exposures), indicating a range of security issues that have been identified and rectified.
To apply the update, users of Ubuntu 18.04 LTS must upgrade to specific package versions, which include:
- linux-image-4.15.0-1136-fips version 4.15.0-1136.147
- linux-image-fips version 4.15.0.1136.133 (available via Ubuntu Pro)
It's important to note that due to a necessary ABI (Application Binary Interface) change, users will need to recompile and reinstall any third-party kernel modules that they have previously installed. A standard system upgrade typically handles this automatically, provided that the standard kernel metapackages remain installed.
For further details and to ensure your system is secure, users can refer to the provided links for security notices and package information.
Extension:
To maintain system security, users should regularly monitor their systems for updates and vulnerabilities. It’s advisable to subscribe to Ubuntu's security notices and keep track of newly released patches. Moreover, for organizations relying on Ubuntu 18.04 LTS, planning an upgrade to a newer version of Ubuntu may be beneficial, as long-term support (LTS) versions receive updates for five years from their release date. Transitioning to a more current version can enhance security and access more advanced features, reflecting ongoing improvements in the kernel and associated software components. Additionally, users should consider implementing robust monitoring tools to detect unusual activities that may indicate a security breach, thus augmenting their preventive measures in conjunction with regular updates
Linux kernel (FIPS) update for Ubuntu 18.04 LTS
A Linux kernel with FIPS security update has been released for Ubuntu Linux 18.04 LTS:
[USN-7553-3] Linux kernel (FIPS) vulnerabilitiesLinux kernel (FIPS) update for Ubuntu 18.04 LTS @ Linux Compatible
