Linux Kernel Update for Ubuntu on Oracle Cloud
On April 25, 2025, Ubuntu released an important security update (USN-7455-4) for the Linux kernel tailored for Oracle Cloud systems, specifically addressing vulnerabilities present in the linux-oracle-5.15 package. This update is critical for users running Ubuntu 20.04 LTS and its derivatives.
Key Vulnerabilities Addressed:
The update resolves multiple security issues, notably:
1. Out-of-bounds Write Vulnerability: Discovered by Jann Horn, this flaw in the watch_queue event notification subsystem could allow a local attacker to crash the system or escalate privileges. (CVE-2022-0995)
2. Various Other Security Flaws: The update also corrects vulnerabilities across multiple kernel subsystems, including:
- Network drivers
- File systems (including NTFS3)
- Ethernet bridge
- IPv6 networking
- VMware vSockets driver
These vulnerabilities pose a risk of system compromise, making the update essential for maintaining system security. A series of CVEs (Common Vulnerabilities and Exposures) have been assigned to these issues, indicating their severity and the need for immediate attention.
Update Instructions:
To apply these updates, users should update their systems to the following package versions:
- `linux-image-5.15.0-1079-oracle 5.15.0-1079.85~20.04.1`
- `linux-image-oracle 5.15.0.1079.85~20.04.1`
After performing the standard system update, it is necessary to reboot the computer to implement all changes.
Important Note: Due to an unavoidable ABI (Application Binary Interface) change associated with this kernel update, users must recompile and reinstall any third-party kernel modules. Fortunately, if users have not manually uninstalled the standard kernel metapackages, the system upgrade will handle this process automatically.
Further Information:
For additional details regarding the vulnerabilities and the update process, users can refer to the following links:
- [Ubuntu Security Notice USN-7455-4](https://ubuntu.com/security/notices/USN-7455-4)
- [CVE References](https://ubuntu.com/security/notices/USN-7455-3)
This update underscores the importance of regularly maintaining and updating system components to safeguard against potential attacks and vulnerabilities. Users are encouraged to stay vigilant and ensure their systems are up-to-date
On April 25, 2025, Ubuntu released an important security update (USN-7455-4) for the Linux kernel tailored for Oracle Cloud systems, specifically addressing vulnerabilities present in the linux-oracle-5.15 package. This update is critical for users running Ubuntu 20.04 LTS and its derivatives.
Key Vulnerabilities Addressed:
The update resolves multiple security issues, notably:
1. Out-of-bounds Write Vulnerability: Discovered by Jann Horn, this flaw in the watch_queue event notification subsystem could allow a local attacker to crash the system or escalate privileges. (CVE-2022-0995)
2. Various Other Security Flaws: The update also corrects vulnerabilities across multiple kernel subsystems, including:
- Network drivers
- File systems (including NTFS3)
- Ethernet bridge
- IPv6 networking
- VMware vSockets driver
These vulnerabilities pose a risk of system compromise, making the update essential for maintaining system security. A series of CVEs (Common Vulnerabilities and Exposures) have been assigned to these issues, indicating their severity and the need for immediate attention.
Update Instructions:
To apply these updates, users should update their systems to the following package versions:
- `linux-image-5.15.0-1079-oracle 5.15.0-1079.85~20.04.1`
- `linux-image-oracle 5.15.0.1079.85~20.04.1`
After performing the standard system update, it is necessary to reboot the computer to implement all changes.
Important Note: Due to an unavoidable ABI (Application Binary Interface) change associated with this kernel update, users must recompile and reinstall any third-party kernel modules. Fortunately, if users have not manually uninstalled the standard kernel metapackages, the system upgrade will handle this process automatically.
Further Information:
For additional details regarding the vulnerabilities and the update process, users can refer to the following links:
- [Ubuntu Security Notice USN-7455-4](https://ubuntu.com/security/notices/USN-7455-4)
- [CVE References](https://ubuntu.com/security/notices/USN-7455-3)
This update underscores the importance of regularly maintaining and updating system components to safeguard against potential attacks and vulnerabilities. Users are encouraged to stay vigilant and ensure their systems are up-to-date
Linux kernel (Oracle) update for Ubuntu
Ubuntu Linux has received updates that address security vulnerabilities within the Linux kernel for Oracle Cloud systems:
[USN-7455-4] Linux kernel (Oracle) vulnerabilities
