{"id":"USN-7860-4","summary":"linux-intel-iot-realtime, linux-realtime vulnerability","details":"Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered\nthat the Linux kernel contained insufficient branch predictor isolation\nbetween a guest and a userspace hypervisor for certain processors. This\nflaw is known as VMSCAPE. An attacker in a guest VM could possibly use this\nto expose sensitive information from the host OS.\n","modified":"2026-02-10T04:50:21Z","published":"2025-11-07T10:37:29Z","related":["UBUNTU-CVE-2025-40300"],"upstream":["CVE-2025-40300","UBUNTU-CVE-2025-40300"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7860-4"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-40300"}],"affected":[{"package":{"name":"linux-intel-iot-realtime","ecosystem":"Ubuntu:Pro:Realtime:22.04:LTS","purl":"pkg:deb/ubuntu/linux-intel-iot-realtime@5.15.0-1088.90?arch=source&distro=realtime/jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.0-1088.90"}]}],"versions":["5.15.0-1021.26","5.15.0-1022.27","5.15.0-1023.28","5.15.0-1024.29","5.15.0-1028.33","5.15.0-1033.35","5.15.0-1034.36","5.15.0-1035.37","5.15.0-1036.38","5.15.0-1037.39","5.15.0-1038.40","5.15.0-1039.41","5.15.0-1040.42","5.15.0-1041.43","5.15.0-1042.44","5.15.0-1043.45","5.15.0-1044.46","5.15.0-1046.48","5.15.0-1047.49","5.15.0-1048.50","5.15.0-1049.51","5.15.0-1050.52","5.15.0-1053.55","5.15.0-1054.56","5.15.0-1055.57","5.15.0-1056.58","5.15.0-1057.59","5.15.0-1058.60","5.15.0-1059.61","5.15.0-1060.62","5.15.0-1061.63","5.15.0-1063.65","5.15.0-1064.66","5.15.0-1066.68","5.15.0-1071.73","5.15.0-1072.74","5.15.0-1073.75","5.15.0-1074.76","5.15.0-1075.77","5.15.0-1076.78","5.15.0-1077.79","5.15.0-1078.80","5.15.0-1079.81","5.15.0-1080.82","5.15.0-1081.83","5.15.0-1082.84","5.15.0-1083.85","5.15.0-1084.86","5.15.0-1085.87","5.15.0-1086.88","5.15.0-1087.89"],"ecosystem_specific":{"binaries":[{"binary_version":"5.15.0-1088.90","binary_name":"linux-buildinfo-5.15.0-1088-intel-iot-realtime"},{"binary_version":"5.15.0-1088.90","binary_name":"linux-cloud-tools-5.15.0-1088-intel-iot-realtime"},{"binary_version":"5.15.0-1088.90","binary_name":"linux-headers-5.15.0-1088-intel-iot-realtime"},{"binary_version":"5.15.0-1088.90","binary_name":"linux-image-unsigned-5.15.0-1088-intel-iot-realtime"},{"binary_version":"5.15.0-1088.90","binary_name":"linux-intel-iot-realtime-cloud-tools-5.15.0-1088"},{"binary_version":"5.15.0-1088.90","binary_name":"linux-intel-iot-realtime-cloud-tools-common"},{"binary_version":"5.15.0-1088.90","binary_name":"linux-intel-iot-realtime-headers-5.15.0-1088"},{"binary_version":"5.15.0-1088.90","binary_name":"linux-intel-iot-realtime-tools-5.15.0-1088"},{"binary_version":"5.15.0-1088.90","binary_name":"linux-intel-iot-realtime-tools-common"},{"binary_version":"5.15.0-1088.90","binary_name":"linux-intel-iot-realtime-tools-host"},{"binary_version":"5.15.0-1088.90","binary_name":"linux-modules-5.15.0-1088-intel-iot-realtime"},{"binary_version":"5.15.0-1088.90","binary_name":"linux-modules-extra-5.15.0-1088-intel-iot-realtime"},{"binary_version":"5.15.0-1088.90","binary_name":"linux-tools-5.15.0-1088-intel-iot-realtime"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7860-4.json","cves_map":{"cves":[{"id":"CVE-2025-40300","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]}],"ecosystem":"Ubuntu:Pro:Realtime:22.04:LTS"}}},{"package":{"name":"linux-realtime","ecosystem":"Ubuntu:Pro:Realtime:22.04:LTS","purl":"pkg:deb/ubuntu/linux-realtime@5.15.0-1095.104?arch=source&distro=realtime/jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.0-1095.104"}]}],"versions":["5.15.0-1006.6","5.15.0-1007.7","5.15.0-1009.9","5.15.0-1011.11","5.15.0-1014.14","5.15.0-1015.15","5.15.0-1016.16","5.15.0-1019.19","5.15.0-1020.20","5.15.0-1021.21","5.15.0-1022.22","5.15.0-1024.25","5.15.0-1025.28","5.15.0-1028.31","5.15.0-1029.32","5.15.0-1030.33","5.15.0-1032.35","5.15.0-1033.36","5.15.0-1034.37","5.15.0-1036.39","5.15.0-1037.40","5.15.0-1038.41","5.15.0-1039.42","5.15.0-1040.45","5.15.0-1041.46","5.15.0-1042.47","5.15.0-1043.48","5.15.0-1044.49","5.15.0-1045.50","5.15.0-1046.52","5.15.0-1048.54","5.15.0-1049.55","5.15.0-1050.56","5.15.0-1051.57","5.15.0-1052.58","5.15.0-1053.59","5.15.0-1054.60","5.15.0-1055.62","5.15.0-1056.63","5.15.0-1057.64","5.15.0-1058.66","5.15.0-1061.69","5.15.0-1062.70","5.15.0-1063.71","5.15.0-1064.72","5.15.0-1065.73","5.15.0-1066.74","5.15.0-1067.75","5.15.0-1068.76","5.15.0-1069.77","5.15.0-1070.78","5.15.0-1071.79","5.15.0-1072.80","5.15.0-1073.81","5.15.0-1074.82","5.15.0-1075.83","5.15.0-1076.84","5.15.0-1077.85","5.15.0-1078.86","5.15.0-1079.87","5.15.0-1080.88","5.15.0-1081.89","5.15.0-1082.91","5.15.0-1083.92","5.15.0-1084.93","5.15.0-1085.94","5.15.0-1086.95","5.15.0-1087.96","5.15.0-1088.97","5.15.0-1089.98","5.15.0-1090.99","5.15.0-1091.100","5.15.0-1092.101","5.15.0-1093.102","5.15.0-1094.103"],"ecosystem_specific":{"binaries":[{"binary_version":"5.15.0-1095.104","binary_name":"linux-buildinfo-5.15.0-1095-realtime"},{"binary_version":"5.15.0-1095.104","binary_name":"linux-cloud-tools-5.15.0-1095-realtime"},{"binary_version":"5.15.0-1095.104","binary_name":"linux-headers-5.15.0-1095-realtime"},{"binary_version":"5.15.0-1095.104","binary_name":"linux-image-unsigned-5.15.0-1095-realtime"},{"binary_version":"5.15.0-1095.104","binary_name":"linux-modules-5.15.0-1095-realtime"},{"binary_version":"5.15.0-1095.104","binary_name":"linux-modules-extra-5.15.0-1095-realtime"},{"binary_version":"5.15.0-1095.104","binary_name":"linux-modules-iwlwifi-5.15.0-1095-realtime"},{"binary_version":"5.15.0-1095.104","binary_name":"linux-realtime-cloud-tools-5.15.0-1095"},{"binary_version":"5.15.0-1095.104","binary_name":"linux-realtime-cloud-tools-common"},{"binary_version":"5.15.0-1095.104","binary_name":"linux-realtime-headers-5.15.0-1095"},{"binary_version":"5.15.0-1095.104","binary_name":"linux-realtime-tools-5.15.0-1095"},{"binary_version":"5.15.0-1095.104","binary_name":"linux-realtime-tools-common"},{"binary_version":"5.15.0-1095.104","binary_name":"linux-realtime-tools-host"},{"binary_version":"5.15.0-1095.104","binary_name":"linux-tools-5.15.0-1095-realtime"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7860-4.json","cves_map":{"cves":[{"id":"CVE-2025-40300","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]}],"ecosystem":"Ubuntu:Pro:Realtime:22.04:LTS"}}}],"schema_version":"1.7.3"}