{"id":"USN-7907-4","summary":"linux-gcp-fips vulnerabilities","details":"Several security issues were discovered in the Linux kernel.\nAn attacker could possibly use these to compromise the system.\nThis update corrects flaws in the following subsystems:\n  - Cryptographic API;\n  - ACPI drivers;\n  - Hardware monitoring drivers;\n  - InfiniBand drivers;\n  - Mailbox framework;\n  - Network drivers;\n  - AFS file system;\n  - Ceph distributed file system;\n  - Network file system (NFS) server daemon;\n  - NILFS2 file system;\n  - File systems infrastructure;\n  - KVM subsystem;\n  - L3 Master device support module;\n  - Tracing infrastructure;\n  - Memory management;\n  - Appletalk network protocol;\n  - Netfilter;\n  - Open vSwitch;\n(CVE-2021-47385, CVE-2022-49026, CVE-2022-49390, CVE-2024-49935,\nCVE-2024-49963, CVE-2024-50067, CVE-2024-50095, CVE-2024-50179,\nCVE-2024-53090, CVE-2024-53112, CVE-2024-53217, CVE-2024-58083,\nCVE-2025-21715, CVE-2025-21722, CVE-2025-21761, CVE-2025-21791,\nCVE-2025-21811, CVE-2025-21855, CVE-2025-37958, CVE-2025-38666,\nCVE-2025-39964, CVE-2025-40018)\n","modified":"2026-04-27T17:53:18.150248Z","published":"2025-12-04T11:52:45Z","related":["UBUNTU-CVE-2021-47385","UBUNTU-CVE-2022-49026","UBUNTU-CVE-2022-49390","UBUNTU-CVE-2024-49935","UBUNTU-CVE-2024-49963","UBUNTU-CVE-2024-50067","UBUNTU-CVE-2024-50095","UBUNTU-CVE-2024-50179","UBUNTU-CVE-2024-53090","UBUNTU-CVE-2024-53112","UBUNTU-CVE-2024-53217","UBUNTU-CVE-2024-58083","UBUNTU-CVE-2025-21715","UBUNTU-CVE-2025-21722","UBUNTU-CVE-2025-21761","UBUNTU-CVE-2025-21791","UBUNTU-CVE-2025-21811","UBUNTU-CVE-2025-21855","UBUNTU-CVE-2025-37958","UBUNTU-CVE-2025-38666","UBUNTU-CVE-2025-39964","UBUNTU-CVE-2025-40018"],"upstream":["CVE-2021-47385","CVE-2022-49026","CVE-2022-49390","CVE-2024-49935","CVE-2024-49963","CVE-2024-50067","CVE-2024-50095","CVE-2024-50179","CVE-2024-53090","CVE-2024-53112","CVE-2024-53217","CVE-2024-58083","CVE-2025-21715","CVE-2025-21722","CVE-2025-21761","CVE-2025-21791","CVE-2025-21811","CVE-2025-21855","CVE-2025-37958","CVE-2025-38666","CVE-2025-39964","CVE-2025-40018","UBUNTU-CVE-2021-47385","UBUNTU-CVE-2022-49026","UBUNTU-CVE-2022-49390","UBUNTU-CVE-2024-49935","UBUNTU-CVE-2024-49963","UBUNTU-CVE-2024-50067","UBUNTU-CVE-2024-50095","UBUNTU-CVE-2024-50179","UBUNTU-CVE-2024-53090","UBUNTU-CVE-2024-53112","UBUNTU-CVE-2024-53217","UBUNTU-CVE-2024-58083","UBUNTU-CVE-2025-21715","UBUNTU-CVE-2025-21722","UBUNTU-CVE-2025-21761","UBUNTU-CVE-2025-21791","UBUNTU-CVE-2025-21811","UBUNTU-CVE-2025-21855","UBUNTU-CVE-2025-37958","UBUNTU-CVE-2025-38666","UBUNTU-CVE-2025-39964","UBUNTU-CVE-2025-40018"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7907-4"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-47385"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-49026"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-49390"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-49935"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-49963"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-50067"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-50095"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-50179"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-53090"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-53112"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-53217"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-58083"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-21715"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-21722"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-21761"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-21791"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-21811"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-21855"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-37958"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-38666"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-39964"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-40018"}],"affected":[{"package":{"name":"linux-gcp-fips","ecosystem":"Ubuntu:Pro:FIPS-updates:18.04:LTS","purl":"pkg:deb/ubuntu/linux-gcp-fips@4.15.0-2088.94?arch=source&distro=fips-updates/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-2088.94"}]}],"versions":["4.15.0-2013.14","4.15.0-2016.18","4.15.0-2017.19","4.15.0-2018.20","4.15.0-2019.21","4.15.0-2020.22","4.15.0-2021.23","4.15.0-2022.24","4.15.0-2024.26","4.15.0-2025.27","4.15.0-2026.28","4.15.0-2028.31","4.15.0-2029.32","4.15.0-2030.33","4.15.0-2031.34","4.15.0-2032.35","4.15.0-2034.37","4.15.0-2037.41","4.15.0-2040.45","4.15.0-2041.46","4.15.0-2043.48","4.15.0-2044.49","4.15.0-2045.50","4.15.0-2047.52","4.15.0-2050.55","4.15.0-2052.57","4.15.0-2054.59","4.15.0-2055.60","4.15.0-2056.61","4.15.0-2057.62","4.15.0-2058.63","4.15.0-2059.64","4.15.0-2060.65","4.15.0-2061.66","4.15.0-2062.67","4.15.0-2063.68","4.15.0-2064.69","4.15.0-2065.70","4.15.0-2066.71","4.15.0-2067.72","4.15.0-2068.73","4.15.0-2069.74","4.15.0-2070.75","4.15.0-2071.76","4.15.0-2072.77","4.15.0-2073.78","4.15.0-2074.79","4.15.0-2075.80","4.15.0-2076.81","4.15.0-2077.83","4.15.0-2078.84","4.15.0-2079.85","4.15.0-2080.86","4.15.0-2081.87","4.15.0-2082.88","4.15.0-2083.89","4.15.0-2084.90","4.15.0-2085.91","4.15.0-2086.92","4.15.0-2087.93"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-buildinfo-4.15.0-2088-gcp-fips","binary_version":"4.15.0-2088.94"},{"binary_name":"linux-gcp-fips-headers-4.15.0-2088","binary_version":"4.15.0-2088.94"},{"binary_name":"linux-gcp-fips-tools-4.15.0-2088","binary_version":"4.15.0-2088.94"},{"binary_name":"linux-headers-4.15.0-2088-gcp-fips","binary_version":"4.15.0-2088.94"},{"binary_name":"linux-image-unsigned-4.15.0-2088-gcp-fips","binary_version":"4.15.0-2088.94"},{"binary_name":"linux-image-unsigned-hmac-4.15.0-2088-gcp-fips","binary_version":"4.15.0-2088.94"},{"binary_name":"linux-modules-4.15.0-2088-gcp-fips","binary_version":"4.15.0-2088.94"},{"binary_name":"linux-modules-extra-4.15.0-2088-gcp-fips","binary_version":"4.15.0-2088.94"},{"binary_name":"linux-tools-4.15.0-2088-gcp-fips","binary_version":"4.15.0-2088.94"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7907-4.json","cves_map":{"cves":[{"id":"CVE-2021-47385","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-49026","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}]},{"id":"CVE-2022-49390","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}]},{"id":"CVE-2024-49935","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2024-49963","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2024-50067","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2024-50095","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2024-50179","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2024-53090","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2024-53112","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2024-53217","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"high"}]},{"id":"CVE-2024-58083","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}]},{"id":"CVE-2025-21715","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}]},{"id":"CVE-2025-21722","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-21761","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}]},{"id":"CVE-2025-21791","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}]},{"id":"CVE-2025-21811","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-21855","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-37958","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-38666","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}]},{"id":"CVE-2025-39964","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-40018","severity":[{"type":"Ubuntu","score":"medium"}]}],"ecosystem":"Ubuntu:Pro:FIPS-updates:18.04:LTS"}}}],"schema_version":"1.7.5"}