{"id":"USN-8098-1","summary":"linux vulnerabilities","details":"Qualys discovered that several vulnerabilities existed in the AppArmor\nLinux kernel Security Module (LSM). An unprivileged local attacker could\nuse these issues to load, replace, and remove arbitrary AppArmor profiles\ncausing denial of service, exposure of sensitive information (kernel\nmemory), local privilege escalation, or possibly escape a container.\n(LP: #2143853)\n\nSeveral security issues were discovered in the Linux kernel.\nAn attacker could possibly use these to compromise the system.\nThis update corrects flaws in the following subsystems:\n  - x86 architecture;\n  - GPIO subsystem;\n  - GPU drivers;\n  - MMC subsystem;\n  - BTRFS file system;\n  - XFRM subsystem;\n  - IPv4 networking;\n  - IPv6 networking;\n  - MAC80211 subsystem;\n  - SMC sockets;\n(CVE-2021-47599, CVE-2022-48875, CVE-2022-49072, CVE-2022-49267,\nCVE-2024-49927, CVE-2024-56640, CVE-2025-21780, CVE-2025-40215)\n","modified":"2026-04-27T18:17:19.902093743Z","published":"2026-03-16T15:20:24Z","related":["UBUNTU-CVE-2021-47599","UBUNTU-CVE-2022-48875","UBUNTU-CVE-2022-49072","UBUNTU-CVE-2022-49267","UBUNTU-CVE-2024-49927","UBUNTU-CVE-2024-56640","UBUNTU-CVE-2025-21780","UBUNTU-CVE-2025-40215"],"upstream":["CVE-2021-47599","CVE-2022-48875","CVE-2022-49072","CVE-2022-49267","CVE-2024-49927","CVE-2024-56640","CVE-2025-21780","CVE-2025-40215","UBUNTU-CVE-2021-47599","UBUNTU-CVE-2022-48875","UBUNTU-CVE-2022-49072","UBUNTU-CVE-2022-49267","UBUNTU-CVE-2024-49927","UBUNTU-CVE-2024-56640","UBUNTU-CVE-2025-21780","UBUNTU-CVE-2025-40215"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-8098-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-47599"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-48875"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-49072"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-49267"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-49927"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-56640"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-21780"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-40215"},{"type":"REPORT","url":"https://launchpad.net/bugs/2143853"}],"affected":[{"package":{"name":"linux","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/linux@5.4.0-227.247?arch=source&distro=esm-infra/focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-227.247"}]}],"versions":["5.3.0-18.19","5.3.0-24.26","5.4.0-9.12","5.4.0-18.22","5.4.0-21.25","5.4.0-24.28","5.4.0-25.29","5.4.0-26.30","5.4.0-28.32","5.4.0-29.33","5.4.0-31.35","5.4.0-33.37","5.4.0-37.41","5.4.0-39.43","5.4.0-40.44","5.4.0-42.46","5.4.0-45.49","5.4.0-47.51","5.4.0-48.52","5.4.0-51.56","5.4.0-52.57","5.4.0-53.59","5.4.0-54.60","5.4.0-56.62","5.4.0-58.64","5.4.0-59.65","5.4.0-60.67","5.4.0-62.70","5.4.0-64.72","5.4.0-65.73","5.4.0-66.74","5.4.0-67.75","5.4.0-70.78","5.4.0-71.79","5.4.0-72.80","5.4.0-73.82","5.4.0-74.83","5.4.0-77.86","5.4.0-80.90","5.4.0-81.91","5.4.0-84.94","5.4.0-86.97","5.4.0-88.99","5.4.0-89.100","5.4.0-90.101","5.4.0-91.102","5.4.0-92.103","5.4.0-94.106","5.4.0-96.109","5.4.0-97.110","5.4.0-99.112","5.4.0-100.113","5.4.0-104.118","5.4.0-105.119","5.4.0-107.121","5.4.0-109.123","5.4.0-110.124","5.4.0-113.127","5.4.0-117.132","5.4.0-120.136","5.4.0-121.137","5.4.0-122.138","5.4.0-124.140","5.4.0-125.141","5.4.0-126.142","5.4.0-128.144","5.4.0-131.147","5.4.0-132.148","5.4.0-135.152","5.4.0-136.153","5.4.0-137.154","5.4.0-139.156","5.4.0-144.161","5.4.0-146.163","5.4.0-147.164","5.4.0-148.165","5.4.0-149.166","5.4.0-150.167","5.4.0-152.169","5.4.0-153.170","5.4.0-155.172","5.4.0-156.173","5.4.0-159.176","5.4.0-162.179","5.4.0-163.180","5.4.0-164.181","5.4.0-165.182","5.4.0-166.183","5.4.0-167.184","5.4.0-169.187","5.4.0-170.188","5.4.0-171.189","5.4.0-172.190","5.4.0-173.191","5.4.0-174.193","5.4.0-176.196","5.4.0-177.197","5.4.0-181.201","5.4.0-182.202","5.4.0-186.206","5.4.0-187.207","5.4.0-189.209","5.4.0-190.210","5.4.0-192.212","5.4.0-193.213","5.4.0-195.215","5.4.0-196.216","5.4.0-198.218","5.4.0-200.220","5.4.0-202.222","5.4.0-204.224","5.4.0-205.225","5.4.0-208.228","5.4.0-211.231","5.4.0-212.232","5.4.0-214.234","5.4.0-215.235","5.4.0-216.236","5.4.0-218.238","5.4.0-219.239","5.4.0-220.240","5.4.0-221.241","5.4.0-222.242","5.4.0-223.243","5.4.0-224.244","5.4.0-225.245"],"ecosystem_specific":{"binaries":[{"binary_name":"block-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"block-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"crypto-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"crypto-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"dasd-extra-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"dasd-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"fat-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"fat-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"fb-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"firewire-core-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"floppy-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"fs-core-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"fs-core-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"fs-secondary-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"fs-secondary-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"input-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"input-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"ipmi-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"ipmi-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"kernel-image-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"kernel-image-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"linux-buildinfo-5.4.0-227-generic","binary_version":"5.4.0-227.247"},{"binary_name":"linux-buildinfo-5.4.0-227-generic-lpae","binary_version":"5.4.0-227.247"},{"binary_name":"linux-buildinfo-5.4.0-227-lowlatency","binary_version":"5.4.0-227.247"},{"binary_name":"linux-cloud-tools-5.4.0-227","binary_version":"5.4.0-227.247"},{"binary_name":"linux-cloud-tools-5.4.0-227-generic","binary_version":"5.4.0-227.247"},{"binary_name":"linux-cloud-tools-5.4.0-227-lowlatency","binary_version":"5.4.0-227.247"},{"binary_name":"linux-cloud-tools-common","binary_version":"5.4.0-227.247"},{"binary_name":"linux-headers-5.4.0-227","binary_version":"5.4.0-227.247"},{"binary_name":"linux-headers-5.4.0-227-generic","binary_version":"5.4.0-227.247"},{"binary_name":"linux-headers-5.4.0-227-generic-lpae","binary_version":"5.4.0-227.247"},{"binary_name":"linux-headers-5.4.0-227-lowlatency","binary_version":"5.4.0-227.247"},{"binary_name":"linux-image-5.4.0-227-generic","binary_version":"5.4.0-227.247"},{"binary_name":"linux-image-5.4.0-227-generic-lpae","binary_version":"5.4.0-227.247"},{"binary_name":"linux-image-unsigned-5.4.0-227-generic","binary_version":"5.4.0-227.247"},{"binary_name":"linux-image-unsigned-5.4.0-227-lowlatency","binary_version":"5.4.0-227.247"},{"binary_name":"linux-modules-5.4.0-227-generic","binary_version":"5.4.0-227.247"},{"binary_name":"linux-modules-5.4.0-227-generic-lpae","binary_version":"5.4.0-227.247"},{"binary_name":"linux-modules-5.4.0-227-lowlatency","binary_version":"5.4.0-227.247"},{"binary_name":"linux-modules-extra-5.4.0-227-generic","binary_version":"5.4.0-227.247"},{"binary_name":"linux-source-5.4.0","binary_version":"5.4.0-227.247"},{"binary_name":"linux-tools-5.4.0-227","binary_version":"5.4.0-227.247"},{"binary_name":"linux-tools-5.4.0-227-generic","binary_version":"5.4.0-227.247"},{"binary_name":"linux-tools-5.4.0-227-generic-lpae","binary_version":"5.4.0-227.247"},{"binary_name":"linux-tools-5.4.0-227-lowlatency","binary_version":"5.4.0-227.247"},{"binary_name":"linux-tools-common","binary_version":"5.4.0-227.247"},{"binary_name":"linux-tools-host","binary_version":"5.4.0-227.247"},{"binary_name":"linux-udebs-generic","binary_version":"5.4.0-227.247"},{"binary_name":"linux-udebs-generic-lpae","binary_version":"5.4.0-227.247"},{"binary_name":"md-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"md-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"message-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"mouse-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"mouse-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"multipath-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"multipath-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"nfs-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"nfs-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"nic-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"nic-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"nic-pcmcia-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"nic-shared-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"nic-shared-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"nic-usb-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"nic-usb-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"parport-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"parport-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"pata-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"pcmcia-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"pcmcia-storage-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"plip-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"plip-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"ppp-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"ppp-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"sata-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"sata-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"scsi-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"scsi-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"serial-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"storage-core-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"storage-core-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"usb-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"usb-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"},{"binary_name":"virtio-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"vlan-modules-5.4.0-227-generic-di","binary_version":"5.4.0-227.247"},{"binary_name":"vlan-modules-5.4.0-227-generic-lpae-di","binary_version":"5.4.0-227.247"}],"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:Pro:20.04:LTS","cves":[{"id":"CVE-2021-47599","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-48875","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-49072","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-49267","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-49927","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-56640","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2025-21780","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2025-40215","severity":[{"score":"medium","type":"Ubuntu"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8098-1.json"}}],"schema_version":"1.7.5"}