{"id":"USN-8149-2","summary":"linux-oracle, linux-oracle-6.17, linux-raspi vulnerabilities","details":"Several security issues were discovered in the Linux kernel.\nAn attacker could possibly use these to compromise the system.\nThis update corrects flaws in the following subsystems:\n  - Cryptographic API;\n  - Netfilter;\n  - Network traffic control;\n(CVE-2026-23060, CVE-2026-23074, CVE-2026-23111)\n","modified":"2026-04-13T14:29:22.062907365Z","published":"2026-04-09T00:05:19Z","related":["UBUNTU-CVE-2026-23060","UBUNTU-CVE-2026-23074","UBUNTU-CVE-2026-23111"],"upstream":["CVE-2026-23060","CVE-2026-23074","CVE-2026-23111","UBUNTU-CVE-2026-23060","UBUNTU-CVE-2026-23074","UBUNTU-CVE-2026-23111"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-8149-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-23060"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-23074"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-23111"}],"affected":[{"package":{"name":"linux-oracle-6.17","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/linux-oracle-6.17@6.17.0-1010.10~24.04.1?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.17.0-1010.10~24.04.1"}]}],"versions":["6.17.0-1004.4~24.04.2","6.17.0-1007.7~24.04.1","6.17.0-1009.9~24.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"6.17.0-1010.10~24.04.1","binary_name":"linux-buildinfo-6.17.0-1010-oracle"},{"binary_version":"6.17.0-1010.10~24.04.1","binary_name":"linux-buildinfo-6.17.0-1010-oracle-64k"},{"binary_version":"6.17.0-1010.10~24.04.1","binary_name":"linux-headers-6.17.0-1010-oracle"},{"binary_version":"6.17.0-1010.10~24.04.1","binary_name":"linux-headers-6.17.0-1010-oracle-64k"},{"binary_version":"6.17.0-1010.10~24.04.1","binary_name":"linux-image-unsigned-6.17.0-1010-oracle"},{"binary_version":"6.17.0-1010.10~24.04.1","binary_name":"linux-image-unsigned-6.17.0-1010-oracle-64k"},{"binary_version":"6.17.0-1010.10~24.04.1","binary_name":"linux-modules-6.17.0-1010-oracle"},{"binary_version":"6.17.0-1010.10~24.04.1","binary_name":"linux-modules-6.17.0-1010-oracle-64k"},{"binary_version":"6.17.0-1010.10~24.04.1","binary_name":"linux-modules-extra-6.17.0-1010-oracle"},{"binary_version":"6.17.0-1010.10~24.04.1","binary_name":"linux-modules-extra-6.17.0-1010-oracle-64k"},{"binary_version":"6.17.0-1010.10~24.04.1","binary_name":"linux-oracle-6.17-headers-6.17.0-1010"},{"binary_version":"6.17.0-1010.10~24.04.1","binary_name":"linux-oracle-6.17-tools-6.17.0-1010"},{"binary_version":"6.17.0-1010.10~24.04.1","binary_name":"linux-tools-6.17.0-1010-oracle"},{"binary_version":"6.17.0-1010.10~24.04.1","binary_name":"linux-tools-6.17.0-1010-oracle-64k"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:24.04:LTS","cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2026-23060"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2026-23074"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}],"id":"CVE-2026-23111"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8149-2.json"}},{"package":{"name":"linux-oracle","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/linux-oracle@6.17.0-1010.10?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.17.0-1010.10"}]}],"versions":["6.14.0-1005.5","6.14.0-1007.7+25.10.1","6.16.0-1001.1","6.17.0-1001.1","6.17.0-1002.2","6.17.0-1003.3","6.17.0-1005.5","6.17.0-1006.6","6.17.0-1007.7","6.17.0-1009.9"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"6.17.0-1010.10","binary_name":"linux-buildinfo-6.17.0-1010-oracle"},{"binary_version":"6.17.0-1010.10","binary_name":"linux-buildinfo-6.17.0-1010-oracle-64k"},{"binary_version":"6.17.0-1010.10","binary_name":"linux-headers-6.17.0-1010-oracle"},{"binary_version":"6.17.0-1010.10","binary_name":"linux-headers-6.17.0-1010-oracle-64k"},{"binary_version":"6.17.0-1010.10","binary_name":"linux-image-unsigned-6.17.0-1010-oracle"},{"binary_version":"6.17.0-1010.10","binary_name":"linux-image-unsigned-6.17.0-1010-oracle-64k"},{"binary_version":"6.17.0-1010.10","binary_name":"linux-modules-6.17.0-1010-oracle"},{"binary_version":"6.17.0-1010.10","binary_name":"linux-modules-6.17.0-1010-oracle-64k"},{"binary_version":"6.17.0-1010.10","binary_name":"linux-oracle-headers-6.17.0-1010"},{"binary_version":"6.17.0-1010.10","binary_name":"linux-oracle-tools-6.17.0-1010"},{"binary_version":"6.17.0-1010.10","binary_name":"linux-tools-6.17.0-1010-oracle"},{"binary_version":"6.17.0-1010.10","binary_name":"linux-tools-6.17.0-1010-oracle-64k"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:25.10","cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2026-23060"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2026-23074"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}],"id":"CVE-2026-23111"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8149-2.json"}},{"package":{"name":"linux-raspi","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/linux-raspi@6.17.0-1011.11?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.17.0-1011.11"}]}],"versions":["6.14.0-1005.5","6.17.0-1003.3","6.17.0-1004.4","6.17.0-1005.5","6.17.0-1006.6","6.17.0-1007.7","6.17.0-1008.8","6.17.0-1010.10"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"6.17.0-1011.11","binary_name":"linux-buildinfo-6.17.0-1011-raspi"},{"binary_version":"6.17.0-1011.11","binary_name":"linux-headers-6.17.0-1011-raspi"},{"binary_version":"6.17.0-1011.11","binary_name":"linux-image-6.17.0-1011-raspi"},{"binary_version":"6.17.0-1011.11","binary_name":"linux-modules-6.17.0-1011-raspi"},{"binary_version":"6.17.0-1011.11","binary_name":"linux-raspi-headers-6.17.0-1011"},{"binary_version":"6.17.0-1011.11","binary_name":"linux-raspi-tools-6.17.0-1011"},{"binary_version":"6.17.0-1011.11","binary_name":"linux-tools-6.17.0-1011-raspi"}]},"database_specific":{"cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2026-23060"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2026-23074"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}],"id":"CVE-2026-23111"}],"ecosystem":"Ubuntu:25.10"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8149-2.json"}}],"schema_version":"1.7.5"}