{"id":"USN-8310-1","summary":"linux-azure, linux-azure-6.17 vulnerabilities","details":"\nIt was discovered that the Linux kernel algif_aead module did not properly\nhandle in-place cryptographic operations. This flaw is known as Copy Fail.\nA local attacker could use this to escalate privileges, or possibly escape\na container. (CVE-2026-31431)\n\nSeveral security issues were discovered in the Linux kernel.\nAn attacker could possibly use these to compromise the system.\nThis update corrects flaws in the following subsystems:\n  - S390 architecture;\n  - Cryptographic API;\n  - GPU drivers;\n  - Ethernet bonding driver;\n  - Microsoft Azure Network Adapter (MANA) driver;\n  - Network file system (NFS) server daemon;\n  - Distributed Switch Architecture;\n  - Netfilter;\n  - Control group (cgroup);\n  - Kernel kexec() syscall;\n  - Memory management;\n  - MAC80211 subsystem;\n  - Multipath TCP;\n  - Packet sockets;\n  - TLS protocol;\n  - Unix domain sockets;\n(CVE-2025-71088, CVE-2025-71090, CVE-2025-71127, CVE-2025-71134,\nCVE-2025-71139, CVE-2025-71141, CVE-2025-71142, CVE-2025-71144,\nCVE-2025-71152, CVE-2025-71155, CVE-2026-23274, CVE-2026-23351,\nCVE-2026-23394, CVE-2026-23454, CVE-2026-31419, CVE-2026-31504,\nCVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078,\nCVE-2026-43276)\n","modified":"2026-06-03T13:49:59.681693689Z","published":"2026-05-26T18:56:07Z","related":["UBUNTU-CVE-2025-71088","UBUNTU-CVE-2025-71090","UBUNTU-CVE-2025-71127","UBUNTU-CVE-2025-71134","UBUNTU-CVE-2025-71139","UBUNTU-CVE-2025-71141","UBUNTU-CVE-2025-71142","UBUNTU-CVE-2025-71144","UBUNTU-CVE-2025-71152","UBUNTU-CVE-2025-71155","UBUNTU-CVE-2026-23274","UBUNTU-CVE-2026-23351","UBUNTU-CVE-2026-23394","UBUNTU-CVE-2026-23454","UBUNTU-CVE-2026-31419","UBUNTU-CVE-2026-31431","UBUNTU-CVE-2026-31504","UBUNTU-CVE-2026-31533","UBUNTU-CVE-2026-43033","UBUNTU-CVE-2026-43077","UBUNTU-CVE-2026-43078","UBUNTU-CVE-2026-43276"],"upstream":["CVE-2025-71088","CVE-2025-71090","CVE-2025-71127","CVE-2025-71134","CVE-2025-71139","CVE-2025-71141","CVE-2025-71142","CVE-2025-71144","CVE-2025-71152","CVE-2025-71155","CVE-2026-23274","CVE-2026-23351","CVE-2026-23394","CVE-2026-23454","CVE-2026-31419","CVE-2026-31431","CVE-2026-31504","CVE-2026-31533","CVE-2026-43033","CVE-2026-43077","CVE-2026-43078","CVE-2026-43276","UBUNTU-CVE-2025-71088","UBUNTU-CVE-2025-71090","UBUNTU-CVE-2025-71127","UBUNTU-CVE-2025-71134","UBUNTU-CVE-2025-71139","UBUNTU-CVE-2025-71141","UBUNTU-CVE-2025-71142","UBUNTU-CVE-2025-71144","UBUNTU-CVE-2025-71152","UBUNTU-CVE-2025-71155","UBUNTU-CVE-2026-23274","UBUNTU-CVE-2026-23351","UBUNTU-CVE-2026-23394","UBUNTU-CVE-2026-23454","UBUNTU-CVE-2026-31419","UBUNTU-CVE-2026-31431","UBUNTU-CVE-2026-31504","UBUNTU-CVE-2026-31533","UBUNTU-CVE-2026-43033","UBUNTU-CVE-2026-43077","UBUNTU-CVE-2026-43078","UBUNTU-CVE-2026-43276"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-8310-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-71088"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-71090"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-71127"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-71134"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-71139"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-71141"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-71142"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-71144"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-71152"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-71155"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-23274"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-23351"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-23394"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-23454"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-31419"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-31431"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-31504"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-31533"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-43033"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-43077"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-43078"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-43276"}],"affected":[{"package":{"name":"linux-azure-6.17","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/linux-azure-6.17?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.17.0-1015.15~24.04.1"}]}],"versions":["6.17.0-1008.8~24.04.1","6.17.0-1010.10~24.04.1","6.17.0-1011.11~24.04.2","6.17.0-1013.13~24.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"6.17.0-1015.15~24.04.1","binary_name":"linux-azure-6.17-cloud-tools-6.17.0-1015"},{"binary_version":"6.17.0-1015.15~24.04.1","binary_name":"linux-azure-6.17-headers-6.17.0-1015"},{"binary_version":"6.17.0-1015.15~24.04.1","binary_name":"linux-azure-6.17-tools-6.17.0-1015"},{"binary_version":"6.17.0-1015.15~24.04.1","binary_name":"linux-buildinfo-6.17.0-1015-azure"},{"binary_name":"linux-cloud-tools-6.17.0-1015-azure","binary_version":"6.17.0-1015.15~24.04.1"},{"binary_version":"6.17.0-1015.15~24.04.1","binary_name":"linux-headers-6.17.0-1015-azure"},{"binary_name":"linux-image-unsigned-6.17.0-1015-azure","binary_version":"6.17.0-1015.15~24.04.1"},{"binary_name":"linux-modules-6.17.0-1015-azure","binary_version":"6.17.0-1015.15~24.04.1"},{"binary_name":"linux-modules-extra-6.17.0-1015-azure","binary_version":"6.17.0-1015.15~24.04.1"},{"binary_name":"linux-tools-6.17.0-1015-azure","binary_version":"6.17.0-1015.15~24.04.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8310-1.json","cves_map":{"cves":[{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71088"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71090"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71127"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71134"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71139"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71141"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71142"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71144"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71152"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71155"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-23274"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-23351"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-23394"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-23454"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-31419"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2026-31431"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-31504"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-31533"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-43033"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-43077"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-43078"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-43276"}],"ecosystem":"Ubuntu:24.04:LTS"}}},{"package":{"name":"linux-azure","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/linux-azure?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.17.0-1015.15"}]}],"versions":["6.14.0-1004.4","6.14.0-1007.7+25.10.1","6.16.0-1001.1","6.17.0-1002.2","6.17.0-1003.3","6.17.0-1004.4","6.17.0-1006.6","6.17.0-1007.7","6.17.0-1008.8","6.17.0-1010.10","6.17.0-1011.11","6.17.0-1013.13"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"6.17.0-1015.15","binary_name":"linux-azure-cloud-tools-6.17.0-1015"},{"binary_version":"6.17.0-1015.15","binary_name":"linux-azure-headers-6.17.0-1015"},{"binary_name":"linux-azure-tools-6.17.0-1015","binary_version":"6.17.0-1015.15"},{"binary_version":"6.17.0-1015.15","binary_name":"linux-buildinfo-6.17.0-1015-azure"},{"binary_version":"6.17.0-1015.15","binary_name":"linux-cloud-tools-6.17.0-1015-azure"},{"binary_version":"6.17.0-1015.15","binary_name":"linux-headers-6.17.0-1015-azure"},{"binary_name":"linux-image-unsigned-6.17.0-1015-azure","binary_version":"6.17.0-1015.15"},{"binary_name":"linux-modules-6.17.0-1015-azure","binary_version":"6.17.0-1015.15"},{"binary_name":"linux-tools-6.17.0-1015-azure","binary_version":"6.17.0-1015.15"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8310-1.json","cves_map":{"cves":[{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71088"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71090"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71127"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71134"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71139"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71141"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71142"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71144"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71152"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-71155"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-23274"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-23351"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-23394"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-23454"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-31419"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2026-31431"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-31504"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-31533"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-43033"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-43077"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-43078"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-43276"}],"ecosystem":"Ubuntu:25.10"}}}],"schema_version":"1.7.5"}