{"id":"USN-8501-1","summary":"linux vulnerabilities","details":"It was discovered that a logic flaw existed in the XFRM ESP-in-TCP\nsubsystem in the Linux kernel when handling socket buffer fragments. This\nflaw is known as Fragnesia. A local attacker could use this to escalate\nprivileges, or possibly escape a container. (CVE-2026-43503)\n\nSeveral security issues were discovered in the Linux kernel.\nAn attacker could possibly use these to compromise the system.\nThis update corrects flaws in the following subsystems:\n  - USB over IP driver;\n  - Network file system (NFS) server daemon;\n  - SMB network file system;\n  - Tracing infrastructure;\n  - Ethernet bridge;\n  - Ceph Core library;\n  - IPv4 networking;\n  - IPv6 networking;\n  - Netfilter;\n  - RxRPC session sockets;\n  - X.25 network layer;\n(CVE-2024-35896, CVE-2026-23455, CVE-2026-31402, CVE-2026-31607,\nCVE-2026-31637, CVE-2026-43011, CVE-2026-43037, CVE-2026-43038,\nCVE-2026-43383, CVE-2026-43407, CVE-2026-45988, CVE-2026-46119,\nCVE-2026-46243)\n","modified":"2026-07-02T23:00:13.399329676Z","published":"2026-07-02T16:14:41Z","related":["UBUNTU-CVE-2024-35896","UBUNTU-CVE-2026-23455","UBUNTU-CVE-2026-31402","UBUNTU-CVE-2026-31607","UBUNTU-CVE-2026-31637","UBUNTU-CVE-2026-43011","UBUNTU-CVE-2026-43037","UBUNTU-CVE-2026-43038","UBUNTU-CVE-2026-43383","UBUNTU-CVE-2026-43407","UBUNTU-CVE-2026-43503","UBUNTU-CVE-2026-45988","UBUNTU-CVE-2026-46119","UBUNTU-CVE-2026-46243"],"upstream":["CVE-2024-35896","CVE-2026-23455","CVE-2026-31402","CVE-2026-31607","CVE-2026-31637","CVE-2026-43011","CVE-2026-43037","CVE-2026-43038","CVE-2026-43383","CVE-2026-43407","CVE-2026-43503","CVE-2026-45988","CVE-2026-46119","CVE-2026-46243","UBUNTU-CVE-2024-35896","UBUNTU-CVE-2026-23455","UBUNTU-CVE-2026-31402","UBUNTU-CVE-2026-31607","UBUNTU-CVE-2026-31637","UBUNTU-CVE-2026-43011","UBUNTU-CVE-2026-43037","UBUNTU-CVE-2026-43038","UBUNTU-CVE-2026-43383","UBUNTU-CVE-2026-43407","UBUNTU-CVE-2026-43503","UBUNTU-CVE-2026-45988","UBUNTU-CVE-2026-46119","UBUNTU-CVE-2026-46243"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-8501-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-35896"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-23455"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-31402"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-31607"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-31637"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-43011"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-43037"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-43038"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-43383"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-43407"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-43503"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-45988"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-46119"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-46243"}],"affected":[{"package":{"name":"linux","ecosystem":"Ubuntu:Pro:14.04:LTS","purl":"pkg:deb/ubuntu/linux?arch=source&distro=esm-infra-legacy%2Ftrusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.13.0-214.265"}]}],"versions":["3.11.0-12.19","3.12.0-1.3","3.12.0-2.5","3.12.0-2.7","3.12.0-3.8","3.12.0-3.9","3.12.0-4.10","3.12.0-4.12","3.12.0-5.13","3.12.0-7.15","3.13.0-1.16","3.13.0-2.17","3.13.0-3.18","3.13.0-4.19","3.13.0-5.20","3.13.0-6.23","3.13.0-7.25","3.13.0-7.26","3.13.0-8.27","3.13.0-8.28","3.13.0-10.30","3.13.0-11.31","3.13.0-12.32","3.13.0-13.33","3.13.0-14.34","3.13.0-15.35","3.13.0-16.36","3.13.0-17.37","3.13.0-18.38","3.13.0-19.39","3.13.0-19.40","3.13.0-20.42","3.13.0-21.43","3.13.0-22.44","3.13.0-23.45","3.13.0-24.46","3.13.0-24.47","3.13.0-27.50","3.13.0-29.53","3.13.0-30.54","3.13.0-30.55","3.13.0-32.57","3.13.0-33.58","3.13.0-34.60","3.13.0-35.62","3.13.0-36.63","3.13.0-37.64","3.13.0-39.66","3.13.0-40.69","3.13.0-41.70","3.13.0-43.72","3.13.0-44.73","3.13.0-45.74","3.13.0-46.75","3.13.0-46.76","3.13.0-46.77","3.13.0-46.79","3.13.0-48.80","3.13.0-49.81","3.13.0-49.83","3.13.0-51.84","3.13.0-52.85","3.13.0-52.86","3.13.0-53.88","3.13.0-53.89","3.13.0-54.91","3.13.0-55.92","3.13.0-55.94","3.13.0-57.95","3.13.0-58.97","3.13.0-59.98","3.13.0-61.100","3.13.0-62.102","3.13.0-63.103","3.13.0-65.105","3.13.0-65.106","3.13.0-66.108","3.13.0-67.110","3.13.0-68.111","3.13.0-70.113","3.13.0-71.114","3.13.0-73.116","3.13.0-74.118","3.13.0-76.120","3.13.0-77.121","3.13.0-79.123","3.13.0-83.127","3.13.0-85.129","3.13.0-86.130","3.13.0-86.131","3.13.0-87.133","3.13.0-88.135","3.13.0-91.138","3.13.0-92.139","3.13.0-93.140","3.13.0-95.142","3.13.0-96.143","3.13.0-98.145","3.13.0-100.147","3.13.0-101.148","3.13.0-103.150","3.13.0-105.152","3.13.0-106.153","3.13.0-107.154","3.13.0-108.155","3.13.0-109.156","3.13.0-110.157","3.13.0-111.158","3.13.0-112.159","3.13.0-113.160","3.13.0-115.162","3.13.0-116.163","3.13.0-117.164","3.13.0-119.166","3.13.0-121.170","3.13.0-123.172","3.13.0-125.174","3.13.0-126.175","3.13.0-128.177","3.13.0-129.178","3.13.0-132.181","3.13.0-133.182","3.13.0-135.184","3.13.0-137.186","3.13.0-139.188","3.13.0-141.190","3.13.0-142.191","3.13.0-143.192","3.13.0-144.193","3.13.0-145.194","3.13.0-147.196","3.13.0-149.199","3.13.0-151.201","3.13.0-153.203","3.13.0-155.205","3.13.0-156.206","3.13.0-157.207","3.13.0-158.208","3.13.0-160.210","3.13.0-161.211","3.13.0-162.212","3.13.0-163.213","3.13.0-164.214","3.13.0-165.215","3.13.0-166.216","3.13.0-167.217","3.13.0-168.218","3.13.0-169.219","3.13.0-170.220","3.13.0-171.222","3.13.0-172.223","3.13.0-173.224","3.13.0-174.225","3.13.0-175.226","3.13.0-176.227","3.13.0-180.231","3.13.0-181.232","3.13.0-182.233","3.13.0-183.234","3.13.0-184.235","3.13.0-185.236","3.13.0-186.237","3.13.0-187.238","3.13.0-188.239","3.13.0-189.240","3.13.0-190.241","3.13.0-191.242","3.13.0-192.243","3.13.0-193.244","3.13.0-194.245","3.13.0-195.246","3.13.0-196.247","3.13.0-197.248","3.13.0-198.249","3.13.0-199.250","3.13.0-200.251","3.13.0-201.252","3.13.0-202.253","3.13.0-203.254","3.13.0-204.255","3.13.0-205.256","3.13.0-206.257","3.13.0-207.258","3.13.0-208.259","3.13.0-209.260","3.13.0-210.261","3.13.0-211.262","3.13.0-212.263"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro","binaries":[{"binary_name":"block-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"crypto-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"fat-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"fb-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"firewire-core-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"floppy-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"fs-core-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"fs-secondary-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"input-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"ipmi-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"irda-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"kernel-image-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"linux-buildinfo-3.13.0-214-generic","binary_version":"3.13.0-214.265"},{"binary_name":"linux-buildinfo-3.13.0-214-lowlatency","binary_version":"3.13.0-214.265"},{"binary_name":"linux-cloud-tools-3.13.0-214","binary_version":"3.13.0-214.265"},{"binary_name":"linux-cloud-tools-3.13.0-214-generic","binary_version":"3.13.0-214.265"},{"binary_name":"linux-cloud-tools-3.13.0-214-lowlatency","binary_version":"3.13.0-214.265"},{"binary_name":"linux-cloud-tools-common","binary_version":"3.13.0-214.265"},{"binary_name":"linux-headers-3.13.0-214","binary_version":"3.13.0-214.265"},{"binary_name":"linux-headers-3.13.0-214-generic","binary_version":"3.13.0-214.265"},{"binary_name":"linux-headers-3.13.0-214-lowlatency","binary_version":"3.13.0-214.265"},{"binary_name":"linux-image-unsigned-3.13.0-214-generic","binary_version":"3.13.0-214.265"},{"binary_name":"linux-image-unsigned-3.13.0-214-lowlatency","binary_version":"3.13.0-214.265"},{"binary_name":"linux-modules-3.13.0-214-generic","binary_version":"3.13.0-214.265"},{"binary_name":"linux-modules-3.13.0-214-lowlatency","binary_version":"3.13.0-214.265"},{"binary_name":"linux-modules-extra-3.13.0-214-generic","binary_version":"3.13.0-214.265"},{"binary_name":"linux-source-3.13.0","binary_version":"3.13.0-214.265"},{"binary_name":"linux-tools-3.13.0-214","binary_version":"3.13.0-214.265"},{"binary_name":"linux-tools-3.13.0-214-generic","binary_version":"3.13.0-214.265"},{"binary_name":"linux-tools-3.13.0-214-lowlatency","binary_version":"3.13.0-214.265"},{"binary_name":"linux-tools-common","binary_version":"3.13.0-214.265"},{"binary_name":"linux-udebs-generic","binary_version":"3.13.0-214.265"},{"binary_name":"md-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"message-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"mouse-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"multipath-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"nfs-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"nic-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"nic-pcmcia-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"nic-shared-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"nic-usb-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"parport-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"pata-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"pcmcia-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"pcmcia-storage-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"plip-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"ppp-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"sata-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"scsi-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"serial-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"speakup-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"squashfs-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"storage-core-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"usb-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"virtio-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"},{"binary_name":"vlan-modules-3.13.0-214-generic-di","binary_version":"3.13.0-214.265"}]},"database_specific":{"cves_map":{"cves":[{"id":"CVE-2024-35896","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"high"}],"id":"CVE-2026-23455"},{"severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"critical"}],"id":"CVE-2026-31402"},{"severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}],"id":"CVE-2026-31607"},{"severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"critical"}],"id":"CVE-2026-31637"},{"severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"critical"}],"id":"CVE-2026-43011"},{"id":"CVE-2026-43037","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"critical"}]},{"severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"critical"}],"id":"CVE-2026-43038"},{"severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2026-43383"},{"severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"high"}],"id":"CVE-2026-43407"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2026-43503"},{"id":"CVE-2026-45988","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"critical"}]},{"id":"CVE-2026-46119","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"high"}]},{"id":"CVE-2026-46243","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"type":"Ubuntu","score":"medium"}]}],"ecosystem":"Ubuntu:Pro:14.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8501-1.json"}}],"schema_version":"1.7.5"}