[USN-7909-5] Linux kernel (Raspberry Pi) vulnerabilities
Rodrigo Figueiredo Zaiden
rodrigo.zaiden at canonical.com
Mon Dec 15 17:15:46 UTC 2025
==========================================================================
Ubuntu Security Notice USN-7909-5
December 15, 2025
linux-raspi vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-raspi: Linux kernel for Raspberry Pi systems
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- Block layer subsystem;
- ACPI drivers;
- ATM drivers;
- DRBD Distributed Replicated Block Device drivers;
- Bus devices;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- Hardware crypto device drivers;
- Device frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- IOMMU subsystem;
- Media drivers;
- Network drivers;
- Mellanox network drivers;
- PCI subsystem;
- PCCARD (PCMCIA/CardBus) bus subsystem;
- PHY drivers;
- Power supply drivers;
- Voltage and Current Regulator drivers;
- SCSI subsystem;
- ASPEED SoC drivers;
- QCOM SoC drivers;
- small TFT LCD display modules;
- Trusted Execution Environment drivers;
- TTY drivers;
- UFS subsystem;
- USB core drivers;
- DesignWare USB3 driver;
- USB Gadget drivers;
- Framebuffer layer;
- BTRFS file system;
- File systems infrastructure;
- EFI Variable file system;
- Ext4 file system;
- F2FS file system;
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- NTFS3 file system;
- SMB network file system;
- Asynchronous Transfer Mode (ATM) subsystem;
- BPF subsystem;
- NFS page cache wrapper;
- Memory management;
- Networking subsytem;
- UDP network protocol;
- Perf events;
- RCU subsystem;
- Tracing infrastructure;
- 802.1Q VLAN protocol;
- Appletalk network protocol;
- Amateur Radio drivers;
- B.A.T.M.A.N. meshing protocol;
- Bluetooth subsystem;
- Ethernet bridge;
- Networking core;
- HSR network protocol;
- IPv4 networking;
- IPv6 networking;
- Multipath TCP;
- Netfilter;
- Network traffic control;
- SCTP protocol;
- TLS protocol;
- Wireless networking;
- SoC audio core drivers;
- USB sound devices;
(CVE-2022-50070, CVE-2022-50327, CVE-2023-52935, CVE-2023-53074,
CVE-2024-50061, CVE-2024-53068, CVE-2025-37925, CVE-2025-37968,
CVE-2025-38095, CVE-2025-38148, CVE-2025-38165, CVE-2025-38335,
CVE-2025-38347, CVE-2025-38468, CVE-2025-38470, CVE-2025-38473,
CVE-2025-38474, CVE-2025-38476, CVE-2025-38478, CVE-2025-38480,
CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38487,
CVE-2025-38488, CVE-2025-38494, CVE-2025-38495, CVE-2025-38497,
CVE-2025-38499, CVE-2025-38502, CVE-2025-38527, CVE-2025-38528,
CVE-2025-38529, CVE-2025-38530, CVE-2025-38535, CVE-2025-38538,
CVE-2025-38539, CVE-2025-38548, CVE-2025-38550, CVE-2025-38553,
CVE-2025-38555, CVE-2025-38563, CVE-2025-38565, CVE-2025-38569,
CVE-2025-38572, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577,
CVE-2025-38578, CVE-2025-38579, CVE-2025-38581, CVE-2025-38583,
CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38608,
CVE-2025-38609, CVE-2025-38612, CVE-2025-38614, CVE-2025-38622,
CVE-2025-38623, CVE-2025-38624, CVE-2025-38630, CVE-2025-38634,
CVE-2025-38635, CVE-2025-38639, CVE-2025-38645, CVE-2025-38650,
CVE-2025-38652, CVE-2025-38663, CVE-2025-38664, CVE-2025-38666,
CVE-2025-38668, CVE-2025-38670, CVE-2025-38671, CVE-2025-38676,
CVE-2025-38677, CVE-2025-38678, CVE-2025-38680, CVE-2025-38681,
CVE-2025-38683, CVE-2025-38684, CVE-2025-38685, CVE-2025-38687,
CVE-2025-38691, CVE-2025-38693, CVE-2025-38694, CVE-2025-38695,
CVE-2025-38696, CVE-2025-38697, CVE-2025-38698, CVE-2025-38699,
CVE-2025-38700, CVE-2025-38701, CVE-2025-38706, CVE-2025-38707,
CVE-2025-38708, CVE-2025-38711, CVE-2025-38712, CVE-2025-38713,
CVE-2025-38714, CVE-2025-38715, CVE-2025-38718, CVE-2025-38721,
CVE-2025-38724, CVE-2025-38725, CVE-2025-38729, CVE-2025-38732,
CVE-2025-39673, CVE-2025-39675, CVE-2025-39676, CVE-2025-39681,
CVE-2025-39683, CVE-2025-39684, CVE-2025-39685, CVE-2025-39686,
CVE-2025-39687, CVE-2025-39689, CVE-2025-39691, CVE-2025-39693,
CVE-2025-39697, CVE-2025-39702, CVE-2025-39703, CVE-2025-39709,
CVE-2025-39710, CVE-2025-39713, CVE-2025-39714, CVE-2025-39724,
CVE-2025-39730, CVE-2025-39734, CVE-2025-39736, CVE-2025-39737,
CVE-2025-39738, CVE-2025-39742, CVE-2025-39743, CVE-2025-39749,
CVE-2025-39752, CVE-2025-39756, CVE-2025-39757, CVE-2025-39760,
CVE-2025-39766, CVE-2025-39772, CVE-2025-39773, CVE-2025-39776,
CVE-2025-39782, CVE-2025-39783, CVE-2025-39787, CVE-2025-39788,
CVE-2025-39790, CVE-2025-39794, CVE-2025-39795, CVE-2025-39798,
CVE-2025-39801, CVE-2025-39806, CVE-2025-39808, CVE-2025-39812,
CVE-2025-39813, CVE-2025-39817, CVE-2025-39823, CVE-2025-39824,
CVE-2025-39828, CVE-2025-39835, CVE-2025-39839, CVE-2025-39841,
CVE-2025-39844, CVE-2025-39845, CVE-2025-39846, CVE-2025-39847,
CVE-2025-39848, CVE-2025-39853, CVE-2025-39860, CVE-2025-39864,
CVE-2025-39865, CVE-2025-39866, CVE-2025-39891, CVE-2025-39894,
CVE-2025-39902, CVE-2025-39920)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
linux-image-5.15.0-1091-raspi 5.15.0-1091.94
linux-image-raspi 5.15.0.1091.89
linux-image-raspi-5.15 5.15.0.1091.89
linux-image-raspi-nolpae 5.15.0.1091.89
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7909-5
https://ubuntu.com/security/notices/USN-7909-4
https://ubuntu.com/security/notices/USN-7909-3
https://ubuntu.com/security/notices/USN-7909-2
https://ubuntu.com/security/notices/USN-7909-1
CVE-2022-50070, CVE-2022-50327, CVE-2023-52935, CVE-2023-53074,
CVE-2024-50061, CVE-2024-53068, CVE-2025-37925, CVE-2025-37968,
CVE-2025-38095, CVE-2025-38148, CVE-2025-38165, CVE-2025-38335,
CVE-2025-38347, CVE-2025-38468, CVE-2025-38470, CVE-2025-38473,
CVE-2025-38474, CVE-2025-38476, CVE-2025-38478, CVE-2025-38480,
CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38487,
CVE-2025-38488, CVE-2025-38494, CVE-2025-38495, CVE-2025-38497,
CVE-2025-38499, CVE-2025-38502, CVE-2025-38527, CVE-2025-38528,
CVE-2025-38529, CVE-2025-38530, CVE-2025-38535, CVE-2025-38538,
CVE-2025-38539, CVE-2025-38548, CVE-2025-38550, CVE-2025-38553,
CVE-2025-38555, CVE-2025-38563, CVE-2025-38565, CVE-2025-38569,
CVE-2025-38572, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577,
CVE-2025-38578, CVE-2025-38579, CVE-2025-38581, CVE-2025-38583,
CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38608,
CVE-2025-38609, CVE-2025-38612, CVE-2025-38614, CVE-2025-38622,
CVE-2025-38623, CVE-2025-38624, CVE-2025-38630, CVE-2025-38634,
CVE-2025-38635, CVE-2025-38639, CVE-2025-38645, CVE-2025-38650,
CVE-2025-38652, CVE-2025-38663, CVE-2025-38664, CVE-2025-38666,
CVE-2025-38668, CVE-2025-38670, CVE-2025-38671, CVE-2025-38676,
CVE-2025-38677, CVE-2025-38678, CVE-2025-38680, CVE-2025-38681,
CVE-2025-38683, CVE-2025-38684, CVE-2025-38685, CVE-2025-38687,
CVE-2025-38691, CVE-2025-38693, CVE-2025-38694, CVE-2025-38695,
CVE-2025-38696, CVE-2025-38697, CVE-2025-38698, CVE-2025-38699,
CVE-2025-38700, CVE-2025-38701, CVE-2025-38706, CVE-2025-38707,
CVE-2025-38708, CVE-2025-38711, CVE-2025-38712, CVE-2025-38713,
CVE-2025-38714, CVE-2025-38715, CVE-2025-38718, CVE-2025-38721,
CVE-2025-38724, CVE-2025-38725, CVE-2025-38729, CVE-2025-38732,
CVE-2025-39673, CVE-2025-39675, CVE-2025-39676, CVE-2025-39681,
CVE-2025-39683, CVE-2025-39684, CVE-2025-39685, CVE-2025-39686,
CVE-2025-39687, CVE-2025-39689, CVE-2025-39691, CVE-2025-39693,
CVE-2025-39697, CVE-2025-39702, CVE-2025-39703, CVE-2025-39709,
CVE-2025-39710, CVE-2025-39713, CVE-2025-39714, CVE-2025-39724,
CVE-2025-39730, CVE-2025-39734, CVE-2025-39736, CVE-2025-39737,
CVE-2025-39738, CVE-2025-39742, CVE-2025-39743, CVE-2025-39749,
CVE-2025-39752, CVE-2025-39756, CVE-2025-39757, CVE-2025-39760,
CVE-2025-39766, CVE-2025-39772, CVE-2025-39773, CVE-2025-39776,
CVE-2025-39782, CVE-2025-39783, CVE-2025-39787, CVE-2025-39788,
CVE-2025-39790, CVE-2025-39794, CVE-2025-39795, CVE-2025-39798,
CVE-2025-39801, CVE-2025-39806, CVE-2025-39808, CVE-2025-39812,
CVE-2025-39813, CVE-2025-39817, CVE-2025-39823, CVE-2025-39824,
CVE-2025-39828, CVE-2025-39835, CVE-2025-39839, CVE-2025-39841,
CVE-2025-39844, CVE-2025-39845, CVE-2025-39846, CVE-2025-39847,
CVE-2025-39848, CVE-2025-39853, CVE-2025-39860, CVE-2025-39864,
CVE-2025-39865, CVE-2025-39866, CVE-2025-39891, CVE-2025-39894,
CVE-2025-39902, CVE-2025-39920
Package Information:
https://launchpad.net/ubuntu/+source/linux-raspi/5.15.0-1091.94
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20251215/f6d33d15/attachment.sig>
More information about the ubuntu-security-announce
mailing list