- Vulnerability/
- USN-7448-1
23/4/2025
USN-7448-1: Linux kernel vulnerabilities
First published: Wed Apr 23 2025(Updated: )
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. (CVE-2025-2312) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems:
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-6.11.0-1013-azure | <6.11.0-1013.13 | 6.11.0-1013.13 |
| Ubuntu | =24.10 | |
| All of | ||
| ubuntu/linux-image-6.11.0-1013-azure-fde | <6.11.0-1013.13 | 6.11.0-1013.13 |
| Ubuntu | =24.10 | |
| All of | ||
| ubuntu/linux-image-azure | <6.11.0-1013.13 | 6.11.0-1013.13 |
| Ubuntu | =24.10 | |
| All of | ||
| ubuntu/linux-image-azure-fde | <6.11.0-1013.13 | 6.11.0-1013.13 |
| Ubuntu | =24.10 | |
| All of | ||
| ubuntu/linux-image-6.11.0-1013-azure | <6.11.0-1013.13~24.04.1 | 6.11.0-1013.13~24.04.1 |
| Ubuntu | =24.04 | |
| All of | ||
| ubuntu/linux-image-6.11.0-1013-azure-fde | <6.11.0-1013.13~24.04.1 | 6.11.0-1013.13~24.04.1 |
| Ubuntu | =24.04 | |
| All of | ||
| ubuntu/linux-image-azure | <6.11.0-1013.13~24.04.1 | 6.11.0-1013.13~24.04.1 |
| Ubuntu | =24.04 | |
| All of | ||
| ubuntu/linux-image-azure-fde | <6.11.0-1013.13~24.04.1 | 6.11.0-1013.13~24.04.1 |
| Ubuntu | =24.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2025-21695
- https://ubuntu.com/security/CVE-2025-21673
- https://ubuntu.com/security/CVE-2025-21685
- https://ubuntu.com/security/CVE-2025-21674
- https://ubuntu.com/security/CVE-2025-21682
- https://ubuntu.com/security/CVE-2025-21702
- https://ubuntu.com/security/CVE-2025-21689
- https://ubuntu.com/security/CVE-2024-57952
- https://ubuntu.com/security/CVE-2025-21683
- https://ubuntu.com/security/CVE-2024-57951
- https://ubuntu.com/security/CVE-2025-21669
- https://ubuntu.com/security/CVE-2025-21676
- https://ubuntu.com/security/CVE-2025-21680
- https://ubuntu.com/security/CVE-2025-21696
- https://ubuntu.com/security/CVE-2025-21666
- https://ubuntu.com/security/CVE-2025-21681
- https://ubuntu.com/security/CVE-2025-21684
- https://ubuntu.com/security/CVE-2025-21697
- https://ubuntu.com/security/CVE-2025-21667
- https://ubuntu.com/security/CVE-2025-2312
- https://ubuntu.com/security/CVE-2025-21693
- https://ubuntu.com/security/CVE-2025-21701
- https://ubuntu.com/security/CVE-2025-21690
- https://ubuntu.com/security/CVE-2025-21678
- https://ubuntu.com/security/CVE-2024-57950
- https://ubuntu.com/security/CVE-2025-21756
- https://ubuntu.com/security/CVE-2025-21699
- https://ubuntu.com/security/CVE-2025-21703
- https://ubuntu.com/security/CVE-2025-21665
- https://ubuntu.com/security/CVE-2025-21694
- https://ubuntu.com/security/CVE-2024-57949
- https://ubuntu.com/security/CVE-2025-21668
- https://ubuntu.com/security/CVE-2025-21672
- https://ubuntu.com/security/CVE-2025-21675
- https://ubuntu.com/security/CVE-2025-21670
- https://ubuntu.com/security/CVE-2024-57948
- https://ubuntu.com/security/CVE-2025-21993
- https://ubuntu.com/security/CVE-2025-21700
- https://ubuntu.com/security/CVE-2025-21677
- https://ubuntu.com/security/CVE-2025-21692
- https://ubuntu.com/security/CVE-2025-21691
- https://ubuntu.com/security/notices/USN-7445-1
- https://ubuntu.com/security/notices/USN-7428-1
- https://ubuntu.com/security/notices/USN-7428-2
- https://ubuntu.com/security/notices/USN-7429-1
- https://ubuntu.com/security/notices/USN-7429-2
- https://ubuntu.com/security/notices/USN-7449-1
- https://ubuntu.com/security/notices/USN-7450-1
- https://ubuntu.com/security/notices/USN-7451-1
- https://ubuntu.com/security/notices/USN-7452-1
- https://ubuntu.com/security/notices/USN-7453-1
- https://ubuntu.com/security/notices/USN-7455-1
- https://ubuntu.com/security/notices/USN-7455-2
- https://ubuntu.com/security/notices/USN-7455-3
- https://ubuntu.com/security/notices/USN-7459-1
- https://ubuntu.com/security/notices/USN-7460-1
- https://ubuntu.com/security/notices/USN-7461-1
- https://ubuntu.com/security/notices/USN-7461-2
- https://ubuntu.com/security/notices/USN-7462-1
- https://ubuntu.com/security/notices/USN-7462-2
- https://ubuntu.com/security/notices/USN-7463-1
- https://ubuntu.com/security/notices/USN-7449-2
- https://ubuntu.com/security/notices/USN-7455-4
- https://ubuntu.com/security/notices/USN-7387-1
- https://ubuntu.com/security/notices/USN-7388-1
- https://ubuntu.com/security/notices/USN-7389-1
- https://ubuntu.com/security/notices/USN-7390-1
- https://ubuntu.com/security/notices/USN-7387-2
- https://ubuntu.com/security/notices/USN-7387-3
- https://ubuntu.com/security/notices/USN-7391-1
- https://ubuntu.com/security/notices/USN-7392-1
- https://ubuntu.com/security/notices/USN-7392-2
- https://ubuntu.com/security/notices/USN-7393-1
- https://ubuntu.com/security/notices/USN-7392-4
- https://ubuntu.com/security/notices/USN-7392-3
- https://ubuntu.com/security/notices/USN-7401-1
- https://ubuntu.com/security/notices/USN-7407-1
- https://ubuntu.com/security/notices/USN-7413-1
- https://ubuntu.com/security/notices/USN-7421-1
- https://ubuntu.com/security/notices/USN-7458-1
- https://ubuntu.com/security/notices/USN-7384-1
- https://ubuntu.com/security/notices/USN-7384-2
- https://launchpad.net/ubuntu/+source/linux-signed-azure/6.11.0-1013.13
- https://launchpad.net/ubuntu/+source/linux-meta-azure/6.11.0-1013.13
- https://launchpad.net/ubuntu/+source/linux-signed-azure-6.11/6.11.0-1013.13~24.04.1
- https://launchpad.net/ubuntu/+source/linux-meta-azure-6.11/6.11.0-1013.13~24.04.1
- https://ubuntu.com/security/notices/USN-7448-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
- CVE-2025-21695
- CVE-2025-21673
- CVE-2025-21685
- CVE-2025-21674
- CVE-2025-21682
- CVE-2025-21702
- CVE-2025-21689
- CVE-2024-57952
- CVE-2025-21683
- CVE-2024-57951
- CVE-2025-21669
- CVE-2025-21676
- CVE-2025-21680
- CVE-2025-21696
- CVE-2025-21666
- CVE-2025-21681
- CVE-2025-21684
- CVE-2025-21697
- CVE-2025-21667
- CVE-2025-2312
- CVE-2025-21693
- CVE-2025-21701
- CVE-2025-21690
- CVE-2025-21678
- CVE-2024-57950
- CVE-2025-21756
- CVE-2025-21699
- CVE-2025-21703
- CVE-2025-21665
- CVE-2025-21694
- CVE-2024-57949
- CVE-2025-21668
- CVE-2025-21672
- CVE-2025-21675
- CVE-2025-21670
- CVE-2024-57948
- CVE-2025-21993
- CVE-2025-21700
- CVE-2025-21677
- CVE-2025-21692
- CVE-2025-21691
Frequently Asked Questions
What is the severity of USN-7448-1?
USN-7448-1 addresses a high severity vulnerability that can expose sensitive information through improper verification in the CIFS network file system implementation.
How do I fix USN-7448-1?
To fix USN-7448-1, update to the recommended linux-image versions for Ubuntu 24.10 or 24.04 as specified in the advisory.
Which systems are affected by USN-7448-1?
USN-7448-1 affects Ubuntu versions 24.10 and 24.04 running specific linux-image packages.
What package versions are recommended for USN-7448-1?
The recommended package versions to mitigate USN-7448-1 are linux-image-6.11.0-1013.13 or later.
What are the potential risks of ignoring USN-7448-1?
Ignoring USN-7448-1 could lead to unauthorized access to sensitive information through exploitation of the CIFS file system vulnerability.
- agent/references
- agent/title
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/type
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu
- version/ubuntu/24.10
- version/ubuntu/24.04