The security team doesn't track security updates using launchpad bugs. The CVE tracker is where security updates are tracked:
https://ubuntu.com/security/cves You can follow the progress on those CVEs here: https://ubuntu.com/security/cve-2022-25258 https://ubuntu.com/security/cve-2022-25375 ** Changed in: linux-aws (Ubuntu) Status: New => Confirmed ** Changed in: linux-aws-5.13 (Ubuntu) Status: New => Confirmed ** Changed in: linux-aws-5.4 (Ubuntu) Status: New => Confirmed ** Changed in: linux-azure (Ubuntu) Status: New => Confirmed ** Changed in: linux-azure-4.15 (Ubuntu) Status: New => Confirmed ** Changed in: linux-azure-5.13 (Ubuntu) Status: New => Confirmed ** Changed in: linux-azure-5.4 (Ubuntu) Status: New => Confirmed ** Changed in: linux-bluefield (Ubuntu) Status: New => Confirmed ** Changed in: linux-dell300x (Ubuntu) Status: New => Confirmed ** Changed in: linux-gcp (Ubuntu) Status: New => Confirmed ** Changed in: linux-gcp-4.15 (Ubuntu) Status: New => Confirmed ** Changed in: linux-gcp-5.13 (Ubuntu) Status: New => Confirmed ** Changed in: linux-gcp-5.4 (Ubuntu) Status: New => Confirmed ** Changed in: linux-gke (Ubuntu) Status: New => Confirmed ** Changed in: linux-gke-5.4 (Ubuntu) Status: New => Confirmed ** Changed in: linux-gkeop (Ubuntu) Status: New => Confirmed ** Changed in: linux-gkeop-5.4 (Ubuntu) Status: New => Confirmed ** Changed in: linux-hwe-5.13 (Ubuntu) Status: New => Confirmed ** Changed in: linux-hwe-5.4 (Ubuntu) Status: New => Confirmed ** Changed in: linux-ibm (Ubuntu) Status: New => Confirmed ** Changed in: linux-ibm-5.4 (Ubuntu) Status: New => Confirmed ** Changed in: linux-kvm (Ubuntu) Status: New => Confirmed ** Changed in: linux-oracle (Ubuntu) Status: New => Confirmed ** Changed in: linux-oracle-5.13 (Ubuntu) Status: New => Confirmed ** Changed in: linux-oracle-5.4 (Ubuntu) Status: New => Confirmed ** Changed in: linux-raspi (Ubuntu) Status: New => Confirmed ** Changed in: linux-raspi-5.4 (Ubuntu) Status: New => Confirmed ** Changed in: linux-raspi2 (Ubuntu) Status: New => Confirmed ** Changed in: linux-riscv (Ubuntu) Status: New => Confirmed ** Changed in: linux-snapdragon (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-aws in Ubuntu. https://bugs.launchpad.net/bugs/1971205 Title: CVE-2022-25258 and CVE-2022-25375 Status in linux-aws package in Ubuntu: Confirmed Status in linux-aws-5.13 package in Ubuntu: Confirmed Status in linux-aws-5.4 package in Ubuntu: Confirmed Status in linux-azure package in Ubuntu: Confirmed Status in linux-azure-4.15 package in Ubuntu: Confirmed Status in linux-azure-5.13 package in Ubuntu: Confirmed Status in linux-azure-5.4 package in Ubuntu: Confirmed Status in linux-bluefield package in Ubuntu: Confirmed Status in linux-dell300x package in Ubuntu: Confirmed Status in linux-gcp package in Ubuntu: Confirmed Status in linux-gcp-4.15 package in Ubuntu: Confirmed Status in linux-gcp-5.13 package in Ubuntu: Confirmed Status in linux-gcp-5.4 package in Ubuntu: Confirmed Status in linux-gke package in Ubuntu: Confirmed Status in linux-gke-5.4 package in Ubuntu: Confirmed Status in linux-gkeop package in Ubuntu: Confirmed Status in linux-gkeop-5.4 package in Ubuntu: Confirmed Status in linux-hwe-5.13 package in Ubuntu: Confirmed Status in linux-hwe-5.4 package in Ubuntu: Confirmed Status in linux-ibm package in Ubuntu: Confirmed Status in linux-ibm-5.4 package in Ubuntu: Confirmed Status in linux-kvm package in Ubuntu: Confirmed Status in linux-oracle package in Ubuntu: Confirmed Status in linux-oracle-5.13 package in Ubuntu: Confirmed Status in linux-oracle-5.4 package in Ubuntu: Confirmed Status in linux-raspi package in Ubuntu: Confirmed Status in linux-raspi-5.4 package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Confirmed Status in linux-riscv package in Ubuntu: Confirmed Status in linux-snapdragon package in Ubuntu: Confirmed Bug description: These packages are vulnerable to CVE-2022-25258 and CVE-2022-25375 in at least one Ubuntu release, as stated in the Ubuntu CVE Tracker. Please release fixed packages. Debian released an advisory on March 7. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/1971205/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp