[Kernel-packages] [Bug 1971205] Re: CVE-2022-25258 and CVE-2022-25375

Marc Deslauriers Wed, 11 May 2022 11:16:00 -0700

The security team doesn't track security updates using launchpad bugs.
The CVE tracker is where security updates are tracked:


https://ubuntu.com/security/cves

You can follow the progress on those CVEs here:

https://ubuntu.com/security/cve-2022-25258
https://ubuntu.com/security/cve-2022-25375

** Changed in: linux-aws (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-aws-5.13 (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-aws-5.4 (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-azure (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-azure-4.15 (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-azure-5.13 (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-azure-5.4 (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-bluefield (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-dell300x (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-gcp (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-gcp-4.15 (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-gcp-5.13 (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-gcp-5.4 (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-gke (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-gke-5.4 (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-gkeop (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-gkeop-5.4 (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-hwe-5.13 (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-hwe-5.4 (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-ibm (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-ibm-5.4 (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-kvm (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-oracle (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-oracle-5.13 (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-oracle-5.4 (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-raspi (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-raspi-5.4 (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-raspi2 (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-riscv (Ubuntu)
       Status: New => Confirmed

** Changed in: linux-snapdragon (Ubuntu)
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-aws in Ubuntu.
https://bugs.launchpad.net/bugs/1971205

Title:
  CVE-2022-25258 and CVE-2022-25375

Status in linux-aws package in Ubuntu:
  Confirmed
Status in linux-aws-5.13 package in Ubuntu:
  Confirmed
Status in linux-aws-5.4 package in Ubuntu:
  Confirmed
Status in linux-azure package in Ubuntu:
  Confirmed
Status in linux-azure-4.15 package in Ubuntu:
  Confirmed
Status in linux-azure-5.13 package in Ubuntu:
  Confirmed
Status in linux-azure-5.4 package in Ubuntu:
  Confirmed
Status in linux-bluefield package in Ubuntu:
  Confirmed
Status in linux-dell300x package in Ubuntu:
  Confirmed
Status in linux-gcp package in Ubuntu:
  Confirmed
Status in linux-gcp-4.15 package in Ubuntu:
  Confirmed
Status in linux-gcp-5.13 package in Ubuntu:
  Confirmed
Status in linux-gcp-5.4 package in Ubuntu:
  Confirmed
Status in linux-gke package in Ubuntu:
  Confirmed
Status in linux-gke-5.4 package in Ubuntu:
  Confirmed
Status in linux-gkeop package in Ubuntu:
  Confirmed
Status in linux-gkeop-5.4 package in Ubuntu:
  Confirmed
Status in linux-hwe-5.13 package in Ubuntu:
  Confirmed
Status in linux-hwe-5.4 package in Ubuntu:
  Confirmed
Status in linux-ibm package in Ubuntu:
  Confirmed
Status in linux-ibm-5.4 package in Ubuntu:
  Confirmed
Status in linux-kvm package in Ubuntu:
  Confirmed
Status in linux-oracle package in Ubuntu:
  Confirmed
Status in linux-oracle-5.13 package in Ubuntu:
  Confirmed
Status in linux-oracle-5.4 package in Ubuntu:
  Confirmed
Status in linux-raspi package in Ubuntu:
  Confirmed
Status in linux-raspi-5.4 package in Ubuntu:
  Confirmed
Status in linux-raspi2 package in Ubuntu:
  Confirmed
Status in linux-riscv package in Ubuntu:
  Confirmed
Status in linux-snapdragon package in Ubuntu:
  Confirmed

Bug description:
  These packages are vulnerable to CVE-2022-25258 and CVE-2022-25375 in
  at least one Ubuntu release, as stated in the Ubuntu CVE Tracker.

  Please release fixed packages.

  Debian released an advisory on March 7.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/1971205/+subscriptions


-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1971205] Re: CVE-2022-25258 and CVE-2022-25375

Reply via email to