This bug was fixed in the package linux - 6.8.0-117.117
---------------
linux (6.8.0-117.117) noble; urgency=medium
* noble/linux: 6.8.0-117.117 -proposed tracker (LP: #2151070)
* CVE-2026-31419
- net: bonding: fix use-after-free in bond_xmit_broadcast()
* CVE-2026-31431
- crypto: scatterwalk - Backport memcpy_sglist()
- crypto: algif_aead - use memcpy_sglist() instead of null skcipher
- crypto: algif_aead - Revert to operating out-of-place
- crypto: algif_aead - snapshot IV for async AEAD requests
- crypto: authenc - use memcpy_sglist() instead of null skcipher
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place
decryption
- crypto: authencesn - Fix src offset when decrypting in-place
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl
- crypto: algif_aead - Fix minimum RX size check for decryption
* CVE-2026-31533
- net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption
* CVE-2026-31504
- net: fix fanout UAF in packet_release() via NETDEV_UP race
-- Manuel Diewald <[email protected]> Tue, 05 May 2026
15:53:02 +0200
** Changed in: linux (Ubuntu Noble)
Status: Fix Committed => Fix Released
** CVE added: https://cve.org/CVERecord?id=CVE-2026-31419
** CVE added: https://cve.org/CVERecord?id=CVE-2026-31431
** CVE added: https://cve.org/CVERecord?id=CVE-2026-31504
** CVE added: https://cve.org/CVERecord?id=CVE-2026-31533
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2149762
Title:
Revert "netfilter: conntrack: fix erronous removal of offload bit"
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2149762/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
