Not a user yet?
Log in Register for free Suggest a product
Update

USN-7860-5: Linux kernel (HWE) vulnerability

Ubuntu DesktopUbuntu Desktop
Canonical

USN-7860-5: Linux kernel (HWE) vulnerability

Publication date: 10 November 2025
Overview: The system could be made to expose sensitive information.

Packages
linux-hwe-6.14 - Linux hardware enablement (HWE) kernel

Details
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain processors. This
flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this
to expose sensitive information from the host OS.

Update instructions
The problem can be corrected by updating your system to the following package versions:

24.04 LTS noble

  • linux-image-6.14.0-35-generic – 6.14.0-35.35~24.04.1
  • linux-image-6.14.0-35-generic-64k – 6.14.0-35.35~24.04.1
  • linux-image-generic-6.14 – 6.14.0-35.35~24.04.1
  • linux-image-generic-64k-6.14 – 6.14.0-35.35~24.04.1
  • linux-image-generic-64k-hwe-24.04 – 6.14.0-35.35~24.04.1
  • linux-image-generic-hwe-24.04 – 6.14.0-35.35~24.04.1
  • linux-image-virtual-6.14 – 6.14.0-35.35~24.04.1
  • linux-image-virtual-hwe-24.04 – 6.14.0-35.35~24.04.1
More updatesTo the product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Receive Important Update Messages Stay tuned for upcoming Canonical updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad