USN-7384-1

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. (CVE-2024-8805)

Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927)

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. (CVE-2025-2312)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems:

• ARM32 architecture;
• ARM64 architecture;
• x86 architecture;
• Block layer subsystem;
• Cryptographic API;
• ACPI drivers;
• Drivers core;
• ATA over ethernet (AOE) driver;
• Network block device driver;
• Ublk userspace block driver;
• Compressed RAM block device driver;
• TPM device driver;
• CPU frequency scaling framework;
• Hardware crypto device drivers;
• DAX dirext access to differentiated memory framework;
• ARM SCMI message protocol;
• EFI core;
• GPU drivers;
• HID subsystem;
• I2C subsystem;
• I3C subsystem;
• IIO subsystem;
• InfiniBand drivers;
• Input Device core drivers;
• IOMMU subsystem;
• IRQ chip drivers;
• Mailbox framework;
• Media drivers;
• Ethernet bonding driver;
• Network drivers;
• Mellanox network drivers;
• STMicroelectronics network drivers;
• NTB driver;
• Virtio pmem driver;
• Parport drivers;
• PCI subsystem;
• Alibaba DDR Sub-System Driveway PMU driver;
• Pin controllers subsystem;
• x86 platform...