A USN-8070-1 security advisory details multiple vulnerabilities across numerous Linux kernel subsystems, including x86, network drivers, file systems, and networking stacks, which could lead to system compromise. The provided NVD data for three of the listed CVEs shows CVSS scores ranging from Medium (4.7-5.5) to High (7.8). Specific affected version ranges and fixed versions are provided per CVE; for example, CVE-2022-49267 (CVSS 7.8) affects kernels prior to 5.16.19 and 5.17 prior to 5.17.2, requiring an upgrade to those respective fixed versions.
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - MMC subsystem; - Network drivers; - USB Device Class drivers; - BTRFS file system; - File systems infrastructure; - XFRM subsystem; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Simplified Mandatory Access Control Kernel framework; (CVE-2021-47599, CVE-2022-48875, CVE-2022-49267, CVE-2024-47659, CVE-2024-49927, CVE-2024-56548, CVE-2024-56593, CVE-2025-21704, CVE-2025-40215)