This USN-8070-3 advisory addresses multiple vulnerabilities across numerous Linux kernel subsystems, including x86, networking, filesystems, and drivers, which could allow an attacker to compromise the system. Specific details on the attack vectors are not provided, but the advisory references nine CVEs, including CVE-2022-49267 with a CVSS 3.1 score of 7.8 (HIGH). Based on authoritative NVD data, affected version ranges are specific; for example, CVE-2022-49267 affects Linux kernel versions prior to 5.16.19 and versions 5.17 through 5.17.1, with fixes provided in versions 5.16.19 and 5.17.2 respectively.
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - MMC subsystem; - Network drivers; - USB Device Class drivers; - BTRFS file system; - File systems infrastructure; - XFRM subsystem; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Simplified Mandatory Access Control Kernel framework; (CVE-2021-47599, CVE-2022-48875, CVE-2022-49267, CVE-2024-47659, CVE-2024-49927, CVE-2024-56548, CVE-2024-56593, CVE-2025-21704, CVE-2025-40215)