{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [ "linux-image-6.14.0-35-generic", "linux-modules-6.14.0-35-generic" ], "removed": [ "linux-image-6.14.0-34-generic", "linux-modules-6.14.0-34-generic" ], "diff": [ "amd64-microcode", "linux-image-virtual" ] } }, "diff": { "deb": [ { "name": "amd64-microcode", "from_version": { "source_package_name": "amd64-microcode", "source_package_version": "3.20250311.1ubuntu0.25.04.1", "version": "3.20250311.1ubuntu0.25.04.1" }, "to_version": { "source_package_name": "amd64-microcode", "source_package_version": "3.20250708.0ubuntu0.25.04.2", "version": "3.20250708.0ubuntu0.25.04.2" }, "cves": [ { "cve": "CVE-2024-36350", "url": "https://ubuntu.com/security/CVE-2024-36350", "cve_description": "A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.", "cve_priority": "medium", "cve_public_date": "2025-07-08 17:15:00 UTC" }, { "cve": "CVE-2024-36357", "url": "https://ubuntu.com/security/CVE-2024-36357", "cve_description": "A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.", "cve_priority": "medium", "cve_public_date": "2025-07-08 17:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2121119 ], "changes": [ { "cves": [ { "cve": "CVE-2024-36350", "url": "https://ubuntu.com/security/CVE-2024-36350", "cve_description": "A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.", "cve_priority": "medium", "cve_public_date": "2025-07-08 17:15:00 UTC" }, { "cve": "CVE-2024-36357", "url": "https://ubuntu.com/security/CVE-2024-36357", "cve_description": "A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.", "cve_priority": "medium", "cve_public_date": "2025-07-08 17:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Update package data from linux-firmware 20250708", " - Updated microcodes:", " Family=0x19 Model=0x08 Stepping=0x02: Patch=0x0a00820d Length=5568 bytes", " Family=0x19 Model=0x18 Stepping=0x01: Patch=0x0a108109 Length=5568 bytes", " Family=0x19 Model=0x21 Stepping=0x00: Patch=0x0a20102e Length=5568 bytes", " Family=0x19 Model=0x21 Stepping=0x02: Patch=0x0a201211 Length=5568 bytes", " Family=0x19 Model=0x44 Stepping=0x01: Patch=0x0a404108 Length=5568 bytes", " Family=0x19 Model=0x50 Stepping=0x00: Patch=0x0a500012 Length=5568 bytes", " Family=0x19 Model=0x61 Stepping=0x02: Patch=0x0a60120a Length=5568 bytes", " Family=0x19 Model=0x74 Stepping=0x01: Patch=0x0a704108 Length=5568 bytes", " Family=0x19 Model=0x75 Stepping=0x02: Patch=0x0a705208 Length=5568 bytes", " Family=0x19 Model=0x78 Stepping=0x00: Patch=0x0a708008 Length=5568 bytes", " Family=0x19 Model=0x7c Stepping=0x00: Patch=0x0a70c008 Length=5568 bytes", " - CVE-2024-36350 (AMD-SB-7029)", " A transient execution vulnerability in some AMD processors may allow", " an attacker to infer data from previous stores, potentially resulting", " in the leakage of privileged information.", " - CVE-2024-36357 (AMD-SB-7029)", " A transient execution vulnerability in some AMD processors may allow", " an attacker to infer data in the L1D cache, potentially resulting in", " the leakage of sensitive information across privileged boundaries.", " * Remaining changes:", " - initramfs-tools hook (debian/initramfs.hook):", " + Default to 'early' instead of 'auto' when building with", " MODULES=most", " + Do not override preset defaults from auto-exported conf", " snippets loaded by initramfs-tools.", " * Also Update AMD PMF TA Firmware to v3.1 to match the upstream git tag. (LP: #2121119)", "" ], "package": "amd64-microcode", "version": "3.20250708.0ubuntu0.25.04.2", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [ 2121119 ], "author": "Rodrigo Figueiredo Zaiden ", "date": "Wed, 16 Jul 2025 17:59:47 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-image-virtual", "from_version": { "source_package_name": "linux-meta", "source_package_version": "6.14.0-34.34", "version": "6.14.0-34.34" }, "to_version": { "source_package_name": "linux-meta", "source_package_version": "6.14.0-35.35", "version": "6.14.0-35.35" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Main version: 6.14.0-35.35", "" ], "package": "linux-meta", "version": "6.14.0-35.35", "urgency": "medium", "distributions": "plucky", "launchpad_bugs_fixed": [], "author": "Manuel Diewald ", "date": "Fri, 10 Oct 2025 22:26:05 +0200" } ], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "added": { "deb": [ { "name": "linux-image-6.14.0-35-generic", "from_version": { "source_package_name": "linux-signed", "source_package_version": "6.14.0-34.34", "version": null }, "to_version": { "source_package_name": "linux-signed", "source_package_version": "6.14.0-35.35", "version": "6.14.0-35.35" }, "cves": [], "launchpad_bugs_fixed": [ 1786013 ], "changes": [ { "cves": [], "log": [ "", " * Main version: 6.14.0-35.35", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/tracking-bug -- resync from main package", "" ], "package": "linux-signed", "version": "6.14.0-35.35", "urgency": "medium", "distributions": "plucky", "launchpad_bugs_fixed": [ 1786013 ], "author": "Manuel Diewald ", "date": "Fri, 10 Oct 2025 22:26:14 +0200" } ], "notes": "linux-image-6.14.0-35-generic version '6.14.0-35.35' (source package linux-signed version '6.14.0-35.35') was added. linux-image-6.14.0-35-generic version '6.14.0-35.35' has the same source package name, linux-signed, as removed package linux-image-6.14.0-34-generic. As such we can use the source package version of the removed package, '6.14.0-34.34', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-modules-6.14.0-35-generic", "from_version": { "source_package_name": "linux", "source_package_version": "6.14.0-34.34", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "6.14.0-35.35", "version": "6.14.0-35.35" }, "cves": [ { "cve": "CVE-2025-40300", "url": "https://ubuntu.com/security/CVE-2025-40300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already protect kernel/KVM from a malicious guest. Userspace can additionally be protected by flushing the branch predictors after a VMexit. Since it is the userspace that consumes the poisoned branch predictors, conditionally issue an IBPB after a VMexit and before returning to userspace. Workloads that frequently switch between hypervisor and userspace will incur the most overhead from the new IBPB. This new IBPB is not integrated with the existing IBPB sites. For instance, a task can use the existing speculation control prctl() to get an IBPB at context switch time. With this implementation, the IBPB is doubled up: one at context switch and another before running userspace. The intent is to integrate and optimize these cases post-embargo. [ dhansen: elaborate on suboptimal IBPB solution ]", "cve_priority": "high", "cve_public_date": "2025-09-11 17:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2127468, 2124105, 2124105 ], "changes": [ { "cves": [ { "cve": "CVE-2025-40300", "url": "https://ubuntu.com/security/CVE-2025-40300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already protect kernel/KVM from a malicious guest. Userspace can additionally be protected by flushing the branch predictors after a VMexit. Since it is the userspace that consumes the poisoned branch predictors, conditionally issue an IBPB after a VMexit and before returning to userspace. Workloads that frequently switch between hypervisor and userspace will incur the most overhead from the new IBPB. This new IBPB is not integrated with the existing IBPB sites. For instance, a task can use the existing speculation control prctl() to get an IBPB at context switch time. With this implementation, the IBPB is doubled up: one at context switch and another before running userspace. The intent is to integrate and optimize these cases post-embargo. [ dhansen: elaborate on suboptimal IBPB solution ]", "cve_priority": "high", "cve_public_date": "2025-09-11 17:15:00 UTC" } ], "log": [ "", " * plucky/linux: 6.14.0-35.35 -proposed tracker (LP: #2127468)", "", " * VMSCAPE CVE-2025-40300 (LP: #2124105) // CVE-2025-40300", " - Documentation/hw-vuln: Add VMSCAPE documentation", " - x86/vmscape: Enumerate VMSCAPE bug", " - x86/vmscape: Add conditional IBPB mitigation", " - x86/vmscape: Enable the mitigation", " - x86/bugs: Move cpu_bugs_smt_update() down", " - x86/vmscape: Warn when STIBP is disabled with SMT", " - x86/vmscape: Add old Intel CPUs to affected list", "", " * VMSCAPE CVE-2025-40300 (LP: #2124105)", " - [Config] Enable MITIGATION_VMSCAPE config", "" ], "package": "linux", "version": "6.14.0-35.35", "urgency": "medium", "distributions": "plucky", "launchpad_bugs_fixed": [ 2127468, 2124105, 2124105 ], "author": "Manuel Diewald ", "date": "Fri, 10 Oct 2025 21:09:58 +0200" } ], "notes": "linux-modules-6.14.0-35-generic version '6.14.0-35.35' (source package linux version '6.14.0-35.35') was added. linux-modules-6.14.0-35-generic version '6.14.0-35.35' has the same source package name, linux, as removed package linux-modules-6.14.0-34-generic. As such we can use the source package version of the removed package, '6.14.0-34.34', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false } ], "snap": [] }, "removed": { "deb": [ { "name": "linux-image-6.14.0-34-generic", "from_version": { "source_package_name": "linux-signed", "source_package_version": "6.14.0-34.34", "version": "6.14.0-34.34" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-modules-6.14.0-34-generic", "from_version": { "source_package_name": "linux", "source_package_version": "6.14.0-34.34", "version": "6.14.0-34.34" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "notes": "Changelog diff for Ubuntu 25.04 plucky image from daily image serial 20251021 to 20251030", "from_series": "plucky", "to_series": "plucky", "from_serial": "20251021", "to_serial": "20251030", "from_manifest_filename": "daily_manifest.previous", "to_manifest_filename": "manifest.current" }