USN-8529-1: Linux kernel vulnerabilities
It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer fragments. This flaw is known as Fragnesia. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-43503) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - InfiniBand drivers; - SCSI subsystem; - Thermal drivers; - USB over IP driver; - Network file system (NFS) server daemon; - SMB network file system; - Tracing infrastructure; - B.A.T.M.A.N. meshing protocol; - Ethernet bridge; - Ceph Core library; - DCCP (Datagram Congestion Control Protocol); - IPv4 networking; - IPv6 networking; - Netfilter; - RxRPC session sockets; - X.25 network layer; (CVE-2021-47202, CVE-2024-56643, CVE-2026-23272, CVE-2026-23455, CVE-2026-31402, CVE-2026-31607, CVE-2026-31637, CVE-2026-31659, CVE-2026-31682, CVE-2026-31685, CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43383, CVE-2026-43407, CVE-2026-43414, CVE-2026-45988, CVE-2026-46043, CVE-2026-46119, CVE-2026-46243)
CSIRTS triage
- What
- Multiple vulnerabilities in the Linux kernel could allow local attackers to escalate privileges or compromise the system.
- Who is affected
- Local attackers on systems running the affected Linux kernel.
- Urgency
- Remediation is urgent due to the potential for privilege escalation and confirmed exploitation status.
- Action
- Apply the latest security updates for the Linux kernel.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch kernel
Get an email when a new kernel advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://ubuntu.com/security/notices/USN-8529-1
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2026-435030.14% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 3% of all scored CVEs.
- Low exploitation riskCVE-2021-472020.24% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 14% of all scored CVEs.
- Low exploitation riskCVE-2024-566430.22% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 13% of all scored CVEs.
- Low exploitation riskCVE-2026-232720.12% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
- Low exploitation riskCVE-2026-234550.51% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 40% of all scored CVEs.
- Low exploitation riskCVE-2026-314020.49% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 39% of all scored CVEs.
- Low exploitation riskCVE-2026-316070.31% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 23% of all scored CVEs.
- Low exploitation riskCVE-2026-316370.51% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 40% of all scored CVEs.
- Low exploitation riskCVE-2026-316590.40% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 32% of all scored CVEs.
- Low exploitation riskCVE-2026-316820.42% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 34% of all scored CVEs.
Referenced CVEs
Same CVEs, other sources
How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilitiescert-bund
- medium[UPDATE] [medium] Linux Kernel: Multiple Vulnerabilitiescert-bund
- medium[UPDATE] [medium] Linux Kernel: Multiple Vulnerabilitiescert-bund
- high[UPDATE] [high] Linux Kernel: Vulnerability allows gaining administrator rightscert-bund
- medium[UPDATE] [medium] Linux Kernel: Vulnerability allows privilege escalationcert-bund
- unknownUSN-8530-1: Linux kernel (AWS) vulnerabilitiesubuntu
- unknownexploitedUSN-8528-1: Linux kernel (Xilinx ZynqMP) vulnerabilitiesubuntu
- unknownUSN-8527-1: Linux kernel (Raspberry Pi) vulnerabilitiesubuntu
- unknownUSN-8492-5: Linux kernel (FIPS) vulnerabilitiesubuntu
- unknownMultiple vulnerabilities in SUSE Linux kernel (July 10, 2026)cert-fr-avis
- unknownMultiple vulnerabilities in Red Hat Linux kernel (July 10, 2026)cert-fr-avis
- unknownMultiple vulnerabilities in Ubuntu Linux kernel (July 10, 2026)cert-fr-avis
More from Ubuntu Security Notices
- unknownUSN-8530-1: Linux kernel (AWS) vulnerabilities2026-07-10
- unknownUSN-8528-1: Linux kernel (Xilinx ZynqMP) vulnerabilities2026-07-10
- unknownUSN-8527-1: Linux kernel (Raspberry Pi) vulnerabilities2026-07-10
- unknownUSN-8492-5: Linux kernel (FIPS) vulnerabilities2026-07-10
- unknownUSN-8526-1: libheif vulnerabilities2026-07-09