{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [ "linux-headers-5.15.0-1093-kvm", "linux-image-5.15.0-1093-kvm", "linux-kvm-headers-5.15.0-1093", "linux-modules-5.15.0-1093-kvm" ], "removed": [ "linux-headers-5.15.0-1092-kvm", "linux-image-5.15.0-1092-kvm", "linux-kvm-headers-5.15.0-1092", "linux-modules-5.15.0-1092-kvm" ], "diff": [ "linux-headers-kvm", "linux-image-kvm", "linux-kvm" ] } }, "diff": { "deb": [ { "name": "linux-headers-kvm", "from_version": { "source_package_name": "linux-meta-kvm", "source_package_version": "5.15.0.1092.88", "version": "5.15.0.1092.88" }, "to_version": { "source_package_name": "linux-meta-kvm", "source_package_version": "5.15.0.1093.89", "version": "5.15.0.1093.89" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Bump ABI 5.15.0-1093", "" ], "package": "linux-meta-kvm", "version": "5.15.0.1093.89", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [], "author": "Thibault Ferrante ", "date": "Fri, 13 Feb 2026 17:24:25 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-image-kvm", "from_version": { "source_package_name": "linux-meta-kvm", "source_package_version": "5.15.0.1092.88", "version": "5.15.0.1092.88" }, "to_version": { "source_package_name": "linux-meta-kvm", "source_package_version": "5.15.0.1093.89", "version": "5.15.0.1093.89" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Bump ABI 5.15.0-1093", "" ], "package": "linux-meta-kvm", "version": "5.15.0.1093.89", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [], "author": "Thibault Ferrante ", "date": "Fri, 13 Feb 2026 17:24:25 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-kvm", "from_version": { "source_package_name": "linux-meta-kvm", "source_package_version": "5.15.0.1092.88", "version": "5.15.0.1092.88" }, "to_version": { "source_package_name": "linux-meta-kvm", "source_package_version": "5.15.0.1093.89", "version": "5.15.0.1093.89" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Bump ABI 5.15.0-1093", "" ], "package": "linux-meta-kvm", "version": "5.15.0.1093.89", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [], "author": "Thibault Ferrante ", "date": "Fri, 13 Feb 2026 17:24:25 +0100" } ], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "added": { "deb": [ { "name": "linux-headers-5.15.0-1093-kvm", "from_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1092.97", "version": null }, "to_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1093.98", "version": "5.15.0-1093.98" }, "cves": [ { "cve": "CVE-2022-49267", "url": "https://ubuntu.com/security/CVE-2022-49267", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: mmc: core: use sysfs_emit() instead of sprintf() sprintf() (still used in the MMC core for the sysfs output) is vulnerable to the buffer overflow. Use the new-fangled sysfs_emit() instead. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool.", "cve_priority": "medium", "cve_public_date": "2025-02-26 07:01:00 UTC" }, { "cve": "CVE-2025-21780", "url": "https://ubuntu.com/security/CVE-2025-21780", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() It malicious user provides a small pptable through sysfs and then a bigger pptable, it may cause buffer overflow attack in function smu_sys_set_pp_table().", "cve_priority": "high", "cve_public_date": "2025-02-27 03:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2140890, 2140905 ], "changes": [ { "cves": [ { "cve": "CVE-2022-49267", "url": "https://ubuntu.com/security/CVE-2022-49267", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: mmc: core: use sysfs_emit() instead of sprintf() sprintf() (still used in the MMC core for the sysfs output) is vulnerable to the buffer overflow. Use the new-fangled sysfs_emit() instead. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool.", "cve_priority": "medium", "cve_public_date": "2025-02-26 07:01:00 UTC" }, { "cve": "CVE-2025-21780", "url": "https://ubuntu.com/security/CVE-2025-21780", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() It malicious user provides a small pptable through sysfs and then a bigger pptable, it may cause buffer overflow attack in function smu_sys_set_pp_table().", "cve_priority": "high", "cve_public_date": "2025-02-27 03:15:00 UTC" } ], "log": [ "", " * jammy/linux-kvm: 5.15.0-1093.98 -proposed tracker (LP: #2140890)", "", " [ Ubuntu: 5.15.0-171.181 ]", "", " * jammy/linux: 5.15.0-171.181 -proposed tracker (LP: #2140905)", " * CVE-2022-49267", " - mmc: core: use sysfs_emit() instead of sprintf()", " * CVE-2025-21780", " - drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()", "" ], "package": "linux-kvm", "version": "5.15.0-1093.98", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2140890, 2140905 ], "author": "Thibault Ferrante ", "date": "Fri, 13 Feb 2026 17:24:18 +0100" } ], "notes": "linux-headers-5.15.0-1093-kvm version '5.15.0-1093.98' (source package linux-kvm version '5.15.0-1093.98') was added. linux-headers-5.15.0-1093-kvm version '5.15.0-1093.98' has the same source package name, linux-kvm, as removed package linux-headers-5.15.0-1092-kvm. As such we can use the source package version of the removed package, '5.15.0-1092.97', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-image-5.15.0-1093-kvm", "from_version": { "source_package_name": "linux-signed-kvm", "source_package_version": "5.15.0-1092.97", "version": null }, "to_version": { "source_package_name": "linux-signed-kvm", "source_package_version": "5.15.0-1093.98", "version": "5.15.0-1093.98" }, "cves": [], "launchpad_bugs_fixed": [ 1786013 ], "changes": [ { "cves": [], "log": [ "", " * Main version: 5.15.0-1093.98", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/tracking-bug -- resync from main package", "" ], "package": "linux-signed-kvm", "version": "5.15.0-1093.98", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 1786013 ], "author": "Thibault Ferrante ", "date": "Fri, 13 Feb 2026 17:24:31 +0100" } ], "notes": "linux-image-5.15.0-1093-kvm version '5.15.0-1093.98' (source package linux-signed-kvm version '5.15.0-1093.98') was added. linux-image-5.15.0-1093-kvm version '5.15.0-1093.98' has the same source package name, linux-signed-kvm, as removed package linux-image-5.15.0-1092-kvm. As such we can use the source package version of the removed package, '5.15.0-1092.97', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-kvm-headers-5.15.0-1093", "from_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1092.97", "version": null }, "to_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1093.98", "version": "5.15.0-1093.98" }, "cves": [ { "cve": "CVE-2022-49267", "url": "https://ubuntu.com/security/CVE-2022-49267", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: mmc: core: use sysfs_emit() instead of sprintf() sprintf() (still used in the MMC core for the sysfs output) is vulnerable to the buffer overflow. Use the new-fangled sysfs_emit() instead. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool.", "cve_priority": "medium", "cve_public_date": "2025-02-26 07:01:00 UTC" }, { "cve": "CVE-2025-21780", "url": "https://ubuntu.com/security/CVE-2025-21780", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() It malicious user provides a small pptable through sysfs and then a bigger pptable, it may cause buffer overflow attack in function smu_sys_set_pp_table().", "cve_priority": "high", "cve_public_date": "2025-02-27 03:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2140890, 2140905 ], "changes": [ { "cves": [ { "cve": "CVE-2022-49267", "url": "https://ubuntu.com/security/CVE-2022-49267", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: mmc: core: use sysfs_emit() instead of sprintf() sprintf() (still used in the MMC core for the sysfs output) is vulnerable to the buffer overflow. Use the new-fangled sysfs_emit() instead. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool.", "cve_priority": "medium", "cve_public_date": "2025-02-26 07:01:00 UTC" }, { "cve": "CVE-2025-21780", "url": "https://ubuntu.com/security/CVE-2025-21780", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() It malicious user provides a small pptable through sysfs and then a bigger pptable, it may cause buffer overflow attack in function smu_sys_set_pp_table().", "cve_priority": "high", "cve_public_date": "2025-02-27 03:15:00 UTC" } ], "log": [ "", " * jammy/linux-kvm: 5.15.0-1093.98 -proposed tracker (LP: #2140890)", "", " [ Ubuntu: 5.15.0-171.181 ]", "", " * jammy/linux: 5.15.0-171.181 -proposed tracker (LP: #2140905)", " * CVE-2022-49267", " - mmc: core: use sysfs_emit() instead of sprintf()", " * CVE-2025-21780", " - drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()", "" ], "package": "linux-kvm", "version": "5.15.0-1093.98", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2140890, 2140905 ], "author": "Thibault Ferrante ", "date": "Fri, 13 Feb 2026 17:24:18 +0100" } ], "notes": "linux-kvm-headers-5.15.0-1093 version '5.15.0-1093.98' (source package linux-kvm version '5.15.0-1093.98') was added. linux-kvm-headers-5.15.0-1093 version '5.15.0-1093.98' has the same source package name, linux-kvm, as removed package linux-headers-5.15.0-1092-kvm. As such we can use the source package version of the removed package, '5.15.0-1092.97', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-modules-5.15.0-1093-kvm", "from_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1092.97", "version": null }, "to_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1093.98", "version": "5.15.0-1093.98" }, "cves": [ { "cve": "CVE-2022-49267", "url": "https://ubuntu.com/security/CVE-2022-49267", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: mmc: core: use sysfs_emit() instead of sprintf() sprintf() (still used in the MMC core for the sysfs output) is vulnerable to the buffer overflow. Use the new-fangled sysfs_emit() instead. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool.", "cve_priority": "medium", "cve_public_date": "2025-02-26 07:01:00 UTC" }, { "cve": "CVE-2025-21780", "url": "https://ubuntu.com/security/CVE-2025-21780", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() It malicious user provides a small pptable through sysfs and then a bigger pptable, it may cause buffer overflow attack in function smu_sys_set_pp_table().", "cve_priority": "high", "cve_public_date": "2025-02-27 03:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2140890, 2140905 ], "changes": [ { "cves": [ { "cve": "CVE-2022-49267", "url": "https://ubuntu.com/security/CVE-2022-49267", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: mmc: core: use sysfs_emit() instead of sprintf() sprintf() (still used in the MMC core for the sysfs output) is vulnerable to the buffer overflow. Use the new-fangled sysfs_emit() instead. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool.", "cve_priority": "medium", "cve_public_date": "2025-02-26 07:01:00 UTC" }, { "cve": "CVE-2025-21780", "url": "https://ubuntu.com/security/CVE-2025-21780", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() It malicious user provides a small pptable through sysfs and then a bigger pptable, it may cause buffer overflow attack in function smu_sys_set_pp_table().", "cve_priority": "high", "cve_public_date": "2025-02-27 03:15:00 UTC" } ], "log": [ "", " * jammy/linux-kvm: 5.15.0-1093.98 -proposed tracker (LP: #2140890)", "", " [ Ubuntu: 5.15.0-171.181 ]", "", " * jammy/linux: 5.15.0-171.181 -proposed tracker (LP: #2140905)", " * CVE-2022-49267", " - mmc: core: use sysfs_emit() instead of sprintf()", " * CVE-2025-21780", " - drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()", "" ], "package": "linux-kvm", "version": "5.15.0-1093.98", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2140890, 2140905 ], "author": "Thibault Ferrante ", "date": "Fri, 13 Feb 2026 17:24:18 +0100" } ], "notes": "linux-modules-5.15.0-1093-kvm version '5.15.0-1093.98' (source package linux-kvm version '5.15.0-1093.98') was added. linux-modules-5.15.0-1093-kvm version '5.15.0-1093.98' has the same source package name, linux-kvm, as removed package linux-headers-5.15.0-1092-kvm. As such we can use the source package version of the removed package, '5.15.0-1092.97', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false } ], "snap": [] }, "removed": { "deb": [ { "name": "linux-headers-5.15.0-1092-kvm", "from_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1092.97", "version": "5.15.0-1092.97" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-image-5.15.0-1092-kvm", "from_version": { "source_package_name": "linux-signed-kvm", "source_package_version": "5.15.0-1092.97", "version": "5.15.0-1092.97" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-kvm-headers-5.15.0-1092", "from_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1092.97", "version": "5.15.0-1092.97" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-modules-5.15.0-1092-kvm", "from_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1092.97", "version": "5.15.0-1092.97" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "notes": "Changelog diff for Ubuntu 22.04 jammy image from daily image serial 20260218 to 20260223", "from_series": "jammy", "to_series": "jammy", "from_serial": "20260218", "to_serial": "20260223", "from_manifest_filename": "daily_manifest.previous", "to_manifest_filename": "manifest.current" }