Canonical Issues Major Linux Kernel Security Update for Ubuntu 25.10 on Microsoft Azure

• Facebook
• Twitter

Canonical Issues Major Linux Kernel Security Update for Ubuntu 25.10 on Microsoft Azure

• Why Enterprise RAID Rebuilding Succeeds Where Consumer Arrays Fail?
• Linus Torvalds Rejects MMC Subsystem Updates for Linux 7.0: “Complete Garbage”
• The Man Who Maintained Sudo for 30 Years Now Struggles to Fund the Work That Powers Millions of Servers
• How Close Are Quantum Computers to Breaking RSA-2048?
• Why Windows 10 Users Are Flocking to Zorin OS 18 Instead of Linux Mint?
• How to Prevent Ransomware Infection Risks?
• What is the best alternative to Microsoft Office?

Canonical Issues Major Linux Kernel Security Update for Ubuntu 25.10 on Microsoft Azure

February 24, 2026 | Security News

Canonical today published USN-8029-3, a sweeping security advisory for the Linux kernel powering Ubuntu 25.10 instances on Microsoft Azure.

The notice addresses hundreds of vulnerabilities spanning virtually every major subsystem of the kernel, and represents the third installment in the USN-8029 series — following USN-8029-1 (released February 12) targeting the base kernel and Raspberry Pi variants, and USN-8029-2 (released February 17) covering AWS and Oracle Cloud deployments.

What Is USN-8029-3?

USN-8029-3 specifically targets the linux-azure package — the Linux kernel build optimized for Microsoft Azure Cloud systems running Ubuntu 25.10 (codenamed “Questing”). According to Canonical’s security team, the advisory corrects flaws across more than 300 individual CVE entries (primarily in the CVE-2025-4xxxx range), making it one of the most extensive single-kernel security updates issued for the Ubuntu 25.10 cycle to date.

The core finding is consistent across all affected components: several security issues were discovered in the Linux kernel that could allow an attacker to potentially compromise a vulnerable system.

Affected Package and Version

Only Ubuntu 25.10 is in scope for this notice. Users running earlier Ubuntu LTS releases (24.04, 22.04, etc.) on Azure are addressed by separate advisory tracks.

Scope of the Vulnerabilities

The breadth of this advisory is extraordinary. Canonical’s engineers identified and patched flaws across nearly the entire kernel stack, including:

Architecture-level components: ARM64, MIPS, Nios II, PA-RISC, RISC-V, S390, Sun SPARC, x86, and Xtensa architectures.

Core kernel subsystems: The block layer, cryptographic API, memory management, BPF subsystem, io_uring, scheduler infrastructure, timer subsystem, perf events, kernel futex primitives, PID allocator, and system call implementations.

Storage and file systems: Ext4, Btrfs, F2FS, NTFS3, NFS (client and server), SMB, Ceph, EROFS, GFS2, JFS, NILFS2, and UFS, along with disk quota and file system notification infrastructure.

Networking stack: IPv4, IPv6, Multipath TCP (MPTCP), Netfilter, SCTP, TLS, TIPC, XFRM, eXpress Data Path (XDP), NFC, network traffic control, Sun RPC, VMware vSockets, and Ethernet bridging.

Drivers and hardware support: GPU drivers, InfiniBand, Mellanox network and platform drivers, NVMe, PCI subsystem, USB host controllers and gadgets, Bluetooth, SCSI, SPI, Thunderbolt/USB4, Virtio/VHOST, vDPA, CXL (Compute Express Link), IOMMU, hardware monitoring, hardware crypto accelerators, and many more.

Sound subsystem: The ALSA framework, HD-audio drivers, AMD SoC audio, Intel ASoC drivers, USB sound devices, and WCD audio codecs.

Virtualization and cloud-specific components: The KVM subsystem, Xen hypervisor drivers, VMware Balloon driver, and Virtio network driver — all of which are especially relevant to cloud-deployed workloads running on Azure infrastructure.

Why Azure Deployments Should Act Promptly

The Azure-specific kernel is the foundation of Ubuntu workloads running on Microsoft’s public cloud, powering everything from enterprise application servers to containerized microservices and AI/ML pipelines. Vulnerabilities in this kernel could, if exploited, allow a threat actor to escalate privileges, escape containers, corrupt data, or cause denial of service conditions within an affected instance.

The sheer number of patched CVEs — spread across networking, storage, drivers, and core kernel infrastructure — means the attack surface addressed by this update is unusually wide. Canonical has noted that an attacker could “possibly use these to compromise the system,” indicating that at least some of the flaws carry meaningful exploitability potential.

Important: ABI Change Requires Attention

Canonical has issued a specific warning alongside this update: the kernel ABI (Application Binary Interface) has changed, necessitating a new version number. This means that any third-party kernel modules compiled against the previous kernel version must be recompiled and reinstalled after applying the update.

For users relying on standard Ubuntu kernel metapackages (such as linux-generic or linux-azure), the upgrade process will handle this automatically. However, administrators who have manually installed out-of-tree drivers — common in environments using custom network adapters, GPU compute drivers, or proprietary storage solutions — will need to plan accordingly.

How to Apply the Update

Canonical recommends performing a standard system update and then rebooting to activate the new kernel. On Ubuntu 25.10 systems, the typical update workflow is:

sudo apt update
sudo apt upgrade
sudo reboot

After reboot, administrators can verify the active kernel version with:

uname -r

The expected output for a fully patched Azure instance should reflect kernel version 6.17.0-1008-azure.

Context: The USN-8029 Series

USN-8029-3 is the third in a related series of kernel security advisories all rooted in the same underlying vulnerability research:

• USN-8029-1 (February 12, 2026): Base linux kernel, Raspberry Pi (linux-raspi), and real-time (linux-realtime) variants for Ubuntu 25.10.
• USN-8029-2 (February 17, 2026): Amazon Web Services (linux-aws) and Oracle Cloud (linux-oracle) kernel variants for Ubuntu 25.10.
• USN-8029-3 (February 24, 2026): Microsoft Azure (linux-azure) kernel variant for Ubuntu 25.10.

This systematic rollout across cloud-specific kernel builds reflects Canonical’s practice of maintaining separately optimized and signed kernel images for each major cloud provider, each requiring its own dedicated security patch and release cycle.

Recommendations for System Administrators

Any organization or individual running Ubuntu 25.10 virtual machines on Microsoft Azure should prioritize applying this update at the earliest opportunity. Given the scale of the advisory — encompassing networking, storage, virtualization, and driver subsystems — the potential for an unpatched system to be targeted across multiple attack vectors is elevated.

Key action points:

• Apply the update immediately via apt upgrade and reboot.
• Audit third-party kernel modules and plan recompilation if custom out-of-tree drivers are in use.
• Review CVE lists in full at the official Canonical notice page for any vulnerabilities specific to your workload’s risk profile.
• For production environments, consider scheduling a maintenance window to minimize disruption from the required reboot.

The full list of CVEs and additional technical details are available directly from Canonical at: https://ubuntu.com/security/notices/USN-8029-3

This article is based on the official Ubuntu Security Notice USN-8029-3 published by Canonical on February 24, 2026.

Canonical Issues Major Linux Kernel Security Update for Ubuntu 25.10 on Microsoft Azure

Windows Software Alternatives in Linux

Disclaimer of pbxscience.com