{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [ "linux-headers-5.15.0-1091-kvm", "linux-image-5.15.0-1091-kvm", "linux-kvm-headers-5.15.0-1091", "linux-modules-5.15.0-1091-kvm" ], "removed": [ "linux-headers-5.15.0-1090-kvm", "linux-image-5.15.0-1090-kvm", "linux-kvm-headers-5.15.0-1090", "linux-modules-5.15.0-1090-kvm" ], "diff": [ "linux-headers-kvm", "linux-image-kvm", "linux-kvm" ] } }, "diff": { "deb": [ { "name": "linux-headers-kvm", "from_version": { "source_package_name": "linux-meta-kvm", "source_package_version": "5.15.0.1090.86", "version": "5.15.0.1090.86" }, "to_version": { "source_package_name": "linux-meta-kvm", "source_package_version": "5.15.0.1091.87", "version": "5.15.0.1091.87" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Bump ABI 5.15.0-1091", "" ], "package": "linux-meta-kvm", "version": "5.15.0.1091.87", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [], "author": "Zixing Liu ", "date": "Fri, 16 Jan 2026 22:01:15 +0800" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-image-kvm", "from_version": { "source_package_name": "linux-meta-kvm", "source_package_version": "5.15.0.1090.86", "version": "5.15.0.1090.86" }, "to_version": { "source_package_name": "linux-meta-kvm", "source_package_version": "5.15.0.1091.87", "version": "5.15.0.1091.87" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Bump ABI 5.15.0-1091", "" ], "package": "linux-meta-kvm", "version": "5.15.0.1091.87", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [], "author": "Zixing Liu ", "date": "Fri, 16 Jan 2026 22:01:15 +0800" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-kvm", "from_version": { "source_package_name": "linux-meta-kvm", "source_package_version": "5.15.0.1090.86", "version": "5.15.0.1090.86" }, "to_version": { "source_package_name": "linux-meta-kvm", "source_package_version": "5.15.0.1091.87", "version": "5.15.0.1091.87" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Bump ABI 5.15.0-1091", "" ], "package": "linux-meta-kvm", "version": "5.15.0.1091.87", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [], "author": "Zixing Liu ", "date": "Fri, 16 Jan 2026 22:01:15 +0800" } ], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "added": { "deb": [ { "name": "linux-headers-5.15.0-1091-kvm", "from_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1090.95", "version": null }, "to_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1091.96", "version": "5.15.0-1091.96" }, "cves": [ { "cve": "CVE-2025-40019", "url": "https://ubuntu.com/security/CVE-2025-40019", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" }, { "cve": "CVE-2025-38561", "url": "https://ubuntu.com/security/CVE-2025-38561", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue race condition If client send multiple session setup requests to ksmbd, Preauh_HashValue race condition could happen. There is no need to free sess->Preauh_HashValue at session setup phase. It can be freed together with session at connection termination phase.", "cve_priority": "high", "cve_public_date": "2025-08-19 17:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2138028, 2138043, 2128729 ], "changes": [ { "cves": [ { "cve": "CVE-2025-40019", "url": "https://ubuntu.com/security/CVE-2025-40019", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" }, { "cve": "CVE-2025-38561", "url": "https://ubuntu.com/security/CVE-2025-38561", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue race condition If client send multiple session setup requests to ksmbd, Preauh_HashValue race condition could happen. There is no need to free sess->Preauh_HashValue at session setup phase. It can be freed together with session at connection termination phase.", "cve_priority": "high", "cve_public_date": "2025-08-19 17:15:00 UTC" } ], "log": [ "", " * jammy/linux-kvm: 5.15.0-1091.96 -proposed tracker (LP: #2138028)", "", " [ Ubuntu: 5.15.0-168.178 ]", "", " * jammy/linux: 5.15.0-168.178 -proposed tracker (LP: #2138043)", " * CVE-2025-40019", " - crypto: essiv - Check ssize for decryption and in-place encryption", " * Black screen when booting 5.15.0-160 (on AMD Lucienne / Cezanne / Navi /", " Renoir / Rembrandt) (LP: #2128729)", " - SAUCE: drm/amd/display: Fix incorrect code path taken in", " amdgpu_dm_atomic_check()", " * CVE-2025-38561", " - ksmbd: fix Preauh_HashValue race condition", "" ], "package": "linux-kvm", "version": "5.15.0-1091.96", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2138028, 2138043, 2128729 ], "author": "Zixing Liu ", "date": "Fri, 16 Jan 2026 21:20:07 +0800" } ], "notes": "linux-headers-5.15.0-1091-kvm version '5.15.0-1091.96' (source package linux-kvm version '5.15.0-1091.96') was added. linux-headers-5.15.0-1091-kvm version '5.15.0-1091.96' has the same source package name, linux-kvm, as removed package linux-headers-5.15.0-1090-kvm. As such we can use the source package version of the removed package, '5.15.0-1090.95', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-image-5.15.0-1091-kvm", "from_version": { "source_package_name": "linux-signed-kvm", "source_package_version": "5.15.0-1090.95", "version": null }, "to_version": { "source_package_name": "linux-signed-kvm", "source_package_version": "5.15.0-1091.96", "version": "5.15.0-1091.96" }, "cves": [], "launchpad_bugs_fixed": [ 1786013 ], "changes": [ { "cves": [], "log": [ "", " * Main version: 5.15.0-1091.96", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/tracking-bug -- resync from main package", "" ], "package": "linux-signed-kvm", "version": "5.15.0-1091.96", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 1786013 ], "author": "Zixing Liu ", "date": "Fri, 16 Jan 2026 22:01:33 +0800" } ], "notes": "linux-image-5.15.0-1091-kvm version '5.15.0-1091.96' (source package linux-signed-kvm version '5.15.0-1091.96') was added. linux-image-5.15.0-1091-kvm version '5.15.0-1091.96' has the same source package name, linux-signed-kvm, as removed package linux-image-5.15.0-1090-kvm. As such we can use the source package version of the removed package, '5.15.0-1090.95', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-kvm-headers-5.15.0-1091", "from_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1090.95", "version": null }, "to_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1091.96", "version": "5.15.0-1091.96" }, "cves": [ { "cve": "CVE-2025-40019", "url": "https://ubuntu.com/security/CVE-2025-40019", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" }, { "cve": "CVE-2025-38561", "url": "https://ubuntu.com/security/CVE-2025-38561", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue race condition If client send multiple session setup requests to ksmbd, Preauh_HashValue race condition could happen. There is no need to free sess->Preauh_HashValue at session setup phase. It can be freed together with session at connection termination phase.", "cve_priority": "high", "cve_public_date": "2025-08-19 17:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2138028, 2138043, 2128729 ], "changes": [ { "cves": [ { "cve": "CVE-2025-40019", "url": "https://ubuntu.com/security/CVE-2025-40019", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" }, { "cve": "CVE-2025-38561", "url": "https://ubuntu.com/security/CVE-2025-38561", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue race condition If client send multiple session setup requests to ksmbd, Preauh_HashValue race condition could happen. There is no need to free sess->Preauh_HashValue at session setup phase. It can be freed together with session at connection termination phase.", "cve_priority": "high", "cve_public_date": "2025-08-19 17:15:00 UTC" } ], "log": [ "", " * jammy/linux-kvm: 5.15.0-1091.96 -proposed tracker (LP: #2138028)", "", " [ Ubuntu: 5.15.0-168.178 ]", "", " * jammy/linux: 5.15.0-168.178 -proposed tracker (LP: #2138043)", " * CVE-2025-40019", " - crypto: essiv - Check ssize for decryption and in-place encryption", " * Black screen when booting 5.15.0-160 (on AMD Lucienne / Cezanne / Navi /", " Renoir / Rembrandt) (LP: #2128729)", " - SAUCE: drm/amd/display: Fix incorrect code path taken in", " amdgpu_dm_atomic_check()", " * CVE-2025-38561", " - ksmbd: fix Preauh_HashValue race condition", "" ], "package": "linux-kvm", "version": "5.15.0-1091.96", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2138028, 2138043, 2128729 ], "author": "Zixing Liu ", "date": "Fri, 16 Jan 2026 21:20:07 +0800" } ], "notes": "linux-kvm-headers-5.15.0-1091 version '5.15.0-1091.96' (source package linux-kvm version '5.15.0-1091.96') was added. linux-kvm-headers-5.15.0-1091 version '5.15.0-1091.96' has the same source package name, linux-kvm, as removed package linux-headers-5.15.0-1090-kvm. As such we can use the source package version of the removed package, '5.15.0-1090.95', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-modules-5.15.0-1091-kvm", "from_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1090.95", "version": null }, "to_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1091.96", "version": "5.15.0-1091.96" }, "cves": [ { "cve": "CVE-2025-40019", "url": "https://ubuntu.com/security/CVE-2025-40019", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" }, { "cve": "CVE-2025-38561", "url": "https://ubuntu.com/security/CVE-2025-38561", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue race condition If client send multiple session setup requests to ksmbd, Preauh_HashValue race condition could happen. There is no need to free sess->Preauh_HashValue at session setup phase. It can be freed together with session at connection termination phase.", "cve_priority": "high", "cve_public_date": "2025-08-19 17:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2138028, 2138043, 2128729 ], "changes": [ { "cves": [ { "cve": "CVE-2025-40019", "url": "https://ubuntu.com/security/CVE-2025-40019", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" }, { "cve": "CVE-2025-38561", "url": "https://ubuntu.com/security/CVE-2025-38561", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue race condition If client send multiple session setup requests to ksmbd, Preauh_HashValue race condition could happen. There is no need to free sess->Preauh_HashValue at session setup phase. It can be freed together with session at connection termination phase.", "cve_priority": "high", "cve_public_date": "2025-08-19 17:15:00 UTC" } ], "log": [ "", " * jammy/linux-kvm: 5.15.0-1091.96 -proposed tracker (LP: #2138028)", "", " [ Ubuntu: 5.15.0-168.178 ]", "", " * jammy/linux: 5.15.0-168.178 -proposed tracker (LP: #2138043)", " * CVE-2025-40019", " - crypto: essiv - Check ssize for decryption and in-place encryption", " * Black screen when booting 5.15.0-160 (on AMD Lucienne / Cezanne / Navi /", " Renoir / Rembrandt) (LP: #2128729)", " - SAUCE: drm/amd/display: Fix incorrect code path taken in", " amdgpu_dm_atomic_check()", " * CVE-2025-38561", " - ksmbd: fix Preauh_HashValue race condition", "" ], "package": "linux-kvm", "version": "5.15.0-1091.96", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2138028, 2138043, 2128729 ], "author": "Zixing Liu ", "date": "Fri, 16 Jan 2026 21:20:07 +0800" } ], "notes": "linux-modules-5.15.0-1091-kvm version '5.15.0-1091.96' (source package linux-kvm version '5.15.0-1091.96') was added. linux-modules-5.15.0-1091-kvm version '5.15.0-1091.96' has the same source package name, linux-kvm, as removed package linux-headers-5.15.0-1090-kvm. As such we can use the source package version of the removed package, '5.15.0-1090.95', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false } ], "snap": [] }, "removed": { "deb": [ { "name": "linux-headers-5.15.0-1090-kvm", "from_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1090.95", "version": "5.15.0-1090.95" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-image-5.15.0-1090-kvm", "from_version": { "source_package_name": "linux-signed-kvm", "source_package_version": "5.15.0-1090.95", "version": "5.15.0-1090.95" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-kvm-headers-5.15.0-1090", "from_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1090.95", "version": "5.15.0-1090.95" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-modules-5.15.0-1090-kvm", "from_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1090.95", "version": "5.15.0-1090.95" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "notes": "Changelog diff for Ubuntu 22.04 jammy image from daily image serial 20260127 to 20260129", "from_series": "jammy", "to_series": "jammy", "from_serial": "20260127", "to_serial": "20260129", "from_manifest_filename": "daily_manifest.previous", "to_manifest_filename": "manifest.current" }