Historically, Ubuntu has backported security-critical kernel fixes promptly once identified and merged upstream, especially when there is a confirmed security impact such as information disclosure.
questing is still supported and will likely receive a fix when a CVE is assigned. The kernel team will be notified as I mark this public ** Information type changed from Private Security to Public Security ** CVE added: https://cve.org/CVERecord?id=CVE-2025-38403 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2119601 Title: Backport Request: vmw_vsock_vmci_transport (Version: 1.0.5.0-k) to Ubuntu 25.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2119601/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
