Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: d6a1279a by Salvatore Bonaccorso at 2026-02-04T17:28:19+01:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,57 @@ +CVE-2026-23048 [udp: call skb_orphan() before skb_attempt_defer_free()] + - linux 6.18.8-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/e5c8eda39a9fc1547d1398d707aa06c1d080abdd (6.19-rc5) +CVE-2026-23046 [virtio_net: fix device mismatch in devm_kzalloc/devm_kfree] + - linux 6.18.8-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/acb4bc6e1ba34ae1a34a9334a1ce8474c909466e (6.19-rc5) +CVE-2026-23045 [net/ena: fix missing lock when update devlink params] + - linux 6.18.8-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/8da901ffe497a53fa4ecc3ceed0e6d771586f88e (6.19-rc5) +CVE-2026-23044 [PM: hibernate: Fix crash when freeing invalid crypto compressor] + - linux 6.18.8-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/7966cf0ebe32c981bfa3db252cb5fc3bb1bf2e77 (6.19-rc5) +CVE-2026-23043 [btrfs: fix NULL pointer dereference in do_abort_log_replay()] + - linux 6.18.8-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/530e3d4af566ca44807d79359b90794dea24c4f3 (6.19-rc5) +CVE-2026-23042 [idpf: fix aux device unplugging when rdma is not supported by vport] + - linux 6.18.8-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/4648fb2f2e7210c53b85220ee07d42d1e4bae3f9 (6.19-rc5) +CVE-2026-23041 [bnxt_en: Fix NULL pointer crash in bnxt_ptp_enable during error cleanup] + - linux 6.18.8-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3358995b1a7f9dcb52a56ec8251570d71024dad0 (6.19-rc5) +CVE-2026-23040 [wifi: mac80211_hwsim: fix typo in frequency notification] + - linux 6.18.8-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/333418872bfecf4843f1ded7a4151685dfcf07d5 (6.19-rc5) +CVE-2026-23047 [libceph: make calc_target() set t->paused, not just clear it] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/c0fe2994f9a9d0a2ec9e42441ea5ba74b6a16176 (6.19-rc5) +CVE-2025-71192 [ALSA: ac97: fix a double free in snd_ac97_controller_register()] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/830988b6cf197e6dcffdfe2008c5738e6c6c3c0f (6.19-rc5) CVE-2025-12805 NOT-FOR-US: llama-stack-k8s-operator CVE-2026-25510 (CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d6a1279aa8278236ab862795bdabab483233eddf -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d6a1279aa8278236ab862795bdabab483233eddf You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
