Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: b45901d1 by Salvatore Bonaccorso at 2026-02-04T17:37:34+01:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,218 @@ +CVE-2026-23109 [fs/writeback: skip AS_NO_DATA_INTEGRITY mappings in wait_sb_inodes()] + - linux 6.18.8-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/f9a49aa302a05e91ca01f69031cb79a0ea33031f (6.19-rc7) +CVE-2026-23106 [timekeeping: Adjust the leap state for the correct auxiliary timekeeper] + - linux 6.18.8-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/e806f7dde8ba28bc72a7a0898589cac79f6362ac (6.19-rc7) +CVE-2026-23092 [iio: dac: ad3552r-hs: fix out-of-bound write in ad3552r_hs_write_data_source] + - linux 6.18.8-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/978d28136c53df38f8f0b747191930e2f95e9084 (6.19-rc7) +CVE-2026-23082 [can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error] + - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/79a6d1bfe1148bc921b8d7f3371a7fbce44e30f7 (6.19-rc7) +CVE-2026-23081 [net: phy: intel-xway: fix OF node refcount leakage] + - linux 6.18.8-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/79912b256e14054e6ba177d7e7e631485ce23dbe (6.19-rc7) +CVE-2026-23079 [gpio: cdev: Fix resource leaks on errors in lineinfo_changed_notify()] + - linux 6.18.8-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/70b3c280533167749a8f740acaa8ef720f78f984 (6.19-rc7) +CVE-2026-23077 [mm/vma: fix anon_vma UAF on mremap() faulted, unfaulted merge] + - linux 6.18.8-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/61f67c230a5e7c741c352349ea80147fbe65bfae (6.19-rc6) +CVE-2026-23067 [iommu/io-pgtable-arm: fix size_t signedness bug in unmap path] + - linux 6.18.8-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/374e7af67d9d9d6103c2cfc8eb32abfecf3a2fd8 (6.19-rc7) +CVE-2026-23110 [scsi: core: Wake up the error handler when final completions race against each other] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/fe2f8ad6f0999db3b318359a01ee0108c703a8c3 (6.19-rc7) +CVE-2026-23108 [can: usb_8dev: usb_8dev_read_bulk_callback(): fix URB memory leak] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/f7a980b3b8f80fe367f679da376cf76e800f9480 (6.19-rc7) +CVE-2026-23107 [arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA] + - linux 6.18.8-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/ea8ccfddbce0bee6310da4f3fc560ad520f5e6b4 (6.19-rc7) +CVE-2026-23105 [net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/d837fbee92453fbb829f950c8e7cf76207d73f33 (6.19-rc7) +CVE-2026-23104 [ice: fix devlink reload call trace] + - linux 6.18.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/d3f867e7a04678640ebcbfb81893c59f4af48586 (6.19-rc7) +CVE-2026-23103 [ipvlan: Make the addrs_lock be per port] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/d3ba32162488283c0a4c5bedd8817aec91748802 (6.19-rc7) +CVE-2026-23102 [arm64/fpsimd: signal: Fix restoration of SVE context] + - linux 6.18.8-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/d2907cbe9ea0a54cbe078076f9d089240ee1e2d9 (6.19-rc7) +CVE-2026-23101 [leds: led-class: Only Add LED to leds_list when it is fully ready] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/d1883cefd31752f0504b94c3bcfa1f6d511d6e87 (6.19-rc7) +CVE-2026-23100 [mm/hugetlb: fix hugetlb_pmd_shared()] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/ca1a47cd3f5f4c46ca188b1c9a27af87d1ab2216 (6.19-rc7) +CVE-2026-23099 [bonding: limit BOND_MODE_8023AD to Ethernet devices] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/c84fcb79e5dbde0b8d5aeeaf04282d2149aebcf6 (6.19-rc7) +CVE-2026-23098 [netrom: fix double-free in nr_route_frame()] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/ba1096c315283ee3292765f6aea4cca15816c4f7 (6.19-rc7) +CVE-2026-23097 [migrate: correct lock ordering for hugetlb file folios] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/b7880cb166ab62c2409046b2347261abf701530e (6.19-rc7) +CVE-2026-23096 [uacce: fix cdev handling in the cleanup path] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/a3bece3678f6c88db1f44c602b2a63e84b4040ac (6.19-rc7) +CVE-2026-23095 [gue: Fix skb memleak with inner IP protocol 0.] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/9a56796ad258786d3624eef5aefba394fc9bdded (6.19-rc7) +CVE-2026-23094 [uacce: fix isolate sysfs check condition] + - linux 6.18.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/98eec349259b1fd876f350b1c600403bcef8f85d (6.19-rc7) +CVE-2026-23093 [ksmbd: smbd: fix dma_unmap_sg() nents] + - linux 6.18.8-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/98e3e2b561bc88f4dd218d1c05890672874692f6 (6.19-rc7) +CVE-2026-23091 [intel_th: fix device leak on output open()] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/95fc36a234da24bbc5f476f8104a5a15f99ed3e3 (6.19-rc7) +CVE-2026-23090 [slimbus: core: fix device reference leak on report present] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/9391380eb91ea5ac792aae9273535c8da5b9aa01 (6.19-rc7) +CVE-2026-23089 [ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free()] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/930e69757b74c3ae083b0c3c7419bfe7f0edc7b2 (6.19-rc7) +CVE-2026-23088 [tracing: Fix crash on synthetic stacktrace field usage] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/90f9f5d64cae4e72defd96a2a22760173cb3c9ec (6.19-rc7) +CVE-2026-23087 [scsi: xen: scsiback: Fix potential memory leak in scsiback_remove()] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/901a5f309daba412e2a30364d7ec1492fa11c32c (6.19-rc7) +CVE-2026-23086 [vsock/virtio: cap TX credit to local buffer size] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/8ee784fdf006cbe8739cfa093f54d326cbf54037 (6.19-rc7) +CVE-2026-23085 [irqchip/gic-v3-its: Avoid truncating memory addresses] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/8d76a7d89c12d08382b66e2f21f20d0627d14859 (6.19-rc7) +CVE-2026-23084 [be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/8215794403d264739cc676668087512950b2ff31 (6.19-rc7) +CVE-2026-23083 [fou: Don't allow 0 for FOU_ATTR_IPPROTO.] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/7a9bc9e3f42391e4c187e099263cf7a1c4b69ff5 (6.19-rc7) +CVE-2026-23080 [can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/710a7529fb13c5a470258ff5508ed3c498d54729 (6.19-rc7) +CVE-2026-23078 [ALSA: scarlett2: Fix buffer overflow in config retrieval] + - linux 6.18.8-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/6f5c69f72e50d51be3a8c028ae7eda42c82902cb (6.19-rc7) +CVE-2026-23076 [ALSA: ctxfi: Fix potential OOB access in audio mixer handling] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/61006c540cbdedea83b05577dc7fb7fa18fe1276 (6.19-rc7) +CVE-2026-23075 [can: esd_usb: esd_usb_read_bulk_callback(): fix URB memory leak] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/5a4391bdc6c8357242f62f22069c865b792406b3 (6.19-rc7) +CVE-2026-23074 [net/sched: Enforce that teql can only be used as root qdisc] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/50da4b9d07a7a463e2cfb738f3ad4cff6b2c9c3b (6.19-rc7) +CVE-2026-23073 [wifi: rsi: Fix memory corruption due to not set vif driver data size] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/4f431d88ea8093afc7ba55edf4652978c5a68f33 (6.19-rc7) +CVE-2026-23072 [l2tp: Fix memleak in l2tp_udp_encap_recv().] + - linux 6.18.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/4d10edfd1475b69dbd4c47f34b61a3772ece83ca (6.19-rc7) +CVE-2026-23071 [regmap: Fix race condition in hwspinlock irqsave routine] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/4b58aac989c1e3fafb1c68a733811859df388250 (6.19-rc7) +CVE-2026-23070 [Octeontx2-af: Add proper checks for fwdata] + - linux 6.18.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/4a3dba48188208e4f66822800e042686784d29d1 (6.19-rc7) +CVE-2026-23069 [vsock/virtio: fix potential underflow in virtio_transport_get_credit()] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/3ef3d52a1a9860d094395c7a3e593f3aa26ff012 (6.19-rc7) +CVE-2026-23068 [spi: spi-sprd-adi: Fix double free in probe error path] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/383d4f5cffcc8df930d95b06518a9d25a6d74aac (6.19-rc7) +CVE-2026-23066 [rxrpc: Fix recvmsg() unconditional requeue] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/2c28769a51deb6022d7fbd499987e237a01dd63a (6.19-rc7) +CVE-2026-23065 [platform/x86/amd: Fix memory leak in wbrf_record()] + - linux 6.18.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/2bf1877b7094c684e1d652cac6912cfbc507ad3e (6.19-rc7) +CVE-2026-23064 [net/sched: act_ife: avoid possible NULL deref] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/27880b0b0d35ad1c98863d09788254e36f874968 (6.19-rc7) +CVE-2026-23063 [uacce: ensure safe queue release with state management] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/26c08dabe5475d99a13f353d8dd70e518de45663 (6.19-rc7) +CVE-2026-23062 [platform/x86: hp-bioscfg: Fix kernel panic in GET_INSTANCE_ID macro] + - linux 6.18.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/25150715e0b049b99df664daf05dab12f41c3e13 (6.19-rc7) +CVE-2026-23061 [can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/248e8e1a125fa875158df521b30f2cc7e27eeeaa (6.19-rc7) +CVE-2026-23060 [crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/2397e9264676be7794f8f7f1e9763d90bd3c7335 (6.19-rc7) +CVE-2026-23059 [scsi: qla2xxx: Sanitize payload size to prevent member overflow] + - linux 6.18.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/19bc5f2a6962dfaa0e32d0e0bc2271993d85d414 (6.19-rc7) +CVE-2026-23058 [can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/0ce73a0eb5a27070957b67fd74059b6da89cc516 (6.19-rc7) +CVE-2026-23057 [vsock/virtio: Coalesce only linear skb] + - linux 6.18.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/0386bd321d0f95d041a7b3d7b07643411b044a96 (6.19-rc7) +CVE-2026-23056 [uacce: implement mremap in uacce_vm_ops to return -EPERM] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/02695347be532b628f22488300d40c4eba48b9b7 (6.19-rc7) +CVE-2025-71199 [iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/dbdb442218cd9d613adeab31a88ac973f22c4873 (6.19-rc7) +CVE-2025-71198 [iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/c34e2e2d67b3bb8d5a6d09b0d6dac845cdd13fb3 (6.19-rc7) +CVE-2025-71197 [w1: therm: Fix off-by-one buffer overflow in alarms_store] + - linux 6.18.8-1 + NOTE: https://git.kernel.org/linus/761fcf46a1bd797bd32d23f3ea0141ffd437668a (6.19-rc7) CVE-2026-23052 [ftrace: Do not over-allocate ftrace memory] - linux 6.18.8-1 [trixie] - linux <not-affected> (Vulnerable code not present) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b45901d1734443bc3c66dfd4e6f3840cba013f56 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b45901d1734443bc3c66dfd4e6f3840cba013f56 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
