Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c7750cf4 by security tracker role at 2026-02-14T20:13:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,543 +1,559 @@
-CVE-2026-23203 [net: cpsw_new: Execute ndo_set_rx_mode callback in a work
queue]
+CVE-2026-2312 (The Media Library Folders plugin for WordPress is vulnerable to
Insecu ...)
+ TODO: check
+CVE-2026-1843 (The Super Page Cache plugin for WordPress is vulnerable to
Stored Cros ...)
+ TODO: check
+CVE-2026-1512 (The Essential Addons for Elementor \u2013 Popular Elementor
Templates ...)
+ TODO: check
+CVE-2026-1258 (The Mail Mint plugin for WordPress is vulnerable to blind SQL
Injectio ...)
+ TODO: check
+CVE-2026-1254 (The Modula Image Gallery \u2013 Photo Grid & Video Gallery
plugin for ...)
+ TODO: check
+CVE-2026-1249 (The MP3 Audio Player \u2013 Music Player, Podcast Player &
Radio by So ...)
+ TODO: check
+CVE-2026-0550 (The myCred plugin for WordPress is vulnerable to Stored
Cross-Site Scr ...)
+ TODO: check
+CVE-2025-8572 (The Truelysell Core plugin for WordPress is vulnerable to
privilege es ...)
+ TODO: check
+CVE-2026-23203 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.18.10-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/c0b5dc73a38f954e780f93a549b8fe225235c07a (6.19)
-CVE-2026-23197 [i2c: imx: preserve error state in block data length handler]
+CVE-2026-23197 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.18.10-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/b126097b0327437048bd045a0e4d273dea2910dd (6.19)
-CVE-2026-23195 [cgroup/dmem: avoid pool UAF]
+CVE-2026-23195 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
- linux 6.18.10-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/99a2ef500906138ba58093b9893972a5c303c734 (6.19)
-CVE-2026-23194 [rust_binder: correctly handle FDA objects of length zero]
+CVE-2026-23194 (In the Linux kernel, the following vulnerability has been
resolved: r ...)
- linux 6.18.10-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/8f589c9c3be539d6c2b393c82940c3783831082f (6.19)
-CVE-2026-23192 [linkwatch: use __dev_put() in callers to prevent UAF]
+CVE-2026-23192 (In the Linux kernel, the following vulnerability has been
resolved: l ...)
- linux 6.18.10-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/83b67cc9be9223183caf91826d9c194d7fb128fa (6.19)
-CVE-2026-23186 [hwmon: (acpi_power_meter) Fix deadlocks related to
acpi_power_meter_notify()]
+CVE-2026-23186 (In the Linux kernel, the following vulnerability has been
resolved: h ...)
- linux 6.18.10-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/615901b57b7ef8eb655f71358f7e956e42bcd16b (6.19)
-CVE-2026-23185 [wifi: iwlwifi: mld: cancel mlo_scan_start_wk]
+CVE-2026-23185 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 6.18.10-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/5ff641011ab7fb63ea101251087745d9826e8ef5 (6.19)
-CVE-2026-23184 [binder: fix UAF in binder_netlink_report()]
+CVE-2026-23184 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.18.10-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/5e8a3d01544282e50d887d76f30d1496a0a53562 (6.19)
-CVE-2026-23183 [cgroup/dmem: fix NULL pointer dereference when setting max]
+CVE-2026-23183 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
- linux 6.18.10-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/43151f812886be1855d2cba059f9c93e4729460b (6.19)
-CVE-2026-23175 [net: cpsw: Execute ndo_set_rx_mode callback in a work queue]
+CVE-2026-23175 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.18.10-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/0b8c878d117319f2be34c8391a77e0f4d5c94d79 (6.19)
-CVE-2026-23174 [nvme-pci: handle changing device dma map requirements]
+CVE-2026-23174 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.18.10-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/071be3b0b6575d45be9df9c5b612f5882bfc5e88 (6.19)
-CVE-2026-23210 [ice: Fix PTP NULL pointer dereference during VSI rebuild]
+CVE-2026-23210 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.18.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/fc6f36eaaedcf4b81af6fe1a568f018ffd530660 (6.19)
-CVE-2026-23209 [macvlan: fix error recovery in macvlan_common_newlink()]
+CVE-2026-23209 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/f8db6475a83649689c087a8f52486fcc53e627e9 (6.19)
-CVE-2026-23208 [ALSA: usb-audio: Prevent excessive number of frames]
+CVE-2026-23208 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/ef5749ef8b307bf8717945701b1b79d036af0a15 (6.19-rc6)
-CVE-2026-23207 [spi: tegra210-quad: Protect curr_xfer check in IRQ handler]
+CVE-2026-23207 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.18.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/edf9088b6e1d6d88982db7eb5e736a0e4fbcc09e (6.19)
-CVE-2026-23206 [dpaa2-switch: prevent ZERO_SIZE_PTR dereference when num_ifs
is zero]
+CVE-2026-23206 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.18.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/ed48a84a72fefb20a82dd90a7caa7807e90c6f66 (6.19)
-CVE-2026-23205 [smb/client: fix memory leak in smb2_open_file()]
+CVE-2026-23205 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.18.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/e3a43633023e3cacaca60d4b8972d084a2b06236 (6.19)
-CVE-2026-23204 [net/sched: cls_u32: use skb_header_pointer_careful()]
+CVE-2026-23204 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/cabd1a976375780dabab888784e356f574bbaed8 (6.19)
-CVE-2026-23202 [spi: tegra210-quad: Protect curr_xfer in
tegra_qspi_combined_seq_xfer]
+CVE-2026-23202 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.18.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/bf4528ab28e2bf112c3a2cdef44fd13f007781cd (6.19)
-CVE-2026-23201 [ceph: fix oops due to invalid pointer for kfree() in
parse_longname()]
+CVE-2026-23201 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
- linux 6.18.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/bc8dedae022ce3058659c3addef3ec4b41d15e00 (6.19)
-CVE-2026-23200 [ipv6: Fix ECMP sibling count mismatch when clearing
RTF_ADDRCONF]
+CVE-2026-23200 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.18.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/bbf4a17ad9ffc4e3d7ec13d73ecd59dea149ed25 (6.19)
-CVE-2026-23199 [procfs: avoid fetching build ID while holding VMA lock]
+CVE-2026-23199 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 6.18.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/b5cbacd7f86f4f62b8813688c8e73be94e8e1951 (6.19)
-CVE-2026-23198 [KVM: Don't clobber irqfd routing type when deassigning irqfd]
+CVE-2026-23198 (In the Linux kernel, the following vulnerability has been
resolved: K ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/b4d37cdb77a0015f51fee083598fa227cc07aaf1 (6.19)
-CVE-2026-23196 [HID: Intel-thc-hid: Intel-thc: Add safety check for reading
DMA buffer]
+CVE-2026-23196 (In the Linux kernel, the following vulnerability has been
resolved: H ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/a9a917998d172ec117f9e9de1919174153c0ace4 (6.19-rc5)
-CVE-2026-23193 [scsi: target: iscsi: Fix use-after-free in
iscsit_dec_session_usage_count()]
+CVE-2026-23193 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/84dc6037390b8607c5551047d3970336cb51ba9a (6.19-rc7)
-CVE-2026-23191 [ALSA: aloop: Fix racy access at PCM trigger]
+CVE-2026-23191 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/826af7fa62e347464b1b4e0ba2fe19a92438084f (6.19)
-CVE-2026-23190 [ASoC: amd: fix memory leak in acp3x pdm dma ops]
+CVE-2026-23190 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/7f67ba5413f98d93116a756e7f17cd2c1d6c2bd6 (6.19)
-CVE-2026-23189 [ceph: fix NULL pointer dereference in ceph_mds_auth_match()]
+CVE-2026-23189 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
- linux 6.18.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/7987cce375ac8ce98e170a77aa2399f2cf6eb99f (6.19)
-CVE-2026-23188 [net: usb: r8152: fix resume reset deadlock]
+CVE-2026-23188 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.18.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/6d06bc83a5ae8777a5f7a81c32dd75b8d9b2fe04 (6.19)
-CVE-2026-23187 [pmdomain: imx8m-blk-ctrl: fix out-of-range access of
bc->domains]
+CVE-2026-23187 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 6.18.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/6bd8b4a92a901fae1a422e6f914801063c345e8d (6.19)
-CVE-2026-23182 [spi: tegra: Fix a memory leak in tegra_slink_probe()]
+CVE-2026-23182 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.18.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/41d9a6795b95d6ea28439ac1e9ce8c95bbca20fc (6.19)
-CVE-2026-23181 [btrfs: sync read disk super and set block size]
+CVE-2026-23181 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/3f29d661e5686f3aa14e6f11537ff5c49846f2e2 (6.19-rc7)
-CVE-2026-23180 [dpaa2-switch: add bounds check for if_id in IRQ handler]
+CVE-2026-23180 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.18.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/31a7a0bbeb006bac2d9c81a2874825025214b6d8 (6.19)
-CVE-2026-23179 [nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready()]
+CVE-2026-23179 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/2fa8961d3a6a1c2395d8d560ffed2c782681bade (6.19-rc6)
-CVE-2026-23178 [HID: i2c-hid: fix potential buffer overflow in
i2c_hid_get_report()]
+CVE-2026-23178 (In the Linux kernel, the following vulnerability has been
resolved: H ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/2497ff38c530b1af0df5130ca9f5ab22c5e92f29 (6.19-rc5)
-CVE-2026-23177 [mm, shmem: prevent infinite loop on truncate race]
+CVE-2026-23177 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.18.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/2030dddf95451b4e7a389f052091e7c4b7b274c6 (6.19)
-CVE-2026-23176 [platform/x86: toshiba_haps: Fix memory leaks in add/remove
routines]
+CVE-2026-23176 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/128497456756e1b952bd5a912cd073836465109d (6.19)
-CVE-2025-71224 [wifi: mac80211: ocb: skip rx_no_sta when interface is not
joined]
+CVE-2025-71224 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/ff4071c60018a668249dc6a2df7d16330543540e (6.19-rc4)
-CVE-2025-71223 [smb/server: fix refcount leak in smb2_open()]
+CVE-2025-71223 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/f416c556997aa56ec4384c6b6efd6a0e6ac70aa7 (6.19-rc4)
-CVE-2025-71222 [wifi: wlcore: ensure skb headroom before skb_push]
+CVE-2025-71222 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/e75665dd096819b1184087ba5718bd93beafff51 (6.19-rc4)
-CVE-2025-71221 [dmaengine: mmp_pdma: Fix race condition in mmp_pdma_residue()]
+CVE-2025-71221 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/a143545855bc2c6e1330f6f57ae375ac44af00a7 (6.19-rc6)
-CVE-2025-71220 [smb/server: call ksmbd_session_rpc_close() on error path in
create_smb2_pipe()]
+CVE-2025-71220 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/7c28f8eef5ac5312794d8a52918076dcd787e53b (6.19-rc4)
-CVE-2025-71204 [smb/server: fix refcount leak in
parse_durable_handle_context()]
+CVE-2025-71204 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/3296c3012a9d9a27e81e34910384e55a6ff3cff0 (6.19-rc4)
-CVE-2025-71203 [riscv: Sanitize syscall table indexing under speculation]
+CVE-2025-71203 (In the Linux kernel, the following vulnerability has been
resolved: r ...)
- linux 6.18.10-1
NOTE:
https://git.kernel.org/linus/25fd7ee7bf58ac3ec7be3c9f82ceff153451946c (6.19-rc5)
-CVE-2026-23173 [net/mlx5e: TC, delete flows only for existing peers]
+CVE-2026-23173 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.18.9-1
[trixie] - linux 6.12.69-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/f67666938ae626cbda63fbf5176b3583c07e7124 (6.19-rc8)
-CVE-2026-23172 [net: wwan: t7xx: fix potential skb->frags overflow in RX path]
+CVE-2026-23172 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.18.9-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/f0813bcd2d9d97fdbdf2efb9532ab03ae92e99e6 (6.19-rc8)
-CVE-2026-23170 [drm/imx/tve: fix probe device leak]
+CVE-2026-23170 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.18.9-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux 5.10.249-1
NOTE:
https://git.kernel.org/linus/e535c23513c63f02f67e3e09e0787907029efeaf (6.19-rc8)
-CVE-2026-23168 [flex_proportions: make fprop_new_period() hardirq safe]
+CVE-2026-23168 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
- linux 6.18.9-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/dd9e2f5b38f1fdd49b1ab6d3a85f81c14369eacc (6.19-rc8)
-CVE-2026-23167 [nfc: nci: Fix race between rfkill and nci_unregister_device().]
+CVE-2026-23167 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.18.9-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux 5.10.249-1
NOTE:
https://git.kernel.org/linus/d2492688bb9fed6ab6e313682c387ae71a66ebae (6.19-rc8)
-CVE-2026-23166 [ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues]
+CVE-2026-23166 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.18.9-1
[trixie] - linux 6.12.69-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/9bb30be4d89ff9a8d7ab1aa0eb2edaca83431f85 (6.19-rc8)
-CVE-2026-23165 [sfc: fix deadlock in RSS config read]
+CVE-2026-23165 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.18.9-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/944c614b0a7afa5b87612c3fb557b95a50ad654c (6.19-rc8)
-CVE-2026-23164 [rocker: fix memory leak in rocker_world_port_post_fini()]
+CVE-2026-23164 (In the Linux kernel, the following vulnerability has been
resolved: r ...)
- linux 6.18.9-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux 5.10.249-1
NOTE:
https://git.kernel.org/linus/8d7ba71e46216b8657a82ca2ec118bc93812a4d0 (6.19-rc8)
-CVE-2026-23163 [drm/amdgpu: fix NULL pointer dereference in
amdgpu_gmc_filter_faults_remove]
+CVE-2026-23163 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.18.9-1
[trixie] - linux 6.12.69-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/8b1ecc9377bc641533cd9e76dfa3aee3cd04a007 (6.19-rc8)
-CVE-2026-23162 [drm/xe/nvm: Fix double-free on aux add failure]
+CVE-2026-23162 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.18.9-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/8a44241b0b83a6047c5448da1fff03fcc29496b5 (6.19-rc8)
-CVE-2026-23161 [mm/shmem, swap: fix race of truncate and swap entry split]
+CVE-2026-23161 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.18.9-1
[trixie] - linux 6.12.69-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/8a1968bd997f45a9b11aefeabdd1232e1b6c7184 (6.19-rc8)
-CVE-2026-23160 [octeon_ep: Fix memory leak in octep_device_setup()]
+CVE-2026-23160 (In the Linux kernel, the following vulnerability has been
resolved: o ...)
- linux 6.18.9-1
[trixie] - linux 6.12.69-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/8016dc5ee19a77678c264f8ba368b1e873fa705b (6.19-rc8)
-CVE-2026-23159 [perf: sched: Fix perf crash with new is_user_task() helper]
+CVE-2026-23159 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 6.18.9-1
[trixie] - linux 6.12.69-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/76ed27608f7dd235b727ebbb12163438c2fbb617 (6.19-rc8)
-CVE-2026-23158 [gpio: virtuser: fix UAF in configfs release path]
+CVE-2026-23158 (In the Linux kernel, the following vulnerability has been
resolved: g ...)
- linux 6.18.9-1
[trixie] - linux 6.12.69-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/53ad4a948a4586359b841d607c08fb16c5503230 (6.19-rc8)
-CVE-2026-23156 [efivarfs: fix error propagation in efivar_entry_get()]
+CVE-2026-23156 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 6.18.9-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/4b22ec1685ce1fc0d862dcda3225d852fb107995 (6.19-rc8)
-CVE-2026-23155 [can: gs_usb: gs_usb_receive_bulk_callback(): fix error message]
+CVE-2026-23155 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
- linux 6.18.9-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/494fc029f662c331e06b7c2031deff3c64200eed (6.19-rc8)
-CVE-2026-23153 [firewire: core: fix race condition against transaction list]
+CVE-2026-23153 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
- linux 6.18.9-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/20e01bba2ae4898ce65cdcacd1bd6bec5111abd9 (6.19-rc8)
-CVE-2026-23151 [Bluetooth: MGMT: Fix memory leak in set_ssp_complete]
+CVE-2026-23151 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux 6.18.9-1
[trixie] - linux 6.12.69-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/1b9c17fd0a7fdcbe69ec5d6fe8e50bc5ed7f01f2 (6.19-rc8)
-CVE-2026-23150 [nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame().]
+CVE-2026-23150 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.18.9-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux 5.10.249-1
NOTE:
https://git.kernel.org/linus/165c34fb6068ff153e3fc99a932a80a9d5755709 (6.19-rc8)
-CVE-2026-23149 [drm: Do not allow userspace to trigger kernel warnings in
drm_gem_change_handle_ioctl()]
+CVE-2026-23149 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.18.9-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/12f15d52d38ac53f7c70ea3d4b3d76afed04e064 (6.19-rc8)
-CVE-2026-23148 [nvmet: fix race in nvmet_bio_done() leading to NULL pointer
dereference]
+CVE-2026-23148 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.18.9-1
[trixie] - linux 6.12.69-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/0fcee2cfc4b2e16e62ff8e0cc2cd8dd24efad65e (6.19-rc8)
-CVE-2026-23147 [btrfs: zlib: fix the folio leak on S390 hardware acceleration]
+CVE-2026-23147 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.18.9-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/0d0f1314e8f86f5205f71f9e31e272a1d008e40b (6.19-rc8)
-CVE-2026-23146 [Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work]
+CVE-2026-23146 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux 6.18.9-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux 5.10.249-1
NOTE:
https://git.kernel.org/linus/0c3cd7a0b862c37acbee6d9502107146cc944398 (6.19-rc8)
-CVE-2026-23171 [bonding: fix use-after-free due to enslave fail after slave
array update]
+CVE-2026-23171 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.18.9-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/e9acda52fd2ee0cdca332f996da7a95c5fd25294 (6.19-rc8)
-CVE-2026-23169 [mptcp: fix race in mptcp_pm_nl_flush_addrs_doit()]
+CVE-2026-23169 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.18.9-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/e2a9eeb69f7d4ca4cf4c70463af77664fdb6ab1d (6.19-rc8)
-CVE-2026-23157 [btrfs: do not strictly require dirty metadata threshold for
metadata writepages]
+CVE-2026-23157 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.18.9-1
NOTE:
https://git.kernel.org/linus/4e159150a9a56d66d247f4b5510bed46fe58aa1c (6.19-rc8)
-CVE-2026-23154 [net: fix segmentation of forwarding fraglist GRO]
+CVE-2026-23154 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.18.9-1
[trixie] - linux 6.12.69-1
NOTE:
https://git.kernel.org/linus/426ca15c7f6cb6562a081341ca88893a50c59fa2 (6.19-rc8)
-CVE-2026-23152 [wifi: mac80211: correctly decode TTLM with default link map]
+CVE-2026-23152 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 6.18.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/1eab33aa63c993685dd341e03bd5b267dd7403fa (6.19-rc8)
-CVE-2026-23145 [ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref]
+CVE-2026-23145 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux 5.10.249-1
NOTE:
https://git.kernel.org/linus/d250bdf531d9cd4096fedbb9f172bb2ca660c868 (6.19-rc6)
-CVE-2026-23144 [mm/damon/sysfs: cleanup attrs subdirs on context dir setup
failure]
+CVE-2026-23144 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/9814cc832b88bd040fc2a1817c2b5469d0f7e862 (6.19-rc6)
-CVE-2026-23143 [virtio_net: Fix misalignment bug in struct virtnet_info]
+CVE-2026-23143 (In the Linux kernel, the following vulnerability has been
resolved: v ...)
- linux 6.18.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/4156c3745f06bc197094b9ee97a9584e69ed00bf (6.19-rc6)
-CVE-2026-23142 [mm/damon/sysfs-scheme: cleanup access_pattern subdirs on
scheme dir setup failure]
+CVE-2026-23142 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/392b3d9d595f34877dd745b470c711e8ebcd225c (6.19-rc6)
-CVE-2026-23141 [btrfs: send: check for inline extents in
range_is_hole_in_parent()]
+CVE-2026-23141 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
NOTE:
https://git.kernel.org/linus/08b096c1372cd69627f4f559fb47c9fb67a52b39 (6.19-rc6)
-CVE-2025-71202 [iommu/sva: invalidate stale IOTLB entries for kernel address
space]
+CVE-2025-71202 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.18.8-1
NOTE:
https://git.kernel.org/linus/e37d5a2d60a338c5917c45296bac65da1382eda5 (6.19-rc1)
-CVE-2026-23140 [bpf, test_run: Subtract size of xdp_frame from allowed
metadata size]
+CVE-2026-23140 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/e558cca217790286e799a8baacd1610bda31b261 (6.19-rc6)
-CVE-2026-23139 [netfilter: nf_conncount: update last_gc only when GC has been
performed]
+CVE-2026-23139 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/7811ba452402d58628e68faedf38745b3d485e3c (6.19-rc5)
-CVE-2026-23136 [libceph: reset sparse-read state in osd_fault()]
+CVE-2026-23136 (In the Linux kernel, the following vulnerability has been
resolved: l ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/11194b416ef95012c2cfe5f546d71af07b639e93 (6.19-rc5)
-CVE-2025-71201 [netfs: Fix early read unlock of page with EOF in middle]
+CVE-2025-71201 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.18.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/570ad253a3455a520f03c2136af8714bc780186d (6.19-rc5)
-CVE-2026-23138 [tracing: Add recursion protection in kernel stack trace
recording]
+CVE-2026-23138 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
- linux 6.18.8-1
NOTE:
https://git.kernel.org/linus/5f1ef0dfcb5b7f4a91a9b0e0ba533efd9f7e2cdb (6.19-rc5)
-CVE-2026-23137 [of: unittest: Fix memory leak in unittest_data_add()]
+CVE-2026-23137 (In the Linux kernel, the following vulnerability has been
resolved: o ...)
- linux 6.18.8-1
NOTE:
https://git.kernel.org/linus/235a1eb8d2dcc49a6cf0a5ee1aa85544a5d0054b (6.19-rc5)
-CVE-2026-23135 [wifi: ath12k: fix dma_free_coherent() pointer]
+CVE-2026-23135 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/bb97131fbf9b708dd9616ac2bdc793ad102b5c48 (6.19-rc7)
-CVE-2026-23134 [slab: fix kmalloc_nolock() context check for PREEMPT_RT]
+CVE-2026-23134 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.18.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/99a3e3a1cfc93b8fe318c0a3a5cfb01f1d4ad53c (6.19-rc7)
-CVE-2026-23133 [wifi: ath10k: fix dma_free_coherent() pointer]
+CVE-2026-23133 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux 5.10.249-1
NOTE:
https://git.kernel.org/linus/9282a1e171ad8d2205067e8ec3bbe4e3cef4f29f (6.19-rc7)
-CVE-2026-23132 [drm/bridge: synopsys: dw-dp: fix error paths of dw_dp_bind]
+CVE-2026-23132 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.18.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/1a0f69e3c28477b97d3609569b7e8feb4b6162e8 (6.19-rc7)
-CVE-2026-23131 [platform/x86: hp-bioscfg: Fix kobject warnings for empty
attribute names]
+CVE-2026-23131 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/fdee1b09721605f532352628d0a24623e7062efb (6.19-rc7)
-CVE-2026-23130 [wifi: ath12k: fix dead lock while flushing management frames]
+CVE-2026-23130 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 6.18.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/f88e9fc30a261d63946ddc6cc6a33405e6aa27c3 (6.19-rc7)
-CVE-2026-23129 [dpll: Prevent duplicate registrations]
+CVE-2026-23129 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/f3ddbaaaaf4d0633b40482f471753f9c71294a4a (6.19-rc7)
-CVE-2026-23127 [perf: Fix refcount warning on event->mmap_count increment]
+CVE-2026-23127 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 6.18.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/d06bf78e55d5159c1b00072e606ab924ffbbad35 (6.19-rc7)
-CVE-2026-23125 [sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT]
+CVE-2026-23125 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux 5.10.249-1
NOTE:
https://git.kernel.org/linus/a80c9d945aef55b23b54838334345f20251dad83 (6.19-rc7)
-CVE-2026-23124 [ipv6: annotate data-race in ndisc_router_discovery()]
+CVE-2026-23124 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/9a063f96d87efc3a6cc667f8de096a3d38d74bb5 (6.19-rc7)
-CVE-2026-23123 [interconnect: debugfs: initialize src_node and dst_node to
empty strings]
+CVE-2026-23123 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/8cc27f5c6dd17dd090f3a696683f04336c162ff5 (6.19-rc7)
-CVE-2026-23122 [igc: Reduce TSN TX packet buffer from 7KB to 5KB per queue]
+CVE-2026-23122 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.18.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/8ad1b6c1e63d25f5465b7a8aa403bdcee84b86f9 (6.19-rc7)
-CVE-2026-23121 [mISDN: annotate data-race around dev->work]
+CVE-2026-23121 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux 5.10.249-1
NOTE:
https://git.kernel.org/linus/8175dbf174d487afab81e936a862a8d9b8a1ccb6 (6.19-rc7)
-CVE-2026-23120 [l2tp: avoid one data-race in l2tp_tunnel_del_work()]
+CVE-2026-23120 (In the Linux kernel, the following vulnerability has been
resolved: l ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux 5.10.249-1
NOTE:
https://git.kernel.org/linus/7a29f6bf60f2590fe5e9c4decb451e19afad2bcf (6.19-rc7)
-CVE-2026-23119 [bonding: provide a net pointer to __skb_flow_dissect()]
+CVE-2026-23119 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux 5.10.249-1
NOTE:
https://git.kernel.org/linus/5f9b329096596b7e53e07d041d7fca4cbe1be752 (6.19-rc7)
-CVE-2026-23117 [ice: add missing ice_deinit_hw() in devlink reinit path]
+CVE-2026-23117 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.18.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/42fb5f3deb582cb96440e4683745017dbabb83d6 (6.19-rc7)
-CVE-2026-23116 [pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for
8mq vpu]
+CVE-2026-23116 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/3de49966499634454fd59e0e6fecd50baab7febd (6.19-rc7)
-CVE-2026-23115 [serial: Fix not set tty->port race condition]
+CVE-2026-23115 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.18.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/32f37e57583f869140cff445feedeea8a5fea986 (6.19-rc7)
-CVE-2026-23114 [arm64/fpsimd: ptrace: Fix SVE writes on !SME systems]
+CVE-2026-23114 (In the Linux kernel, the following vulnerability has been
resolved: a ...)
- linux 6.18.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/128a7494a9f15aad60cc6b7e3546bf481ac54a13 (6.19-rc7)
-CVE-2025-71200 [mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in
HS200/HS400 mode]
+CVE-2025-71200 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/3009738a855cf938bbfc9078bec725031ae623a4 (6.19-rc7)
-CVE-2026-23128 [arm64: Set __nocfi on swsusp_arch_resume()]
+CVE-2026-23128 (In the Linux kernel, the following vulnerability has been
resolved: a ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
NOTE:
https://git.kernel.org/linus/e2f8216ca2d8e61a23cb6ec355616339667e0ba6 (6.19-rc7)
-CVE-2026-23126 [netdevsim: fix a race issue related to the operation on
bpf_bound_progs list]
+CVE-2026-23126 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
[bookworm] - linux 6.1.162-1
NOTE:
https://git.kernel.org/linus/b97d5eedf4976cc94321243be83b39efe81a0e15 (6.19-rc7)
-CVE-2026-23118 [rxrpc: Fix data-race warning and potential load/store tearing]
+CVE-2026-23118 (In the Linux kernel, the following vulnerability has been
resolved: r ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
NOTE:
https://git.kernel.org/linus/5d5fe8bcd331f1e34e0943ec7c18432edfcf0e8b (6.19-rc7)
-CVE-2026-23113 [io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop]
+CVE-2026-23113 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.18.8-1
[trixie] - linux 6.12.69-1
NOTE:
https://git.kernel.org/linus/10dc959398175736e495f71c771f8641e1ca1907 (6.19-rc7)
@@ -11848,7 +11864,8 @@ CVE-2026-0988 (A flaw was found in glib. Missing
validation of offset and count
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/glib/-/commit/c5766cff61ffce0b8e787eae09908ac348338e5f
(2.87.1)
CVE-2026-0980
NOT-FOR-US: rubyipmi Ruby Gem
-CVE-2026-23766 (Istio through 1.28.2 allows iptables rule injection for
changing firew ...)
+CVE-2026-23766
+ REJECTED
NOT-FOR-US: Istio
CVE-2026-23746 (Entrust Instant Financial Issuance (IFI) On Premise software
(formerly ...)
NOT-FOR-US: Entrust Instant Financial Issuance (IFI) On Premise software
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7750cf49d3b91d73c98f597e21ba2dfa6be3da2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7750cf49d3b91d73c98f597e21ba2dfa6be3da2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
