Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 55579a7b by Salvatore Bonaccorso at 2026-05-05T19:33:29+02:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,48 @@ +CVE-2026-43070 [bpf: Reset register ID for BPF_END value tracking] + - linux 6.19.11-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/a3125bc01884431d30d731461634c8295b6f0529 (7.0-rc5) +CVE-2026-43067 [ext4: handle wraparound when searching for blocks for indirect mapped blocks] + - linux 6.19.11-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/bb81702370fad22c06ca12b6e1648754dbc37e0f (7.0-rc6) +CVE-2026-43065 [ext4: always drain queued discard work in ext4_mb_release()] + - linux 6.19.11-1 + [trixie] - linux 6.12.85-1 + [bookworm] - linux 6.1.170-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/9ee29d20aab228adfb02ca93f87fb53c56c2f3af (7.0-rc6) +CVE-2026-43064 [dmaengine: idxd: Fix not releasing workqueue on .release()] + - linux 6.19.11-1 + [trixie] - linux 6.12.85-1 + [bookworm] - linux 6.1.170-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3d33de353b1ff9023d5ec73b9becf80ea87af695 (7.0-rc6) +CVE-2026-43063 [xfs: don't irele after failing to iget in xfs_attri_recover_work] + - linux 6.19.11-1 + [trixie] - linux 6.12.85-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/70685c291ef82269180758130394ecdc4496b52c (7.0-rc6) +CVE-2026-43069 [Bluetooth: hci_ll: Fix firmware leak on error path] + - linux 6.19.11-1 + [trixie] - linux 6.12.85-1 + [bookworm] - linux 6.1.170-1 + NOTE: https://git.kernel.org/linus/31148a7be723aa9f2e8fbd62424825ab8d577973 (7.0-rc6) +CVE-2026-43068 [ext4: avoid allocate block from corrupted group in ext4_mb_find_by_goal()] + - linux 6.19.11-1 + [trixie] - linux 6.12.85-1 + [bookworm] - linux 6.1.170-1 + NOTE: https://git.kernel.org/linus/46066e3a06647c5b186cc6334409722622d05c44 (7.0-rc6) +CVE-2026-43066 [ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths] + - linux 6.19.11-1 + [trixie] - linux 6.12.85-1 + [bookworm] - linux 6.1.170-1 + NOTE: https://git.kernel.org/linus/ec0a7500d8eace5b4f305fa0c594dd148f0e8d29 (7.0-rc6) CVE-2026-43059 [Bluetooth: MGMT: Fix list corruption and UAF in command complete handlers] - linux 6.19.10-1 [trixie] - linux 6.12.85-1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55579a7bce2667ed4052df90e30c0094c2f9b522 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55579a7bce2667ed4052df90e30c0094c2f9b522 You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
