Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 5269d7d4 by Salvatore Bonaccorso at 2026-05-28T12:20:02+02:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,212 @@ +CVE-2026-46240 [media: iris: Fix use-after-free in iris_release_internal_buffers()] + - linux 7.0.9-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/f27cfdcfc916bb59297825805f4c3499f89f9e76 (7.1-rc3) +CVE-2026-46239 [media: i2c: ov5647: Fix runtime PM refcount leak in s_ctrl] + - linux 7.0.9-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/f11ae9c04f8368a3b5a0280ef595198dace1c983 (7.1-rc1) +CVE-2026-46237 [drm/amdgpu/vcn3: Avoid overflow on msg bound check] + - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/e6e9faba8100628990cccd13f0f044a648c303cf (7.1-rc2) +CVE-2026-46232 [HID: playstation: Clamp num_touch_reports] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/cac61b58a3b6340c52afa06bb15eac033158db2f (7.1-rc4) +CVE-2026-46224 [drm/xe: Fix bo leak in xe_dma_buf_init_obj() on allocation failure] + - linux 7.0.9-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/93a528f67ce5095bcab46a69839eca97f43dd352 (7.1-rc2) +CVE-2026-46223 [cgroup: Defer css percpu_ref kill on rmdir until cgroup is depopulated] + - linux 7.0.9-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/93618edf753838a727dbff63c7c291dee22d656b (7.1-rc3) +CVE-2026-46222 [media: rockchip: rkcif: Add missing MUST_CONNECT flag to pads] + - linux 7.0.9-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/8e3c751259dc2d1325838eff26f41032523c7b57 (7.1-rc1) +CVE-2026-46221 [EDAC/versalnet: Fix device name memory leak] + - linux 7.0.9-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/8cf5dd235eff6008cb04c3d8064d2acfa90616f1 (7.1-rc3) +CVE-2026-46217 [drm/amdgpu/vcn4: Avoid overflow on msg bound check] + - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/65bce27ea6192320448c30267ffc17ffa094e713 (7.1-rc2) +CVE-2026-46215 [drm: Set old handle to NULL before prime swap in change_handle] + - linux 7.0.9-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/5e28b7b94408897e41c63477aabc9e1db439bc8c (7.1-rc3) +CVE-2026-46213 [HID: appletb-kbd: fix UAF in inactivity-timer cleanup path] + - linux 7.0.9-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/4db2af929279c799b5653a39eb0795c72baffca4 (7.1-rc4) +CVE-2026-46211 [drm/msm/gem: fix error handling in msm_ioctl_gem_info_get_metadata()] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/47cbfe2608314b833ad61a65827d8fb363bc2d2d (7.1-rc1) +CVE-2026-46207 [vsock/virtio: fix empty payload in tap skb for non-linear buffers] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3a3e3d90cbc79600544536723911657730759af3 (7.1-rc4) +CVE-2026-46202 [HID: appletb-kbd: run inactivity autodim from workqueues] + - linux 7.0.9-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/1654e53349d4e657b331de354313461f401f5063 (7.1-rc4) +CVE-2026-46201 [drm/xe: Fix dma-buf attachment leak in xe_gem_prime_import()] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/111ab678471bf1f90d078d5513bb086b70596c3c (7.1-rc2) +CVE-2026-46241 [spi: mpc52xx: fix use-after-free on registration failure] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/f62c060272b9d7423b1650b844e8e4e7b8f9f925 (7.1-rc1) +CVE-2026-46238 [batman-adv: stop caching unowned originator pointers in BAT IV] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/f03e8583532941b07761c5429de7d50766fa3110 (7.1-rc4) +CVE-2026-46236 [media: rc: xbox_remote: heed DMA restrictions] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/e280d1e5e3f2595bbb43fe6e1bce00c59a43c0ff (7.1-rc1) +CVE-2026-46235 [media: saa7164: add ioremap return checks and cleanups] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/d51c60a498e83c9a79884c8e420f97e3885c9583 (7.1-rc1) +CVE-2026-46234 [vsock: fix buffer size clamping order] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/d114bfdc9b76bf93b881e195b7ec957c14227bab (7.1-rc1) +CVE-2026-46233 [batman-adv: bla: only purge non-released claims] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/cf6b604011591865ae39ac82de8978c1120d17af (7.1-rc4) +CVE-2026-46231 [batman-adv: bla: put backbone reference on failed claim hash insert] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/ba9d20ee9076dac32c371116bacbe72480eb356c (7.1-rc4) +CVE-2026-46230 [drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/b193019860d61e92da395eae2011f2f6716b182f (7.1-rc1) +CVE-2026-46229 [drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/ad52d61d82181dbdb7f05826de38352d5e550cc2 (7.1-rc1) +CVE-2026-46228 [spi: ch341: fix devres lifetime] + - linux 7.0.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/abe572f630bc1f0e77041012ab075869036ede4f (7.1-rc1) +CVE-2026-46227 [sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/abb5f36771cc4c05899b34000829a787572a8817 (7.1-rc4) +CVE-2026-46226 [spi: fsl: fix controller deregistration] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/9b7abfed4c3754062d1f3ffd452e65a38667f586 (7.1-rc1) +CVE-2026-46225 [spi: rspi: fix controller deregistration] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/9944fa6726afb1e6eb7e2212764e7da0c97f2dcc (7.1-rc1) +CVE-2026-46220 [drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/78d2e624fa073c14970aa097adcf3ea31c157a66 (7.1-rc3) +CVE-2026-46219 [spi: mpc52xx: fix use-after-free on unbind] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/706b3dc2ac7a998c55e14b3fd2e8f934c367e6e0 (7.1-rc1) +CVE-2026-46218 [drm/amdgpu: Add bounds checking to ib_{get,set}_value] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/66085e206431ef88ce36f53c1f53d570790ccc9e (7.1-rc1) +CVE-2026-46216 [drm/xe/hdcp: Add NULL check for media_gt in intel_hdcp_gsc_check_status()] + - linux 7.0.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/60a1e131a811b68703da58fd805ab359b704ab03 (7.1-rc3) +CVE-2026-46214 [vsock/virtio: fix accept queue count leak on transport mismatch] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/52bcb57a4e8a0865a76c587c2451906342ae1b2d (7.1-rc1) +CVE-2026-46212 [batman-adv: bla: prevent use-after-free when deleting claims] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/4ae1709a314060a196981b344610d023ea841e57 (7.1-rc4) +CVE-2026-46210 [media: iris: fix use-after-free of fmt_src during MBPF check] + - linux 7.0.9-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3d9593ad1a58c5acc3e5fa2a48222bb7632e6812 (7.1-rc3) +CVE-2026-46209 [drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs()] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/3d4c2268bd7243c3780fe32bf24ff876da272acf (7.1-rc2) +CVE-2026-46208 [batman-adv: stop tp_meter sessions during mesh teardown] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/3d3cf6a7314aca4df0a6dde28ce784a2a30d0166 (7.1-rc4) +CVE-2026-46206 [batman-adv: reject new tp_meter sessions during teardown] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/3243543592425beec83d453793e9d27caa0d8e66 (7.1-rc4) +CVE-2026-46205 [staging: media: atomisp: Disallow all private IOCTLs] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/2b7eb2c5dc72f0fc954ac4aa155f9e285e937f7c (7.1-rc1) +CVE-2026-46204 [drm/amdgpu/vcn4: Prevent OOB reads when parsing IB] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/2444eb0ec8283f4a3845eb7febad378476e1ba3c (7.1-rc1) +CVE-2026-46203 [spi: cadence-quadspi: fix unclocked access on unbind] + - linux 7.0.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/233db2cb14db8b1935dda52a6affd97276462b82 (7.1-rc2) +CVE-2026-46200 [spi: mpc52xx: fix controller deregistration] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/0f997fdae819a8c2cc83bd4ff7d935ad76c727c9 (7.1-rc1) +CVE-2026-46199 [drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/0a78f2bac1424deb7c9d5e09c6b8e849d8e8b648 (7.1-rc1) +CVE-2026-46198 [batman-adv: fix integer overflow on buff_pos] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/0799e5943611006b346b8813c7daf7dd5aa26bfd (7.1-rc4) +CVE-2026-46197 [drm/amdkfd: validate SVM ioctl nattr against buffer size] + - linux 7.0.9-1 + [trixie] - linux 6.12.90-1 + NOTE: https://git.kernel.org/linus/045e0ff208f0838a246c10204105126611b267a1 (7.1-rc2) CVE-2026-46194 [f2fs: fix node_cnt race between extent node destroy and writeback] - linux 7.0.7-1 [trixie] - linux 6.12.88-1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5269d7d4fc116813c85fca6ba89651a43e7f0afe -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5269d7d4fc116813c85fca6ba89651a43e7f0afe You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
