Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: ef249285 by Salvatore Bonaccorso at 2026-06-24T17:02:39+02:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,143 @@ +CVE-2026-52940 [tun: zero the whole vnet header in tun_put_user()] + - linux 7.0.13-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/7f2fcff15e99bb852f6967396ed12b38376e2c8d (7.1) +CVE-2026-52932 [xfrm: ipcomp: Free destination pages on acomp errors] + - linux 7.0.12-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/7dbac7680eb629b3b4dc7e98c34f943b8814c0c8 (7.1-rc6) +CVE-2026-52944 [ksmbd: fix FSCTL permission bypass by adding a permission check for FSCTL_SET_SPARSE] + - linux 7.0.12-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/cc57232cae23c0df91b4a59d0f519141ce9b5b02 (7.1-rc6) +CVE-2026-52943 [net: skbuff: fix missing zerocopy reference in pskb_carve helpers] + - linux 7.0.12-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/98d0912e9f841e5529a5b89a972805f34cb1c69d (7.1-rc6) +CVE-2026-52942 [netfilter: nf_log: validate MAC header was set before dumping it] + - linux 7.0.13-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/a84b6fedbc97078788be78dbdd7517d143ad1a77 (7.1) +CVE-2026-52941 [net/smc: avoid NULL deref of conn->lnk in smc_msg_event tracepoint] + - linux 7.0.12-1 + [trixie] - linux 6.12.94-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/7bf563badd37cb796df5477d2b78bb64148a1268 (7.1-rc4) +CVE-2026-52939 [net/rds: fix NULL deref in rds_ib_send_cqe_handler() on masked atomic completion] + - linux 7.0.13-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/34080db3e70ddf94c38512ad2331e3c3afca6cc1 (7.1) +CVE-2026-52938 [bpf: Fix NULL pointer dereference in bpf_sk_storage_clone and diag paths] + - linux <unfixed> + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/375e4e33c18dfa05c5dfd5f3dfffeb29343dd4c7 (7.1-rc3) +CVE-2026-52937 [tap: fix stack info leak in tap_ioctl() SIOCGIFHWADDR] + - linux 7.0.12-1 + NOTE: https://git.kernel.org/linus/bddc09212c24934643bd44fc794748d2bbb3b6cd (7.1-rc5) +CVE-2026-52936 [crypto: jitterentropy - replace long-held spinlock with mutex] + - linux 7.0.10-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/01d798e9feb30212952d4e992801ba6bd6a82351 (7.1-rc1) +CVE-2026-52935 [xfrm: espintcp: do not reuse an in-progress partial send] + - linux 7.0.13-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/c381039ade2e161ab08c0eda73c4f8b9a7115928 (7.1) +CVE-2026-52934 [batman-adv: tvlv: reject oversized TVLV packets] + - linux 7.0.12-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/f50487e3566358b2b982b7801945e858c78ad9ab (7.1-rc5) +CVE-2026-52933 [io_uring/poll: fix signed comparison in io_poll_get_ownership()] + - linux 7.0.4-1 + [trixie] - linux 6.12.86-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/326941b22806cbf2df1fbfe902b7908b368cce42 (7.1-rc1) +CVE-2026-52931 [batman-adv: tp_meter: avoid use of uninit sender vars] + - linux 7.0.12-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/6c65cf23d4c6170fcf5714c32aa64689718cb142 (7.1-rc5) +CVE-2026-52930 [ipc/shm: serialize orphan cleanup with shm_nattch updates] + - linux 7.0.13-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/2e5c6f4fd4001562781e99bbfc7f1f0127187542 (7.1) +CVE-2026-52929 [sctp: stream: fully roll back denied add-stream state] + - linux 7.0.13-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/a5f8a90ac9f77c678a9781c0a464b635e0d63e49 (7.1) +CVE-2026-52928 [af_unix: Reject SIOCATMARK on non-stream sockets] + - linux 7.0.7-1 + [trixie] - linux 6.12.88-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/d119775f2bad827edc28071c061fdd4a91f889a5 (7.1-rc3) +CVE-2026-52927 [netfilter: ebtables: fix OOB read in compat_mtw_from_user] + - linux 7.0.12-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/f438d1786d657d57790c5d138d6db3fc9fdac392 (7.1-rc6) +CVE-2026-52926 [batman-adv: clear current gateway during teardown] + - linux 7.0.12-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/a340a51ed801eab7bb454150c226323b865263cc (7.1-rc5) +CVE-2026-52925 [vrf: Fix a potential NPD when removing a port from a VRF] + - linux 7.0.10-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/2674d603a9e6970463b2b9ebcf8e31e90beae169 (7.1-rc2) +CVE-2026-52924 [sctp: purge outqueue on stale COOKIE-ECHO handling] + - linux 7.0.13-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/e374b22e9b07b72a25909621464ff74096151bfb (7.1-rc7) +CVE-2026-52923 [ipc: limit next_id allocation to the valid ID range] + - linux 7.0.12-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/fa0b9b2b7ae3539908d69c2b9ac0d144d9bc5139 (7.1-rc6) +CVE-2026-52922 [batman-adv: dat: handle forward allocation error] + - linux 7.0.12-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/2d8826a2d3657cea66fb0370f9e521575a673871 (7.1-rc5) +CVE-2026-52921 [netfilter: ipset: stop hash:* range iteration at end] + - linux 7.0.12-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/0d3a282ab5f165fc207ff49ea5b6ad8f54616bd6 (7.1-rc5) +CVE-2026-52920 [netfilter: xt_policy: fix strict mode inbound policy matching] + - linux 7.0.10-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/4b2b4d7d4e203c92db8966b163edfacb1f0e1e29 (7.1-rc2) +CVE-2026-52919 [batman-adv: fix tp_meter counter underflow during shutdown] + - linux 7.0.12-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/94f3b133168d1c49895e7cc6afbcf1cc0b354602 (7.1-rc5) +CVE-2026-52918 [Bluetooth: serialize accept_q access] + - linux 7.0.12-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/e83f5e24da741fa9405aeeff00b08c5ee7c37b88 (7.1-rc5) +CVE-2026-52917 [sctp: diag: reject stale associations in dump_one path] + - linux 7.0.13-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/5eba3e48d78edd7551b992cb7ba687019b3a78da (7.1-rc7) +CVE-2026-52916 [batman-adv: frag: disallow unicast fragment in fragment] + - linux 7.0.12-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/bc62216dc8e221e3781afa14430f45208bfa9af9 (7.1-rc5) +CVE-2026-52915 [netfilter: ip6t_hbh: reject oversized option lists] + - linux 7.0.12-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/4322dcde6b4173c2d8e8e6118ed290794263bcc8 (7.1-rc5) +CVE-2026-52914 [batman-adv: fix fragment reassembly length accounting] + - linux 7.0.12-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/9cd3f16c320bfdadd4509358122368deb56a5741 (7.1-rc5) +CVE-2026-52913 [batman-adv: v: stop OGMv2 on disabled interface] + - linux 7.0.12-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/f8ce8b8331a1bc44ad4905886a482214d428b253 (7.1-rc5) +CVE-2026-52912 [netfilter: nf_queue: hold bridge skb->dev while queued] + - linux 7.0.12-1 + [trixie] - linux 6.12.94-1 + NOTE: https://git.kernel.org/linus/e196115ec330a18de415bdb9f5071aa9f08e53ce (7.1-rc5) CVE-2026-9724 (The MotorDesk plugin for WordPress is vulnerable to Cross-Site Request ...) NOT-FOR-US: WordPress plugin CVE-2026-9721 (The Book a Room Event Calendar plugin for WordPress is vulnerable to C ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef249285323770002893114135f8adbc26ab2e4c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef249285323770002893114135f8adbc26ab2e4c You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
