[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eeb0b836 by Salvatore Bonaccorso at 2026-04-25T15:04:53+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,42 @@
+CVE-2026-31685 [netfilter: ip6t_eui64: reject invalid MAC header for all packets]
+	- linux 6.19.14-1
+	NOTE: https://git.kernel.org/linus/fdce0b3590f724540795b874b4c8850c90e6b0a8 (7.0)
+CVE-2026-31684 [net: sched: act_csum: validate nested VLAN headers]
+	- linux 6.19.14-1
+	NOTE: https://git.kernel.org/linus/c842743d073bdd683606cb414eb0ca84465dd834 (7.0)
+CVE-2026-31683 [batman-adv: avoid OGM aggregation when skb tailroom is insufficient]
+	- linux 6.19.10-1
+	NOTE: https://git.kernel.org/linus/0d4aef630be9d5f9c1227d07669c26c4383b5ad0 (7.0-rc5)
+CVE-2026-31682 [bridge: br_nd_send: linearize skb before parsing ND options]
+	- linux 6.19.12-1
+	NOTE: https://git.kernel.org/linus/a01aee7cafc575bb82f5529e8734e7052f9b16ea (7.0-rc7)
+CVE-2026-31681 [netfilter: xt_multiport: validate range encoding in checkentry]
+	- linux 6.19.14-1
+	NOTE: https://git.kernel.org/linus/ff64c5bfef12461df8450e0f50bb693b5269c720 (7.0)
+CVE-2026-31680 [net: ipv6: flowlabel: defer exclusive option free until RCU teardown]
+	- linux 6.19.12-1
+	NOTE: https://git.kernel.org/linus/9ca562bb8e66978b53028fa32b1a190708e6a091 (7.0-rc7)
+CVE-2026-31679 [openvswitch: validate MPLS set/set_masked payload length]
+	- linux 6.19.11-1
+	NOTE: https://git.kernel.org/linus/546b68ac893595877ffbd7751e5c55fd1c43ede6 (7.0-rc6)
+CVE-2026-31678 [openvswitch: defer tunnel netdev_put to RCU release]
+	- linux 6.19.11-1
+	NOTE: https://git.kernel.org/linus/6931d21f87bc6d657f145798fad0bf077b82486c (7.0-rc6)
+CVE-2026-31677 [crypto: af_alg - limit RX SG extraction by receive buffer budget]
+	- linux 6.19.14-1
+	NOTE: https://git.kernel.org/linus/8eceab19eba9dcbfd2a0daec72e1bf48aa100170 (7.0)
+CVE-2026-31676 [rxrpc: only handle RESPONSE during service challenge]
+	- linux 6.19.13-1
+	NOTE: https://git.kernel.org/linus/c43ffdcfdbb5567b1f143556df8a04b4eeea041c (7.0)
+CVE-2026-31675 [net/sched: sch_netem: fix out-of-bounds access in packet corruption]
+	- linux 6.19.12-1
+	NOTE: https://git.kernel.org/linus/d64cb81dcbd54927515a7f65e5e24affdc73c14b (7.0-rc7)
+CVE-2026-31674 [netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check()]
+	- linux 6.19.11-1
+	NOTE: https://git.kernel.org/linus/9d3f027327c2fa265f7f85ead41294792c3296ed (7.0-rc6)
+CVE-2026-31673 [af_unix: read UNIX_DIAG_VFS data under unix_state_lock]
+	- linux 6.19.14-1
+	NOTE: https://git.kernel.org/linus/39897df386376912d561d4946499379effa1e7ef (7.0)
 CVE-2026-6968 (Incomplete path traversal fixes in awslabs/tough before tough-v0.22.0  ...)
 	NOT-FOR-US: Amazon
 CVE-2026-6967 (Missing expiration, hash, and length enforcement in delegated metadata ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eeb0b8362d090ece9fcc9d5f5f04aac3ee35e5fc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eeb0b8362d090ece9fcc9d5f5f04aac3ee35e5fc
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260425/249611b5/attachment-0001.htm>