[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Wed Feb 18 15:19:02 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1e17d2e9 by Salvatore Bonaccorso at 2026-02-18T16:18:36+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,41 @@
+CVE-2026-23219 [mm/slab: Add alloc_tagging_slab_free_hook for memcg_alloc_abort_single]
+	- linux 6.18.10-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e6c53ead2d8fa73206e0a63e9cd9aea6bc929837 (6.19)
+CVE-2026-23218 [gpio: loongson-64bit: Fix incorrect NULL check after devm_kcalloc()]
+	- linux 6.18.10-1
+	[trixie] - linux <not-affected> (Vulnerable code not present)
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e34f77b09080c86c929153e2a72da26b4f8947ff (6.19)
+CVE-2026-23217 [riscv: trace: fix snapshot deadlock with sbi ecall]
+	- linux 6.18.10-1
+	NOTE: https://git.kernel.org/linus/b0d7f5f0c9f05f1b6d4ee7110f15bef9c11f9df0 (6.19-rc5)
+CVE-2026-23216 [scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()]
+	- linux 6.18.10-1
+	NOTE: https://git.kernel.org/linus/9411a89e9e7135cc459178fa77a3f1d6191ae903 (6.19-rc7)
+CVE-2026-23215 [x86/vmware: Fix hypercall clobbers]
+	- linux 6.18.10-1
+	NOTE: https://git.kernel.org/linus/2687c848e57820651b9f69d30c4710f4219f7dbf (6.19)
+CVE-2026-23214 [btrfs: reject new transactions if the fs is fully read-only]
+	- linux 6.18.10-1
+	NOTE: https://git.kernel.org/linus/1972f44c189c8aacde308fa9284e474c1a5cbd9f (6.19-rc7)
+CVE-2026-23213 [drm/amd/pm: Disable MMIO access during SMU Mode 1 reset]
+	- linux 6.18.10-1
+	NOTE: https://git.kernel.org/linus/0de604d0357d0d22cbf03af1077d174b641707b6 (6.19-rc5)
+CVE-2025-71228 [LoongArch: Set correct protection_map[] for VM_NONE/VM_SHARED]
+	- linux 6.18.10-1
+	NOTE: https://git.kernel.org/linus/d5be446948b379f1d1a8e7bc6656d13f44c5c7b1 (6.19-rc4)
+CVE-2025-71227 [wifi: mac80211: don't WARN for connections on invalid channels]
+	- linux 6.18.10-1
+	NOTE: https://git.kernel.org/linus/99067b58a408a384d2a45c105eb3dce980a862ce (6.19-rc4)
+CVE-2025-71226 [wifi: iwlwifi: Implement settime64 as stub for MVM/MLD PTP]
+	- linux 6.18.10-1
+	NOTE: https://git.kernel.org/linus/81d90d93d22ca4f61833cba921dce9a0bd82218f (6.19-rc4)
+CVE-2025-71225 [md: suspend array while updating raid_disks via sysfs]
+	- linux 6.18.10-1
+	NOTE: https://git.kernel.org/linus/2cc583653bbe050bacd1cadcc9776d39bf449740 (6.19-rc4)
 CVE-2026-23211 [mm, swap: restore swap_space attr aviod kernel panic]
 	- linux 6.18.9-1
 	[trixie] - linux <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e17d2e9ce17cef7e0e013d9b61191b0439e571f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e17d2e9ce17cef7e0e013d9b61191b0439e571f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260218/79cf5173/attachment.htm>
