[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 4 14:49:16 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3520a111 by Salvatore Bonaccorso at 2026-03-04T15:48:45+01:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2026-23232 [Revert "f2fs: block cache/dio write during f2fs_enable_checkpoint()"]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3996b70209f145bfcf2afc7d05dd92c27b233b48 (7.0-rc1)
+CVE-2026-23236 [fbdev: smscufx: properly copy ioctl memory to kernelspace]
+ - linux 6.18.13-1
+ NOTE: https://git.kernel.org/linus/120adae7b42faa641179270c067864544a50ab69 (7.0-rc1)
+CVE-2026-23235 [f2fs: fix out-of-bounds access in sysfs attribute read/write]
+ - linux 6.18.13-1
+ NOTE: https://git.kernel.org/linus/98ea0039dbfdd00e5cc1b9a8afa40434476c0955 (7.0-rc1)
+CVE-2026-23234 [f2fs: fix to avoid UAF in f2fs_write_end_io()]
+ - linux 6.18.13-1
+ NOTE: https://git.kernel.org/linus/ce2739e482bce8d2c014d76c4531c877f382aa54 (7.0-rc1)
+CVE-2026-23233 [f2fs: fix to avoid mapping wrong physical block for swapfile]
+ - linux 6.18.13-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5c145c03188bc9ba1c29e0bc4d527a5978fc47f9 (7.0-rc1)
+CVE-2025-71238 [scsi: qla2xxx: Fix bsg_done() causing double free]
+ - linux 6.18.13-1
+ NOTE: https://git.kernel.org/linus/c2c68225b1456f4d0d393b5a8778d51bb0d5b1d0 (7.0-rc1)
CVE-2026-23231 [netfilter: nf_tables: fix use-after-free in nf_tables_addchain()]
- linux 6.18.14-1
NOTE: https://git.kernel.org/linus/71e99ee20fc3f662555118cf1159443250647533 (7.0-rc1)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3520a11173703cc01fece4955848b76f74e85518
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3520a11173703cc01fece4955848b76f74e85518
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260304/aab78140/attachment.htm>
More information about the debian-security-tracker-commits
mailing list