[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Wed Mar 18 11:40:34 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9229bf27 by Salvatore Bonaccorso at 2026-03-18T12:40:10+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2026-23248 [perf/core: Fix refcount bug and potential UAF in perf_mmap]
+	- linux 6.19.8-1
+	NOTE: https://git.kernel.org/linus/77de62ad3de3967818c3dbe656b7336ebee461d2 (7.0-rc2)
+CVE-2026-23247 [tcp: secure_seq: add back ports to TS offset]
+	- linux 6.19.8-1
+	NOTE: https://git.kernel.org/linus/165573e41f2f66ef98940cf65f838b2cb575d9d1 (7.0-rc3)
+CVE-2026-23246 [wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration]
+	- linux 6.19.8-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/162d331d833dc73a3e905a24c44dd33732af1fc5 (7.0-rc2)
+CVE-2026-23245 [net/sched: act_gate: snapshot parameters with RCU on replace]
+	- linux 6.19.8-1
+	NOTE: https://git.kernel.org/linus/62413a9c3cb183afb9bb6e94dd68caf4e4145f4c (7.0-rc3)
+CVE-2026-23244 [nvme: fix memory allocation in nvme_pr_read_keys()]
+	- linux 6.19.8-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c3320153769f05fd7fe9d840cb555dd3080ae424 (7.0-rc3)
+CVE-2026-23243 [RDMA/umad: Reject negative data_len in ib_umad_write]
+	- linux 6.18.14-1
+	NOTE: https://git.kernel.org/linus/5551b02fdbfd85a325bb857f3a8f9c9f33397ed2 (7.0-rc1)
+CVE-2026-23242 [RDMA/siw: Fix potential NULL pointer dereference in header processing]
+	- linux 6.18.14-1
+	NOTE: https://git.kernel.org/linus/14ab3da122bd18920ad57428f6cf4fade8385142 (7.0-rc1)
+CVE-2025-71267 [fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST]
+	- linux 6.19.6-1
+	NOTE: https://git.kernel.org/linus/06909b2549d631a47fcda249d34be26f7ca1711d (7.0-rc1)
+CVE-2025-71266 [fs: ntfs3: check return value of indx_find to avoid infinite loop]
+	- linux 6.19.6-1
+	NOTE: https://git.kernel.org/linus/1732053c8a6b360e2d5afb1b34fe9779398b072c (7.0-rc1)
+CVE-2025-71265 [fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata]
+	- linux 6.19.6-1
+	NOTE: https://git.kernel.org/linus/4b90f16e4bb5607fb35e7802eb67874038da4640 (7.0-rc1)
 CVE-2026-4366 (A flaw was identified in Keycloak, an identity and access management s ...)
 	- keycloak <itp> (bug #1088287)
 CVE-2026-4356 (A flaw has been found in itsourcecode University Management System 1.0 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9229bf27c826271b896bafc0a04bda17b1fdc4f6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9229bf27c826271b896bafc0a04bda17b1fdc4f6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260318/beccda96/attachment.htm>
