[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 25 11:55:43 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c1e5485b by Salvatore Bonaccorso at 2026-03-25T12:55:21+01:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,487 @@
+CVE-2026-23384 [RDMA/ionic: Fix kernel stack leak in ionic_create_cq()]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/faa72102b178c7ae6c6afea23879e7c84fc59b4e (7.0-rc2)
+CVE-2026-23376 [nvmet-fcloop: Check remoteport port_state before calling done callback]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/dd677d0598387ea623820ab2bd0e029c377445a3 (7.0-rc3)
+CVE-2026-23366 [drm/client: Do not destroy NULL modes]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c601fd5414315fc515f746b499110e46272e7243 (7.0-rc2)
+CVE-2026-23358 [drm/amdgpu: Fix error handling in slot reset]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b57c4ec98c17789136a4db948aec6daadceb5024 (7.0-rc2)
+CVE-2026-23355 [ata: libata: cancel pending work after clearing deferred_qc]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/aac9b27f7c1f2b2cf7f50a9ca633ecbbcaf22af9 (7.0-rc3)
+CVE-2026-23353 [ice: fix crash in ethtool offline loopback test]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a9c354e656597aededa027d63d2ff0973f6b033f (7.0-rc3)
+CVE-2026-23350 [drm/xe/queue: Call fini on exec queue creation fail]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/99f9b5343cae80eb0dfe050baf6c86d722b3ba2e (7.0-rc3)
+CVE-2026-23349 [HID: pidff: Fix condition effect bit clearing]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/97d5c8f5c09a604c4873c8348f58de3cea69a7df (7.0-rc3)
+CVE-2026-23345 [arm64: gcs: Do not set PTE_SHARED on GCS mappings if FEAT_LPA2 is enabled]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8a85b3131225a8c8143ba2ae29c0eef8c1f9117f (7.0-rc2)
+CVE-2026-23344 [crypto: ccp - Fix use-after-free on error path]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/889b0e2721e793eb46cf7d17b965aa3252af3ec8 (7.0-rc3)
+CVE-2026-23342 [bpf: Fix race in cpumap on PREEMPT_RT]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/869c63d5975d55e97f6b168e885452b3da20ea47 (7.0-rc2)
+CVE-2026-23341 [accel/amdxdna: Fix crash when destroying a suspended hardware context]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8363c02863332992a1822688da41f881d88d1631 (7.0-rc2)
+CVE-2026-23338 [drm/amdgpu/userq: Do not allow userspace to trivially triger kernel warnings]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7b7d7693a55d606d700beb9549c9f7f0e5d9c24f (7.0-rc2)
+CVE-2026-23337 [pinctrl: pinconf-generic: Fix memory leak in pinconf_generic_parse_dt_config()]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7a648d598cb8e8c62af3f0e020a25820a3f3a9a7 (7.0-rc3)
+CVE-2026-23332 [cpufreq: intel_pstate: Fix crash during turbo disable]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6b050482ec40569429d963ac52afa878691b04c9 (7.0-rc2)
+CVE-2026-23331 [udp: Unhash auto-bound connected sk from 4-tuple hash table when disconnected.]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6996a2d2d0a64808c19c98002aeb5d9d1b2df6a4 (7.0-rc3)
+CVE-2026-23329 [libie: don't unroll if fwlog isn't supported]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/636cc3bd12f499c74eaf5dc9a7d5b832f1bb24ed (7.0-rc3)
+CVE-2026-23326 [xsk: Fix fragment node deletion to prevent buffer leak]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/60abb0ac11dccd6b98fd9182bc5f85b621688861 (7.0-rc3)
+CVE-2026-23323 [hwmon: (macsmc) Fix regressions in Apple Silicon SMC hwmon driver]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5dd69b864911ae3847365e8bafe7854e79fbeecb (7.0-rc3)
+CVE-2026-23322 [ipmi: Fix use-after-free and list corruption on sender error]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/594c11d0e1d445f580898a2b8c850f2e3f099368 (7.0-rc2)
+CVE-2026-23314 [regulator: bq257xx: Fix device node reference leak in bq257xx_reg_dt_parse_gpio()]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/4baaddaa44af01cd4ce239493060738fd0881835 (7.0-rc2)
+CVE-2026-23311 [perf/core: Fix invalid wait context in ctx_sched_in()]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/486ff5ad49bc50315bcaf6d45f04a33ef0a45ced (7.0-rc2)
+CVE-2026-23309 [tracing: Add NULL pointer check to trigger_data_free()]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/457965c13f0837a289c9164b842d0860133f6274 (7.0-rc3)
+CVE-2026-23305 [accel/rocket: fix unwinding in error path in rocket_probe]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/34f4495a7f72895776b81969639f527c99eb12b9 (7.0-rc1)
+CVE-2026-23301 [ASoC: SDCA: Add allocation failure check for Entity name]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/27990181031fdcdbe0f7c46011f6404e5d116386 (7.0-rc3)
+CVE-2026-23299 [Bluetooth: purge error queues in socket destructors]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/21e4271e65094172aadd5beb8caea95dd0fbf6d7 (7.0-rc2)
+CVE-2026-23295 [accel/amdxdna: Fix dead lock for suspend and resume]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1aa82181a3c285c7351523d587f7981ae4c015c8 (7.0-rc2)
+CVE-2026-23294 [bpf: Fix race in devmap on PREEMPT_RT]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1872e75375c40add4a35990de3be77b5741c252c (7.0-rc2)
+CVE-2026-23288 [accel/amdxdna: Fix out-of-bounds memset in command slot handling]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1110a949675ebd56b3f0286e664ea543f745801c (7.0-rc2)
+CVE-2026-23283 [regulator: fp9931: Fix PM runtime reference leak in fp9931_hwmon_read()]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/0902010c8d163f7b62e655efda1a843529152c7c (7.0-rc2)
+CVE-2026-23282 [smb: client: fix oops due to uninitialised var in smb2_unlink()]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/048efe129a297256d3c2088cf8d79515ff5ec864 (7.0-rc3)
+CVE-2026-23280 [accel/amdxdna: Prevent ubuf size overflow]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/03808abb1d868aed7478a11a82e5bb4b3f1ca6d6 (7.0-rc2)
+CVE-2026-23389 [ice: Fix memory leak in ice_set_ringparam()]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/fe868b499d16f55bbeea89992edb98043c9de416 (7.0-rc3)
+CVE-2026-23388 [Squashfs: check metadata block offset is within range]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/fdb24a820a5832ec4532273282cbd4f22c291a0d (7.0-rc2)
+CVE-2026-23387 [pinctrl: cirrus: cs42l43: Fix double-put in cs42l43_pin_probe()]
+ - linux 6.19.8-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/fd5bed798f45eb3a178ad527b43ab92705faaf8a (7.0-rc3)
+CVE-2026-23386 [gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL]
+ - linux 6.19.8-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/fb868db5f4bccd7a78219313ab2917429f715cea (7.0-rc2)
+CVE-2026-23385 [netfilter: nf_tables: clone set on flush only]
+ - linux 6.19.8-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/fb7fb4016300ac622c964069e286dc83166a5d52 (7.0-rc3)
+CVE-2026-23383 [bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing]
+ - linux 6.19.8-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ef06fd16d48704eac868441d98d4ef083d8f3d07 (7.0-rc2)
+CVE-2026-23382 [HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/ecfa6f34492c493a9a1dc2900f3edeb01c79946b (7.0-rc3)
+CVE-2026-23381 [net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/e5e890630533bdc15b26a34bb8e7ef539bdf1322 (7.0-rc3)
+CVE-2026-23380 [tracing: Fix WARN_ON in tracing_buffers_mmap_close]
+ - linux 6.19.8-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e39bb9e02b68942f8e9359d2a3efe7d37ae6be0e (7.0-rc3)
+CVE-2026-23379 [net/sched: ets: fix divide by zero in the offload path]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/e35626f610f3d2b7953ccddf6a77453da22b3a9e (7.0-rc3)
+CVE-2026-23378 [net/sched: act_ife: Fix metalist update behavior]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/e2cedd400c3ec0302ffca2490e8751772906ac23 (7.0-rc3)
+CVE-2026-23377 [ice: change XDP RxQ frag_size from DMA write length to xdp.frame_sz]
+ - linux 6.19.8-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e142dc4ef0f451b7ef99d09aaa84e9389af629d7 (7.0-rc3)
+CVE-2026-23375 [mm: thp: deny THP for files on anonymous inodes]
+ - linux 6.19.8-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/dd085fe9a8ebfc5d10314c60452db38d2b75e609 (7.0-rc2)
+CVE-2026-23374 [blktrace: fix __this_cpu_read/write in preemptible context]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/da46b5dfef48658d03347cda21532bcdbb521e67 (7.0-rc3)
+CVE-2026-23373 [wifi: rsi: Don't default to -EOPNOTSUPP in rsi_mac80211_config]
+ - linux 6.19.8-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d973b1039ccde6b241b438d53297edce4de45b5c (7.0-rc3)
+CVE-2026-23372 [nfc: rawsock: cancel tx_work before socket teardown]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/d793458c45df2aed498d7f74145eab7ee22d25aa (7.0-rc3)
+CVE-2026-23371 [sched/deadline: Fix missing ENQUEUE_REPLENISH during PI de-boosting]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/d658686a1331db3bb108ca079d76deb3208ed949 (7.0-rc3)
+CVE-2026-23370 [platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data]
+ - linux 6.19.8-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d1a196e0a6dcddd03748468a0e9e3100790fc85c (7.0-rc3)
+CVE-2026-23369 [i2c: i801: Revert "i2c: i801: replace acpi_lock with I2C bus lock"]
+ - linux 6.19.8-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/cfc69c2e6c699c96949f7b0455195b0bfb7dc715 (7.0-rc3)
+CVE-2026-23368 [net: phy: register phy led_triggers during probe to avoid AB-BA deadlock]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/c8dbdc6e380e7e96a51706db3e4b7870d8a9402d (7.0-rc2)
+CVE-2026-23367 [wifi: radiotap: reject radiotap with unknown bits]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/c854758abe0b8d86f9c43dc060ff56a0ee5b31e0 (7.0-rc2)
+CVE-2026-23365 [net: usb: kalmia: validate USB endpoints]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/c58b6c29a4c9b8125e8ad3bca0637e00b71e2693 (7.0-rc2)
+CVE-2026-23364 [ksmbd: Compare MACs in constant time]
+ - linux 6.19.8-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c5794709bc9105935dbedef8b9cf9c06f2b559fa (7.0-rc2)
+CVE-2026-23363 [wifi: mt76: mt7925: Fix possible oob access in mt7925_mac_write_txwi_80211()]
+ - linux 6.19.8-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c41a9abd6ae31d130e8f332e7c8800c4c866234b (7.0-rc3)
+CVE-2026-23362 [can: bcm: fix locking for bcm_op runtime updates]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/c35636e91e392e1540949bbc67932167cb48bc3a (7.0-rc3)
+CVE-2026-23361 [PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/c22533c66ccae10511ad6a7afc34bb26c47577e3 (7.0-rc2)
+CVE-2026-23360 [nvme: fix admin queue leak on controller reset]
+ - linux 6.19.8-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b84bb7bd913d8ca2f976ee6faf4a174f91c02b8d (7.0-rc3)
+CVE-2026-23359 [bpf: Fix stack-out-of-bounds write in devmap]
+ - linux 6.19.8-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b7bf516c3ecd9a2aae2dc2635178ab87b734fef1 (7.0-rc2)
+CVE-2026-23357 [can: mcp251x: fix deadlock in error path of mcp251x_open]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/ab3f894de216f4a62adc3b57e9191888cbf26885 (7.0-rc3)
+CVE-2026-23356 [drbd: fix "LOGIC BUG" in drbd_al_begin_io_nonblock()]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/ab140365fb62c0bdab22b2f516aff563b2559e3b (7.0-rc2)
+CVE-2026-23354 [x86/fred: Correct speculative safety in fred_extint()]
+ - linux 6.19.8-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/aa280a08e7d8fae58557acc345b36b3dc329d595 (7.0-rc2)
+CVE-2026-23352 [x86/efi: defer freeing of boot services memory]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/a4b0bf6a40f3c107c67a24fbc614510ef5719980 (7.0-rc3)
+CVE-2026-23351 [netfilter: nft_set_pipapo: split gc into unlink and reclaim phase]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/9df95785d3d8302f7c066050117b04cd3c2048c2 (7.0-rc3)
+CVE-2026-23348 [cxl: Fix race of nvdimm_bus object when creating nvdimm objects]
+ - linux 6.19.8-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/96a1fd0d84b17360840f344826897fa71049870e (7.0-rc2)
+CVE-2026-23347 [can: usb: f81604: correctly anchor the urb in the read bulk callback]
+ - linux 6.19.8-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/952caa5da10bed22be09612433964f6877ba0dde (7.0-rc3)
+CVE-2026-23346 [arm64: io: Extract user memory type in ioremap_prot()]
+ - linux 6.19.8-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8f098037139b294050053123ab2bc0f819d08932 (7.0-rc2)
+CVE-2026-23343 [xdp: produce a warning when calculated tailroom is negative]
+ - linux 6.19.8-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8821e857759be9db3cde337ad328b71fe5c8a55f (7.0-rc3)
+CVE-2026-23340 [net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/7f083faf59d14c04e01ec05a7507f036c965acf8 (7.0-rc3)
+CVE-2026-23339 [nfc: nci: free skb on nci_transceive early error paths]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/7bd4b0c4779f978a6528c9b7937d2ca18e936e2c (7.0-rc3)
+CVE-2026-23336 [wifi: cfg80211: cancel rfkill_block work in wiphy_unregister()]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/767d23ade706d5fa51c36168e92a9c5533c351a1 (7.0-rc2)
+CVE-2026-23335 [RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah()]
+ - linux 6.19.8-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/74586c6da9ea222a61c98394f2fc0a604748438c (7.0-rc2)
+CVE-2026-23334 [can: usb: f81604: handle short interrupt urb messages properly]
+ - linux 6.19.8-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7299b1b39a255f6092ce4ec0b65f66e9d6a357af (7.0-rc3)
+CVE-2026-23333 [netfilter: nft_set_rbtree: validate open interval overlap]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/
+CVE-2026-23330 [nfc: nci: complete pending data exchange on device close]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/66083581945bd5b8e99fe49b5aeb83d03f62d053 (7.0-rc3)
+CVE-2026-23328 [accel/amdxdna: Fix NULL pointer dereference of mgmt_chann]
+ - linux 6.19.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6270ee26e1edd862ea17e3eba148ca8fb2c99dc9 (7.0-rc3)
+CVE-2026-23327 [cxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed()]
+ - linux 6.19.8-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/60b5d1f68338aff2c5af0113f04aefa7169c50c2 (7.0-rc2)
+CVE-2026-23325 [wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211()]
+ - linux 6.19.8-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/60862846308627e9e15546bb647a00de44deb27b (7.0-rc3)
+CVE-2026-23324 [can: usb: etas_es58x: correctly anchor the urb in the read bulk callback]
+ - linux 6.19.8-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5eaad4f768266f1f17e01232ffe2ef009f8129b7 (7.0-rc3)
+CVE-2026-23321 [mptcp: pm: in-kernel: always mark signal+subflow endp as used]
+ - linux 6.19.8-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/579a752464a64cb5f9139102f0e6b90a1f595ceb (7.0-rc3)
+CVE-2026-23320 [usb: gadget: f_ncm: align net_device lifecycle with bind/unbind]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/56a512a9b4107079f68701e7d55da8507eb963d9 (7.0-rc1)
+CVE-2026-23319 [bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim]
+ - linux 6.19.8-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/56145d237385ca0e7ca9ff7b226aaf2eb8ef368b (7.0-rc3)
+CVE-2026-23318 [ALSA: usb-audio: Use correct version for UAC3 header validation]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/54f9d645a5453d0bfece0c465d34aaf072ea99fa (7.0-rc2)
+CVE-2026-23317 [drm/vmwgfx: Return the correct value in vmw_translate_ptr functions]
+ - linux 6.19.8-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5023ca80f9589295cb60735016e39fc5cc714243 (7.0-rc2)
+CVE-2026-23316 [net: ipv4: fix ARM64 alignment fault in multipath hash seed]
+ - linux 6.19.8-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/4ee7fa6cf78ff26d783d39e2949d14c4c1cd5e7f (7.0-rc3)
+CVE-2026-23315 [wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211()]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/4e10a730d1b511ff49723371ed6d694dd1b2c785 (7.0-rc3)
+CVE-2026-23313 [i40e: Fix preempt count leak in napi poll tracepoint]
+ - linux 6.19.8-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/4b3d54a85bd37ebf2d9836f0d0de775c0ff21af9 (7.0-rc3)
+CVE-2026-23312 [net: usb: kaweth: validate USB endpoints]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/4b063c002ca759d1b299988ee23f564c9609c875 (7.0-rc2)
+CVE-2026-23310 [bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded]
+ - linux 6.19.8-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/479d589b40b836442bbdadc3fdb37f001bb67f26 (7.0-rc3)
+CVE-2026-23308 [pinctrl: equilibrium: fix warning trace on load]
+ - linux 6.19.8-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3e00b1b332e54ba50cca6691f628b9c06574024f (7.0-rc3)
+CVE-2026-23307 [can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/38a01c9700b0dcafe97dfa9dc7531bf4a245deff (7.0-rc3)
+CVE-2026-23306 [scsi: pm8001: Fix use-after-free in pm8001_queue_command()]
+ - linux 6.19.8-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/38353c26db28efd984f51d426eac2396d299cca7 (7.0-rc2)
+CVE-2026-23304 [ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu()]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/2ffb4f5c2ccb2fa1c049dd11899aee7967deef5a (7.0-rc3)
+CVE-2026-23303 [smb: client: Don't log plaintext credentials in cifs_set_cifscreds]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/2f37dc436d4e61ff7ae0b0353cf91b8c10396e4d (7.0-rc2)
+CVE-2026-23302 [net: annotate data-races around sk->sk_{data_ready,write_space}]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/2ef2b20cf4e04ac8a6ba68493f8780776ff84300 (7.0-rc3)
+CVE-2026-23300 [net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/21ec92774d1536f71bdc90b0e3d052eff99cf093 (7.0-rc3)
+CVE-2026-23298 [can: ucan: Fix infinite loop from zero-length messages]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/1e446fd0582ad8be9f6dafb115fc2e7245f9bea7 (7.0-rc3)
+CVE-2026-23297 [nfsd: Fix cred ref leak in nfsd_nl_threads_set_doit().]
+ - linux 6.19.8-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1cb968a2013ffa8112d52ebe605009ea1c6a582c (7.0-rc3)
+CVE-2026-23296 [scsi: core: Fix refcount leak for tagset_refcnt]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/1ac22c8eae81366101597d48360718dff9b9d980 (7.0-rc3)
+CVE-2026-23293 [net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/168ff39e4758897d2eee4756977d036d52884c7e (7.0-rc3)
+CVE-2026-23292 [scsi: target: Fix recursive locking in __configfs_open_file()]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/14d4ac19d1895397532eec407433c5d74d9da53b (7.0-rc3)
+CVE-2026-23291 [nfc: pn533: properly drop the usb interface reference on disconnect]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/12133a483dfa832241fbbf09321109a0ea8a520e (7.0-rc2)
+CVE-2026-23290 [net: usb: pegasus: validate USB endpoints]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/11de1d3ae5565ed22ef1f89d73d8f2d00322c699 (7.0-rc2)
+CVE-2026-23289 [IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq()]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/117942ca43e2e3c3d121faae530989931b7f67e1 (7.0-rc2)
+CVE-2026-23287 [irqchip/sifive-plic: Fix frozen interrupt due to affinity setting]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/1072020685f4b81f6efad3b412cdae0bd62bb043 (7.0-rc2)
+CVE-2026-23286 [atm: lec: fix null-ptr-deref in lec_arp_clear_vccs]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/101bacb303e89dc2e0640ae6a5e0fb97c4eb45bb (7.0-rc3)
+CVE-2026-23285 [drbd: fix null-pointer dereference on local read error]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/0d195d3b205ca90db30d70d09d7bb6909aac178f (7.0-rc2)
+CVE-2026-23284 [net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()]
+ - linux 6.19.8-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/0abc73c8a40fd64ac1739c90bb4f42c418d27a5e (7.0-rc3)
+CVE-2026-23281 [wifi: libertas: fix use-after-free in lbs_free_adapter()]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/03cc8f90d0537fcd4985c3319b4fafbf2e3fb1f0 (7.0-rc2)
+CVE-2026-23279 [wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame()]
+ - linux 6.19.8-1
+ NOTE: https://git.kernel.org/linus/017c1792525064a723971f0216e6ef86a8c7af11 (7.0-rc2)
CVE-2026-4784 (A vulnerability was found in code-projects Simple Laundry System 1.0. ...)
NOT-FOR-US: code-projects
CVE-2026-4783 (A vulnerability has been found in itsourcecode College Management Syst ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c1e5485b87f116e99a831c6554702853121bf40a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c1e5485b87f116e99a831c6554702853121bf40a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260325/c6b13a22/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list