[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Mar 26 15:02:32 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ea91e989 by Salvatore Bonaccorso at 2026-03-26T16:02:02+01:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,12 @@
+CVE-2026-23398 [icmp: fix NULL pointer dereference in icmp_tag_validation()]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/614aefe56af8e13331e50220c936fc0689cf5675 (7.0-rc5)
+CVE-2026-23397 [nfnetlink_osf: validate individual option lengths in fingerprints]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/dbdfaae9609629a9569362e3b8f33d0a20fd783c (7.0-rc5)
+CVE-2026-23396 [wifi: mac80211: fix NULL deref in mesh_matches_local()]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/c73bb9a2d33bf81f6eecaa0f474b6c6dbe9855bd (7.0-rc5)
CVE-2026-33416 [Use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`]
- libpng1.6 <unfixed>
NOTE: https://github.com/pnggroup/libpng/security/advisories/GHSA-m4pc-p4q3-4c7j
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea91e989e1136aca1dab4b99d0f108d4005f6fab
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea91e989e1136aca1dab4b99d0f108d4005f6fab
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260326/2bc8d1fe/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list