[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed May 6 13:42:10 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dd3a6fcd by Salvatore Bonaccorso at 2026-05-06T14:41:32+02:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,829 @@
+CVE-2026-43282 [RDMA/ionic: Fix potential NULL pointer dereference in ionic_query_port]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/fd80bd7105f88189f47d465ca8cb7d115570de30 (7.0-rc2)
+CVE-2026-43280 [drm/xe: Add bounds check on pat_index to prevent OOB kernel read in madvise]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/fbbe32618e97eff81577a01eb7d9adcd64a216d7 (7.0-rc1)
+CVE-2026-43276 [net: mana: Fix double destroy_workqueue on service rescan PCI path]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f975a0955276579e2176a134366ed586071c7c6a (7.0-rc2)
+CVE-2026-43265 [KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ead63640d4e72e6f6d464f4e31f7fecb79af8869 (7.0-rc1)
+CVE-2026-43260 [bnxt_en: Fix RSS context delete logic]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e123d9302d223767bd910bfbcfe607bae909f8ac (7.0-rc2)
+CVE-2026-43259 [phy: fsl-imx8mq-usb: set platform driver data]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/debf8326a435ac746f48173e4742a574810f1ff4 (7.0-rc1)
+CVE-2026-43256 [media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d965919af524e68cb2ab1a685872050ad2ee933d (7.0-rc1)
+CVE-2026-43254 [ovpn: tcp - fix packet extraction from stream]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d4f687fbbce45b5e88438e89b5e26c0c15847992 (7.0-rc2)
+CVE-2026-43252 [mptcp: pm: in-kernel: always set ID as avail when rm endp]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d191101dee25567c2af3b28565f45346c33d65f5 (7.0-rc1)
+CVE-2026-43247 [media: chips-media: wave5: Fix SError of kernel panic when closed]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/cbb9c0d50e471483cced55f5b7db4569dcd959a6 (7.0-rc1)
+CVE-2026-43240 [x86/kexec: add a sanity check on previous kernel's ima kexec buffer]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c5489d04337b47e93c0623e8145fcba3f5739efd (7.0-rc1)
+CVE-2026-43238 [net/sched: act_skbedit: fix divide-by-zero in tcf_skbedit_hash()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/be054cc66f739a9ba615dba9012a07fab8e7dd6f (7.0-rc1)
+CVE-2026-43235 [media: iris: Add missing platform data entries for SM8750]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/bbef55f414100853d5bcea56a41f8b171bac8fcb (7.0-rc1)
+CVE-2026-43229 [media: chips-media: wave5: Fix device cleanup order to prevent kernel panic]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b74cedac643b02aefa7da881b58a3792859d9748 (7.0-rc1)
+CVE-2026-43224 [io_uring/zcrx: fix sgtable leak on mapping failures]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a983aae397767e9da931128ff2b5bf9066513ce3 (7.0-rc1)
+CVE-2026-43222 [media: verisilicon: AV1: Fix tile info buffer size]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a505ca2db89ad92a8d8d27fa68ebafb12e04a679 (7.0-rc1)
+CVE-2026-43221 [ipmi: ipmb: initialise event handler read bytes]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9f235ccecd03c436cb1683eac16b12f119e54aa9 (7.0-rc2)
+CVE-2026-43217 [media: iris: gen2: Add sanity check for session stop]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9aa8d63d09cfc44d879427cc5ba308012ca4ab8e (7.0-rc1)
+CVE-2026-43214 [KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/95d848dc7e639988dbb385a8cba9b484607cf98c (7.0-rc1)
+CVE-2026-43210 [tracing: ring-buffer: Fix to check event length before using]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/912b0ee248c529a4f45d1e7f568dc1adddbf2a4a (7.0-rc1)
+CVE-2026-43208 [net: do not pass flow_id to set_rps_cpu()]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8a8a9fac9efa6423fd74938b940cb7d731780718 (7.0-rc2)
+CVE-2026-43205 [dpaa2-switch: validate num_ifs to prevent out-of-bounds write]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8a5752c6dcc085a3bfc78589925182e4e98468c5 (7.0-rc2)
+CVE-2026-43200 [PCI: endpoint: Fix swapped parameters in pci_{primary/secondary}_epc_epf_unlink() functions]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8754dd7639ab0fd68c3ab9d91c7bdecc3e5740a8 (7.0-rc1)
+CVE-2026-43193 [nfsd: fix nfs4_file refcount leak in nfsd_get_dir_deleg()]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/789477b849394afdb60507924d65f7ef18f078ce (7.0-rc1)
+CVE-2026-43192 [dm mpath: Add missing dm_put_device when failing to get scsi dh name]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/787bd63ee661b0148ce8e1fde92b7afddd85c446 (7.0-rc1)
+CVE-2026-43188 [ceph: do not propagate page array emplacement errors as batch errors]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/707104682e3c163f7c14cdd6b07a3e95fb374759 (7.0-rc1)
+CVE-2026-43186 [ipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6db8b56eed62baacaf37486e83378a72635c04cc (7.0-rc1)
+CVE-2026-43181 [gpio: sysfs: fix chip removal with GPIOs exported over sysfs]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6766f59012301f1bf3f46c6e7149caca45d92309 (7.0-rc1)
+CVE-2026-43179 [erofs: fix incorrect early exits for invalid metabox-enabled images]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/643575d5a4f24b23b0c54aa20aa74a4abed8ff5e (7.0-rc1)
+CVE-2026-43178 [procfs: fix possible double mmput() in do_procmap_query()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/61dc9f776705d6db6847c101b98fa4f0e9eb6fa3 (7.0-rc1)
+CVE-2026-43177 [media: ipu6: Fix RPM reference leak in probe error paths]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6099f78e4c9223f4de4169d2fd1cded01279da1a (7.0-rc1)
+CVE-2026-43175 [clk: rs9: Reserve 8 struct clk_hw slots for for 9FGV0841]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5ec820fc28d0b8a0f3890d476b1976f20e8343cc (7.0-rc1)
+CVE-2026-43173 [net: ethernet: xscale: Check for PTP support properly]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/594163ea88a03bdb412063af50fc7177ef3cbeae (7.0-rc2)
+CVE-2026-43169 [drm/buddy: Prevent BUG_ON by validating rounded allocation]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5488a29596cdba93a60a79398dc9b69d5bdadf92 (7.0-rc1)
+CVE-2026-43166 [erofs: fix interlaced plain identification for encoded extents]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/4a2d046e4b13202a6301a993961f5b30ae4d7119 (7.0-rc2)
+CVE-2026-43164 [udplite: Fix null-ptr-deref in __udp_enqueue_schedule_skb().]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/470c7ca2b4c3e3a51feeb952b7f97a775b5c49cd (7.0-rc2)
+CVE-2026-43160 [mfd: macsmc: Initialize mutex]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/414f65d6736342c77d4ec5e7373039f4a09250dd (7.0-rc1)
+CVE-2026-43157 [octeontx2-af: CGX: fix bitmap leaks]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3def995c4ede842adf509c410e92d09a0cedc965 (7.0-rc1)
+CVE-2026-43155 [mux: mmio: fix regmap leak on probe failure]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3c4ae63073d84abee5d81ce46d86a94e9dae9c89 (7.0-rc1)
+CVE-2026-43154 [erofs: fix incorrect early exits in volume label handling]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3afa4da38802a4cba1c23848a32284e7e57b831b (7.0-rc1)
+CVE-2026-43151 [Revert "media: iris: Add sanity check for stop streaming"]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/370e19042fb8ac68109f8bdb0fdd8118baf39318 (7.0-rc1)
+CVE-2026-43150 [perf/arm-cmn: Reject unsupported hardware configurations]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/36c0de02575ce59dfd879eb4ef63d53a68bbf9ce (7.0-rc1)
+CVE-2026-43148 [powerpc/smp: Add check for kcalloc() failure in parse_thread_groups()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/33c1c6d8a28a2761ac74b0380b2563cf546c2a3a (7.0-rc1)
+CVE-2026-43146 [media: iris: Add buffer to list only after successful allocation]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/2d0bbd982dfdd67da488a772f7a8a1bdca7642bf (7.0-rc1)
+CVE-2026-43145 [remoteproc: imx_rproc: Fix invalid loaded resource table detection]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/26aa5295010ffaebcf8f1991c53fa7cf2ee1b20d (7.0-rc1)
+CVE-2026-43144 [wifi: brcmfmac: Fix potential kernel oops when probe fails]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/243307a0d1b0d01538e202c00454c28b21d4432e (7.0-rc2)
+CVE-2026-43142 [media: iris: gen1: Destroy internal buffers after FW releases]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1dabf00ee206eceb0f08a1fe5d1ce635f9064338 (7.0-rc1)
+CVE-2026-43138 [reset: gpio: suppress bind attributes in sysfs]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/16de4c6a8fe9ff497ca1aba33ef0dbee09f11952 (7.0-rc1)
+CVE-2026-43133 [KVM: nSVM: Always use vmcb01 in VMLOAD/VMSAVE emulation]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/127ccae2c185f62e6ecb4bf24f9cb307e9b9c619 (7.0-rc1)
+CVE-2026-43128 [RDMA/umem: Fix double dma_buf_unpin in failure path]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/104016eb671e19709721c1b0048dd912dc2e96be (7.0-rc2)
+CVE-2026-43122 [ACPI: processor: Update cpuidle driver check in __acpi_processor_start()]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/0089ce1c056aee547115bdc25c223f8f88c08498 (7.0-rc1)
+CVE-2026-43121 [io_uring/zcrx: fix user_ref race between scrub and refill paths]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/003049b1c4fb8aabb93febb7d1e49004f6ad653b (7.0-rc1)
+CVE-2025-71271 [hfsplus: ensure sb->s_fs_info is always cleaned up]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/126fb0ce99431126b44a6c360192668c818f641f (7.0-rc1)
+CVE-2026-43283 [net: ethernet: ec_bhf: Fix dma_free_coherent() dma handle]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/ffe68c3766997d82e9ccaf1cdbd47eba269c4aa2 (7.0-rc1)
+CVE-2026-43281 [mailbox: Prevent out-of-bounds access in fw_mbox_index_xlate()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/fcd7f96c783626c07ee3ed75fa3739a8a2052310 (7.0-rc1)
+CVE-2026-43279 [ALSA: usb-audio: Add sanity check for OOB writes at silencing]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/fba2105a157fffcf19825e4eea498346738c9948 (7.0-rc1)
+CVE-2026-43278 [dm: clear cloned request bio pointer when last clone bio completes]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/fb8a6c18fb9a6561f7a15b58b272442b77a242dd (7.0-rc1)
+CVE-2026-43277 [APEI/GHES: ensure that won't go past CPER allocated record]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/fa2408a24f8f0db14d9cfc613ef162dc267d7ad4 (7.0-rc1)
+CVE-2026-43275 [scsi: ufs: core: Flush exception handling work when RPM level is zero]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/f8ef441811ec413717f188f63d99182f30f0f08e (7.0-rc1)
+CVE-2026-43274 [mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchp_ipc_get_cluster_aggr_irq()]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/f7c330a8c83c9b0332fd524097eaf3e69148164d (7.0-rc1)
+CVE-2026-43273 [ceph: supply snapshot context in ceph_zero_partial_object()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/f16bd3fa74a2084ee7e16a8a2be7e7399b970907 (7.0-rc1)
+CVE-2026-43272 [ring-buffer: Fix possible dereference of uninitialized pointer]
+ - linux 6.19.6-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f1547779402c4cd67755c33616b7203baa88420b (7.0-rc1)
+CVE-2026-43271 [md-cluster: fix NULL pointer dereference in process_metadata_update]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/f150e753cb8dd756085f46e86f2c35ce472e0a3c (7.0-rc1)
+CVE-2026-43270 [media: mtk-mdp: Fix a reference leak bug in mtk_mdp_remove()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/f128bab57b8018e526b7eda854ca20069863af47 (7.0-rc1)
+CVE-2026-43269 [drm/atmel-hlcdc: fix memory leak from the atomic_destroy_state callback]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/f12352471061df83a36edf54bbb16284793284e4 (7.0-rc1)
+CVE-2026-43268 [hfsplus: pretend special inodes as regular files]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/ed8889ca21b6ab37bc1435c4009ce37a79acb9e6 (7.0-rc1)
+CVE-2026-43267 [wifi: rtw89: fix potential zero beacon interval in beacon tracking]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/eb57be32f438c57c88d6ce756101c1dfbcc03bba (7.0-rc1)
+CVE-2026-43266 [EFI/CPER: don't go past the ARM processor CPER record buffer]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/eae21beecb95a3b69ee5c38a659f774e171d730e (7.0-rc1)
+CVE-2026-43264 [fbdev: of: display_timing: fix refcount leak in of_get_display_timings()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/eacf9840ae1285a1ef47eb0ce16d786e542bd4d7 (7.0-rc1)
+CVE-2026-43263 [media: chips-media: wave5: Fix Null reference while testing fluster]
+ - linux 6.19.6-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e66ff2b08e4ee1c4d3b84f24818e5bcc178cc3a4 (7.0-rc1)
+CVE-2026-43262 [gfs2: fiemap page fault fix]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/e411d74cc5ba290f85d0dd5e4d1df8f1d6d975d2 (7.0-rc1)
+CVE-2026-43261 [arm64: Add support for TSV110 Spectre-BHB mitigation]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/e3baa5d4b361276efeb87b20d8beced451a7dbd5 (7.0-rc1)
+CVE-2026-43258 [alpha: fix user-space corruption during memory compaction]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/dd5712f3379cfe760267cdd28ff957d9ab4e51c7 (7.0-rc1)
+CVE-2026-43257 [media: cx88: Add missing unmap in snd_cx88_hw_params()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/dbc527d980f7ba8559de38f8c1e4158c71a78915 (7.0-rc1)
+CVE-2026-43255 [wifi: libertas: fix WARNING in usb_tx_block]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/d66676e6ca96bf8680f869a9bd6573b26c634622 (7.0-rc1)
+CVE-2026-43253 [iommu/amd: move wait_on_sem() out of spinlock]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/d2a0cac10597068567d336e85fa3cbdbe8ca62bf (7.0-rc1)
+CVE-2026-43251 [HID: prodikeys: Check presence of pm->input_ep82]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/cee8337e1bad168136aecfe6416ecd7d3aa7529a (7.0-rc1)
+CVE-2026-43250 [usb: chipidea: udc: fix DMA and SG cleanup in _ep_nuke()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/cea2a1257a3b5ea3e769a445b34af13e6aa5a123 (7.0-rc1)
+CVE-2026-43249 [9p/xen: protect xen_9pfs_front_free against concurrent calls]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/ce8ded2e61f47747e31eeefb44dc24a2160a7e32 (7.0-rc1)
+CVE-2026-43248 [vhost: move vdpa group bound check to vhost_vdpa]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/cd025c1e876b4e262e71398236a1550486a73ede (7.0-rc1)
+CVE-2026-43246 [media: i2c/tw9906: Fix potential memory leak in tw9906_probe()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/cad237b6c875fbee5d353a2b289e98d240d17ec8 (7.0-rc1)
+CVE-2026-43245 [ntfs: ->d_compare() must not block]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/ca2a04e84af79596e5cd9cfe697d5122ec39c8ce (7.0-rc1)
+CVE-2026-43244 [kcm: fix zero-frag skb in frag_list on partial sendmsg error]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/ca220141fa8ebae09765a242076b2b77338106b0 (7.0-rc2)
+CVE-2026-43243 [drm/amd/display: Add signal type check for dcn401 get_phyd32clk_src]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/c979d8db7b0f293111f2e83795ea353c8ed75de9 (7.0-rc1)
+CVE-2026-43242 [soc: ti: k3-socinfo: Fix regmap leak on probe failure]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/c933138d45176780fabbbe7da263e04d5b3e525d (7.0-rc1)
+CVE-2026-43241 [ntb: ntb_hw_switchtec: Fix array-index-out-of-bounds access]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/c8ba7ad2cc1c7b90570aa347b8ebbe279f1eface (7.0-rc1)
+CVE-2026-43239 [smb: client: prevent races in ->query_interfaces()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/c3c06e42e1527716c54f3ad2ced6a034b5f3a489 (7.0-rc1)
+CVE-2026-43237 [drm/amdgpu: Refactor amdgpu_gem_va_ioctl for Handling Last Fence Update and Timeline Management v4]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/bd8150a1b3370a9f7761c5814202a3fe5a79f44f (7.0-rc1)
+CVE-2026-43236 [drm/atmel-hlcdc: fix use-after-free of drm_crtc_commit after release]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/bc847787233277a337788568e90a6ee1557595eb (7.0-rc1)
+CVE-2026-43234 [team: avoid NETDEV_CHANGEMTU event when unregistering slave]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/bb4c698633c0e19717586a6524a33196cff01a32 (7.0-rc2)
+CVE-2026-43233 [netfilter: nf_conntrack_h323: fix OOB read in decode_choice()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/baed0d9ba91d4f390da12d5039128ee897253d60 (7.0-rc2)
+CVE-2026-43232 [net: wan: farsync: Fix use-after-free bugs caused by unfinished tasklets]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/bae8a5d2e759da2e0cba33ab2080deee96a09373 (7.0-rc2)
+CVE-2026-43231 [media: radio-keene: fix memory leak in error path]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/b8bf939d77c0cd01118e953bbf554e0fa15e9006 (7.0-rc1)
+CVE-2026-43230 [net/rds: Clear reconnect pending bit]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/b89fc7c2523b2b0750d91840f4e52521270d70ed (7.0-rc1)
+CVE-2026-43228 [hfs: Replace BUG_ON with error handling for CNID count checks]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/b226804532a875c10276168dc55ce752944096bd (7.0-rc1)
+CVE-2026-43227 [clocksource/drivers/sh_tmu: Always leave device running after probe]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/b1278972b08e480990e2789bdc6a7c918bc349be (7.0-rc1)
+CVE-2026-43226 [net/rds: No shortcut out of RDS_CONN_ERROR]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/ad22d24be635c6beab6a1fdd3f8b1f3c478d15da (7.0-rc1)
+CVE-2026-43225 [staging: rtl8723bs: fix memory leak on failure path]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/abe850d82c8cb72d28700673678724e779b1826e (7.0-rc1)
+CVE-2026-43223 [media: pvrusb2: fix URB leak in pvr2_send_request_ex]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/a8333c8262aed2aedf608c18edd39cf5342680a7 (7.0-rc1)
+CVE-2026-43220 [iommu/amd: serialize sequence allocation under concurrent TLB invalidations]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/
+CVE-2026-43219 [net: cpsw_new: Fix potential unregister of netdev that has not been registered yet]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/9d724b34fbe13b71865ad0906a4be97571f19cf5 (7.0-rc1)
+CVE-2026-43218 [media: i2c/tw9903: Fix potential memory leak in tw9903_probe()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/9cea16fea47e5553f51d10957677ff735b1eff03 (7.0-rc1)
+CVE-2026-43216 [net: Drop the lock in skb_may_tx_timestamp()]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/983512f3a87fd8dc4c94dfa6b596b6e57df5aad7 (7.0-rc2)
+CVE-2026-43215 [cifs: Fix locking usage for tcon fields]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/96c4af418586ee9a6aab61738644366426e05316 (7.0-rc1)
+CVE-2026-43213 [wifi: rtw89: pci: validate sequence number of TX release report]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/957eda596c7665f2966970fd1dcc35fe299b38e8 (7.0-rc1)
+CVE-2026-43212 [LoongArch: Make cpumask_of_node() robust against NUMA_NO_NODE]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/94b0c831eda778ae9e4f2164a8b3de485d8977bb (7.0-rc1)
+CVE-2026-43211 [PCI: Fix pci_slot_trylock() error handling]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/9368d1ee62829b08aa31836b3ca003803caf0b72 (7.0-rc1)
+CVE-2026-43209 [minix: Add required sanity checking to minix_check_superblock()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/8c97a6ddc95690a938ded44b4e3202f03f15078c (7.0-rc1)
+CVE-2026-43207 [media: mtk-mdp: Fix error handling in probe function]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/8a8a3232abac5b972058a5f2cb3e33199d2a8648 (7.0-rc1)
+CVE-2026-43206 [drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/8a70a26c9f34baea6c3199a9862ddaff4554a96d (7.0-rc1)
+CVE-2026-43204 [ASoC: qcom: q6asm: drop DSP responses for closed data streams]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/8a066a81ee0c1b6cdbd81393536c3b2d19ccef25 (7.0-rc1)
+CVE-2026-43203 [atm: fore200e: fix use-after-free in tasklets during device removal]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/8930878101cd40063888a68af73b1b0f8b6c79bc (7.0-rc1)
+CVE-2026-43202 [fbdev: vt8500lcdfb: fix missing dma_free_coherent()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/88b3b9924337336a31cefbe99a22ed09401be74a (7.0-rc1)
+CVE-2026-43201 [APEI/GHES: ARM processor Error: don't go past allocated memory]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/87880af2d24e62a84ed19943dbdd524f097172f2 (7.0-rc1)
+CVE-2026-43199 [net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/859380694f434597407632c29f30fdb5e763e6cc (7.0-rc2)
+CVE-2026-43198 [tcp: fix potential race in tcp_v6_syn_recv_sock()]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/858d2a4f67ff69e645a43487ef7ea7f28f06deae (7.0-rc2)
+CVE-2026-43197 [netconsole: avoid OOB reads, msg is not nul-terminated]
+ - linux 6.19.6-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/82aec772fca2223bc5774bd9af486fd95766e578 (7.0-rc2)
+CVE-2026-43196 [soc: ti: pruss: Fix double free in pruss_clk_mux_setup()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/80db65d4acfb9ff12d00172aed39ea8b98261aad (7.0-rc1)
+CVE-2026-43195 [drm/amdgpu: validate user queue size constraints]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/8079b87c02e531cc91601f72ea8336dd2262fdf1 (7.0-rc1)
+CVE-2026-43194 [net: consume xmit errors of GSO frames]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/7aa767d0d3d04e50ae94e770db7db8197f666970 (7.0-rc2)
+CVE-2026-43191 [drm/amd/display: Adjust PHY FSM transition to TX_EN-to-PLL_ON for TMDS on DCN35]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/75372d75a4e23783583998ed99d5009d555850da (7.0-rc1)
+CVE-2026-43190 [netfilter: xt_tcpmss: check remaining length before reading optlen]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/735ee8582da3d239eb0c7a53adca61b79fb228b3 (7.0-rc1)
+CVE-2026-43189 [media: v4l2-async: Fix error handling on steps after finding a match]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/7345d6d356336c448d6b9230ed8704f39679fd12 (7.0-rc1)
+CVE-2026-43187 [xfs: delete attr leaf freemap entries when empty]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/6f13c1d2a6271c2e73226864a0e83de2770b6f34 (7.0-rc1)
+CVE-2026-43185 [ksmbd: fix signededness bug in smb_direct_prepare_negotiation()]
+ - linux 6.19.6-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6b4f875aac344cdd52a1f34cc70ed2f874a65757 (7.0-rc2)
+CVE-2026-43184 [rnbd-srv: Zero the rsp buffer before using it]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/69d26698e4fd44935510553809007151b2fe4db5 (7.0-rc1)
+CVE-2026-43183 [media: cx25821: Fix a resource leak in cx25821_dev_setup()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/68cd8ac994cac38a305200f638b30e13c690753b (7.0-rc1)
+CVE-2026-43182 [media: ccs: Avoid possible division by zero]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/679f0b7b6a409750a25754c8833e268e5fdde742 (7.0-rc1)
+CVE-2026-43180 [net: usb: kaweth: remove TX queue manipulation in kaweth_set_rx_mode]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/64868f5ecadeb359a49bc4485bfa7c497047f13a (7.0-rc2)
+CVE-2026-43176 [wifi: rtw89: pci: validate release report content before using for RTL8922DE]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/5f93d611b33a05bd03d6843c8efe8cb6a1992620 (7.0-rc1)
+CVE-2026-43174 [io_uring/zcrx: fix post open error handling]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5d540e4508950c674d6feef1d95463d039bbf4f5 (7.0-rc1)
+CVE-2026-43172 [wifi: iwlwifi: fix 22000 series SMEM parsing]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/58192b9ce09b0f0f86e2036683bd542130b91a98 (7.0-rc1)
+CVE-2026-43171 [EFI/CPER: don't dump the entire memory region]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/55cc6fe5716f678f06bcb95140882dfa684464ec (7.0-rc1)
+CVE-2026-43170 [usb: dwc3: gadget: Move vbus draw to workqueue context]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/54aaa3b387c2f580a99dc86a9cc2eb6dfaf599a7 (7.0-rc1)
+CVE-2026-43168 [ocfs2: fix reflink preserve cleanup issue]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/5138c936c2c82c9be8883921854bc6f7e1177d8c (7.0-rc1)
+CVE-2026-43167 [xfrm: always flush state and policy upon NETDEV_UNREGISTER event]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/4efa91a28576054aae0e6dad9cba8fed8293aef8 (7.0-rc2)
+CVE-2026-43165 [hwmon: (nct7363) Fix a resource leak in nct7363_present_pwm_fanin]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/4923bbff0bcffe488b3aa76829c829bd15b02585 (7.0-rc1)
+CVE-2026-43163 [md/bitmap: fix GPF in write_page caused by resize race]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/46ef85f854dfa9d5226b3c1c46493d79556c9589 (7.0-rc1)
+CVE-2026-43162 [media: tegra-video: Fix memory leak in __tegra_channel_try_format()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/43e5302d22334f1183dec3e0d5d8007eefe2817c (7.0-rc1)
+CVE-2026-43161 [iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/42662d19839f34735b718129ea200e3734b07e50 (7.0-rc1)
+CVE-2026-43159 [staging: rtl8723bs: fix null dereference in find_network]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/41460a19654c32d39fd0e3a3671cd8d4b7b8479f (7.0-rc1)
+CVE-2026-43158 [xfs: fix freemap adjustments when adding xattrs to leaf blocks]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/3eefc0c2b78444b64feeb3783c017d6adc3cd3ce (7.0-rc1)
+CVE-2026-43156 [net: usb: pegasus: enable basic endpoint checking]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/3d7e6ce34f4fcc7083510c28b17a7c36462a25d4 (7.0-rc2)
+CVE-2026-43153 [xfs: remove xfs_attr_leaf_hasname]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/3a65ea768b8094e4699e72f9ab420eb9e0f3f568 (7.0-rc1)
+CVE-2026-43152 [HID: hid-pl: handle probe errors]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/3756a272d2cf356d2203da8474d173257f5f8521 (7.0-rc1)
+CVE-2026-43149 [net: wan/fsl_ucc_hdlc: Fix dma_free_coherent() in uhdlc_memclean()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/36bd7d5deef936c4e1e3cd341598140e5c14c1d3 (7.0-rc1)
+CVE-2026-43147 [Revert "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV"]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/2fa119c0e5e528453ebae9e70740e8d2d8c0ed5a (7.0-rc1)
+CVE-2026-43143 [mfd: core: Add locking around 'mfd_of_node_list']
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/20117c92bcf9c11afd64d7481d8f94fdf410726e (7.0-rc1)
+CVE-2026-43141 [ntb: ntb_hw_switchtec: Fix shift-out-of-bounds for 0 mw lut]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/186615f8855a0be4ee7d3fcd09a8ecc10e783b08 (7.0-rc1)
+CVE-2026-43140 [HID: magicmouse: Do not crash on missing msc->input]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/17abd396548035fbd6179ee1a431bd75d49676a7 (7.0-rc1)
+CVE-2026-43139 [xfrm6: fix uninitialized saddr in xfrm6_get_saddr()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/1799d8abeabc68ec05679292aaf6cba93b343c05 (7.0-rc2)
+CVE-2026-43137 [ASoC: SOF: Intel: hda: Fix NULL pointer dereference]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/16c589567a956d46a7c1363af3f64de3d420af20 (7.0-rc1)
+CVE-2026-43136 [HID: logitech-hidpp: Check maxfield in hidpp_get_report_length()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/1547d41f9f19d691c2c9ce4c29f746297baef9e9 (7.0-rc1)
+CVE-2026-43135 [media: cx23885: Add missing unmap in snd_cx23885_hw_params()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/141c81849fab2ad4d6e3fdaff7cbaa873e8b5eb2 (7.0-rc1)
+CVE-2026-43134 [Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/138d7eca445ef37a0333425d269ee59900ca1104 (7.0-rc2)
+CVE-2026-43132 [dm-verity: correctly handle dm_bufio_client_create() failure]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/119f4f04186fa4f33ee6bd39af145cdaff1ff17f (7.0-rc1)
+CVE-2026-43131 [drm/amd/pm: Fix null pointer dereference issue]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/1197366cca89a4c44c541ddedb8ce8bf0757993d (7.0-rc1)
+CVE-2026-43130 [iommu/vt-d: Flush dev-IOTLB only when PCIe device is accessible in scalable mode]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/10e60d87813989e20eac1f3eda30b3bae461e7f9 (7.0-rc1)
+CVE-2026-43129 [ima: verify the previous kernel's IMA buffer lies in addressable RAM]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/10d1c75ed4382a8e79874379caa2ead8952734f9 (7.0-rc1)
+CVE-2026-43127 [ntfs3: fix circular locking dependency in run_unpack_ex]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/08ce2fee1b869ecbfbd94e0eb2630e52203a2e03 (7.0-rc1)
+CVE-2026-43126 [ALSA: mixer: oss: Add card disconnect checkpoints]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/084d5d44418148662365eced3e126ad1a81ee3e2 (7.0-rc1)
+CVE-2026-43125 [dlm: validate length in dlm_search_rsb_tree]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/080e5563f878c64e697b89e7439d730d0daad882 (7.0-rc1)
+CVE-2026-43124 [pstore: ram_core: fix incorrect success return when vmap() fails]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/05363abc7625cf18c96e67f50673cd07f11da5e9 (7.0-rc1)
+CVE-2026-43123 [fbcon: check return value of con2fb_acquire_newinfo()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/011a0502801c8536f64141a2b61362c14f456544 (7.0-rc1)
+CVE-2025-71274 [rpmsg: core: fix race in driver_override_show() and use core helper]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/42023d4b6d2661a40ee2dcf7e1a3528a35c638ca (7.0-rc1)
+CVE-2025-71273 [wifi: rtw88: Use devm_kmemdup() in rtw_set_supported_band()]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/2ba12401cc1f2d970fa2e7d5b15abde3f5abd40d (7.0-rc1)
+CVE-2025-71272 [most: core: fix resource leak in most_register_interface error paths]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/1f4c9d8a1021281750c6cda126d6f8a40cc24e71 (7.0-rc1)
CVE-2026-43108 [soc: qcom: pd-mapper: Fix element length in servreg_loc_pfr_req_ei]
- linux 6.19.14-1
[trixie] - linux 6.12.85-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd3a6fcd199d3412ff809bb997dcef20dcc36db2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd3a6fcd199d3412ff809bb997dcef20dcc36db2
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260506/98b97e13/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list