[Git][security-tracker-team/security-tracker][master] Add notes for two dtrace issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat May 23 07:52:39 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a2298c8a by Salvatore Bonaccorso at 2026-05-23T08:51:35+02:00
Add notes for two dtrace issues

Thanks: Alan Coopersmith

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13135,6 +13135,7 @@ CVE-2026-37457 (An off-by-one out-of-bounds write vulnerability in the bgp_flows
 CVE-2026-35233 (An unprivileged attacker can craft a user-space process with a malicio ...)
 	- dtrace 2.0.7-1 (bug #1135619)
 	NOTE: https://linux.oracle.com/cve/CVE-2026-35233.html
+	NOTE: https://medium.com/@vis_hacker/hunting-bugs-in-oracles-userspace-dtrace-cve-2026-21996-and-cve-2026-35233-56e3704c9c0b
 CVE-2026-30363 (flipperzero-firmware commit ad2a80 was discovered to contain a stack o ...)
 	NOT-FOR-US: flipperzero-firmware
 CVE-2026-26461 (A Command Injection vulnerability in the web management interface in A ...)
@@ -13152,6 +13153,7 @@ CVE-2026-22165 (A web page that contains unusual WebGPU content loaded into the
 CVE-2026-21996 (An unprivileged attacker can reliably trigger a crash of the dtrace pr ...)
 	- dtrace 2.0.7-1
 	NOTE: https://linux.oracle.com/cve/CVE-2026-21996.html
+	NOTE: https://medium.com/@vis_hacker/hunting-bugs-in-oracles-userspace-dtrace-cve-2026-21996-and-cve-2026-35233-56e3704c9c0b
 CVE-2025-69606 (Cross-Site Scripting (XSS) vulnerability was discovered in the GSVoIP  ...)
 	NOT-FOR-US: GSVoIP web panel
 CVE-2025-63548 (An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote atta ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2298c8aa84d9c1a5e22f745b50c2279b02ca43f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2298c8aa84d9c1a5e22f745b50c2279b02ca43f
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260523/d25333d4/attachment.htm>

More information about the debian-security-tracker-commits mailing list