[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed May 27 13:37:35 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7d7456bd by Salvatore Bonaccorso at 2026-05-27T14:37:25+02:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,768 @@
+CVE-2026-45982 [ACPICA: Fix NULL pointer dereference in acpi_ev_address_space_dispatch()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f851e03bce968ff9b3faad1b616062e1244fd38d (7.0-rc1)
+CVE-2026-45980 [accel/amdxdna: Stop job scheduling across aie2_release_resource()]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f1370241fe8045702bc9d0812b996791f0500f1b (7.0-rc1)
+CVE-2026-45979 [drm/amdgpu: clean up the amdgpu_cs_parser_bos]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f025a2b8d93358467b8e8f4b3a617e88c5f02fab (7.0-rc1)
+CVE-2026-45977 [fbnic: close fw_log race between users and teardown]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ee5492fd88cfc079c19fbeac78e9e53b7f6c04f3 (7.0-rc1)
+CVE-2026-45976 [drm/amdgpu: Fix memory leak in amdgpu_ras_init()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ee41e5b63c8210525c936ee637a2c8d185ce873c (7.0-rc1)
+CVE-2026-45975 [ublk: use READ_ONCE() to read struct ublksrv_ctrl_cmd]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ed9f54cc1e335096733aed03c2a46de3d58922ed (7.0-rc1)
+CVE-2026-45972 [smb: client: fix potential UAF and double free in smb2_open_file()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ebbbc4bfad4cb355d17c671223d0814ee3ef4eda (7.0-rc1)
+CVE-2026-45971 [bpf: Limit bpf program signature size]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ea1535e28bb3773fc0b3cbd1f3842b808016990c (7.0-rc1)
+CVE-2026-45969 [HID: playstation: Add missing check for input_ff_create_memless]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e6807641ac94e832988655a1c0e60ccc806b76dc (7.0-rc1)
+CVE-2026-45967 [bpf: Return proper address for non-zero offsets in insn array]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e3bd7bdf5ffe49d8381e42843f6e98cd0c78a1e8 (7.0-rc1)
+CVE-2026-45966 [apparmor: fix NULL pointer dereference in __unix_needs_revalidation]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e2938ad00b21340c0362562dfedd7cfec0554d67 (7.0-rc1)
+CVE-2026-45962 [ublk: Validate SQE128 flag before accessing the cmd]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/da7e4b75e50c087d2031a92f6646eb90f7045a67 (7.0-rc1)
+CVE-2026-45959 [crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d5abcc33ee76bc26d58b39dc1a097e43a99dd438 (7.0-rc1)
+CVE-2026-45955 [md/md-llbitmap: fix percpu_ref not resurrected on suspend timeout]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d119bd2e1643cc023210ff3c6f0657e4f914e71d (7.0-rc1)
+CVE-2026-45953 [md/raid5: fix IO hang with degraded array with llbitmap]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/cd1635d844d26471c56c0a432abdee12fc9ad735 (7.0-rc1)
+CVE-2026-45952 [eth: fbnic: Add validation for MTU changes]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ccd8e87748ad083047d6c8544c5809b7f96cc8df (7.0-rc1)
+CVE-2026-45951 [bpf: Fix a potential use-after-free of BTF object]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ccd2d799ed4467c07f5ee18c2f5c59bcc990822c (7.0-rc1)
+CVE-2026-45950 [crypto: starfive - Fix memory leak in starfive_aes_aead_do_one_req()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ccb679fdae2e62ed92fd9acb25ed809c0226fcc6 (7.0-rc1)
+CVE-2026-45947 [drm/amdgpu: Fix memory leak in amdgpu_acpi_enumerate_xcc()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c9be63d565789b56ca7b0197e2cb78a3671f95a8 (7.0-rc1)
+CVE-2026-45946 [power: supply: ab8500: Fix use-after-free in power_supply_changed()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c4af8a98bb52825a5331ae1d0604c0ea6956ba4b (7.0-rc1)
+CVE-2026-45939 [gpib: Fix memory leak in ni_usb_init()]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b89921eed8cf2d97250bac4be38dbcfbf048b586 (7.0-rc1)
+CVE-2026-45938 [power: supply: pm8916_lbc: Fix use-after-free in power_supply_changed()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b7508129978ae1e2ed9b0410396abc05def9c4eb (7.0-rc1)
+CVE-2026-45937 [crypto: inside-secure/eip93 - fix kernel panic in driver detach]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b6e32ba6d32503440a3e3e16c8d0521cbb7e0c5d (7.0-rc1)
+CVE-2026-45935 [fs/ntfs3: Fix slab-out-of-bounds read in DeleteIndexEntryRoot]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b2bc7c44ed1779fc9eaab9a186db0f0d01439622 (7.0-rc1)
+CVE-2026-45933 [bpf: Preserve id of register in sync_linked_regs()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/af9e89d8dd39530c8bd14c33ddf6b502df1071b6 (7.0-rc1)
+CVE-2026-45931 [accel/amdxdna: Hold mm structure across iommu_sva_unbind_device()]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a9162439ad792afcddc04718408ec1380b7a5f63 (7.0-rc1)
+CVE-2026-45929 [ovpn: fix possible use-after-free in ovpn_net_xmit]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a5ec7baa44ea3a1d6aa0ca31c0ad82edf9affe41 (7.0-rc1)
+CVE-2026-45928 [media: chips-media: wave5: Fix memory leak on codec_info allocation failure]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a519e21e32398459ba357e67b541402f7295ee1b (7.0-rc1)
+CVE-2026-45927 [bpf: Require frozen map for calculating map hash]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a2c86aa621c22f2a7e26c654f936d65cfff0aa91 (7.0-rc1)
+CVE-2026-45926 [rust: pwm: Fix potential memory leak on init error]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a2633dc243c35754a0c2270131d8a199c987c9bf (7.0-rc1)
+CVE-2026-45925 [thermal/of: Fix reference leak in thermal_of_cm_lookup()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a1fe789a96fe47733c133134fd264cb7ca832395 (7.0-rc1)
+CVE-2026-45924 [ksmbd: call ksmbd_vfs_kern_path_end_removing() on some error paths]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a09dc10d1353f0e92c21eae2a79af1c2b1ddcde8 (7.0-rc1)
+CVE-2026-45922 [RDMA/mlx5: Fix memory leak in GET_DATA_DIRECT_SYSFS_PATH handler]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9b9d253908478f504297ac283c514e5953ddafa6 (7.0-rc1)
+CVE-2026-45921 [mtd: parsers: Fix memory leak in mtd_parser_tplink_safeloader_parse()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/980ce2b02dd06a4fdf5fee38b2e14becf9cf7b8b (7.0-rc1)
+CVE-2026-45918 [ovpn: tcp - don't deref NULL sk_socket member after tcp_close()]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/94560267d6c41b1ff3fafbab726e3f8a55a6af34 (7.0-rc1)
+CVE-2026-45913 [net: bridge: mcast: always update mdb_n_entries for vlan contexts]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8b769e311a86bb9d15c5658ad283b86fc8f080a2 (7.0-rc1)
+CVE-2026-45911 [usb: cdns3: fix role switching during resume]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/87e4b043b98a1d269be0b812f383881abee0ca45 (7.0-rc1)
+CVE-2026-45910 [RDMA/rxe: Fix race condition in QP timer handlers]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/87bf646921430e303176edc4eb07c30160361b73 (7.0-rc1)
+CVE-2026-45909 [clk: mediatek: Drop __initconst from gates]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/871afb43e41ad4e8246438de495a939cd0f8113c (7.0-rc1)
+CVE-2026-45908 [accel/amdxdna: Fix memory leak in amdxdna_ubuf_map]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/84dd57fb0359500092f1101409ca32091731490d (7.0-rc1)
+CVE-2026-45907 [net/mlx5e: Fix deadlocks between devlink and netdev instance locks]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/83ac0304a2d77519dae1e54c9713cbe1aedf19c9 (7.0-rc1)
+CVE-2026-45906 [power: supply: pf1550: Fix use-after-free in power_supply_changed()]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/838767f5074700552d3f006d867caed65edc7328 (7.0-rc1)
+CVE-2026-45903 [bpf: Fix memory access flags in helper prototypes]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/802eef5afb1865bc5536a5302c068ba2215a1f72 (7.0-rc1)
+CVE-2026-45902 [power: supply: bq256xx: Fix use-after-free in power_supply_changed()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8005843369723d9c8975b7c4202d1b85d6125302 (7.0-rc1)
+CVE-2026-45900 [crypto: caam - fix netdev memory leak in dpaa2_caam_probe]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7d43252b3060b0ba4a192dce5dba85a3f39ffe39 (7.0-rc1)
+CVE-2026-45898 [RDMA/iwcm: Fix workqueue list corruption by removing work_list]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7874eeacfa42177565c01d5198726671acf7adf2 (7.0-rc1)
+CVE-2026-45896 [mtd: intel-dg: Fix accessing regions before setting nregions]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/779c59274d03cc5c07237a2c845dfb71cff77705 (7.0-rc1)
+CVE-2026-45895 [quota: fix livelock between quotactl and freeze_super]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/77449e453dfc006ad738dec55374c4cbc056fd39 (7.0-rc1)
+CVE-2026-45891 [net: hns3: fix double free issue for tx spare buffer]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6d2f142b1e4b203387a92519d9d2e34752a79dbb (7.0-rc1)
+CVE-2026-45889 [mptcp: do not account for OoO in mptcp_rcvbuf_grow()]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6b329393502e5857662b851a13f947209c588587 (7.0-rc1)
+CVE-2026-45888 [md/raid1: fix memory leak in raid1_run()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6abc7d5dcf0ee0f85e16e41c87fbd06231f28753 (7.0-rc1)
+CVE-2026-45887 [af_unix: Fix memleak of newsk in unix_stream_connect().]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6884028cd7f275f8bcb854a347265cb1fb0e4bea (7.0-rc1)
+CVE-2026-45886 [bpf: Fix bpf_xdp_store_bytes proto for read-only arg]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6557f1565d779851c4db9c488c49c05a47a6e72f (7.0-rc1)
+CVE-2026-45884 [apparmor: avoid per-cpu hold underflow in aa_get_buffer]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/640cf2f09575c9dc344b3f7be2498d31e3923ead (7.0-rc1)
+CVE-2026-45882 [power: supply: pm8916_bms_vm: Fix use-after-free in power_supply_changed()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/62914959b35e9a1e29cc0f64cb8cfc5075a5366f (7.0-rc1)
+CVE-2026-45881 [soc: mediatek: svs: Fix memory leak in svs_enable_debug_write()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6259094ee806fb813ca95894c65fb80e2ec98bf1 (7.0-rc1)
+CVE-2026-45880 [PCI/P2PDMA: Release per-CPU pgmap ref when vm_insert_page() fails]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6220694c52a5a04102b48109e4f24e958b559bd3 (7.0-rc1)
+CVE-2026-45878 [drm/amdkfd: Fix watch_id bounds checking in debug address watch v2]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5a19302cab5cec7ae7f1a60c619951e6c17d8742 (7.0-rc1)
+CVE-2026-45876 [arm64/gcs: Fix error handling in arch_set_shadow_stack_status()]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/53c998527ffa60f9deda8974a11ad39790684159 (7.0-rc1)
+CVE-2026-45874 [phy: freescale: imx8qm-hsio: fix NULL pointer dereference]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/4dd5d4c0361af0a3fd24f45c815996abf4429770 (7.0-rc1)
+CVE-2026-45872 [scsi: smartpqi: Fix memory leak in pqi_report_phys_luns()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/41b37312bd9722af77ec7817ccf22d7a4880c289 (7.0-rc1)
+CVE-2026-45865 [mctp i2c: initialise event handler read bytes]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/2a14e91b6d76639dac70ea170f4384c1ee3cb48d (7.0-rc1)
+CVE-2026-45864 [fs/ntfs3: prevent infinite loops caused by the next valid being the same]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/27b75ca4e51e3e4554dc85dbf1a0246c66106fd3 (7.0-rc1)
+CVE-2026-45863 [i3c: dw: Fix memory leak in dw_i3c_master_i2c_xfers()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/2537089413514caaa9a5fdeeac3a34d45100f747 (7.0-rc1)
+CVE-2026-45854 [crypto: inside-secure/eip93 - unregister only available algorithm]
+ - linux 6.18.14-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/0ceeadc7b53a041d89d5843f6bf0ccb7c98b0b4f (7.0-rc1)
+CVE-2026-45853 [drm/amdgpu: Use kvfree instead of kfree in amdgpu_gmc_get_nps_memranges()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/0c44d61945c4a80775292d96460aa2f22e62f86c (7.0-rc1)
+CVE-2026-45851 [efi: Fix reservation of unaccepted memory table]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/0862438c90487e79822d5647f854977d50381505 (7.0-rc1)
+CVE-2026-45849 [net: mscc: ocelot: add missing lock protection in ocelot_port_xmit_inj()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/026f6513c5880c2c89e38ad66bbec2868f978605 (7.0-rc1)
+CVE-2026-45847 [net: remove WARN_ON_ONCE when accessing forward path array]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/008e7a7c293b30bc43e4368dac6ea3808b75a572 (7.0-rc1)
+CVE-2025-71312 [fs/ntfs3: fix ntfs_mount_options leak in ntfs_fill_super()]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f7edab0cee03a1cbe0e55a7bcab8d2d8b6b74278 (7.0-rc1)
+CVE-2025-71311 [fs/ntfs3: Initialize new folios before use]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f223ebffa185cc8da934333c5a31ff2d4f992dc9 (7.0-rc1)
+CVE-2025-71309 [fs/ntfs3: fix deadlock in ni_read_folio_cmpr]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e37a75bb866c29da954b51d0dd7670406246d9ee (7.0-rc1)
+CVE-2025-71307 [drm/panthor: Fix NULL pointer dereference on panthor_fw_unplug]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/920c6af98e98e6afedf6318a75bac95af8415c6c (7.0-rc1)
+CVE-2025-71303 [accel/amdxdna: Fix race condition when checking rpm_on]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/00ffe45ece80160aef446d74ded906352f21dd72 (7.0-rc1)
+CVE-2026-45985 [ext4: don't set EXT4_GET_BLOCKS_CONVERT when splitting before submitting I/O]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/feaf2a80e78f89ee8a3464126077ba8683b62791 (7.0-rc1)
+CVE-2026-45984 [gfs2: Fix use-after-free in iomap inline data write path]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/faddeb848305e79db89ee0479bb0e33380656321 (7.0-rc1)
+CVE-2026-45983 [nfsd: never defer requests during idmap lookup]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/f9c206cdc4266caad6a9a7f46341420a10f03ccb (7.0-rc1)
+CVE-2026-45981 [s390/cio: Fix device lifecycle handling in css_alloc_subchannel()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/f65c75b0b9b5a390bc3beadcde0a6fbc3ad118f7 (7.0-rc1)
+CVE-2026-45978 [staging: greybus: lights: avoid NULL deref]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/efcffd9a6ad8d190651498d5eda53bfc7cf683a7 (7.0-rc1)
+CVE-2026-45974 [btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/ecb7c2484cfc83a93658907580035a8adf1e0a92 (7.0-rc1)
+CVE-2026-45973 [RDMA/mlx5: Fix UMR hang in LAG error state unload]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ebc2164a4cd4314503f1a0c8e7aaf76d7e5fa211 (7.0-rc1)
+CVE-2026-45970 [bonding: alb: fix UAF in rlb_arp_recv during bond up/down]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/e6834a4c474697df23ab9948fd3577b26bf48656 (7.0-rc1)
+CVE-2026-45968 [cpuidle: Skip governor when only one idle state is available]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/e5c9ffc6ae1bcdb1062527d611043681ac301aca (7.0-rc1)
+CVE-2026-45965 [apparmor: fix invalid deref of rawdata when export_binary is unset]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/df9ac55abd18628bd8cff687ea043660532a3654 (7.0-rc1)
+CVE-2026-45964 [SUNRPC: fix gss_auth kref leak in gss_alloc_msg error path]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/dd2fdc3504592d85e549c523b054898a036a6afe (7.0-rc1)
+CVE-2026-45963 [ASoC: nau8821: Cancel delayed work on component remove]
+ - linux 6.19.6-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/dbd3fd05cddfdeec1e49b0a66269881c09eebd17 (7.0-rc1)
+CVE-2026-45961 [gfs2: fix memory leaks in gfs2_fill_super error path]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/da6f5bbc2e7902f578b503f2a4c3d8d09ca4b102 (7.0-rc1)
+CVE-2026-45960 [hfsplus: return error when node already exists in hfs_bnode_create]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/d8a73cc46c8462a969a7516131feb3096f4c49d3 (7.0-rc1)
+CVE-2026-45958 [drm/exynos: vidi: fix to avoid directly dereferencing user pointer]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/d4c98c077c7fb2dfdece7d605e694b5ea2665085 (7.0-rc1)
+CVE-2026-45957 [rcu: Fix rcu_read_unlock() deadloop due to softirq]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/d41e37f26b3157b3f1d10223863519a943aa239b (7.0-rc1)
+CVE-2026-45956 [drm/exynos: vidi: use priv->vidi_dev for ctx lookup in vidi_connection_ioctl()]
+ - linux 6.18.14-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/d3968a0d85b211e197f2f4f06268a7031079e0d0 (7.0-rc1)
+CVE-2026-45954 [fbdev: au1200fb: Fix a memory leak in au1200fb_drv_probe()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/ce4e25198a6aaaaf36248edf8daf3d744ec8e309 (7.0-rc1)
+CVE-2026-45949 [hwrng: core - use RCU and work_struct to fix race condition]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/cc2f39d6ac48e6e3cb2d6240bc0d6df839dd0828 (7.0-rc1)
+CVE-2026-45948 [ext4: fix memory leak in ext4_ext_shift_extents()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/ca81109d4a8f192dc1cbad4a1ee25246363c2833 (7.0-rc1)
+CVE-2026-45945 [iommu/vt-d: Fix race condition during PASID entry replacement]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c3b1edea3791fa91ab7032faa90355913ad9451b (7.0-rc1)
+CVE-2026-45944 [iommu/vt-d: Clear Present bit before tearing down context entry]
+ - linux 6.18.14-1
+ NOTE: https://git.kernel.org/linus/c1e4f1dccbe9d7656d1c6872ebeadb5992d0aaa2 (7.0-rc1)
+CVE-2026-45943 [erofs: fix inline data read failure for ztailpacking pclusters]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c134a40f86efb8d6b5a949ef70e06d5752209be5 (7.0-rc1)
+CVE-2026-45942 [ext4: fix e4b bitmap inconsistency reports]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/bdc56a9c46b2a99c12313122b9352b619a2e719e (7.0-rc1)
+CVE-2026-45941 [tpm: tpm_i2c_infineon: Fix locality leak on get_burstcount() failure]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/bbd6e97c836cbeb9606d7b7e5dcf8a1d89525713 (7.0-rc1)
+CVE-2026-45940 [net: stmmac: fix oops when split header is enabled]
+ - linux 6.18.14-1
+ NOTE: https://git.kernel.org/linus/babab1b42ed68877ef669a08384becf281ad2582 (7.0-rc1)
+CVE-2026-45936 [power: supply: goldfish: Fix use-after-free in power_supply_changed()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/b2ce982e2e0c888dc55c888ad0e20ea04daf2e6b (7.0-rc1)
+CVE-2026-45934 [btrfs: fix EEXIST abort due to non-consecutive gaps in chunk allocation]
+ - linux 6.18.14-1
+ NOTE: https://git.kernel.org/linus/b14c5e04bd0f722ed631845599d52d03fcae1bc1 (7.0-rc1)
+CVE-2026-45932 [bpf: Fix tcx/netkit detach permissions when prog fd isn't given]
+ - linux 6.18.14-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ae23bc81ddf7c17b663c4ed1b21e35527b0a7131 (7.0-rc1)
+CVE-2026-45930 [net: mctp: ensure our nlmsg responses are initialised]
+ - linux 6.19.6-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a6a9bc544b675d8b5180f2718ec985ad267b5cbf (7.0-rc1)
+CVE-2026-45923 [net: usb: catc: enable basic endpoint checking]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/9e7021d2aeae57c323a6f722ed7915686cdcc123 (7.0-rc1)
+CVE-2026-45920 [ext4: fix dirtyclusters double decrement on fs shutdown]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/94a8cea54cd935c54fa2fba70354757c0fc245e3 (7.0-rc1)
+CVE-2026-45919 [sched/rt: Skip currently executing CPU in rto_next_cpu()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/94894c9c477e53bcea052e075c53f89df3d2a33e (7.0-rc1)
+CVE-2026-45917 [ipvs: do not keep dest_dst if dev is going down]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/8fde939b0206afc1d5846217a01a16b9bc8c7896 (7.0-rc1)
+CVE-2026-45916 [power: supply: sbs-battery: Fix use-after-free in power_supply_changed()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/8d59cf3887fbabacef53bfba473e33e8a8d9d07b (7.0-rc1)
+CVE-2026-45915 [fat: avoid parent link count underflow in rmdir]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/8cafcb881364af5ef3a8b9fed4db254054033d8a (7.0-rc1)
+CVE-2026-45914 [Revert "hwmon: (ibmpex) fix use-after-free in high/low store"]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/8bde3e395a85017f12af2b0ba5c3684f5af9c006 (7.0-rc1)
+CVE-2026-45912 [ext4: don't cache extent during splitting extent]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/8b4b19a2f96348d70bfa306ef7d4a13b0bcbea79 (7.0-rc1)
+CVE-2026-45905 [xfrm: fix ip_rt_bug race in icmp_route_lookup reverse path]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/81b84de32bb27ae1ae2eb9acf0420e9d0d14bf00 (7.0-rc1)
+CVE-2026-45904 [powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event handling]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/815a8d2feb5615ae7f0b5befd206af0b0160614c (7.0-rc1)
+CVE-2026-45901 [netfilter: nf_tables: revert commit_mutex usage in reset path]
+ - linux 6.19.6-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7f261bb906bf527c4a6e2a646e2d5f3679f2a8bc (7.0-rc1)
+CVE-2026-45899 [ext4: drop extent cache when splitting extent fails]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/79b592e8f1b435796cbc2722190368e3e8ffd7a1 (7.0-rc1)
+CVE-2026-45897 [netfilter: nft_counter: serialize reset with spinlock]
+ - linux 6.19.6-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/779c60a5190c42689534172f4b49e927c9959e4e (7.0-rc1)
+CVE-2026-45894 [iommu/vt-d: Clear Present bit before tearing down PASID entry]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/75ed00055c059dedc47b5daaaa2f8a7a019138ff (7.0-rc1)
+CVE-2026-45893 [apparmor: Fix & Optimize table creation from possibly unaligned memory]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/6fc367bfd4c8886e6b1742aabbd1c0bdc310db3a (7.0-rc1)
+CVE-2026-45892 [ext4: drop extent cache after doing PARTIAL_VALID1 zeroout]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/6d882ea3b0931b43530d44149b79fcd4ffc13030 (7.0-rc1)
+CVE-2026-45890 [xen-netback: reject zero-queue configuration from guest]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/6d1dc8014334c7fb25719999bca84d811e60a559 (7.0-rc1)
+CVE-2026-45885 [power: supply: cpcap-battery: Fix use-after-free in power_supply_changed()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/642f33e34b969eedec334738fd5df95d2dc42742 (7.0-rc1)
+CVE-2026-45883 [iio: sca3000: Fix a resource leak in sca3000_probe()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/62b44ebc1f2c71db3ca2d4737c52e433f6f03038 (7.0-rc1)
+CVE-2026-45879 [power: supply: bq25980: Fix use-after-free in power_supply_changed()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/5f0b1cb41906e86b64bf69f5ededb83b0d757c27 (7.0-rc1)
+CVE-2026-45877 [HID: intel-ish-hid: fix NULL-ptr-deref in ishtp_bus_remove_all_clients]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/56f7db581ee73af53cd512e00a6261a025bf1d58 (7.0-rc1)
+CVE-2026-45875 [mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/4feb753ba6e5e5bbaba868b841a2db41c21e56fa (7.0-rc1)
+CVE-2026-45873 [netfilter: nft_set_rbtree: check for partial overlaps in anonymous sets]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/4780ec142cbb24b794129d3080eee5cac2943ffc (7.0-rc1)
+CVE-2026-45871 [tpm: st33zp24: Fix missing cleanup on get_burstcount() error]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/3e91b44c93ad2871f89fc2a98c5e4fe6ca5db3d9 (7.0-rc1)
+CVE-2026-45870 [SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/3e6397b056335cc56ef0e9da36c95946a19f5118 (7.0-rc1)
+CVE-2026-45869 [power: supply: wm97xx: Fix NULL pointer dereference in power_supply_changed()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/39fe0eac6d755ef215026518985fcf8de9360e9e (7.0-rc1)
+CVE-2026-45868 [pinctrl: single: fix refcount leak in pcs_add_gpio_func()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/353353309b0f7afa407df29e455f9d15b5acc296 (7.0-rc1)
+CVE-2026-45867 [power: supply: act8945a: Fix use-after-free in power_supply_changed()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/3291c51d4684d048dd2eb91b5b65fcfdaf72141f (7.0-rc1)
+CVE-2026-45866 [serial: caif: fix use-after-free in caif_serial ldisc_close()]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/308e7e4d0a846359685f40aade023aee7b27284c (7.0-rc1)
+CVE-2026-45862 [iommu/vt-d: Flush cache for PASID table before using it]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/22d169bdd2849fe6bd18c2643742e1c02be6451c (7.0-rc1)
+CVE-2026-45861 [gfs2: Fix slab-use-after-free in qd_put]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/22150a7d401d9e9169b9b68e05bed95f7f49bf69 (7.0-rc1)
+CVE-2026-45860 [netfilter: nf_conncount: increase the connection clean up limit to 64]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/21d033e472735ecec677f1ae46d6740b5e47a4f3 (7.0-rc1)
+CVE-2026-45859 [netfilter: nfnetlink_queue: do shared-unconfirmed check before segmentation]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/207b3ebacb6113acaaec0d171d5307032c690004 (7.0-rc1)
+CVE-2026-45858 [ext4: don't zero the entire extent if EXT4_EXT_DATA_PARTIAL_VALID1]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/1bf6974822d1dba86cf11b5f05498581cf3488a2 (7.0-rc1)
+CVE-2026-45857 [scsi: csiostor: Fix dereference of null pointer rn]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/1982257570b84dc33753d536dd969fd357a014e9 (7.0-rc1)
+CVE-2026-45856 [RDMA/uverbs: Validate wqe_size before using it in ib_uverbs_post_send]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/1956f0a74ccf5dc9c3ef717f2985c3ed3400aab0 (7.0-rc1)
+CVE-2026-45855 [ata: libata-scsi: avoid Non-NCQ command starvation]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ NOTE: https://git.kernel.org/linus/0ea84089dbf62a92dc7889c79e6b18fc89260808 (7.0-rc1)
+CVE-2026-45852 [RDMA/rxe: Fix double free in rxe_srq_from_init]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/0beefd0e15d962f497aad750b2d5e9c3570b66d1 (7.0-rc1)
+CVE-2026-45850 [ipvs: skip ipv6 extension headers for csum checks]
+ - linux 6.19.6-1
+ NOTE: https://git.kernel.org/linus/05cfe9863ef049d98141dc2969eefde72fb07625 (7.0-rc1)
+CVE-2026-45848 [apparmor: fix NULL sock in aa_sock_file_perm]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/00b67657535dfea56e84d11492f5c0f61d0af297 (7.0-rc1)
+CVE-2025-71308 [accel/amdxdna: Fix potential NULL pointer dereference in context cleanup]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/97f27573837ef96b4ba42af463cc800cab615c0e (7.0-rc1)
+CVE-2025-71306 [ima: Fix stack-out-of-bounds in is_bprm_creds_for_exec()]
+ - linux 6.19.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/377cae9851e8559e9d8b82a78c1ac0abeb18839c (7.0-rc1)
+CVE-2025-71305 [drm/display/dp_mst: Add protection against 0 vcpi]
+ - linux 6.19.6-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/342ccffd9f77fc29fe1c05fd145e4d842bd2feaa (7.0-rc1)
+CVE-2025-71304 [smack: /smack/doi: accept previously used values]
+ - linux 6.18.14-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/33d589ed60ae433b483761987b85e0d24e54584e (7.0-rc1)
CVE-2026-45837 [bpf: Fix use-after-free in arena_vm_close on fork]
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d7456bd65d5b97fd5fd6877cc6a88367682c6a8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d7456bd65d5b97fd5fd6877cc6a88367682c6a8
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260527/b1b47b48/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list