[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed May 27 14:07:48 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
67a21909 by Salvatore Bonaccorso at 2026-05-27T15:05:44+02:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,567 @@
+CVE-2026-46100 [fs: afs: revert mmap_prepare() change]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/fbfc6578eaca12daa0c09df1e9ba7f2c657b49da (7.1-rc1)
+CVE-2026-46097 [Input: edt-ft5x06 - fix use-after-free in debugfs teardown]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f5f9e07060519e2287e99019a6de1eb3ebb65c37 (7.1-rc1)
+CVE-2026-46095 [md/md-llbitmap: raise barrier before state machine transition]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ef4ca3d4bf09716cff9ba00eb0351deadc8417ab (7.1-rc1)
+CVE-2026-46094 [ext4: fix bounds check in check_xattrs() to prevent out-of-bounds access]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/eceafc31ea7b42c984ece10d79d505c0bb6615d5 (7.1-rc1)
+CVE-2026-46089 [zram: do not forget to endio for partial discard requests]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e3668b371329ea036ff022ce8ecc82f8befcf003 (7.1-rc1)
+CVE-2026-46087 [mm/damon/stat: fix memory leak on damon_start() failure in damon_stat_start()]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e04ed278d25bf15769800bf6e35c6737f137186f (7.1-rc1)
+CVE-2026-46085 [rxrpc: Fix rxkad crypto unalignment handling]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/def304aae2edf321d2671fd6ca766a93c21f877e (7.1-rc1)
+CVE-2026-46084 [RDMA/mana_ib: Disable RX steering on RSS QP destroy]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/dbeb256e8dd87233d891b170c0b32a6466467036 (7.1-rc1)
+CVE-2026-46081 [crypto: acomp - fix wrong pointer stored by acomp_save_req()]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d7e20b9bd6c990773cf0c09e2642250b8a70263d (7.1-rc1)
+CVE-2026-46074 [spi: ch341: fix memory leaks on probe failures]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b99e3ddb91b499d920e63a2daff8880be68cfe9e (7.1-rc1)
+CVE-2026-46073 [hwmon: (powerz) Fix missing usb_kill_urb() on signal interrupt]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b66437cb20a2d9ef201f40b675569f8ea7787c9f (7.1-rc1)
+CVE-2026-46067 [mm/damon/core: validate damos_quota_goal->nid for node_memcg_{used,free}_bp]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a34dac6482e53e2c76944f25b1489b9b7da3a6e6 (7.1-rc1)
+CVE-2026-46063 [x86/shstk: Prevent deadlock during shstk sigreturn]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.88-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9874b2917b9fbc30956fee209d3c4aa47201c64e (7.1-rc1)
+CVE-2026-46061 [jbd2: fix deadlock in jbd2_journal_cancel_revoke()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/981fcc5674e67158d24d23e841523eccba19d0e7 (7.1-rc1)
+CVE-2026-46060 [crypto: qat - fix IRQ cleanup on 6xxx probe failure]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/95aed2af87ec43fa7624cc81dd13d37824ad4972 (7.1-rc1)
+CVE-2026-46057 [landlock: Fix LOG_SUBDOMAINS_OFF inheritance across fork()]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/874c8f83826c95c62c21d9edfe9ef43e5c346724 (7.1-rc1)
+CVE-2026-46055 [apparmor: Fix string overrun due to missing termination]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/828bf7929bedcb79b560b5b4e44f22abee07d31b (7.1-rc1)
+CVE-2026-46048 [ALSA: caiaq: fix usb_dev refcount leak on probe failure]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7a5f1cd22d47f8ca4b760b6334378ae42c1bd24b (7.1-rc2)
+CVE-2026-46045 [md/md-llbitmap: skip reading rdevs that are not in_sync]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7701e68b5072faa03a8f30b4081dc16df9092381 (7.1-rc1)
+CVE-2026-46042 [mm/mempolicy: fix memory leaks in weighted_interleave_auto_store()]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6fae274ce0e3109cbbc4c18b354eaace1f0af7d7 (7.1-rc1)
+CVE-2026-46041 [greybus: gb-beagleplay: fix sleep in atomic context in hdlc_tx_frames()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6b526dca0966f2370835765019a54319b78fca8d (7.1-rc1)
+CVE-2026-46039 [rxgk: Fix potential integer overflow in length check]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6929350080f4da292d111a3b33e53138fee51cec (7.1-rc1)
+CVE-2026-46036 [vfio/cdx: Serialize VFIO_DEVICE_SET_IRQS with a per-device mutex]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/670e8864b1a218d72f08db40d0103adf38fa1d9b (7.1-rc1)
+CVE-2026-46035 [mm/page_alloc: return NULL early from alloc_frozen_pages_nolock() in NMI on UP]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/620b46ed6ae17c8438d889c8c0cfddab36a1476c (7.1-rc2)
+CVE-2026-46034 [vfio/cdx: Fix NULL pointer dereference in interrupt trigger path]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5ea5880764cbb164afb17a62e76ca75dc371409d (7.1-rc1)
+CVE-2026-46030 [EDAC/versalnet: Fix device_node leak in mc_probe()]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5c709b376460ff322580c41600e31c02f7cc0307 (7.1-rc1)
+CVE-2026-46029 [mm/slab: return NULL early from kmalloc_nolock() in NMI on UP]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5b31044e649e3e54c2caef135c09b371c2fbcd08 (7.1-rc2)
+CVE-2026-46025 [mm/damon/core: fix damon_call() vs kdamond_fn() exit race]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/55da81663b9642dd046b26dd6f1baddbcf337c1e (7.1-rc1)
+CVE-2026-46020 [mm/damon/core: validate damos_quota_goal->nid for node_mem_{used,free}_bp]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/40250b2dded0604a112be605f3828700d80ad7c2 (7.1-rc1)
+CVE-2026-46016 [remoteproc: xlnx: Only access buffer information if IPI is buffered]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/38dd6ccfdfbbe865569a52fe1ba9fa1478f672e6 (7.1-rc1)
+CVE-2026-46013 [mm/memfd_luo: fix physical address conversion in put_folios cleanup]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3538f90ab89aaf302782b4b073a0aae66904cd67 (7.1-rc1)
+CVE-2026-46011 [media: mtk-jpeg: fix use-after-free in release path due to uncancelled work]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/34c519feef3e4fcff1078dc8bdb25fbbbd10303f (7.1-rc1)
+CVE-2026-46010 [rxrpc: Fix error handling in rxgk_extract_token()]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3476c8bb960f48e49355d6f93fb7673211e0163f (7.1-rc1)
+CVE-2026-46007 [hwmon: (powerz) Avoid cacheline sharing for DMA buffer]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.88-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3023c050af3600bf451153335dea5e073c9a3088 (7.1-rc1)
+CVE-2026-46001 [hwmon: (pt5161l) Fix bugs in pt5161l_read_block_data()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/24c73e93d6a756e1b8626bb259d2e07c5b89b370 (7.1-rc1)
+CVE-2026-45998 [rxrpc: Fix potential UAF after skb_unshare() failure]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1f2740150f904bfa60e4bad74d65add3ccb5e7f8 (7.1-rc1)
+CVE-2026-45995 [io_uring/zcrx: fix user_struct uaf]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/0fcccfd87152f957fa8312b841f6efef42a05a20 (7.1-rc1)
+CVE-2026-45992 [ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/0a7b5221b5b51cc798fcfc3be00d02eade149d69 (7.1-rc2)
+CVE-2026-45990 [slub: fix data loss and overflow in krealloc()]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/082a6d03a2d685a83a332666b500ad3966349588 (7.1-rc1)
+CVE-2026-45989 [of: unittest: fix use-after-free in testdrv_probe()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/07fd339b2c253205794bea5d9b4b7548a4546c56 (7.1-rc1)
+CVE-2026-46103 [can: ucan: fix devres lifetime]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/fed4626501c871890da287bec62a96e52da1af89 (7.1-rc1)
+CVE-2026-46102 [net: strparser: fix skb_head leak in strp_abort_strp()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/fe72340daaf1af588be88056faf98965f39e6032 (7.1-rc1)
+CVE-2026-46101 [netfilter: reject zero shift in nft_bitwise]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/fe11e5c40817b84abaa5d83bfb6586d8412bfd07 (7.1-rc2)
+CVE-2026-46099 [net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/f9c52a6ba9780bd27e0bf4c044fd91c13c778b6e (7.1-rc2)
+CVE-2026-46098 [net: caif: clear client service pointer on teardown]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/f7cf8ece8cee3c1ee361991470cdb1eb65ab02e8 (7.1-rc1)
+CVE-2026-46096 [tpm2-sessions: Fix missing tpm_buf_destroy() in tpm2_read_public()]
+ - linux 7.0.4-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f0f75a3d98b7959a8677b6363e23190f3018636b (7.1-rc1)
+CVE-2026-46093 [mm/vmalloc: take vmap_purge_lock in shrinker]
+ - linux 7.0.4-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ec05f51f1e65bce95528543eb73fda56fd201d94 (7.1-rc1)
+CVE-2026-46092 [wifi: rtw88: check for PCI upstream bridge existence]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/eb101d2abdcccb514ca4fccd3b278dd8267374f6 (7.1-rc1)
+CVE-2026-46091 [media: rc: igorplugusb: heed coherency rules]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/eac69475b01fe1e861dfe3960b57fa95671c132e (7.1-rc1)
+CVE-2026-46090 [ALSA: aloop: Fix peer runtime UAF during format-change stop]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.88-1
+ NOTE: https://git.kernel.org/linus/e5c33cdc6f402eab8abd36ecf436b22c9d3a8aff (7.1-rc2)
+CVE-2026-46088 [ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/e0da8a8cac74f4b9f577979d131f0d2b88a84487 (7.1-rc1)
+CVE-2026-46086 [net: bridge: use a stable FDB dst snapshot in RCU readers]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/df4601653201de21b487c3e7fffd464790cab808 (7.1-rc1)
+CVE-2026-46083 [spi: fix resource leaks on device setup failure]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/db357034f7e0cf23f233f414a8508312dfe8fbbe (7.1-rc1)
+CVE-2026-46082 [KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/d99df02ff427f461102230f9c5b90a6c64ee8e23 (7.1-rc1)
+CVE-2026-46080 [ocfs2: split transactions in dio completion to avoid credit exhaustion]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/d647c5b2fbf81560818dacade360abc8c00a9665 (7.1-rc1)
+CVE-2026-46079 [rbd: fix null-ptr-deref when device_add_disk() fails]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d1fef92e414433ca7b89abf85cb0df42b8d475eb (7.1-rc1)
+CVE-2026-46078 [erofs: fix the out-of-bounds nameoff handling for trailing dirents]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/d18a3b5d337fa412a38e776e6b4b857a58836575 (7.1-rc1)
+CVE-2026-46077 [crypto: atmel-tdes - fix DMA sync direction]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/c8a9a647532f5c2a04180352693215e24e9dba03 (7.1-rc1)
+CVE-2026-46076 [KVM: nSVM: Raise #UD if unhandled VMMCALL isn't intercepted by L1]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c36991c6f8d2ab56ee67aff04e3c357f45cfc76c (7.1-rc1)
+CVE-2026-46075 [crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/bab1adf3b87e4bfac92c4f5963c63db434d561c1 (7.1-rc1)
+CVE-2026-46072 [ntfs3: add buffer boundary checks to run_unpack()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b62567bca47408e6739dee75f02a2113548af875 (7.1-rc1)
+CVE-2026-46071 [KVM: nSVM: Avoid clearing VMCB_LBR in vmcb12]
+ - linux 7.0.4-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b53ab5167a81537777ac780bbd93d32613aa3bda (7.1-rc1)
+CVE-2026-46070 [md/raid5: validate payload size before accessing journal metadata]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/b0cc3ae97e893bf54bbce447f4e9fd2e0b88bff9 (7.1-rc1)
+CVE-2026-46069 [wifi: mwifiex: fix use-after-free in mwifiex_adapter_cleanup()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/ae5e95d4157481693be2317e3ffcd84e36010cbb (7.1-rc1)
+CVE-2026-46068 [crypto: nx - fix bounce buffer leaks in nx842_crypto_{alloc,free}_ctx]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.88-1
+ NOTE: https://git.kernel.org/linus/adb3faf2db1a66d0f015b44ac909a32dfc7f2f9c (7.1-rc1)
+CVE-2026-46066 [ceph: fix num_ops off-by-one when crypto allocation fails]
+ - linux 7.0.4-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a0d9555bf9eaeba34fe6b6bb86f442fe08ba3842 (7.1-rc1)
+CVE-2026-46065 [fbdev: defio: Disconnect deferred I/O from the lifetime of struct fb_info]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.88-1
+ NOTE: https://git.kernel.org/linus/9ded47ad003f09a94b6a710b5c47f4aa5ceb7429 (7.1-rc1)
+CVE-2026-46064 [ibmasm: fix heap over-read in ibmasm_send_i2o_message()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/9aad71144fa3682cca3837a06c8623016790e7ec (7.1-rc1)
+CVE-2026-46062 [ntfs3: fix integer overflow in run_unpack() volume boundary check]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/984a415f019536ea2d24de9010744e5302a9a948 (7.1-rc1)
+CVE-2026-46059 [KVM: nSVM: Always use NextRIP as vmcb02's NextRIP after first L2 VMRUN]
+ - linux 7.0.4-1
+ NOTE: https://git.kernel.org/linus/8d397582f6b5e9fbcf09781c7c934b4910e94a50 (7.1-rc1)
+CVE-2026-46058 [media: amphion: Fix race between m2m job_abort and device_run]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8cd35ceadcfc8c5da2eb7f7ce24525ce9d4ee62e (7.1-rc1)
+CVE-2026-46056 [Bluetooth: hci_event: fix potential UAF in SSP passkey handlers]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/85fa3512048793076eef658f66489112dcc91993 (7.1-rc1)
+CVE-2026-46054 [selinux: fix overlayfs mmap() and mprotect() access checks]
+ - linux 7.0.4-1
+ NOTE: https://git.kernel.org/linus/82544d36b1729153c8aeb179e84750f0c085d3b1 (7.1-rc1)
+CVE-2026-46053 [net: rds: fix MR cleanup on copy error]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/8141a2dc70080eda1aedc0389ed2db2b292af5bd (7.1-rc1)
+CVE-2026-46052 [ceph: only d_add() negative dentries when they are unhashed]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/803447f93d75ab6e40c85e6d12b5630d281d70d6 (7.1-rc1)
+CVE-2026-46051 [md/raid5: fix soft lockup in retry_aligned_read()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/7f9f7c697474268d9ef9479df3ddfe7cdcfbbffc (7.1-rc1)
+CVE-2026-46050 [md/raid10: fix deadlock with check operation and nowait requests]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7d96f3120a7fb7210d21b520c5b6f495da6ba436 (7.1-rc1)
+CVE-2026-46049 [ALSA: ctxfi: Add fallback to default RSR for S/PDIF]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/7d61662197ecdc458e33e475b6ada7f6da61d364 (7.1-rc1)
+CVE-2026-46047 [net: qrtr: ns: Fix use-after-free in driver remove()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/7809fea20c9404bfcfa6112ec08d1fe1d3520beb (7.1-rc1)
+CVE-2026-46046 [ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/77d059519382bd66283e6a4e83ee186e87e7708f (7.1-rc1)
+CVE-2026-46044 [ipmi:ssif: Clean up kthread on errors]
+ - linux 7.0.4-1
+ NOTE: https://git.kernel.org/linus/75c486cb1bcaa1a3ec3a6438498176a3a4998ae4 (7.1-rc1)
+CVE-2026-46043 [RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/7244491dab347f648e661da96dc0febadd9daec3 (7.1-rc1)
+CVE-2026-46040 [inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/6a320935fa4293e9e599ec9f85dc9eb3be7029f8 (7.1-rc1)
+CVE-2026-46038 [net: qrtr: ns: Free the node during ctrl_cmd_bye()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/68efba36446a7774ea5b971257ade049272a07ac (7.1-rc1)
+CVE-2026-46037 [ipv4: icmp: validate reply type before using icmp_pointers]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/67bf002a2d7387a6312138210d0bd06e3cf4879b (7.1-rc1)
+CVE-2026-46033 [crypto: authencesn - reject short ahash digests during instance creation]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/5db6ef9847717329f12c5ea8aba7e9f588a980c0 (7.1-rc2)
+CVE-2026-46032 [KVM: nSVM: Triple fault if restore host CR3 fails on nested #VMEXIT]
+ - linux 7.0.4-1
+ NOTE: https://git.kernel.org/linus/5d291ef0585ed880ed4dd71ea1a5965e0a65fb53 (7.1-rc1)
+CVE-2026-46031 [net: ks8851: Reinstate disabling of BHs around IRQ handler]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5c9fcac3c872224316714d0d8914d9af16c76a6d (7.1-rc1)
+CVE-2026-46028 [crypto: algif_aead - snapshot IV for async AEAD requests]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.85-1
+ [bookworm] - linux 6.1.170-1
+ NOTE: https://git.kernel.org/linus/5aa58c3a572b3e3b6c786953339f7978b845cc52 (7.1-rc1)
+CVE-2026-46027 [net/smc: avoid early lgr access in smc_clc_wait_msg]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/5a8db80f721deee8e916c2cfdee78decda02ce4f (7.1-rc1)
+CVE-2026-46026 [net: qrtr: ns: Limit the maximum number of lookups]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/5640227d9a21c6a8be249a10677b832e7f40dc55 (7.1-rc1)
+CVE-2026-46024 [libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/5199c125d25aeae8615c4fc31652cc0fe624338e (7.1-rc1)
+CVE-2026-46023 [dm mirror: fix integer overflow in create_dirty_log()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/4c788c6f921b22f9b6c3f316c4a071c05683e7de (7.1-rc1)
+CVE-2026-46022 [misc: ibmasm: fix OOB MMIO read in ibmasm_handle_mouse_interrupt()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/4b6e6ead556734bdc14024c5f837132b1e7a4b84 (7.1-rc1)
+CVE-2026-46021 [thermal: core: Fix thermal zone governor cleanup issues]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/41ff66baf81c6541f4f985dd7eac4494d03d9440 (7.1-rc1)
+CVE-2026-46019 [crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/3fcfff4ed35f963380a68741bcd52742baff7f76 (7.1-rc1)
+CVE-2026-46018 [ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/3c318f97dcc50b2e0556a1813bd6958678e881fd (7.1-rc1)
+CVE-2026-46017 [mm: fix deferred split queue races during migration]
+ - linux 7.0.4-1
+ NOTE: https://git.kernel.org/linus/3bac01168982ec3e3bf87efdc1807c7933590a85 (7.1-rc1)
+CVE-2026-46015 [tcp: call sk_data_ready() after listener migration]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3864c6ba1e041bc75342353a70fa2a2c6f909923 (7.1-rc1)
+CVE-2026-46014 [KVM: SVM: Add missing save/restore handling of LBR MSRs]
+ - linux 7.0.4-1
+ NOTE: https://git.kernel.org/linus/3700f0788da6acf73b2df56690f4b201aa4aefd2 (7.1-rc1)
+CVE-2026-46012 [rxrpc: Fix memory leaks in rxkad_verify_response()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/34f61a07e0cdefaecd3ec03bb5fb22215643678f (7.1-rc1)
+CVE-2026-46009 [PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3446beddba450c8d6f9aca2f028712ac527fead3 (7.1-rc1)
+CVE-2026-46008 [mm/damon/core: fix damos_walk() vs kdamond_fn() exit race]
+ - linux 7.0.4-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/33c3f6c2b48cd84b441dba1ee3e62290e53930f4 (7.1-rc1)
+CVE-2026-46006 [drm/nouveau: fix u32 overflow in pushbuf reloc bounds check]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/2fc87d37be1b730a149b035f9375fdb8cc5333a5 (7.1-rc1)
+CVE-2026-46005 [xfs: fix a resource leak in xfs_alloc_buftarg()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/29a7b2614357393b176ef06ba5bc3ff5afc8df69 (7.1-rc1)
+CVE-2026-46004 [ALSA: caiaq: Handle probe errors properly]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/28abd224db4a49560b452115bca3672a20e45b2f (7.1-rc1)
+CVE-2026-46003 [net: qrtr: ns: Limit the total number of nodes]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/27d5e84e810b0849d08b9aec68e48570461ce313 (7.1-rc1)
+CVE-2026-46002 [ext2: reject inodes with zero i_nlink and valid mode in ext2_iget()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/25947cc5b2374cd5bf627fe3141496444260d04f (7.1-rc1)
+CVE-2026-46000 [rxrpc: Fix conn-level packet handling to unshare RESPONSE packets]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.88-1
+ NOTE: https://git.kernel.org/linus/24481a7f573305706054c59e275371f8d0fe919f (7.1-rc1)
+CVE-2026-45999 [erofs: fix unsigned underflow in z_erofs_lz4_handle_overlap()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.88-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/21e161de2dc660b1bb70ef5b156ab8e6e1cca3ab (7.1-rc1)
+CVE-2026-45997 [scsi: sd: fix missing put_disk() when device_add(&disk_dev) fails]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/1e111c4b3a726df1254670a5cc4868cedb946d37 (7.1-rc1)
+CVE-2026-45996 [spi: imx: fix use-after-free on unbind]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1c78c2002380a1fe31bfb01a3d5f29809e55a096 (7.1-rc1)
+CVE-2026-45994 [ibmasm: fix OOB reads in command_file_write due to missing size checks]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/0eb09f737428e482a32a2e31e5e223f2b35a71d3 (7.1-rc1)
+CVE-2026-45993 [LoongArch: Add spectre boundry for syscall dispatch table]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/0c965d2784fbbd7f8e3b96d875c9cfdf7c00da3d (7.1-rc1)
+CVE-2026-45991 [udf: fix partition descriptor append bookkeeping]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.88-1
+ NOTE: https://git.kernel.org/linus/08841b06fa64d8edbd1a21ca6e613420c90cc4b8 (7.1-rc1)
+CVE-2026-45988 [rxrpc: Fix re-decryption of RESPONSE packets]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/0422e7a4883f25101903f3e8105c0808aa5f4ce9 (7.1-rc1)
+CVE-2026-45987 [KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/03bee264f8ebfd39e0254c98e112d033a7aa9055 (7.1-rc1)
+CVE-2026-45986 [crypto: ccree - fix a memory leak in cc_mac_digest()]
+ - linux 7.0.4-1
+ [trixie] - linux 6.12.86-1
+ NOTE: https://git.kernel.org/linus/02c64052fad03699b9c6d1df2f9b444d17e4ac50 (7.1-rc1)
CVE-2026-45982 [ACPICA: Fix NULL pointer dereference in acpi_ev_address_space_dispatch()]
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67a21909a419e4b67bfd2a72b456c71ccdcdfecd
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67a21909a419e4b67bfd2a72b456c71ccdcdfecd
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260527/ec66a6fa/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list