Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ef249285 by Salvatore Bonaccorso at 2026-06-24T17:02:39+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,143 @@
+CVE-2026-52940 [tun: zero the whole vnet header in tun_put_user()]
+       - linux 7.0.13-1
+       [trixie] - linux <not-affected> (Vulnerable code not present)
+       [bookworm] - linux <not-affected> (Vulnerable code not present)
+       [bullseye] - linux <not-affected> (Vulnerable code not present)
+       NOTE: 
https://git.kernel.org/linus/7f2fcff15e99bb852f6967396ed12b38376e2c8d (7.1)
+CVE-2026-52932 [xfrm: ipcomp: Free destination pages on acomp errors]
+       - linux 7.0.12-1
+       [trixie] - linux <not-affected> (Vulnerable code not present)
+       [bookworm] - linux <not-affected> (Vulnerable code not present)
+       [bullseye] - linux <not-affected> (Vulnerable code not present)
+       NOTE: 
https://git.kernel.org/linus/7dbac7680eb629b3b4dc7e98c34f943b8814c0c8 (7.1-rc6)
+CVE-2026-52944 [ksmbd: fix FSCTL permission bypass by adding a permission 
check for FSCTL_SET_SPARSE]
+       - linux 7.0.12-1
+       [bullseye] - linux <not-affected> (Vulnerable code not present)
+       NOTE: 
https://git.kernel.org/linus/cc57232cae23c0df91b4a59d0f519141ce9b5b02 (7.1-rc6)
+CVE-2026-52943 [net: skbuff: fix missing zerocopy reference in pskb_carve 
helpers]
+       - linux 7.0.12-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/98d0912e9f841e5529a5b89a972805f34cb1c69d (7.1-rc6)
+CVE-2026-52942 [netfilter: nf_log: validate MAC header was set before dumping 
it]
+       - linux 7.0.13-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/a84b6fedbc97078788be78dbdd7517d143ad1a77 (7.1)
+CVE-2026-52941 [net/smc: avoid NULL deref of conn->lnk in smc_msg_event 
tracepoint]
+       - linux 7.0.12-1
+       [trixie] - linux 6.12.94-1
+       [bullseye] - linux <not-affected> (Vulnerable code not present)
+       NOTE: 
https://git.kernel.org/linus/7bf563badd37cb796df5477d2b78bb64148a1268 (7.1-rc4)
+CVE-2026-52939 [net/rds: fix NULL deref in rds_ib_send_cqe_handler() on masked 
atomic completion]
+       - linux 7.0.13-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/34080db3e70ddf94c38512ad2331e3c3afca6cc1 (7.1)
+CVE-2026-52938 [bpf: Fix NULL pointer dereference in bpf_sk_storage_clone and 
diag paths]
+       - linux <unfixed>
+       [trixie] - linux <not-affected> (Vulnerable code not present)
+       [bookworm] - linux <not-affected> (Vulnerable code not present)
+       [bullseye] - linux <not-affected> (Vulnerable code not present)
+       NOTE: 
https://git.kernel.org/linus/375e4e33c18dfa05c5dfd5f3dfffeb29343dd4c7 (7.1-rc3)
+CVE-2026-52937 [tap: fix stack info leak in tap_ioctl() SIOCGIFHWADDR]
+       - linux 7.0.12-1
+       NOTE: 
https://git.kernel.org/linus/bddc09212c24934643bd44fc794748d2bbb3b6cd (7.1-rc5)
+CVE-2026-52936 [crypto: jitterentropy - replace long-held spinlock with mutex]
+       - linux 7.0.10-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/01d798e9feb30212952d4e992801ba6bd6a82351 (7.1-rc1)
+CVE-2026-52935 [xfrm: espintcp: do not reuse an in-progress partial send]
+       - linux 7.0.13-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/c381039ade2e161ab08c0eda73c4f8b9a7115928 (7.1)
+CVE-2026-52934 [batman-adv: tvlv: reject oversized TVLV packets]
+       - linux 7.0.12-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/f50487e3566358b2b982b7801945e858c78ad9ab (7.1-rc5)
+CVE-2026-52933 [io_uring/poll: fix signed comparison in 
io_poll_get_ownership()]
+       - linux 7.0.4-1
+       [trixie] - linux 6.12.86-1
+       [bullseye] - linux <not-affected> (Vulnerable code not present)
+       NOTE: 
https://git.kernel.org/linus/326941b22806cbf2df1fbfe902b7908b368cce42 (7.1-rc1)
+CVE-2026-52931 [batman-adv: tp_meter: avoid use of uninit sender vars]
+       - linux 7.0.12-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/6c65cf23d4c6170fcf5714c32aa64689718cb142 (7.1-rc5)
+CVE-2026-52930 [ipc/shm: serialize orphan cleanup with shm_nattch updates]
+       - linux 7.0.13-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/2e5c6f4fd4001562781e99bbfc7f1f0127187542 (7.1)
+CVE-2026-52929 [sctp: stream: fully roll back denied add-stream state]
+       - linux 7.0.13-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/a5f8a90ac9f77c678a9781c0a464b635e0d63e49 (7.1)
+CVE-2026-52928 [af_unix: Reject SIOCATMARK on non-stream sockets]
+       - linux 7.0.7-1
+       [trixie] - linux 6.12.88-1
+       [bullseye] - linux <not-affected> (Vulnerable code not present)
+       NOTE: 
https://git.kernel.org/linus/d119775f2bad827edc28071c061fdd4a91f889a5 (7.1-rc3)
+CVE-2026-52927 [netfilter: ebtables: fix OOB read in compat_mtw_from_user]
+       - linux 7.0.12-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/f438d1786d657d57790c5d138d6db3fc9fdac392 (7.1-rc6)
+CVE-2026-52926 [batman-adv: clear current gateway during teardown]
+       - linux 7.0.12-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/a340a51ed801eab7bb454150c226323b865263cc (7.1-rc5)
+CVE-2026-52925 [vrf: Fix a potential NPD when removing a port from a VRF]
+       - linux 7.0.10-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/2674d603a9e6970463b2b9ebcf8e31e90beae169 (7.1-rc2)
+CVE-2026-52924 [sctp: purge outqueue on stale COOKIE-ECHO handling]
+       - linux 7.0.13-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/e374b22e9b07b72a25909621464ff74096151bfb (7.1-rc7)
+CVE-2026-52923 [ipc: limit next_id allocation to the valid ID range]
+       - linux 7.0.12-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/fa0b9b2b7ae3539908d69c2b9ac0d144d9bc5139 (7.1-rc6)
+CVE-2026-52922 [batman-adv: dat: handle forward allocation error]
+       - linux 7.0.12-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/2d8826a2d3657cea66fb0370f9e521575a673871 (7.1-rc5)
+CVE-2026-52921 [netfilter: ipset: stop hash:* range iteration at end]
+       - linux 7.0.12-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/0d3a282ab5f165fc207ff49ea5b6ad8f54616bd6 (7.1-rc5)
+CVE-2026-52920 [netfilter: xt_policy: fix strict mode inbound policy matching]
+       - linux 7.0.10-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/4b2b4d7d4e203c92db8966b163edfacb1f0e1e29 (7.1-rc2)
+CVE-2026-52919 [batman-adv: fix tp_meter counter underflow during shutdown]
+       - linux 7.0.12-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/94f3b133168d1c49895e7cc6afbcf1cc0b354602 (7.1-rc5)
+CVE-2026-52918 [Bluetooth: serialize accept_q access]
+       - linux 7.0.12-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/e83f5e24da741fa9405aeeff00b08c5ee7c37b88 (7.1-rc5)
+CVE-2026-52917 [sctp: diag: reject stale associations in dump_one path]
+       - linux 7.0.13-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/5eba3e48d78edd7551b992cb7ba687019b3a78da (7.1-rc7)
+CVE-2026-52916 [batman-adv: frag: disallow unicast fragment in fragment]
+       - linux 7.0.12-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/bc62216dc8e221e3781afa14430f45208bfa9af9 (7.1-rc5)
+CVE-2026-52915 [netfilter: ip6t_hbh: reject oversized option lists]
+       - linux 7.0.12-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/4322dcde6b4173c2d8e8e6118ed290794263bcc8 (7.1-rc5)
+CVE-2026-52914 [batman-adv: fix fragment reassembly length accounting]
+       - linux 7.0.12-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/9cd3f16c320bfdadd4509358122368deb56a5741 (7.1-rc5)
+CVE-2026-52913 [batman-adv: v: stop OGMv2 on disabled interface]
+       - linux 7.0.12-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/f8ce8b8331a1bc44ad4905886a482214d428b253 (7.1-rc5)
+CVE-2026-52912 [netfilter: nf_queue: hold bridge skb->dev while queued]
+       - linux 7.0.12-1
+       [trixie] - linux 6.12.94-1
+       NOTE: 
https://git.kernel.org/linus/e196115ec330a18de415bdb9f5071aa9f08e53ce (7.1-rc5)
 CVE-2026-9724 (The MotorDesk plugin for WordPress is vulnerable to Cross-Site 
Request ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-9721 (The Book a Room Event Calendar plugin for WordPress is 
vulnerable to C ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef249285323770002893114135f8adbc26ab2e4c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef249285323770002893114135f8adbc26ab2e4c
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to