Search for packages
| purl | pkg:deb/debian/linux@6.19.12-1 |
| Next non-vulnerable version | 7.0-1~exp1 |
| Latest non-vulnerable version | 7.0-1~exp1 |
| Risk | 3.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-dq8r-defv-hbg6
Aliases: CVE-2023-6238 |
kernel: nvme: memory corruption via unprivileged user passthrough |
Affected by 3 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-n59e-jkf6-13bf
Aliases: CVE-2022-3238 |
kernel: ntfs3 local privledge escalation if NTFS character set and remount and umount called simultaneously |
Affected by 3 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-p3vt-v7gj-gqbc
Aliases: CVE-2024-56709 |
kernel: io_uring: check if iowq is killed before queuing |
Affected by 3 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1g77-qwuy-nkg8 |
CVE-2026-31416
|
|
| VCID-1s77-djzb-xffp |
CVE-2026-31417
|
|
| VCID-4jvb-unxd-3qg3 |
CVE-2026-31423
|
|
| VCID-5ahq-saw1-suf1 |
CVE-2026-31420
|
|
| VCID-94k1-ja9w-2fd2 |
CVE-2026-31421
|
|
| VCID-brte-gqy3-r3ax | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix OOB write in QUERY_INFO for compound requests When a compound request such as READ + QUERY_INFO(Security) is received, and the first command (READ) consumes most of the response buffer, ksmbd could write beyond the allocated buffer while building a security descriptor. The root cause was that smb2_get_info_sec() checked buffer space using ppntsd_size from xattr, while build_sec_desc() often synthesized a significantly larger descriptor from POSIX ACLs. This patch introduces smb_acl_sec_desc_scratch_len() to accurately compute the final descriptor size beforehand, performs proper buffer checking with smb2_calc_max_out_buf_len(), and uses exact-sized allocation + iov pinning. |
CVE-2026-31432
|
| VCID-c7xf-x7d5-87gn |
CVE-2026-31418
|
|
| VCID-dq8r-defv-hbg6 | kernel: nvme: memory corruption via unprivileged user passthrough |
CVE-2023-6238
|
| VCID-fvvb-p7r7-zkbk |
CVE-2026-31422
|
|
| VCID-gbkk-anun-a3ce |
CVE-2025-54505
XSA-488 |
|
| VCID-n59e-jkf6-13bf | kernel: ntfs3 local privledge escalation if NTFS character set and remount and umount called simultaneously |
CVE-2022-3238
|
| VCID-p3vt-v7gj-gqbc | kernel: io_uring: check if iowq is killed before queuing |
CVE-2024-56709
|
| VCID-p4by-fm53-yybk |
CVE-2026-31425
|
|
| VCID-pmn9-t8by-myhb | In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly. |
CVE-2026-31431
|
| VCID-qsdm-cyzs-aufy |
CVE-2026-31414
|
|
| VCID-texr-5weq-v3dw |
CVE-2026-31424
|
|
| VCID-v813-y477-vkhn |
CVE-2026-31429
|
|
| VCID-vzkt-5648-ukh7 |
CVE-2026-31415
|
|
| VCID-yqcj-27j2-tqb8 |
CVE-2026-31419
|
|
| VCID-zh73-s87g-vfff |
CVE-2026-31430
|