Multiple vulnerabilities in the Debian Linux kernel, including CVE-2026-31431 (CVSS 7.8), allow remote attackers to cause denial of service, privilege escalation, and information disclosure. Affected versions include Linux kernel 4.14 through 5.10.253, 5.11 through 5.15.203, 5.16 through 6.1.169, 6.2 through 6.6.136, and 6.7 through 6.12.84. The fixed versions are 5.10.254, 5.15.204, 6.1.170, 6.6.137, 6.12.85, 6.18.22, and 6.19.12, with Debian bookworm requiring kernel version 6.1.170-1.
Multiple vulnerabilities were identified in Debian Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege and sensitive information disclosure on the targeted system. Note: CVE-2026-31431 is being exploited in the... Impact Denial of Service Information Disclosure Elevation of Privilege System / Technologies affected Debian bookworm versions prior to 6.1.170-1 Solutions Before installation of the software, please visit the vendor web-site for more details. Apply fixes issued by the vendor: https://lists.debian.org/debian-security-announce/2026/msg00154.html