This Debian Security Advisory (DSA-6253-1) addresses multiple vulnerabilities in the Linux kernel, including CVE-2025-38584 and CVE-2026-31419 (both CVSS 7.8 HIGH), which can lead to privilege escalation, denial of service, or information leaks. For the Debian stable distribution (trixie), these issues are fixed in the specific package version 6.12.86-1. The NVD data indicates that CVE-2025-38584 affects upstream kernel versions from 2.6.34 through 6.15.10 and from 6.16 through 6.16.1, where it was fixed in versions 6.15.10 and 6.16.1.
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index] [SECURITY] [DSA 6253-1] linux security update To: debian-security-announce@lists.debian.org Subject: [SECURITY] [DSA 6253-1] linux security update From: Salvatore Bonaccorso <carnil@debian.org> Date: Fri, 08 May 2026 15:32:29 +0000 Message-id: <[🔎] E1wLNBl-00000007mfo-1RvJ@seger.debian.org> Reply-to: debian-security-announce-request@lists.debian.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6253-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 08, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2025-38584 CVE-2026-23468 CVE-2026-31419 CVE-2026-31709 CVE-2026-31715 CVE-2026-43284 CVE-2026-43500 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. For the stable distribution (trixie), these problems have been fixed in version 6.12.86-1. We recommend that you upgrade your linux packages. For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmn9+FxfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0R3vg//ayjkFhhHODBfcB+oHxWXXTRj7hy/hzXRjvi0JydbAKKDzJ4d59xZpsV7 9kEHbuzbtCtaULx+lB/EcevlpXADrC9HGLiTXnKMjqs0QlpsffbkQxrbR7bMzW53 wlR8J4azJa6VkammsTdr1SRBlUdsfeSElFC3+TuHbuF1V1ey9TzCGNKaiadZ7jGd owc9ZdC823FIk/LS1kH1SJTgcToX/nZ+mtHLKzeV8UAcGh1GB2MvoLsxFvEo2LRA nfU0z7XM/75MIwpGU97r3VkmHLMzLkxdQPR1CAQh/ilDaGjPbeYS7yaXR99T74Lq E5tRcF3nlP6w86vdjye38l1U5Mml0wCJvtvJvzk3UT2dx4c540BubqTglW1R/pZs pS5ED5YQLHsfBd1iKOIvgjU06TOlBCEGB0q3g1cmHV8tAMDcZbU99T0/zktdvQP8 0aZtjn2UX8gUghQ39O5itpDTqdepRhv7dUPuM4La0RAAi4z5gox4N0q0ZHQbf4hz fGwA5f4vYeYR3O60VsF0kykTr+3697DJc3WxLRfuOxUFn5hHCUvtHAkqKvqJYmUS e6vtEuLeMaTdVlNm5D18WejJDrvUW45kc+DyHySsozopxSYx2LuTPGgvVCmV8TCt vCn060eFZgfDx1yNoJkZlI0P++v32vwZp4gBFcbXszEUblBARIw= =dI5D -----END PGP SIGNATURE----- Reply to: debian-security-announce@lists.debian.org Salvatore Bonaccorso (on-list) Salvatore Bonaccorso (off-list) Prev by Date: [SECURITY] [DSA 6252-1] prosody security update Next by Date: [SECURITY] [DSA 6254-1] firefox-esr security update Previous by thread: [SECURITY] [DSA 6252-1] prosody security update Next by thread: [SECURITY] [DSA 6254-1] firefox-esr security update Index(es): Date Thread