This Debian Security Advisory addresses multiple vulnerabilities (CVE-2026-23171, CVE-2026-43503, CVE-2026-46300) in the Linux kernel that could lead to privilege escalation, denial of service, or information leaks. The CVSS 3.1 score for CVE-2026-23171 is 7.8 (High), and the NVD data indicates affected Linux kernel versions are from 5.15 up to but excluding 6.18.9, as well as version 6.19. For the Debian stable distribution (trixie), these issues are fixed in the `linux` package version 6.12.90-1.
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index] [SECURITY] [DSA 6295-1] linux security update To: debian-security-announce@lists.debian.org Subject: [SECURITY] [DSA 6295-1] linux security update From: Salvatore Bonaccorso <carnil@debian.org> Date: Sat, 23 May 2026 19:50:07 +0000 Message-id: <[🔎] E1wQsMJ-0000000BfQi-1XDV@seger.debian.org> Reply-to: debian-security-announce-request@lists.debian.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6295-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 23, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2026-23171 CVE-2026-43503 CVE-2026-46300 Debian Bug : 1136790 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. For the stable distribution (trixie), these problems have been fixed in version 6.12.90-1. Additionally this update includes a fix for a regression introduced with MediaTek Bluetooth devices (#1136790). We recommend that you upgrade your linux packages. For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmoSAgFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0QNHRAAiW/uN0UhzDwfKPMMYLbT4wic1MBTX8T8WI+JK/hLx14xJ/8C+7aHU/YY Tx/HGAOnhnXZsaaA0VlO1ruwAdZtlvtWnEQeII1UPLY+17X5ZcAM80xxVAbqVul3 48DFxV7ZvHkVbFYbQu/+I30vFOmJB8khHhP788xfB7WuCbfP7Hdaf92S87DbQRVC KDZKBMW7wwJtqPOVJOUcd9Uds+X3WkZKDk5/1AyzKp5WbCdTJRAAHizkiJEWuiT7 6HLf46tkIDZpajYCwmtxkuP+w/FPOu+M5AqL8Y51T+lxUiFVz7YY4fyzn2DAII3+ MsxFRYnPBvvbCZ7Sjtw2Q0EVum8aogMh5HbgNhjwZgfRolw40huKl8iF8T0wbkvW mfSg6zO1WnZaf+QvvU4COiCDqSvouRi4uMl+iEttu08SZGjkyFZKP3e6HHRIdsIh NtzOs/Y/mhYSxHDb1i3vaEyQ5hOUqNH16oE+XWvzCeg8ngxLD+uSo5UtRpq1zYa4 5MRWyDHfd7jOtQudxf9qFZ+1VzwewEGjrRXKSAXY7QaYHaYbQDGe5x7BFWBXPhyR MKjdf2SmiJvNBPnukbWHgEKrtaAIgN008Sv4RHQMulQJL8PXMzq5SYaBfPQqbhqK Wv7FBZ8V6oy17ugN7j4wIvo81VBcLxa6kmU7jp3b4Xm+v+M6HRo= =OaZS -----END PGP SIGNATURE----- Reply to: debian-security-announce@lists.debian.org Salvatore Bonaccorso (on-list) Salvatore Bonaccorso (off-list) Prev by Date: [SECURITY] [DSA 6294-1] libgcrypt20 security update Previous by thread: [SECURITY] [DSA 6294-1] libgcrypt20 security update Index(es): Date Thread