Main Vulnerability Database SB2026031305

SB2026031305 - Debian update for linux

Published: March 13, 2026

Security Bulletin ID SB2026031305

Severity

Low

Patch available

YES

Number of vulnerabilities 52

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 52 secuirty vulnerabilities.

1) Memory leak (CVE-ID: CVE-2023-53424)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mtk_clk_simple_probe() function in drivers/clk/mediatek/clk-mtk.c. A local user can perform a denial of service (DoS) attack.

2) Resource management error (CVE-ID: CVE-2024-26822)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to improper management of internal resources within the automount_fullpath() and cifs_do_automount() functions in fs/smb/client/namespace.c. A local user can force the SMB client to reuse its parent mount uid, gid and cruid and gain unauthorized access to information.

3) Resource management error (CVE-ID: CVE-2024-57895)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the set_file_basic_info() function in fs/smb/server/smb2pdu.c. A local user can perform a denial of service (DoS) attack.

4) Buffer overflow (CVE-ID: CVE-2025-22026)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the nfsd_show() function in fs/nfsd/stats.c, within the nfsd_net_init() function in fs/nfsd/nfsctl.c. A local user can perform a denial of service (DoS) attack.

5) Resource management error (CVE-ID: CVE-2025-23155)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the stmmac_request_irq_multi_msi() function in drivers/net/ethernet/stmicro/stmmac/stmmac_main.c. A local user can perform a denial of service (DoS) attack.

6) Use-after-free (CVE-ID: CVE-2025-37786)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dsa_tree_teardown_lags(), dsa_tree_setup(), dsa_tree_teardown_switches() and dsa_tree_teardown() functions in net/dsa/dsa.c. A local user can escalate privileges on the system.

7) Buffer overflow (CVE-ID: CVE-2025-37822)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the arch_uprobe_copy_ixol() function in arch/riscv/kernel/probes/uprobes.c. A local user can perform a denial of service (DoS) attack.

8) Improper locking (CVE-ID: CVE-2025-37920)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the xp_create_and_assign_umem() function in net/xdp/xsk_buff_pool.c, within the xsk_generic_rcv() and xsk_create() functions in net/xdp/xsk.c. A local user can perform a denial of service (DoS) attack.

9) Buffer overflow (CVE-ID: CVE-2025-38201)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the jffs2_sum_write_sumnode() function in fs/jffs2/summary.c. A local user can perform a denial of service (DoS) attack.

10) Improper locking (CVE-ID: CVE-2025-38643)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cfg80211_check_and_end_cac() function in net/wireless/reg.c. A local user can perform a denial of service (DoS) attack.

11) Improper locking (CVE-ID: CVE-2025-39763)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ghes_do_proc() function in drivers/acpi/apei/ghes.c. A local user can perform a denial of service (DoS) attack.

12) Out-of-bounds read (CVE-ID: CVE-2025-40082)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the hfsplus_listxattr() function in fs/hfsplus/xattr.c. A local user can perform a denial of service (DoS) attack.

13) Memory leak (CVE-ID: CVE-2025-40251)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the devl_rate_nodes_destroy() function in net/devlink/rate.c. A local user can perform a denial of service (DoS) attack.

14) Improper locking (CVE-ID: CVE-2025-68358)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the fs/btrfs/space-info.h. A local user can perform a denial of service (DoS) attack.

15) Double free (CVE-ID: CVE-2025-71089)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the iommu_sva_bind_device() function in drivers/iommu/iommu-sva.c. A local user can perform a denial of service (DoS) attack.

16) Resource management error (CVE-ID: CVE-2025-71144)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the net/mptcp/protocol.h. A local user can perform a denial of service (DoS) attack.

17) Input validation error (CVE-ID: CVE-2025-71220)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the create_smb2_pipe() function in fs/smb/server/smb2pdu.c. A local user can perform a denial of service (DoS) attack.

18) Input validation error (CVE-ID: CVE-2025-71222)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the wl1271_tx_allocate() function in drivers/net/wireless/ti/wlcore/tx.c. A local user can perform a denial of service (DoS) attack.

19) Resource management error (CVE-ID: CVE-2025-71224)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ieee80211_ocb_rx_no_sta() function in net/mac80211/ocb.c. A local user can perform a denial of service (DoS) attack.

20) Improper locking (CVE-ID: CVE-2025-71232)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the qla_fab_async_scan() function in drivers/scsi/qla2xxx/qla_gs.c. A local user can perform a denial of service (DoS) attack.

21) NULL pointer dereference (CVE-ID: CVE-2025-71233)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the pci_ep_cfs_add_type_group() and pci_epf_make() functions in drivers/pci/endpoint/pci-ep-cfs.c. A local user can perform a denial of service (DoS) attack.

22) Use-after-free (CVE-ID: CVE-2025-71235)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the qla2x00_wait_for_hba_ready() function in drivers/scsi/qla2xxx/qla_os.c. A local user can escalate privileges on the system.

23) Use-after-free (CVE-ID: CVE-2025-71236)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the qla_fab_async_scan() function in drivers/scsi/qla2xxx/qla_gs.c. A local user can escalate privileges on the system.

24) Improper locking (CVE-ID: CVE-2025-71237)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nilfs_sufile_trim_fs() function in fs/nilfs2/sufile.c. A local user can perform a denial of service (DoS) attack.

25) Double free (CVE-ID: CVE-2025-71238)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the qla2x00_update_optrom() function in drivers/scsi/qla2xxx/qla_bsg.c. A local user can perform a denial of service (DoS) attack.

26) Use-after-free (CVE-ID: CVE-2026-23111)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nft_map_catchall_activate() function in net/netfilter/nf_tables_api.c. A local user can escalate privileges on the system.

27) Input validation error (CVE-ID: CVE-2026-23112)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the nvmet_tcp_free_cmd_buffers() function in drivers/nvme/target/tcp.c. A local user can perform a denial of service (DoS) attack.

28) Improper locking (CVE-ID: CVE-2026-23169)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __reset_counters() function in net/mptcp/pm_kernel.c. A local user can perform a denial of service (DoS) attack.

29) Memory leak (CVE-ID: CVE-2026-23176)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the toshiba_haps_add() function in drivers/platform/x86/toshiba_haps.c. A local user can perform a denial of service (DoS) attack.

30) Buffer overflow (CVE-ID: CVE-2026-23178)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the i2c_hid_get_report() function in drivers/hid/i2c-hid/i2c-hid-core.c. A local user can escalate privileges on the system.

31) Out-of-bounds read (CVE-ID: CVE-2026-23180)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dpaa2_switch_irq0_handler_thread() function in drivers/net/ethernet/freescale/dpaa2/dpaa2-switch.c. A local user can perform a denial of service (DoS) attack.

32) Memory leak (CVE-ID: CVE-2026-23182)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the tegra_slink_probe() function in drivers/spi/spi-tegra20-slink.c. A local user can perform a denial of service (DoS) attack.

33) Input validation error (CVE-ID: CVE-2026-23187)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the imx8m_blk_ctrl_remove() function in drivers/pmdomain/imx/imx8m-blk-ctrl.c. A local user can perform a denial of service (DoS) attack.

34) Memory leak (CVE-ID: CVE-2026-23190)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the acp_pdm_dma_close() function in sound/soc/amd/renoir/acp3x-pdm-dma.c. A local user can perform a denial of service (DoS) attack.

35) Use-after-free (CVE-ID: CVE-2026-23193)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the iscsit_dec_session_usage_count() function in drivers/target/iscsi/iscsi_target_util.c. A local user can escalate privileges on the system.

36) Memory leak (CVE-ID: CVE-2026-23198)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the irqfd_shutdown(), irqfd_wakeup() and kvm_irqfd_deassign() functions in virt/kvm/eventfd.c. A local user can perform a denial of service (DoS) attack.

37) Use-after-free (CVE-ID: CVE-2026-23202)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tegra_qspi_combined_seq_xfer() function in drivers/spi/spi-tegra210-quad.c. A local user can escalate privileges on the system.

38) Memory leak (CVE-ID: CVE-2026-23205)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the smb2_open_file() function in fs/smb/client/smb2file.c. A local user can perform a denial of service (DoS) attack.

39) NULL pointer dereference (CVE-ID: CVE-2026-23206)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dpaa2_switch_init() function in drivers/net/ethernet/freescale/dpaa2/dpaa2-switch.c. A local user can perform a denial of service (DoS) attack.

40) Use-after-free (CVE-ID: CVE-2026-23209)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the macvlan_common_newlink() function in drivers/net/macvlan.c. A local user can escalate privileges on the system.

41) Use-after-free (CVE-ID: CVE-2026-23216)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the iscsit_dec_conn_usage_count() function in drivers/target/iscsi/iscsi_target_util.c. A local user can escalate privileges on the system.

42) Infinite loop (CVE-ID: CVE-2026-23220)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the __process_request() function in fs/smb/server/server.c. A local user can perform a denial of service (DoS) attack.

43) Use-after-free (CVE-ID: CVE-2026-23221)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the driver_override_show() function in drivers/bus/fsl-mc/fsl-mc-bus.c. A local user can escalate privileges on the system.

44) Buffer overflow (CVE-ID: CVE-2026-23222)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the omap_crypto_copy_sg_lists() function in drivers/crypto/omap-crypto.c. A local user can escalate privileges on the system.

45) Memory leak (CVE-ID: CVE-2026-23228)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ksmbd_tcp_new_connection() function in fs/smb/server/transport_tcp.c. A local user can perform a denial of service (DoS) attack.

46) Improper locking (CVE-ID: CVE-2026-23229)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the virtcrypto_done_task() function in drivers/crypto/virtio/virtio_crypto_core.c. A local user can perform a denial of service (DoS) attack.

47) Input validation error (CVE-ID: CVE-2026-23230)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the fs/smb/client/cached_dir.h. A local user can perform a denial of service (DoS) attack.

48) Use-after-free (CVE-ID: CVE-2026-23234)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the f2fs_write_end_io() function in fs/f2fs/data.c. A local user can escalate privileges on the system.

49) Out-of-bounds read (CVE-ID: CVE-2026-23235)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the main_blkaddr_show(), f2fs_sbi_show() and __sbi_store() functions in fs/f2fs/sysfs.c. A local user can perform a denial of service (DoS) attack.

50) Memory leak (CVE-ID: CVE-2026-23236)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ufx_ops_ioctl() function in drivers/video/fbdev/smscufx.c. A local user can perform a denial of service (DoS) attack.

51) NULL pointer dereference (CVE-ID: CVE-2026-23237)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cmpc_accel_sensitivity_show_v4(), cmpc_accel_sensitivity_store_v4(), cmpc_accel_g_select_show_v4(), cmpc_accel_g_select_store_v4(), cmpc_accel_open_v4(), cmpc_accel_sensitivity_show() and cmpc_accel_sensitivity_store() functions in drivers/platform/x86/classmate-laptop.c. A local user can perform a denial of service (DoS) attack.

52) Improper error handling (CVE-ID: CVE-2026-23238)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the romfs_fill_super() function in fs/romfs/super.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://lists.debian.org/debian-security-announce/2026/msg00071.html

SB2026031305 - Debian update for linux

Breakdown by Severity

Description

Remediation

References

Please verify you're human