Main Vulnerability Database SB2026021911

SB2026021911 - Debian update for linux

Published: February 19, 2026

Security Bulletin ID SB2026021911

Severity

Low

Patch available

YES

Number of vulnerabilities 54

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 54 secuirty vulnerabilities.

1) Out-of-bounds read (CVE-ID: CVE-2025-40082)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the hfsplus_listxattr() function in fs/hfsplus/xattr.c. A local user can perform a denial of service (DoS) attack.

2) Improper locking (CVE-ID: CVE-2025-68823)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ublk_get_uring_cmd_pdu(), __ublk_complete_rq(), __ublk_abort_rq() and __ublk_do_auto_buf_reg() functions in drivers/block/ublk_drv.c. A local user can perform a denial of service (DoS) attack.

3) Memory leak (CVE-ID: CVE-2025-71203)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the do_trap_ecall_u() function in arch/riscv/kernel/traps.c. A local user can perform a denial of service (DoS) attack.

4) Memory leak (CVE-ID: CVE-2025-71204)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the parse_durable_handle_context() function in fs/smb/server/smb2pdu.c. A local user can perform a denial of service (DoS) attack.

5) Input validation error (CVE-ID: CVE-2025-71220)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the create_smb2_pipe() function in fs/smb/server/smb2pdu.c. A local user can perform a denial of service (DoS) attack.

6) Input validation error (CVE-ID: CVE-2025-71222)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the wl1271_tx_allocate() function in drivers/net/wireless/ti/wlcore/tx.c. A local user can perform a denial of service (DoS) attack.

7) Memory leak (CVE-ID: CVE-2025-71223)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the smb2_open() function in fs/smb/server/smb2pdu.c. A local user can perform a denial of service (DoS) attack.

8) Resource management error (CVE-ID: CVE-2025-71224)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ieee80211_ocb_rx_no_sta() function in net/mac80211/ocb.c. A local user can perform a denial of service (DoS) attack.

9) Use-after-free (CVE-ID: CVE-2025-71225)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the raid_disks_store() function in drivers/md/md.c. A local user can escalate privileges on the system.

10) Resource management error (CVE-ID: CVE-2025-71228)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the cpu_cache_init() function in arch/loongarch/mm/cache.c. A local user can perform a denial of service (DoS) attack.

11) Resource management error (CVE-ID: CVE-2025-71229)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the rtw_core_enable_beacon() function in drivers/net/wireless/realtek/rtw88/main.c. A local user can perform a denial of service (DoS) attack.

12) Out-of-bounds read (CVE-ID: CVE-2025-71231)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the function in drivers/crypto/intel/iaa/iaa_crypto_main.c. A local user can perform a denial of service (DoS) attack.

13) Improper locking (CVE-ID: CVE-2025-71232)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the qla_fab_async_scan() function in drivers/scsi/qla2xxx/qla_gs.c. A local user can perform a denial of service (DoS) attack.

14) NULL pointer dereference (CVE-ID: CVE-2025-71233)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the pci_ep_cfs_add_type_group() and pci_epf_make() functions in drivers/pci/endpoint/pci-ep-cfs.c. A local user can perform a denial of service (DoS) attack.

15) Out-of-bounds read (CVE-ID: CVE-2025-71234)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the rtl8xxxu_probe() function in drivers/net/wireless/realtek/rtl8xxxu/core.c. A local user can perform a denial of service (DoS) attack.

16) Use-after-free (CVE-ID: CVE-2025-71235)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the qla2x00_wait_for_hba_ready() function in drivers/scsi/qla2xxx/qla_os.c. A local user can escalate privileges on the system.

17) Use-after-free (CVE-ID: CVE-2025-71236)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the qla_fab_async_scan() function in drivers/scsi/qla2xxx/qla_gs.c. A local user can escalate privileges on the system.

18) Improper locking (CVE-ID: CVE-2025-71237)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nilfs_sufile_trim_fs() function in fs/nilfs2/sufile.c. A local user can perform a denial of service (DoS) attack.

19) Use-after-free (CVE-ID: CVE-2026-23111)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nft_map_catchall_activate() function in net/netfilter/nf_tables_api.c. A local user can escalate privileges on the system.

20) Input validation error (CVE-ID: CVE-2026-23112)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the nvmet_tcp_free_cmd_buffers() function in drivers/nvme/target/tcp.c. A local user can perform a denial of service (DoS) attack.

21) Improper locking (CVE-ID: CVE-2026-23169)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __reset_counters() function in net/mptcp/pm_kernel.c. A local user can perform a denial of service (DoS) attack.

22) Memory leak (CVE-ID: CVE-2026-23176)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the toshiba_haps_add() function in drivers/platform/x86/toshiba_haps.c. A local user can perform a denial of service (DoS) attack.

23) Buffer overflow (CVE-ID: CVE-2026-23177)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the shmem_undo_range() function in mm/shmem.c. A local user can escalate privileges on the system.

24) Buffer overflow (CVE-ID: CVE-2026-23178)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the i2c_hid_get_report() function in drivers/hid/i2c-hid/i2c-hid-core.c. A local user can escalate privileges on the system.

25) Improper locking (CVE-ID: CVE-2026-23179)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nvmet_tcp_listen_data_ready() function in drivers/nvme/target/tcp.c. A local user can perform a denial of service (DoS) attack.

26) Out-of-bounds read (CVE-ID: CVE-2026-23180)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dpaa2_switch_irq0_handler_thread() function in drivers/net/ethernet/freescale/dpaa2/dpaa2-switch.c. A local user can perform a denial of service (DoS) attack.

27) Memory leak (CVE-ID: CVE-2026-23182)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the tegra_slink_probe() function in drivers/spi/spi-tegra20-slink.c. A local user can perform a denial of service (DoS) attack.

28) Input validation error (CVE-ID: CVE-2026-23187)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the imx8m_blk_ctrl_remove() function in drivers/pmdomain/imx/imx8m-blk-ctrl.c. A local user can perform a denial of service (DoS) attack.

29) Improper locking (CVE-ID: CVE-2026-23188)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the rtl8152_system_resume() and rtl8152_suspend() functions in drivers/net/usb/r8152.c. A local user can perform a denial of service (DoS) attack.

30) NULL pointer dereference (CVE-ID: CVE-2026-23189)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the include/linux/ceph/ceph_fs.h. A local user can perform a denial of service (DoS) attack.

31) Memory leak (CVE-ID: CVE-2026-23190)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the acp_pdm_dma_close() function in sound/soc/amd/renoir/acp3x-pdm-dma.c. A local user can perform a denial of service (DoS) attack.

32) Use-after-free (CVE-ID: CVE-2026-23191)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the is_access_interleaved() and loopback_check_format() functions in sound/drivers/aloop.c. A local user can escalate privileges on the system.

33) Use-after-free (CVE-ID: CVE-2026-23193)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the iscsit_dec_session_usage_count() function in drivers/target/iscsi/iscsi_target_util.c. A local user can escalate privileges on the system.

34) Memory leak (CVE-ID: CVE-2026-23198)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the irqfd_shutdown(), irqfd_wakeup() and kvm_irqfd_deassign() functions in virt/kvm/eventfd.c. A local user can perform a denial of service (DoS) attack.

35) Improper locking (CVE-ID: CVE-2026-23199)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the get_build_id_64(), __build_id_parse() and build_id_parse_nofault() functions in lib/buildid.c. A local user can perform a denial of service (DoS) attack.

36) Improper error handling (CVE-ID: CVE-2026-23200)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the fib6_add_rt2node() function in net/ipv6/ip6_fib.c. A local user can perform a denial of service (DoS) attack.

37) Use-after-free (CVE-ID: CVE-2026-23201)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the parse_longname() function in fs/ceph/crypto.c. A local user can escalate privileges on the system.

38) Use-after-free (CVE-ID: CVE-2026-23202)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tegra_qspi_combined_seq_xfer() function in drivers/spi/spi-tegra210-quad.c. A local user can escalate privileges on the system.

39) Out-of-bounds read (CVE-ID: CVE-2026-23204)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the u32_classify() function in net/sched/cls_u32.c. A local user can perform a denial of service (DoS) attack.

40) Memory leak (CVE-ID: CVE-2026-23205)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the smb2_open_file() function in fs/smb/client/smb2file.c. A local user can perform a denial of service (DoS) attack.

41) NULL pointer dereference (CVE-ID: CVE-2026-23206)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dpaa2_switch_init() function in drivers/net/ethernet/freescale/dpaa2/dpaa2-switch.c. A local user can perform a denial of service (DoS) attack.

42) Use-after-free (CVE-ID: CVE-2026-23209)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the macvlan_common_newlink() function in drivers/net/macvlan.c. A local user can escalate privileges on the system.

43) Improper locking (CVE-ID: CVE-2026-23213)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the smu_v14_0_2_mode1_reset() function in drivers/gpu/drm/amd/pm/swsmu/smu14/smu_v14_0_2_ppt.c. A local user can perform a denial of service (DoS) attack.

44) Resource management error (CVE-ID: CVE-2026-23214)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the fs/btrfs/fs.h. A local user can perform a denial of service (DoS) attack.

45) NULL pointer dereference (CVE-ID: CVE-2026-23215)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the arch/x86/include/asm/vmware.h. A local user can perform a denial of service (DoS) attack.

46) Use-after-free (CVE-ID: CVE-2026-23216)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the iscsit_dec_conn_usage_count() function in drivers/target/iscsi/iscsi_target_util.c. A local user can escalate privileges on the system.

47) Infinite loop (CVE-ID: CVE-2026-23219)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the slab_free() function in mm/slub.c. A local user can perform a denial of service (DoS) attack.

48) Infinite loop (CVE-ID: CVE-2026-23220)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the __process_request() function in fs/smb/server/server.c. A local user can perform a denial of service (DoS) attack.

49) Buffer overflow (CVE-ID: CVE-2026-23222)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the omap_crypto_copy_sg_lists() function in drivers/crypto/omap-crypto.c. A local user can escalate privileges on the system.

50) Use-after-free (CVE-ID: CVE-2026-23223)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the xchk_btree_check_block_owner() function in fs/xfs/scrub/btree.c. A local user can escalate privileges on the system.

51) Use-after-free (CVE-ID: CVE-2026-23224)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the erofs_fileio_ki_complete(), erofs_fileio_rq_submit() and erofs_fileio_rq_alloc() functions in fs/erofs/fileio.c. A local user can escalate privileges on the system.

52) Memory leak (CVE-ID: CVE-2026-23228)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ksmbd_tcp_new_connection() function in fs/smb/server/transport_tcp.c. A local user can perform a denial of service (DoS) attack.

53) Improper locking (CVE-ID: CVE-2026-23229)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the virtcrypto_done_task() function in drivers/crypto/virtio/virtio_crypto_core.c. A local user can perform a denial of service (DoS) attack.

54) Input validation error (CVE-ID: CVE-2026-23230)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the fs/smb/client/cached_dir.h. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://lists.debian.org/debian-security-announce/2026/msg00050.html

SB2026021911 - Debian update for linux

Breakdown by Severity

Description

Remediation

References

Please verify you're human