Vulnerability-Lookup

CVE-2026-23229 (GCVE-0-2026-23229)

Vulnerability from cvelistv5 – Published: 2026-02-18 14:53 – Updated: 2026-02-23 03:16

Title

crypto: virtio - Add spinlock protection with virtqueue notification

Summary

In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-cbc -engine afalg -seconds 10 -multi 32 openssl processes will hangup and there is error reported like this: virtio_crypto virtio0: dataq.0:id 3 is not a head! It seems that the data virtqueue need protection when it is handled for virtio done notification. If the spinlock protection is added in virtcrypto_done_task(), openssl benchmark with multiple processes works well.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/552475d0b6cece73a…
	https://git.kernel.org/stable/c/8ee8ccfd60bf17cbd…
	https://git.kernel.org/stable/c/c9e594194795c86ca…
	https://git.kernel.org/stable/c/d6f0d586808689963…
	https://git.kernel.org/stable/c/c0a0ded3bb7fd45f7…
	https://git.kernel.org/stable/c/e69a7b0a71b6561b3…
	https://git.kernel.org/stable/c/49c57c6c108931a91…
	https://git.kernel.org/stable/c/b505047ffc8057555…

Impacted products

Vendor

Product

Version

Linux

Affected: 0eb69890e86775d178452880ea0d24384c5ccedf , < 552475d0b6cece73a52c0fa5faa0ce45e99df74b (git)
Affected: 75cba72ddb788a5b9c7ed2139fbb84383df029eb , < 8ee8ccfd60bf17cbdab91069d324b5302f4f3a30 (git)
Affected: ae4747dab2eab95a68bb2f6c7e904bff0424e1b1 , < c9e594194795c86ca753ad6ed64c2762e9309d0d (git)
Affected: c4c54fce9ec54a59a4ca035af13c2823c76684cc , < d6f0d586808689963e58fd739bed626ff5013b24 (git)
Affected: fed93fb62e05c38152b0fc1dc9609639e63eed76 , < c0a0ded3bb7fd45f720faa48449a930153257d3a (git)
Affected: fed93fb62e05c38152b0fc1dc9609639e63eed76 , < e69a7b0a71b6561b3b6459f1fded8d589f2e8ac2 (git)
Affected: fed93fb62e05c38152b0fc1dc9609639e63eed76 , < 49c57c6c108931a914ed94e3c0ddb974008260a3 (git)
Affected: fed93fb62e05c38152b0fc1dc9609639e63eed76 , < b505047ffc8057555900d2d3a005d033e6967382 (git)
Affected: 96be18c8fff9d57e29621386e2fa17268383ea27 (git)
Affected: 830a4f073f7edd2cc4f30ba95bdc3495d97c2550 (git)
Affected: 8862c0d2e47ba1733d9687fe0ff4e02d6e391255 (git)

Linux

Affected: 6.8
Unaffected: 0 , < 6.8 (semver)
Unaffected: 5.10.251 , ≤ 5.10.* (semver)
Unaffected: 5.15.201 , ≤ 5.15.* (semver)
Unaffected: 6.1.164 , ≤ 6.1.* (semver)
Unaffected: 6.6.125 , ≤ 6.6.* (semver)
Unaffected: 6.12.72 , ≤ 6.12.* (semver)
Unaffected: 6.18.11 , ≤ 6.18.* (semver)
Unaffected: 6.19.1 , ≤ 6.19.* (semver)
Unaffected: 7.0-rc1 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/crypto/virtio/virtio_crypto_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "552475d0b6cece73a52c0fa5faa0ce45e99df74b",
              "status": "affected",
              "version": "0eb69890e86775d178452880ea0d24384c5ccedf",
              "versionType": "git"
            },
            {
              "lessThan": "8ee8ccfd60bf17cbdab91069d324b5302f4f3a30",
              "status": "affected",
              "version": "75cba72ddb788a5b9c7ed2139fbb84383df029eb",
              "versionType": "git"
            },
            {
              "lessThan": "c9e594194795c86ca753ad6ed64c2762e9309d0d",
              "status": "affected",
              "version": "ae4747dab2eab95a68bb2f6c7e904bff0424e1b1",
              "versionType": "git"
            },
            {
              "lessThan": "d6f0d586808689963e58fd739bed626ff5013b24",
              "status": "affected",
              "version": "c4c54fce9ec54a59a4ca035af13c2823c76684cc",
              "versionType": "git"
            },
            {
              "lessThan": "c0a0ded3bb7fd45f720faa48449a930153257d3a",
              "status": "affected",
              "version": "fed93fb62e05c38152b0fc1dc9609639e63eed76",
              "versionType": "git"
            },
            {
              "lessThan": "e69a7b0a71b6561b3b6459f1fded8d589f2e8ac2",
              "status": "affected",
              "version": "fed93fb62e05c38152b0fc1dc9609639e63eed76",
              "versionType": "git"
            },
            {
              "lessThan": "49c57c6c108931a914ed94e3c0ddb974008260a3",
              "status": "affected",
              "version": "fed93fb62e05c38152b0fc1dc9609639e63eed76",
              "versionType": "git"
            },
            {
              "lessThan": "b505047ffc8057555900d2d3a005d033e6967382",
              "status": "affected",
              "version": "fed93fb62e05c38152b0fc1dc9609639e63eed76",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "96be18c8fff9d57e29621386e2fa17268383ea27",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "830a4f073f7edd2cc4f30ba95bdc3495d97c2550",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "8862c0d2e47ba1733d9687fe0ff4e02d6e391255",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/crypto/virtio/virtio_crypto_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.8"
            },
            {
              "lessThan": "6.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.251",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.164",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.125",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.72",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.18.*",
              "status": "unaffected",
              "version": "6.18.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.19.*",
              "status": "unaffected",
              "version": "6.19.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "7.0-rc1",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.251",
                  "versionStartIncluding": "5.10.209",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.201",
                  "versionStartIncluding": "5.15.148",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.164",
                  "versionStartIncluding": "6.1.75",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.125",
                  "versionStartIncluding": "6.6.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.72",
                  "versionStartIncluding": "6.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18.11",
                  "versionStartIncluding": "6.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.19.1",
                  "versionStartIncluding": "6.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.0-rc1",
                  "versionStartIncluding": "6.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.19.306",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "5.4.268",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "6.7.2",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: virtio - Add spinlock protection with virtqueue notification\n\nWhen VM boots with one virtio-crypto PCI device and builtin backend,\nrun openssl benchmark command with multiple processes, such as\n  openssl speed -evp aes-128-cbc -engine afalg  -seconds 10 -multi 32\n\nopenssl processes will hangup and there is error reported like this:\n virtio_crypto virtio0: dataq.0:id 3 is not a head!\n\nIt seems that the data virtqueue need protection when it is handled\nfor virtio done notification. If the spinlock protection is added\nin virtcrypto_done_task(), openssl benchmark with multiple processes\nworks well."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-23T03:16:41.797Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/552475d0b6cece73a52c0fa5faa0ce45e99df74b"
        },
        {
          "url": "https://git.kernel.org/stable/c/8ee8ccfd60bf17cbdab91069d324b5302f4f3a30"
        },
        {
          "url": "https://git.kernel.org/stable/c/c9e594194795c86ca753ad6ed64c2762e9309d0d"
        },
        {
          "url": "https://git.kernel.org/stable/c/d6f0d586808689963e58fd739bed626ff5013b24"
        },
        {
          "url": "https://git.kernel.org/stable/c/c0a0ded3bb7fd45f720faa48449a930153257d3a"
        },
        {
          "url": "https://git.kernel.org/stable/c/e69a7b0a71b6561b3b6459f1fded8d589f2e8ac2"
        },
        {
          "url": "https://git.kernel.org/stable/c/49c57c6c108931a914ed94e3c0ddb974008260a3"
        },
        {
          "url": "https://git.kernel.org/stable/c/b505047ffc8057555900d2d3a005d033e6967382"
        }
      ],
      "title": "crypto: virtio - Add spinlock protection with virtqueue notification",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2026-23229",
    "datePublished": "2026-02-18T14:53:33.015Z",
    "dateReserved": "2026-01-13T15:37:45.988Z",
    "dateUpdated": "2026-02-23T03:16:41.797Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-23229\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-02-18T16:22:32.693\",\"lastModified\":\"2026-02-23T04:16:01.673\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ncrypto: virtio - Add spinlock protection with virtqueue notification\\n\\nWhen VM boots with one virtio-crypto PCI device and builtin backend,\\nrun openssl benchmark command with multiple processes, such as\\n  openssl speed -evp aes-128-cbc -engine afalg  -seconds 10 -multi 32\\n\\nopenssl processes will hangup and there is error reported like this:\\n virtio_crypto virtio0: dataq.0:id 3 is not a head!\\n\\nIt seems that the data virtqueue need protection when it is handled\\nfor virtio done notification. If the spinlock protection is added\\nin virtcrypto_done_task(), openssl benchmark with multiple processes\\nworks well.\"},{\"lang\":\"es\",\"value\":\"Se ha resuelto la siguiente vulnerabilidad en el kernel de Linux: \\n\\ncrypto: virtio - A\u00f1adir protecci\u00f3n con spinlock con notificaci\u00f3n de virtqueue\\n\\nCuando una VM arranca con un dispositivo PCI virtio-crypto y un backend integrado,\\nejecutar el comando de benchmark de OpenSSL con m\u00faltiples procesos, como\\n  openssl speed -evp aes-128-cbc -engine afalg -seconds 10 -multi 32\\n\\nlos procesos de OpenSSL se colgar\u00e1n y se reporta un error como este:\\n virtio_crypto virtio0: dataq.0:id 3 is not a head!\\n\\nParece que el virtqueue de datos necesita protecci\u00f3n cuando se maneja\\npara la notificaci\u00f3n de finalizaci\u00f3n de virtio. Si se a\u00f1ade la protecci\u00f3n con spinlock\\nen virtcrypto_done_task(), el benchmark de OpenSSL con m\u00faltiples procesos\\nfunciona correctamente.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/49c57c6c108931a914ed94e3c0ddb974008260a3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/552475d0b6cece73a52c0fa5faa0ce45e99df74b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/8ee8ccfd60bf17cbdab91069d324b5302f4f3a30\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/b505047ffc8057555900d2d3a005d033e6967382\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c0a0ded3bb7fd45f720faa48449a930153257d3a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c9e594194795c86ca753ad6ed64c2762e9309d0d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/d6f0d586808689963e58fd739bed626ff5013b24\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/e69a7b0a71b6561b3b6459f1fded8d589f2e8ac2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}

GHSA-J87R-WGFM-7FJJ

Vulnerability from github – Published: 2026-02-18 18:30 – Updated: 2026-02-23 06:30

Details

In the Linux kernel, the following vulnerability has been resolved:

crypto: virtio - Add spinlock protection with virtqueue notification

When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-cbc -engine afalg -seconds 10 -multi 32

openssl processes will hangup and there is error reported like this: virtio_crypto virtio0: dataq.0:id 3 is not a head!

It seems that the data virtqueue need protection when it is handled for virtio done notification. If the spinlock protection is added in virtcrypto_done_task(), openssl benchmark with multiple processes works well.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-23229"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-18T16:22:32Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: virtio - Add spinlock protection with virtqueue notification\n\nWhen VM boots with one virtio-crypto PCI device and builtin backend,\nrun openssl benchmark command with multiple processes, such as\n  openssl speed -evp aes-128-cbc -engine afalg  -seconds 10 -multi 32\n\nopenssl processes will hangup and there is error reported like this:\n virtio_crypto virtio0: dataq.0:id 3 is not a head!\n\nIt seems that the data virtqueue need protection when it is handled\nfor virtio done notification. If the spinlock protection is added\nin virtcrypto_done_task(), openssl benchmark with multiple processes\nworks well.",
  "id": "GHSA-j87r-wgfm-7fjj",
  "modified": "2026-02-23T06:30:18Z",
  "published": "2026-02-18T18:30:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23229"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/49c57c6c108931a914ed94e3c0ddb974008260a3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/552475d0b6cece73a52c0fa5faa0ce45e99df74b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8ee8ccfd60bf17cbdab91069d324b5302f4f3a30"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b505047ffc8057555900d2d3a005d033e6967382"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c0a0ded3bb7fd45f720faa48449a930153257d3a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c9e594194795c86ca753ad6ed64c2762e9309d0d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d6f0d586808689963e58fd739bed626ff5013b24"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e69a7b0a71b6561b3b6459f1fded8d589f2e8ac2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2026-23229

Vulnerability from fkie_nvd - Published: 2026-02-18 16:22 - Updated: 2026-02-23 04:16

Severity ?

Summary

References

	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/49c57c6c108931a914ed94e3c0ddb974008260a3
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/552475d0b6cece73a52c0fa5faa0ce45e99df74b
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/8ee8ccfd60bf17cbdab91069d324b5302f4f3a30
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/b505047ffc8057555900d2d3a005d033e6967382
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/c0a0ded3bb7fd45f720faa48449a930153257d3a
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/c9e594194795c86ca753ad6ed64c2762e9309d0d
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/d6f0d586808689963e58fd739bed626ff5013b24
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/e69a7b0a71b6561b3b6459f1fded8d589f2e8ac2

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: virtio - Add spinlock protection with virtqueue notification\n\nWhen VM boots with one virtio-crypto PCI device and builtin backend,\nrun openssl benchmark command with multiple processes, such as\n  openssl speed -evp aes-128-cbc -engine afalg  -seconds 10 -multi 32\n\nopenssl processes will hangup and there is error reported like this:\n virtio_crypto virtio0: dataq.0:id 3 is not a head!\n\nIt seems that the data virtqueue need protection when it is handled\nfor virtio done notification. If the spinlock protection is added\nin virtcrypto_done_task(), openssl benchmark with multiple processes\nworks well."
    },
    {
      "lang": "es",
      "value": "Se ha resuelto la siguiente vulnerabilidad en el kernel de Linux: \n\ncrypto: virtio - A\u00f1adir protecci\u00f3n con spinlock con notificaci\u00f3n de virtqueue\n\nCuando una VM arranca con un dispositivo PCI virtio-crypto y un backend integrado,\nejecutar el comando de benchmark de OpenSSL con m\u00faltiples procesos, como\n  openssl speed -evp aes-128-cbc -engine afalg -seconds 10 -multi 32\n\nlos procesos de OpenSSL se colgar\u00e1n y se reporta un error como este:\n virtio_crypto virtio0: dataq.0:id 3 is not a head!\n\nParece que el virtqueue de datos necesita protecci\u00f3n cuando se maneja\npara la notificaci\u00f3n de finalizaci\u00f3n de virtio. Si se a\u00f1ade la protecci\u00f3n con spinlock\nen virtcrypto_done_task(), el benchmark de OpenSSL con m\u00faltiples procesos\nfunciona correctamente."
    }
  ],
  "id": "CVE-2026-23229",
  "lastModified": "2026-02-23T04:16:01.673",
  "metrics": {},
  "published": "2026-02-18T16:22:32.693",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/49c57c6c108931a914ed94e3c0ddb974008260a3"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/552475d0b6cece73a52c0fa5faa0ce45e99df74b"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/8ee8ccfd60bf17cbdab91069d324b5302f4f3a30"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/b505047ffc8057555900d2d3a005d033e6967382"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/c0a0ded3bb7fd45f720faa48449a930153257d3a"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/c9e594194795c86ca753ad6ed64c2762e9309d0d"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/d6f0d586808689963e58fd739bed626ff5013b24"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/e69a7b0a71b6561b3b6459f1fded8d589f2e8ac2"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

CERTFR-2026-AVI-0192

Vulnerability from certfr_avis - Published: 2026-02-20 - Updated: 2026-02-20

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Debian	Debian	Debian trixie versions antérieures à 6.12.73-1

References

Title

Publication Time

Tags

Bulletin de sécurité Debian DSA-6141-1

2026-02-18

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Debian trixie versions ant\u00e9rieures \u00e0 6.12.73-1",
      "product": {
        "name": "Debian",
        "vendor": {
          "name": "Debian",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-23198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23198"
    },
    {
      "name": "CVE-2026-23202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23202"
    },
    {
      "name": "CVE-2026-23219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23219"
    },
    {
      "name": "CVE-2026-23199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23199"
    },
    {
      "name": "CVE-2026-23220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23220"
    },
    {
      "name": "CVE-2025-71223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-71223"
    },
    {
      "name": "CVE-2026-23187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23187"
    },
    {
      "name": "CVE-2026-23179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23179"
    },
    {
      "name": "CVE-2026-23222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23222"
    },
    {
      "name": "CVE-2026-23229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23229"
    },
    {
      "name": "CVE-2026-23209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23209"
    },
    {
      "name": "CVE-2025-40082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40082"
    },
    {
      "name": "CVE-2025-71235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-71235"
    },
    {
      "name": "CVE-2026-23204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23204"
    },
    {
      "name": "CVE-2026-23230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23230"
    },
    {
      "name": "CVE-2026-23214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23214"
    },
    {
      "name": "CVE-2026-23178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23178"
    },
    {
      "name": "CVE-2026-23228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23228"
    },
    {
      "name": "CVE-2026-23223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23223"
    },
    {
      "name": "CVE-2026-23191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23191"
    },
    {
      "name": "CVE-2026-23169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23169"
    },
    {
      "name": "CVE-2026-23177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23177"
    },
    {
      "name": "CVE-2025-71220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-71220"
    },
    {
      "name": "CVE-2026-23201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23201"
    },
    {
      "name": "CVE-2026-23180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23180"
    },
    {
      "name": "CVE-2026-23200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23200"
    },
    {
      "name": "CVE-2026-23216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23216"
    },
    {
      "name": "CVE-2025-71225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-71225"
    },
    {
      "name": "CVE-2026-23176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23176"
    },
    {
      "name": "CVE-2025-71203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-71203"
    },
    {
      "name": "CVE-2026-23188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23188"
    },
    {
      "name": "CVE-2025-71228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-71228"
    },
    {
      "name": "CVE-2025-71224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-71224"
    },
    {
      "name": "CVE-2026-23193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23193"
    },
    {
      "name": "CVE-2025-71237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-71237"
    },
    {
      "name": "CVE-2026-23215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23215"
    },
    {
      "name": "CVE-2026-23205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23205"
    },
    {
      "name": "CVE-2025-71222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-71222"
    },
    {
      "name": "CVE-2025-71229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-71229"
    },
    {
      "name": "CVE-2026-23213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23213"
    },
    {
      "name": "CVE-2025-71236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-71236"
    },
    {
      "name": "CVE-2025-71234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-71234"
    },
    {
      "name": "CVE-2025-71232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-71232"
    },
    {
      "name": "CVE-2025-71204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-71204"
    },
    {
      "name": "CVE-2026-23182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23182"
    },
    {
      "name": "CVE-2026-23206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23206"
    },
    {
      "name": "CVE-2025-68823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68823"
    },
    {
      "name": "CVE-2026-23112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23112"
    },
    {
      "name": "CVE-2026-23190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23190"
    },
    {
      "name": "CVE-2025-71233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-71233"
    },
    {
      "name": "CVE-2026-23224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23224"
    },
    {
      "name": "CVE-2026-23189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23189"
    },
    {
      "name": "CVE-2026-23111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23111"
    },
    {
      "name": "CVE-2025-71231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-71231"
    }
  ],
  "initial_release_date": "2026-02-20T00:00:00",
  "last_revision_date": "2026-02-20T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0192",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-02-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Debian. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian",
  "vendor_advisories": [
    {
      "published_at": "2026-02-18",
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-6141-1",
      "url": "https://lists.debian.org/debian-security-announce/2026/msg00050.html"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-23229 (GCVE-0-2026-23229)

GHSA-J87R-WGFM-7FJJ

FKIE_CVE-2026-23229

CERTFR-2026-AVI-0192

Solutions

Tags

Sightings

Nomenclature