CLSA-2026-1778769697 kernel: Fix of 31 CVEs

net: skbuff: propagate shared-frag marker through pskbcopy - HID: ignore non-functional sensor in HP 5MP Camera CVE-2025-21992 - net: fix crash when config small gsomaxsize/gsoipv4maxsize CVE-2024-50258 - ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow CVE-2024-53042 - ALSA:...

DEBIAN-CVE-2026-31602

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Limit PTP to a single page Commit 391e69143d0a increased CTPTPNUM from 1 to 4 to support 256 playback streams, but the additional pages are not used by the card correctly. The CT20K2 hardware already has multiple...

CVE-2026-31602

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Limit PTP to a single page Commit 391e69143d0a increased CTPTPNUM from 1 to 4 to support 256 playback streams, but the additional pages are not used by the card correctly. The CT20K2 hardware already has multiple...

CVE-2026-31602

The CVE-2026-31602 issue affects the Linux kernel ALSA ctxfi driver, where ct_vm_map() may access memory beyond allocated space when CT_PTP_NUM exceeds 1 (AMD64), causing a page fault and potential system crash. The root cause is that ct_vm_map() always uses PTEs in vm->ptp[0].area regardless ...