Changeflow GovPing Vulnerability Alerts Debian Linux Kernel Vulnerabilities Affecting C...
Priority review Notice Added Final

Debian Linux Kernel Vulnerabilities Affecting Confidentiality and Security

Favicon for www.cert.ssi.gouv.fr CERT-FR Security Advisories
Published March 13th, 2026
Detected March 13th, 2026
Email

Summary

The French National Cybersecurity Agency (ANSSI) has issued a notice regarding multiple vulnerabilities discovered in the Debian Linux kernel. These vulnerabilities can lead to privilege escalation, data confidentiality breaches, and denial of service, affecting specific versions of Debian bookworm and trixie.

View original document View source feed page

What changed

The French National Cybersecurity Agency (ANSSI) has published a notice (CERTFR-2026-AVI-0291) detailing multiple vulnerabilities found in the Debian Linux kernel. These issues, referenced by various CVEs including CVE-2023-53424 and CVE-2024-26822, can allow attackers to escalate privileges, compromise data confidentiality, bypass security policies, and cause denial of service. The affected systems include Debian bookworm versions prior to 6.1.164-1 and Debian trixie versions prior to 6.12.74-2.

Organizations using affected Debian Linux versions must consult the provided Debian security bulletins (DSA-6162-1 and DSA-6163-1) for patch information and apply the necessary updates to mitigate these risks. Failure to do so could result in significant security breaches, including unauthorized access and data loss. This notice highlights the critical need for prompt patching of operating system kernels to maintain system integrity and data security.

What to do next

  1. Review Debian security bulletins DSA-6162-1 and DSA-6163-1 for affected kernel versions.
  2. Apply provided security patches to Debian bookworm and trixie systems.
  3. Assess potential impact of vulnerabilities on data confidentiality and system security.

Source document (simplified)

Premier Ministre S.G.D.S.N

Agence nationale
de la sécurité des
systèmes d'information

Paris, le 13 mars 2026 N° CERTFR-2026-AVI-0291 Affaire suivie par: CERT-FR

Avis du CERT-FR

Objet: Multiples vulnérabilités dans le noyau Linux de Debian

Gestion du document

| Référence | CERTFR-2026-AVI-0291 |
| Titre | Multiples vulnérabilités dans le noyau Linux de Debian |
| Date de la première version | 13 mars 2026 |
| Date de la dernière version | 13 mars 2026 |
| Source(s) | Bulletin de sécurité Debian DSA-6162-1 du 12 mars 2026
Bulletin de sécurité Debian DSA-6163-1 du 12 mars 2026 |
Une gestion de version détaillée se trouve à la fin de ce document.

Risques

  • Atteinte à la confidentialité des données
  • Contournement de la politique de sécurité
  • Déni de service
  • Élévation de privilèges

Systèmes affectés

  • Debian bookworm versions antérieures à 6.1.164-1
  • Debian trixie versions antérieures à 6.12.74-2

Résumé

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Documentation

Gestion détaillée du document

  1. le 13 mars 2026 Version initiale

Related changes

Favicon for www.gov.uk Export Licence Transmission Issue Resolved
Routine Mar 14, 2026 ECJU Notices to Exporters Trade & Export
Favicon for www.gov.uk Humanitarian Assistance Exception Notification for Petroleum Products
Priority review Mar 13, 2026 OFSI All Publications Trade & Export
Favicon for www.apra.gov.au APRA Releases Quarterly ADI Statistics for December 2025
Routine Mar 13, 2026 news-and-publications Government
Favicon for www.cisa.gov CISA Adds Two Exploited Vulnerabilities to KEV Catalog
Priority review Mar 13, 2026 CISA ICS-CERT Advisories Government
Favicon for www.cisa.gov CISA: Ignition Software Vulnerable to Code Execution
Priority review Mar 13, 2026 CISA ICS-CERT Advisories Government
Favicon for www.gao.gov GAO Report on DOD Cybersecurity Maturity Model Certification Program
Priority review Mar 13, 2026 GAO Reports & Testimonies Government Accountability

Source

Favicon for www.cert.ssi.gouv.fr
CERT-FR Security Advisories cert.ssi.gouv.fr/avis
Vulnerability Alerts
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
Various
Published
March 13th, 2026
Instrument
Notice
Legal weight
Non-binding
Stage
Final
Change scope
Substantive

Who this affects

Applies to
Technology companies
Geographic scope
National (France)

Taxonomy

Primary area
Cybersecurity
Operational domain
IT Security
Topics
Data Privacy System Security

Browse Categories

Federal Courts 26 State Courts 91 Securities Regulation 6 Financial Regulation 43 Consumer Protection 5 Drug Safety 45 Data Protection 21 Competition 2 Attorneys General 3 Insurance Regulation 5 Trade & Export 36 Legislation 42 Energy Regulation 13 Environment 3 Labor & Employment 2 Tax 1

Get Vulnerability Alerts alerts

Weekly digest. AI-summarized, no noise.

Free. Unsubscribe anytime.

Get alerts for this source

We'll email you when CERT-FR Security Advisories publishes new changes.

Free. Unsubscribe anytime.