Debian Bullseye is vulnerable, Bookworm has it fixed in the security updates (kernel 6.1.176-1), Trixie is safe for both, regular and security updates (kernel 6.12.86-1 and 6.12.95-1).
That sucks, but not much (all “local account required” vulns are like that). I need to stay on 6.8 both for proper PM support for hibernation and because of the Nvidia drivers.
Debian Bullseye is vulnerable, Bookworm has it fixed in the security updates (kernel 6.1.176-1), Trixie is safe for both, regular and security updates (kernel 6.12.86-1 and 6.12.95-1).
https://security-tracker.debian.org/tracker/CVE-2026-43499
That sucks, but not much (all “local account required” vulns are like that). I need to stay on 6.8 both for proper PM support for hibernation and because of the Nvidia drivers.