Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 629d494a by Salvatore Bonaccorso at 2025-01-08T20:17:20+01:00 Merge Linux updates from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,76 @@ +CVE-2024-56787 [soc: imx8m: Probe the SoC driver as platform driver] + - linux 6.12.5-1 + [bookworm] - linux 6.1.123-1 + NOTE: https://git.kernel.org/linus/9cc832d37799dbea950c4c8a34721b02b8b5a8ff (6.13-rc1) +CVE-2024-56786 [bpf: put bpf_link's program when link is safe to be deallocated] + - linux 6.12.5-1 + NOTE: https://git.kernel.org/linus/f44ec8733a8469143fde1984b5e6931b2e2f6f3f (6.13-rc1) +CVE-2024-56785 [MIPS: Loongson64: DTS: Really fix PCIe port nodes for ls7a] + - linux 6.12.5-1 + [bookworm] - linux 6.1.123-1 + NOTE: https://git.kernel.org/linus/4fbd66d8254cedfd1218393f39d83b6c07a01917 (6.13-rc1) +CVE-2024-56784 [drm/amd/display: Adding array index check to prevent memory corruption] + - linux 6.12.5-1 + NOTE: https://git.kernel.org/linus/2c437d9a0b496168e1a1defd17b531f0a526dbe9 (6.13-rc1) +CVE-2024-56783 [netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level] + - linux 6.12.5-1 + [bookworm] - linux 6.1.123-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/b7529880cb961d515642ce63f9d7570869bbbdc3 (6.13-rc2) +CVE-2024-56782 [ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration()] + - linux 6.12.5-1 + NOTE: https://git.kernel.org/linus/4a49194f587a62d972b602e3e1a2c3cfe6567966 (6.13-rc1) +CVE-2024-56781 [powerpc/prom_init: Fixup missing powermac #size-cells] + - linux 6.12.5-1 + [bookworm] - linux 6.1.123-1 + NOTE: https://git.kernel.org/linus/cf89c9434af122f28a3552e6f9cc5158c33ce50a (6.13-rc1) +CVE-2024-56780 [quota: flush quota_release_work upon quota writeback] + - linux 6.12.5-1 + [bookworm] - linux 6.1.123-1 + NOTE: https://git.kernel.org/linus/ac6f420291b3fee1113f21d612fa88b628afab5b (6.13-rc2) +CVE-2024-56779 [nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur] + - linux 6.12.5-1 + [bookworm] - linux 6.1.123-1 + NOTE: https://git.kernel.org/linus/98100e88dd8865999dc6379a3356cd799795fe7b (6.13-rc1) +CVE-2024-56778 [drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check] + - linux 6.12.5-1 + [bookworm] - linux 6.1.123-1 + NOTE: https://git.kernel.org/linus/c1ab40a1fdfee732c7e6ff2fb8253760293e47e8 (6.13-rc1) +CVE-2024-56777 [drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check] + - linux 6.12.5-1 + [bookworm] - linux 6.1.123-1 + NOTE: https://git.kernel.org/linus/e965e771b069421c233d674c3c8cd8c7f7245f42 (6.13-rc1) +CVE-2024-56776 [drm/sti: avoid potential dereference of error pointers] + - linux 6.12.5-1 + [bookworm] - linux 6.1.123-1 + NOTE: https://git.kernel.org/linus/831214f77037de02afc287eae93ce97f218d8c04 (6.13-rc1) +CVE-2024-56775 [drm/amd/display: Fix handling of plane refcount] + - linux 6.12.5-1 + NOTE: https://git.kernel.org/linus/27227a234c1487cb7a684615f0749c455218833a (6.13-rc1) +CVE-2024-56774 [btrfs: add a sanity check for btrfs root in btrfs_search_slot()] + - linux 6.12.5-1 + [bookworm] - linux 6.1.123-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3ed51857a50f530ac7a1482e069dfbd1298558d4 (6.13-rc2) +CVE-2024-56773 [kunit: Fix potential null dereference in kunit_device_driver_test()] + - linux 6.12.5-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/435c20eed572a95709b1536ff78832836b2f91b1 (6.13-rc1) +CVE-2024-56772 [kunit: string-stream: Fix a UAF bug in kunit_init_suite()] + - linux 6.12.5-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/39e21403c978862846fa68b7f6d06f9cca235194 (6.13-rc1) +CVE-2024-56771 [mtd: spinand: winbond: Fix 512GW, 01GW, 01JW and 02JW ECC information] + - linux 6.12.5-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/fee9b240916df82a8b07aef0fdfe96785417a164 (6.13-rc1) +CVE-2024-56770 [net/sched: netem: account for backlog updates from child qdisc] + - linux 6.12.6-1 + [bookworm] - linux 6.1.123-1 + NOTE: https://git.kernel.org/linus/f8d4bc455047cf3903cd6f85f49978987dbb3027 (6.13-rc3) CVE-2024-54676 NOT-FOR-US: Apache OpenMeetings CVE-2025-22215 (VMware Aria Automation contains a server-side request forgery (SSRF) v ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/629d494a29aed4badf3aec0c57b3f91c9c1d51f3 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/629d494a29aed4badf3aec0c57b3f91c9c1d51f3 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
