Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: fea0780e by Salvatore Bonaccorso at 2025-03-06T20:32:46+01:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,107 @@ +CVE-2025-21834 [seccomp: passthrough uretprobe systemcall without filtering] + - linux 6.12.15-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/cf6cb56ef24410fb5308f9655087f1eddf4452e6 (6.14-rc2) +CVE-2025-21833 [iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE] + - linux <unfixed> + NOTE: https://git.kernel.org/linus/60f030f7418d3f1d94f2fb207fe3080e1844630b (6.14-rc1) +CVE-2025-21832 [block: don't revert iter for -EIOCBQUEUED] + - linux 6.12.15-1 + [bookworm] - linux 6.1.129-1 + NOTE: https://git.kernel.org/linus/b13ee668e8280ca5b07f8ce2846b9957a8a10853 (6.14-rc1) +CVE-2025-21831 [PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1] + - linux 6.12.15-1 + NOTE: https://git.kernel.org/linus/b1049f2d68693c80a576c4578d96774a68df2bad (6.14-rc1) +CVE-2025-21830 [landlock: Handle weird files] + - linux 6.12.13-1 + [bookworm] - linux 6.1.129-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/49440290a0935f428a1e43a5ac8dc275a647ff80 (6.14-rc1) +CVE-2025-21829 [RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]"] + - linux 6.12.13-1 + [bookworm] - linux 6.1.129-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/edc4ef0e0154096d6c0cf5e06af6fc330dbad9d1 (6.14-rc1) +CVE-2025-21828 [wifi: mac80211: don't flush non-uploaded STAs] + - linux 6.12.13-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/aa3ce3f8fafa0b8fb062f28024855ea8cb3f3450 (6.14-rc1) +CVE-2025-21827 [Bluetooth: btusb: mediatek: Add locks for usb_driver_claim_interface()] + - linux 6.12.13-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/e9087e828827e5a5c85e124ce77503f2b81c3491 (6.14-rc1) +CVE-2025-21826 [netfilter: nf_tables: reject mismatching sum of field_len with set key length] + - linux 6.12.13-1 + [bookworm] - linux 6.1.129-1 + NOTE: https://git.kernel.org/linus/1b9335a8000fb70742f7db10af314104b6ace220 (6.14-rc1) +CVE-2025-21825 [bpf: Cancel the running bpf_timer through kworker for PREEMPT_RT] + - linux 6.12.13-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/58f038e6d209d2dd862fcf5de55407855856794d (6.14-rc1) +CVE-2024-58086 [drm/v3d: Stop active perfmon if it is being destroyed] + - linux 6.12.16-1 + [bookworm] - linux 6.1.129-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/21f1435b1e6b012a07c42f36b206d2b66fc8f13b (6.14-rc1) +CVE-2024-58085 [tomoyo: don't emit warning in tomoyo_write_control()] + - linux 6.12.15-1 + [bookworm] - linux 6.1.129-1 + NOTE: https://git.kernel.org/linus/3df7546fc03b8f004eee0b9e3256369f7d096685 (6.14-rc1) +CVE-2024-58084 [firmware: qcom: scm: Fix missing read barrier in qcom_scm_get_tzmem_pool()] + - linux 6.12.15-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/b628510397b5cafa1f5d3e848a28affd1c635302 (6.14-rc1) +CVE-2024-58083 [KVM: Explicitly verify target vCPU is online in kvm_get_vcpu()] + - linux 6.12.15-1 + [bookworm] - linux 6.1.129-1 + NOTE: https://git.kernel.org/linus/1e7381f3617d14b3c11da80ff5f8a93ab14cfc46 (6.14-rc1) +CVE-2024-58082 [media: nuvoton: Fix an error check in npcm_video_ece_init()] + - linux 6.12.15-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/c4b7779abc6633677e6edb79e2809f4f61fde157 (6.14-rc1) +CVE-2024-58081 [clk: mmp2: call pm_genpd_init() only after genpd.name is set] + - linux 6.12.15-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/e24b15d4704dcb73920c3d18a6157abd18df08c1 (6.14-rc1) +CVE-2024-58080 [clk: qcom: dispcc-sm6350: Add missing parent_map for a clock] + - linux 6.12.15-1 + [bookworm] - linux 6.1.129-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/d4cdb196f182d2fbe336c968228be00d8c3fed05 (6.14-rc1) +CVE-2024-58079 [media: uvcvideo: Fix crash during unbind if gpio unit is in use] + - linux 6.12.15-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/a9ea1a3d88b7947ce8cadb2afceee7a54872bbc5 (6.14-rc1) +CVE-2024-58078 [misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors] + - linux 6.12.15-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/6d04d2b554b14ae6c428a9c60b6c85f1e5c89f68 (6.14-rc1) +CVE-2024-58077 [ASoC: soc-pcm: don't use soc_pcm_ret() on .prepare callback] + - linux 6.12.15-1 + [bookworm] - linux 6.1.129-1 + NOTE: https://git.kernel.org/linus/301c26a018acb94dd537a4418cefa0f654500c6f (6.14-rc1) +CVE-2024-58076 [clk: qcom: gcc-sm6350: Add missing parent_map for two clocks] + - linux 6.12.15-1 + [bookworm] - linux 6.1.129-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/96fe1a7ee477d701cfc98ab9d3c730c35d966861 (6.14-rc1) +CVE-2024-58075 [crypto: tegra - do not transfer req when tegra init fails] + - linux 6.12.13-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/15589bda46830695a3261518bb7627afac61f519 (6.14-rc1) +CVE-2024-58074 [drm/i915: Grab intel_display from the encoder to avoid potential oopsies] + - linux <unfixed> + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/dc3806d9eb66d0105f8d55d462d4ef681d9eac59 (6.14-rc1) CVE-2024-58073 [drm/msm/dpu: check dpu_plane_atomic_print_state() for valid sspp] - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/789384eb1437aed94155dc0eac8a8a6ba1baf578 (6.14-rc1) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fea0780e42faeb6bed5a3f6e7bd4a16d50f7bdf6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fea0780e42faeb6bed5a3f6e7bd4a16d50f7bdf6 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
