Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: a5c2c60e by Salvatore Bonaccorso at 2025-05-29T20:41:23+02:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,32 @@ +CVE-2025-37999 [fs/erofs/fileio: call erofs_onlinefolio_split() after bio_add_folio()] + - linux 6.12.29-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/bbfe756dc3062c1e934f06e5ba39c239aa953b92 (6.15-rc6) +CVE-2025-37998 [openvswitch: Fix unsafe attribute parsing in output_userspace()] + - linux 6.12.29-1 + [bookworm] - linux 6.1.139-1 + NOTE: https://git.kernel.org/linus/6beb6835c1fbb3f676aebb51a5fee6b77fed9308 (6.15-rc6) +CVE-2025-37997 [netfilter: ipset: fix region locking in hash types] + - linux 6.12.29-1 + [bookworm] - linux 6.1.139-1 + NOTE: https://git.kernel.org/linus/8478a729c0462273188263136880480729e9efca (6.15-rc6) +CVE-2025-37996 [KVM: arm64: Fix uninitialized memcache pointer in user_mem_abort()] + - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/157dbc4a321f5bb6f8b6c724d12ba720a90f1a7c (6.15-rc6) +CVE-2025-37995 [module: ensure that kobject_put() is safe for module type kobjects] + - linux 6.12.29-1 + [bookworm] - linux 6.1.139-1 + NOTE: https://git.kernel.org/linus/a6aeb739974ec73e5217c75a7c008a688d3d5cf1 (6.15-rc6) +CVE-2025-37994 [usb: typec: ucsi: displayport: Fix NULL pointer access] + - linux 6.12.29-1 + [bookworm] - linux 6.1.139-1 + NOTE: https://git.kernel.org/linus/312d79669e71283d05c05cc49a1a31e59e3d9e0e (6.15-rc6) +CVE-2025-37993 [can: m_can: m_can_class_allocate_dev(): initialize spin lock on device probe] + - linux 6.12.29-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/dcaeeb8ae84c5506ebc574732838264f3887738c (6.15-rc6) CVE-2025-4598 - systemd <unfixed> NOTE: https://www.qualys.com/2025/05/29/apport-coredump/apport-coredump.txt View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5c2c60ea9956d9691bb60bc384ccc79721bfd3d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5c2c60ea9956d9691bb60bc384ccc79721bfd3d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
