Luca Boccassi pushed to branch master at Debian Security Tracker / security-tracker
Commits:
90114f74 by Luca Boccassi at 2025-05-29T21:02:23+01:00
Update notes for CVE-2025-4598/systemd
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -28,16 +28,19 @@ CVE-2025-37993 [can: m_can: m_can_class_allocate_dev():
initialize spin lock on
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/dcaeeb8ae84c5506ebc574732838264f3887738c (6.15-rc6)
CVE-2025-4598
- - systemd <unfixed> (bug #1106785)
+ - systemd 257.6-1 (bug #1106785)
+ [bookworm] - systemd 252.38-1~deb12u1
NOTE:
https://www.qualys.com/2025/05/29/apport-coredump/apport-coredump.txt
- NOTE:
https://github.com/systemd/systemd/commit/49f1f2d4a7612bbed5211a73d11d6a94fbe3bb69
- NOTE:
https://github.com/systemd/systemd/commit/0c49e0049b7665bb7769a13ef346fef92e1ad4d6
- NOTE:
https://github.com/systemd/systemd/commit/8fc7b2a211eb13ef1a94250b28e1c79cab8bdcb9
- NOTE:
https://github.com/systemd/systemd/commit/13902e025321242b1d95c6d8b4e482b37f58cdef
- NOTE:
https://github.com/systemd/systemd/commit/868d95577ec9f862580ad365726515459be582fc
- NOTE:
https://github.com/systemd/systemd/commit/e6a8687b939ab21854f12f59a3cce703e32768cf
- NOTE:
https://github.com/systemd/systemd/commit/76e0ab49c47965877c19772a2b3bf55f6417ca39
- NOTE:
https://github.com/systemd/systemd/commit/9ce8e3e449def92c75ada41b7d10c5bc3946be77
+ NOTE: For a comprehensive fix a kernel change is required too:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b5325b2a270fcaf7b2a9a0f23d422ca8a5a8bdea
+ NOTE: Fixed by
https://github.com/systemd/systemd/commit/0c49e0049b7665bb7769a13ef346fef92e1ad4d6
(v258)
+ NOTE: Fixed by
https://github.com/systemd/systemd/commit/868d95577ec9f862580ad365726515459be582fc
(v258)
+ NOTE: Fixed by
https://github.com/systemd/systemd/commit/c58a8a6ec9817275bb4babaa2c08e0e35090d4e3
(v257.6)
+ NOTE: Fixed by
https://github.com/systemd/systemd/commit/61556694affa290c0a16d48717b3892b85622d96
(v257.6)
+ NOTE: Fixed by
https://github.com/systemd/systemd/commit/19d439189ab85dd7222bdd59fd442bbcc8ea99a7
(v256.16)
+ NOTE: Fixed by
https://github.com/systemd/systemd-stable/commit/254ab8d2a7866679cee006d844d078774cbac3c9
(v255.21)
+ NOTE: Fixed by
https://github.com/systemd/systemd-stable/commit/7fc7aa5a4d28d7768dfd1eb85be385c3ea949168
(v254.26)
+ NOTE: Fixed by
https://github.com/systemd/systemd-stable/commit/19b228662e0fcc6596c0395a0af8486a4b3f1627
(v253.33)
+ NOTE: Fixed by
https://github.com/systemd/systemd-stable/commit/2eb46dce078334805c547cbcf5e6462cf9d2f9f0
(v252.38)
CVE-2025-5054
NOT-FOR-US: Apport
CVE-2025-27464
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90114f74afaddefff87bb39a7d9816134a06bc47
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90114f74afaddefff87bb39a7d9816134a06bc47
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
