Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 5da4d7f3 by Salvatore Bonaccorso at 2025-11-12T15:14:41+01:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,21 @@ +CVE-2025-40171 [nvmet-fc: move lsop put work to nvmet_fc_ls_req_op] + - linux 6.17.6-1 + [trixie] - linux 6.12.57-1 + [bookworm] - linux 6.1.158-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/db5a5406fb7e5337a074385c7a3e53c77f2c1bd3 (6.18-rc1) +CVE-2025-40170 [net: use dst_dev_rcu() in sk_setup_caps()] + - linux 6.17.6-1 + NOTE: https://git.kernel.org/linus/99a2ace61b211b0be861b07fbaa062fca4b58879 (6.18-rc1) +CVE-2025-40169 [bpf: Reject negative offsets for ALU ops] + - linux 6.17.6-1 + [trixie] - linux 6.12.57-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/55c0ced59fe17dee34e9dfd5f7be63cbab207758 (6.18-rc1) +CVE-2025-40168 [smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match().] + - linux 6.17.6-1 + NOTE: https://git.kernel.org/linus/235f81045c008169cc4e1955b4a64e118eebe61b (6.18-rc1) CVE-2025-40167 [ext4: detect invalid INLINE_DATA + EXTENTS flag combination] - linux 6.17.6-1 [trixie] - linux 6.12.57-1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5da4d7f377f66b4207f07ac1a2de74cf07a49dd7 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5da4d7f377f66b4207f07ac1a2de74cf07a49dd7 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
