Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 36fac7e0 by Salvatore Bonaccorso at 2025-12-04T18:19:08+01:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,132 @@ +CVE-2025-40245 [nios2: ensure that memblock.current_limit is set when setting pfn limits] + - linux 6.17.6-1 + [trixie] - linux 6.12.57-1 + [bookworm] - linux 6.1.158-1 + NOTE: https://git.kernel.org/linus/a20b83cf45be2057f3d073506779e52c7fa17f94 (6.18-rc1) +CVE-2025-40244 [hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent()] + - linux 6.17.6-1 + [trixie] - linux 6.12.57-1 + [bookworm] - linux 6.1.158-1 + NOTE: https://git.kernel.org/linus/4840ceadef4290c56cc422f0fc697655f3cbf070 (6.18-rc1) +CVE-2025-40243 [hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits()] + - linux 6.17.6-1 + [trixie] - linux 6.12.57-1 + [bookworm] - linux 6.1.158-1 + NOTE: https://git.kernel.org/linus/2048ec5b98dbdfe0b929d2e42dc7a54c389c53dd (6.18-rc1) +CVE-2025-40242 [gfs2: Fix unlikely race in gdlm_put_lock] + - linux 6.17.6-1 + [trixie] - linux 6.12.57-1 + NOTE: https://git.kernel.org/linus/28c4d9bc0708956c1a736a9e49fee71b65deee81 (6.18-rc1) +CVE-2025-40241 [erofs: fix crafted invalid cases for encoded extents] + - linux 6.17.6-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/a429b76114aaca3ef1aff4cd469dcf025431bd11 (6.18-rc3) +CVE-2025-40240 [sctp: avoid NULL dereference when chunk data buffer is missing] + - linux 6.17.6-1 + [trixie] - linux 6.12.57-1 + [bookworm] - linux 6.1.158-1 + NOTE: https://git.kernel.org/linus/441f0647f7673e0e64d4910ef61a5fb8f16bfb82 (6.18-rc3) +CVE-2025-40239 [net: phy: micrel: always set shared->phydev for LAN8814] + - linux 6.17.6-1 + [trixie] - linux 6.12.57-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/399d10934740ae8cdaa4e3245f7c5f6c332da844 (6.18-rc3) +CVE-2025-40238 [net/mlx5: Fix IPsec cleanup over MPV device] + - linux 6.17.6-1 + [trixie] - linux 6.12.57-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/664f76be38a18c61151d0ef248c7e2f3afb4f3c7 (6.18-rc3) +CVE-2025-40237 [fs/notify: call exportfs_encode_fid with s_umount] + - linux 6.17.6-1 + [trixie] - linux 6.12.57-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/a7c4bb43bfdc2b9f06ee9d036028ed13a83df42a (6.18-rc3) +CVE-2025-40236 [virtio-net: zero unused hash fields] + - linux 6.17.6-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/b2284768c6b32aa224ca7d0ef0741beb434f03aa (6.18-rc3) +CVE-2025-40235 [btrfs: directly free partially initialized fs_info in btrfs_check_leaked_roots()] + - linux 6.17.6-1 + [trixie] - linux 6.12.57-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/17679ac6df6c4830ba711835aa8cf961be36cfa1 (6.18-rc3) +CVE-2025-40234 [platform/x86: alienware-wmi-wmax: Fix NULL pointer dereference in sleep handlers] + - linux 6.17.6-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/a49c4d48c3b60926e6a8cec217bf95aa65388ecc (6.18-rc3) +CVE-2025-40233 [ocfs2: clear extent cache after moving/defragmenting extents] + - linux 6.17.6-1 + [trixie] - linux 6.12.57-1 + [bookworm] - linux 6.1.158-1 + NOTE: https://git.kernel.org/linus/78a63493f8e352296dbc7cb7b3f4973105e8679e (6.18-rc3) +CVE-2025-40232 [rv: Fully convert enabled_monitors to use list_head as iterator] + - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/103541e6a5854b08a25e4caa61e990af1009a52e (6.18-rc3) +CVE-2025-40231 [vsock: fix lock inversion in vsock_assign_transport()] + - linux 6.17.6-1 + [trixie] - linux 6.12.57-1 + [bookworm] - linux 6.1.158-1 + NOTE: https://git.kernel.org/linus/f7c877e7535260cc7a21484c994e8ce7e8cb6780 (6.18-rc3) +CVE-2025-40230 [mm: prevent poison consumption when splitting THP] + - linux 6.17.6-1 + [trixie] - linux 6.12.57-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/841a8bfcbad94bb1ba60f59ce34f75259074ae0d (6.18-rc3) +CVE-2025-40229 [mm/damon/core: fix potential memory leak by cleaning ops_filter in damon_destroy_scheme] + - linux 6.17.6-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/7071537159be845a5c4ed5fb7d3db25aa4bd04a3 (6.18-rc3) +CVE-2025-40228 [mm/damon/sysfs: catch commit test ctx alloc failure] + - linux 6.17.6-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/f0c5118ebb0eb7e4fd6f0d2ace3315ca141b317f (6.18-rc3) +CVE-2025-40227 [mm/damon/sysfs: dealloc commit test ctx always] + - linux 6.17.6-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/139e7a572af0b45f558b5e502121a768dc328ba8 (6.18-rc3) +CVE-2025-40226 [firmware: arm_scmi: Account for failed debug initialization] + - linux 6.17.6-1 + [trixie] - linux 6.12.57-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/2290ab43b9d8eafb8046387f10a8dfa2b030ba46 (6.18-rc3) +CVE-2025-40225 [drm/panthor: Fix kernel panic on partial unmap of a GPU VA region] + - linux 6.17.6-1 + [trixie] - linux 6.12.57-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/4eabd0d8791eaf9a7b114ccbf56eb488aefe7b1f (6.18-rc3) +CVE-2025-40224 [hwmon: (cgbc-hwmon) Add missing NULL check after devm_kzalloc()] + - linux 6.17.6-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/a09a5aa8bf258ddc99a22c30f17fe304b96b5350 (6.18-rc3) +CVE-2025-40223 [most: usb: Fix use-after-free in hdm_disconnect] + - linux 6.17.6-1 + [trixie] - linux 6.12.57-1 + [bookworm] - linux 6.1.158-1 + NOTE: https://git.kernel.org/linus/4b1270902609ef0d935ed2faa2ea6d122bd148f5 (6.18-rc3) +CVE-2025-40222 [tty: serial: sh-sci: fix RSCI FIFO overrun handling] + - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/ef8fef45c74b5a0059488fda2df65fa133f7d7d0 (6.18-rc3) CVE-2025-40221 [media: pci: mg4b: fix uninitialized iio scan data] - linux 6.17.6-1 [trixie] - linux 6.12.57-1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36fac7e0e098d5921829133192c40547e750ed01 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36fac7e0e098d5921829133192c40547e750ed01 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
