Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: e59ed934 by Salvatore Bonaccorso at 2026-01-13T20:42:24+01:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,55 @@ +CVE-2025-71070 [ublk: clean up user copy references on ublk server exit] + - linux 6.18.3-1 + [trixie] - linux <not-affected> (Vulnerable code not present) + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/daa24603d9f0808929514ee62ced30052ca7221c (6.19-rc3) +CVE-2025-71077 [tpm: Cap the number of PCR banks] + - linux 6.18.3-1 + NOTE: https://git.kernel.org/linus/faf07e611dfa464b201223a7253e9dc5ee0f3c9e (6.19-rc1) +CVE-2025-71076 [drm/xe/oa: Limit num_syncs to prevent oversized allocations] + - linux 6.18.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/f8dd66bfb4e184c71bd26418a00546ebe7f5c17a (6.19-rc2) +CVE-2025-71075 [scsi: aic94xx: fix use-after-free in device removal path] + - linux 6.18.3-1 + NOTE: https://git.kernel.org/linus/f6ab594672d4cba08540919a4e6be2e202b60007 (6.19-rc1) +CVE-2025-71074 [functionfs: fix the open/removal races] + - linux 6.18.3-1 + NOTE: https://git.kernel.org/linus/e5bf5ee266633cb18fff6f98f0b7d59a62819eee (6.19-rc1) +CVE-2025-71073 [Input: lkkbd - disable pending work before freeing device] + - linux 6.18.3-1 + NOTE: https://git.kernel.org/linus/e58c88f0cb2d8ed89de78f6f17409d29cfab6c5c (6.19-rc2) +CVE-2025-71072 [shmem: fix recovery on rename failures] + - linux 6.18.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/e1b4c6a58304fd490124cc2b454d80edc786665c (6.19-rc2) +CVE-2025-71071 [iommu/mediatek: fix use-after-free on probe deferral] + - linux 6.18.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/de83d4617f9fe059623e97acf7e1e10d209625b5 (6.19-rc1) +CVE-2025-71069 [f2fs: invalidate dentry cache on failed whiteout creation] + - linux 6.18.3-1 + NOTE: https://git.kernel.org/linus/d33f89b34aa313f50f9a512d58dd288999f246b0 (6.19-rc1) +CVE-2025-71068 [svcrdma: bound check rq_pages index in inline path] + - linux 6.18.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/d1bea0ce35b6095544ee82bb54156fc62c067e58 (6.19-rc3) +CVE-2025-71067 [ntfs: set dummy blocksize to read boot_block when mounting] + - linux 6.18.3-1 + NOTE: https://git.kernel.org/linus/d1693a7d5a38acf6424235a6070bcf5b186a360d (6.19-rc1) +CVE-2025-71066 [net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change] + - linux 6.18.3-1 + NOTE: https://git.kernel.org/linus/ce052b9402e461a9aded599f5b47e76bc727f7de (6.19-rc2) +CVE-2025-71065 [f2fs: fix to avoid potential deadlock] + - linux 6.18.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/ca8b201f28547e28343a6f00a6e91fa8c09572fe (6.19-rc1) +CVE-2025-71064 [net: hns3: using the num_tqps in the vf driver to apply for resources] + - linux 6.18.3-1 + NOTE: https://git.kernel.org/linus/c2a16269742e176fccdd0ef9c016a233491a49ad (6.19-rc2) CVE-2025-68812 [media: iris: Add sanity check for stop streaming] - linux 6.18.3-1 [trixie] - linux <not-affected> (Vulnerable code not present) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e59ed934cc18ad00474917c2f7d31dcf555077be -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e59ed934cc18ad00474917c2f7d31dcf555077be You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
