Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: c938ea8d by Salvatore Bonaccorso at 2026-01-23T17:17:56+01:00 Add new batch of CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,31 @@ +CVE-2025-71151 [cifs: Fix memory and information leak in smb3_reconfigure()] + - linux 6.18.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/cb6d5aa9c0f10074f1ad056c3e2278ad2cc7ec8d (6.19-rc3) +CVE-2025-71150 [ksmbd: Fix refcount leak when invalid session is found on session lookup] + - linux 6.18.3-1 + NOTE: https://git.kernel.org/linus/cafb57f7bdd57abba87725eb4e82bbdca4959644 (6.19-rc2) +CVE-2025-71149 [io_uring/poll: correctly handle io_poll_add() return value on update] + - linux 6.18.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/84230ad2d2afbf0c44c32967e525c0ad92e26b4e (6.19-rc1) +CVE-2025-71148 [net/handshake: restore destructor on submit failure] + - linux 6.18.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/6af2a01d65f89e73c1cbb9267f8880d83a88cee4 (6.19-rc2) +CVE-2025-71147 [KEYS: trusted: Fix a memory leak in tpm2_load_cmd] + - linux 6.18.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/62cd5d480b9762ce70d720a81fa5b373052ae05f (6.19-rc1) +CVE-2025-71146 [netfilter: nf_conncount: fix leaked ct in error paths] + - linux 6.18.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/2e2a720766886190a6d35c116794693aabd332b6 (6.19-rc2) +CVE-2025-71145 [usb: phy: isp1301: fix non-OF device reference imbalance] + - linux <not-affected> (Vulnerable code not present) CVE-2026-24515 (In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy ...) - expat <unfixed> (bug #1126277) NOTE: https://github.com/libexpat/libexpat/pull/1131 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c938ea8d1f93ab457d7db2a1ba1084ed0ecf8a77 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c938ea8d1f93ab457d7db2a1ba1084ed0ecf8a77 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
