[Git][security-tracker-team/security-tracker][master] Add new CVEs for Linux from kernel CNA

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Dec 27 16:11:52 GMT 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d69762bf by Salvatore Bonaccorso at 2024-12-27T17:11:19+01:00
Add new CVEs for Linux from kernel CNA

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,847 @@
+CVE-2024-56675 [bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors]
+	- linux 6.12.6-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ef1b808e3b7c98612feceedf985c2fbbeb28f956 (6.13-rc3)
+CVE-2024-56674 [virtio_net: correct netdev_tx_reset_queue() invocation point]
+	- linux 6.12.6-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3ddccbefebdbe0c4c72a248676e4d39ac66a8e26 (6.13-rc3)
+CVE-2024-56673 [riscv: mm: Do not call pmd dtor on vmemmap page table teardown]
+	- linux 6.12.6-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/21f1b85c8912262adf51707e63614a114425eb10 (6.13-rc3)
+CVE-2024-56672 [blk-cgroup: Fix UAF in blkcg_unpin_online()]
+	- linux 6.12.6-1
+	NOTE: https://git.kernel.org/linus/86e6ca55b83c575ab0f2e105cf08f98e58d3d7af (6.13-rc3)
+CVE-2024-56671 [gpio: graniterapids: Fix vGPIO driver crash]
+	- linux 6.12.6-1
+	NOTE: https://git.kernel.org/linus/eb9640fd1ce666610b77f5997596e9570a36378f (6.13-rc3)
+CVE-2024-56670 [usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer]
+	- linux 6.12.6-1
+	NOTE: https://git.kernel.org/linus/4cfbca86f6a8b801f3254e0e3c8f2b1d2d64be2b (6.13-rc3)
+CVE-2024-56669 [iommu/vt-d: Remove cache tags before disabling ATS]
+	- linux 6.12.6-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1f2557e08a617a4b5e92a48a1a9a6f86621def18 (6.13-rc3)
+CVE-2024-56668 [iommu/vt-d: Fix qi_batch NULL pointer with nested parent domain]
+	- linux 6.12.6-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/74536f91962d5f6af0a42414773ce61e653c10ee (6.13-rc3)
+CVE-2024-56667 [drm/i915: Fix NULL pointer dereference in capture_engine]
+	- linux 6.12.6-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/da0b986256ae9a78b0215214ff44f271bfe237c1 (6.13-rc3)
+CVE-2024-56666 [drm/amdkfd: Dereference null return value]
+	- linux 6.12.6-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a592bb19abdc2072875c87da606461bfd7821b08 (6.13-rc3)
+CVE-2024-56665 [bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog]
+	- linux 6.12.6-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/978c4486cca5c7b9253d3ab98a88c8e769cb9bbd (6.13-rc3)
+CVE-2024-56664 [bpf, sockmap: Fix race between element replace and close()]
+	- linux 6.12.6-1
+	NOTE: https://git.kernel.org/linus/ed1fc5d76b81a4d681211333c026202cad4d5649 (6.13-rc3)
+CVE-2024-56663 [wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one]
+	- linux 6.12.6-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/2e3dbf938656986cce73ac4083500d0bcfbffe24 (6.13-rc3)
+CVE-2024-56662 [acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl]
+	- linux 6.12.6-1
+	NOTE: https://git.kernel.org/linus/265e98f72bac6c41a4492d3e30a8e5fd22fe0779 (6.13-rc3)
+CVE-2024-56661 [tipc: fix NULL deref in cleanup_bearer()]
+	- linux 6.12.6-1
+	NOTE: https://git.kernel.org/linus/b04d86fff66b15c07505d226431f808c15b1703c (6.13-rc3)
+CVE-2024-56660 [net/mlx5: DR, prevent potential error pointer dereference]
+	- linux 6.12.6-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/11776cff0b563c8b8a4fa76cab620bfb633a8cb8 (6.13-rc3)
+CVE-2024-56659 [net: lapb: increase LAPB_HEADER_LEN]
+	- linux 6.12.6-1
+	NOTE: https://git.kernel.org/linus/a6d75ecee2bf828ac6a1b52724aba0a977e4eaf4 (6.13-rc3)
+CVE-2024-56658 [net: defer final 'struct net' free in netns dismantle]
+	- linux 6.12.6-1
+	NOTE: https://git.kernel.org/linus/0f6ede9fbc747e2553612271bce108f7517e7a45 (6.13-rc3)
+CVE-2024-56657 [ALSA: control: Avoid WARN() for symlink errors]
+	- linux 6.12.6-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b2e538a9827dd04ab5273bf4be8eb2edb84357b0 (6.13-rc3)
+CVE-2024-56656 [bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips]
+	- linux 6.12.6-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/24c6843b7393ebc80962b59d7ae71af91bf0dcc1 (6.13-rc3)
+CVE-2024-56655 [netfilter: nf_tables: do not defer rule destruction via call_rcu]
+	- linux 6.12.6-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b04df3da1b5c6f6dc7cdccc37941740c078c4043 (6.13-rc3)
+CVE-2024-56654 [Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating]
+	- linux 6.12.6-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/581dd2dc168fe0ed2a7a5534a724f0d3751c93ae (6.13-rc3)
+CVE-2024-56653 [Bluetooth: btmtk: avoid UAF in btmtk_process_coredump]
+	- linux 6.12.6-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b548f5e9456c568155499d9ebac675c0d7a296e8 (6.13-rc3)
+CVE-2024-56652 [drm/xe/reg_sr: Remove register pool]
+	- linux 6.12.6-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d7b028656c29b22fcde1c6ee1df5b28fbba987b5 (6.13-rc3)
+CVE-2024-56651 [can: hi311x: hi3110_can_ist(): fix potential use-after-free]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/9ad86d377ef4a19c75a9c639964879a5b25a433b (6.13-rc2)
+CVE-2024-56650 [netfilter: x_tables: fix LED ID check in led_tg_check()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/04317f4eb2aad312ad85c1a17ad81fe75f1f9bc7 (6.13-rc2)
+CVE-2024-56649 [net: enetc: Do not configure preemptible TCs if SIs do not support]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b2420b8c81ec674552d00c55d46245e5c184b260 (6.13-rc2)
+CVE-2024-56648 [net: hsr: avoid potential out-of-bound access in fill_frame_info()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/b9653d19e556c6afd035602927a93d100a0d7644 (6.13-rc2)
+CVE-2024-56647 [net: Fix icmp host relookup triggering ip_rt_bug]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/c44daa7e3c73229f7ac74985acb8c7fb909c4e0a (6.13-rc2)
+CVE-2024-56646 [ipv6: avoid possible NULL deref in modify_prefix_route()]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a747e02430dfb3657141f99aa6b09331283fa493 (6.13-rc2)
+CVE-2024-56645 [can: j1939: j1939_session_new(): fix skb reference counting]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/a8c695005bfe6569acd73d777ca298ddddd66105 (6.13-rc2)
+CVE-2024-56644 [net/ipv6: release expired exception dst cached in socket]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/3301ab7d5aeb0fe270f73a3d4810c9d1b6a9f045 (6.13-rc2)
+CVE-2024-56643 [dccp: Fix memory leak in dccp_feat_change_recv]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/22be4727a8f898442066bcac34f8a1ad0bc72e14 (6.13-rc2)
+CVE-2024-56642 [tipc: Fix use-after-free of kernel socket in cleanup_bearer().]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/6a2fa13312e51a621f652d522d7e2df7066330b6 (6.13-rc2)
+CVE-2024-56641 [net/smc: initialize close_work early to avoid warning]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/0541db8ee32c09463a72d0987382b3a3336b0043 (6.13-rc2)
+CVE-2024-56640 [net/smc: fix LGR and link use-after-free issue]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/2c7f14ed9c19ec0f149479d1c2842ec1f9bf76d7 (6.13-rc2)
+CVE-2024-56639 [net: hsr: must allocate more bytes for RedBox support]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/af8edaeddbc52e53207d859c912b017fd9a77629 (6.13-rc2)
+CVE-2024-56638 [netfilter: nft_inner: incorrect percpu area handling under softirq]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7b1d83da254be3bf054965c8f3b1ad976f460ae5 (6.13-rc2)
+CVE-2024-56637 [netfilter: ipset: Hold module reference while requesting a module]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/456f010bfaefde84d3390c755eedb1b0a5857c3c (6.13-rc2)
+CVE-2024-56636 [geneve: do not assume mac header is set in geneve_xmit_skb()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/8588c99c7d47448fcae39e3227d6e2bb97aad86d (6.13-rc2)
+CVE-2024-56635 [net: avoid potential UAF in default_operstate()]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/750e51603395e755537da08f745864c93e3ce741 (6.13-rc2)
+CVE-2024-56634 [gpio: grgpio: Add NULL check in grgpio_probe]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/050b23d081da0f29474de043e9538c1f7a351b3b (6.13-rc1)
+CVE-2024-56633 [tcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/ca70b8baf2bd125b2a4d96e76db79375c07d7ff2 (6.13-rc2)
+CVE-2024-56632 [nvme-tcp: fix the memleak while create new ctrl failed]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/fec55c29e54d3ca6fe9d7d7d9266098b4514fd34 (6.13-rc2)
+CVE-2024-56631 [scsi: sg: Fix slab-use-after-free read in sg_release()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/f10593ad9bc36921f623361c9e3dd96bd52d85ee (6.13-rc2)
+CVE-2024-56630 [ocfs2: free inode when ocfs2_get_init_inode() fails]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/965b5dd1894f4525f38c1b5f99b0106a07dbb5db (6.13-rc2)
+CVE-2024-56629 [HID: wacom: fix when get product name maybe null pointer]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/59548215b76be98cf3422eea9a67d6ea578aca3d (6.13-rc2)
+CVE-2024-56628 [LoongArch: Add architecture specific huge_pte_clear()]
+	- linux 6.12.5-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7cd1f5f77925ae905a57296932f0f9ef0dc364f8 (6.13-rc2)
+CVE-2024-56627 [ksmbd: fix Out-of-Bounds Read in ksmbd_vfs_stream_read]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/fc342cf86e2dc4d2edb0fc2ff5e28b6c7845adb9 (6.13-rc2)
+CVE-2024-56626 [ksmbd: fix Out-of-Bounds Write in ksmbd_vfs_stream_write]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/313dab082289e460391c82d855430ec8a28ddf81 (6.13-rc2)
+CVE-2024-56625 [can: dev: can_set_termination(): allow sleeping GPIOs]
+	- linux 6.12.5-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ee1dfbdd8b4b6de85e96ae2059dc9c1bdb6b49b5 (6.13-rc2)
+CVE-2024-56624 [iommufd: Fix out_fput in iommufd_fault_alloc()]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/af7f4780514f850322b2959032ecaa96e4b26472 (6.13-rc2)
+CVE-2024-56623 [scsi: qla2xxx: Fix use after free on unload]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/07c903db0a2ff84b68efa1a74a4de353ea591eb0 (6.13-rc2)
+CVE-2024-56622 [scsi: ufs: core: sysfs: Prevent div by zero]
+	- linux 6.12.5-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/eb48e9fc0028bed94a40a9352d065909f19e333c (6.13-rc2)
+CVE-2024-56621 [scsi: ufs: core: Cancel RTC work during ufshcd_remove()]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1695c4361d35b7bdadd7b34f99c9c07741e181e5 (6.13-rc2)
+CVE-2024-56620 [scsi: ufs: qcom: Only free platform MSIs when ESI is enabled]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/64506b3d23a337e98a74b18dcb10c8619365f2bd (6.13-rc2)
+CVE-2024-56619 [nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/985ebec4ab0a28bb5910c3b1481a40fbf7f9e61d (6.13-rc2)
+CVE-2024-56618 [pmdomain: imx: gpcv2: Adjust delay after power up handshake]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/2379fb937de5333991c567eefd7d11b98977d059 (6.13-rc2)
+CVE-2024-56617 [cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b3fce429a1e030b50c1c91351d69b8667eef627b (6.13-rc2)
+CVE-2024-56616 [drm/dp_mst: Fix MST sideband message body length check]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/bd2fccac61b40eaf08d9546acc9fef958bfe4763 (6.13-rc2)
+CVE-2024-56615 [bpf: fix OOB devmap writes when deleting elements]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/ab244dd7cf4c291f82faacdc50b45cc0f55b674d (6.13-rc2)
+CVE-2024-56614 [xsk: fix OOB map writes when deleting elements]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/32cd3db7de97c0c7a018756ce66244342fd583f0 (6.13-rc2)
+CVE-2024-56613 [sched/numa: fix memory leak due to the overwritten vma->numab_state]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/5f1b64e9a9b7ee9cfd32c6b2fab796e29bfed075 (6.13-rc2)
+CVE-2024-56612 [mm/gup: handle NULL pages in unpin_user_pages()]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a1268be280d8e484ab3606d7476edd0f14bb9961 (6.13-rc2)
+CVE-2024-56611 [mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/091c1dd2d4df6edd1beebe0e5863d4034ade9572 (6.13-rc2)
+CVE-2024-56610 [kcsan: Turn report_filterlist_lock into a raw_spinlock]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/59458fa4ddb47e7891c61b4a928d13d5f5b00aa0 (6.13-rc1)
+CVE-2024-56609 [wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/3e5e4a801aaf4283390cc34959c6c48f910ca5ea (6.13-rc1)
+CVE-2024-56608 [drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create']
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/63de35a8fcfca59ae8750d469a7eb220c7557baf (6.13-rc1)
+CVE-2024-56607 [wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/8fac3266c68a8e647240b8ac8d0b82f1821edf85 (6.13-rc1)
+CVE-2024-56606 [af_packet: avoid erroring out after sock_init_data() in packet_create()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/46f2a11cb82b657fd15bab1c47821b635e03838b (6.13-rc1)
+CVE-2024-56605 [Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/7c4f78cdb8e7501e9f92d291a7d956591bf73be9 (6.13-rc1)
+CVE-2024-56604 [Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/3945c799f12b8d1f49a3b48369ca494d981ac465 (6.13-rc1)
+CVE-2024-56603 [net: af_can: do not leave a dangling sk pointer in can_create()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/811a7ca7320c062e15d0f5b171fe6ad8592d1434 (6.13-rc1)
+CVE-2024-56602 [net: ieee802154: do not leave a dangling sk pointer in ieee802154_create()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/b4fcd63f6ef79c73cafae8cf4a114def5fc3d80d (6.13-rc1)
+CVE-2024-56601 [net: inet: do not leave a dangling sk pointer in inet_create()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/9365fa510c6f82e3aa550a09d0c5c6b44dbc78ff (6.13-rc1)
+CVE-2024-56600 [net: inet6: do not leave a dangling sk pointer in inet6_create()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/9df99c395d0f55fb444ef39f4d6f194ca437d884 (6.13-rc1)
+CVE-2024-56599 [wifi: ath10k: avoid NULL pointer error during sdio remove]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/95c38953cb1ecf40399a676a1f85dfe2b5780a9a (6.13-rc1)
+CVE-2024-56598 [jfs: array-index-out-of-bounds fix in dtReadFirst]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/ca84a2c9be482836b86d780244f0357e5a778c46 (6.13-rc1)
+CVE-2024-56597 [jfs: fix shift-out-of-bounds in dbSplit]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/a5f5e4698f8abbb25fe4959814093fb5bfa1aa9d (6.13-rc1)
+CVE-2024-56596 [jfs: fix array-index-out-of-bounds in jfs_readdir]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/839f102efb168f02dfdd46717b7c6dddb26b015e (6.13-rc1)
+CVE-2024-56595 [jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/a174706ba4dad895c40b1d2277bade16dfacdcd9 (6.13-rc1)
+CVE-2024-56594 [drm/amdgpu: set the right AMDGPU sg segment limitation]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/e2e97435783979124ba92d6870415c57ecfef6a5 (6.13-rc1)
+CVE-2024-56593 [wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/857282b819cbaa0675aaab1e7542e2c0579f52d7 (6.13-rc1)
+CVE-2024-56592 [bpf: Call free_htab_elem() after htab_unlock_bucket()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/b9e9ed90b10c82a4e9d4d70a2890f06bfcdd3b78 (6.13-rc1)
+CVE-2024-56591 [Bluetooth: hci_conn: Use disable_delayed_work_sync]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/2b0f2fc9ed62e73c95df1fa8ed2ba3dac54699df (6.13-rc1)
+CVE-2024-56590 [Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/3fe288a8214e7dd784d1f9b7c9e448244d316b47 (6.13-rc1)
+CVE-2024-56589 [scsi: hisi_sas: Add cond_resched() for no forced preemption model]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/2233c4a0b948211743659b24c13d6bd059fa75fc (6.13-rc1)
+CVE-2024-56588 [scsi: hisi_sas: Create all dump files during debugfs initialization]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/9f564f15f88490b484e02442dc4c4b11640ea172 (6.13-rc1)
+CVE-2024-56587 [leds: class: Protect brightness_show() with led_cdev->led_access mutex]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/4ca7cd938725a4050dcd62ae9472e931d603118d (6.13-rc1)
+CVE-2024-56586 [f2fs: fix f2fs_bug_on when uninstalling filesystem call f2fs_evict_inode.]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/d5c367ef8287fb4d235c46a2f8c8d68715f3a0ca (6.13-rc1)
+CVE-2024-56585 [LoongArch: Fix sleeping in atomic context for PREEMPT_RT]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/88fd2b70120d52c1010257d36776876941375490 (6.13-rc1)
+CVE-2024-56584 [io_uring/tctx: work around xa_store() allocation error issue]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/7eb75ce7527129d7f1fee6951566af409a37a1c4 (6.13-rc1)
+CVE-2024-56583 [sched/deadline: Fix warning in migrate_enable for boosted tasks]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/0664e2c311b9fa43b33e3e81429cd0c2d7f9c638 (6.13-rc3)
+CVE-2024-56582 [btrfs: fix use-after-free in btrfs_encoded_read_endio()]
+	- linux 6.12.5-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/05b36b04d74a517d6675bf2f90829ff1ac7e28dc (6.13-rc2)
+CVE-2024-56581 [btrfs: ref-verify: fix use-after-free after invalid ref action]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/7c4e39f9d2af4abaf82ca0e315d1fd340456620f (6.13-rc2)
+CVE-2024-56580 [media: qcom: camss: fix error path on configuration of power domains]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/4f45d65b781499d2a79eca12155532739c876aa2 (6.13-rc1)
+CVE-2024-56579 [media: amphion: Set video drvdata before register video device]
+	- linux 6.12.5-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/8cbb1a7bd5973b57898b26eb804fe44af440bb63 (6.13-rc1)
+CVE-2024-56578 [media: imx-jpeg: Set video drvdata before register video device]
+	- linux 6.12.5-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d2b7ecc26bd5406d5ba927be1748aa99c568696c (6.13-rc1)
+CVE-2024-56577 [media: mtk-jpeg: Fix null-ptr-deref during unload module]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/17af2b39daf12870cac61ffc360e62bc35798afb (6.13-rc1)
+CVE-2024-56576 [media: i2c: tc358743: Fix crash in the probe error path when using polling]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/869f38ae07f7df829da4951c3d1f7a2be09c2e9a (6.13-rc1)
+CVE-2024-56575 [media: imx-jpeg: Ensure power suppliers be suspended before detach them]
+	- linux 6.12.5-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/fd0af4cd35da0eb550ef682b71cda70a4e36f6b9 (6.13-rc1)
+CVE-2024-56574 [media: ts2020: fix null-ptr-deref in ts2020_probe()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/4a058b34b52ed3feb1f3ff6fd26aefeeeed20cba (6.13-rc1)
+CVE-2024-56573 [efi/libstub: Free correct pointer on failure]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/06d39d79cbd5a91a33707951ebf2512d0e759847 (6.13-rc1)
+CVE-2024-56572 [media: platform: allegro-dvt: Fix possible memory leak in allocate_buffers_internal()]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0f514068fbc5d4d189c817adc7c4e32cffdc2e47 (6.13-rc1)
+CVE-2024-56571 [media: uvcvideo: Require entities to have a non-zero unique ID]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/3dd075fe8ebbc6fcbf998f81a75b8c4b159a6195 (6.13-rc1)
+CVE-2024-56570 [ovl: Filter invalid inodes with missing lookup function]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/c8b359dddb418c60df1a69beea01d1b3322bfe83 (6.13-rc1)
+CVE-2024-56569 [ftrace: Fix regression with module command in stack_trace_filter]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/45af52e7d3b8560f21d139b3759735eead8b1653 (6.13-rc1)
+CVE-2024-56568 [iommu/arm-smmu: Defer probe of clients after smmu device bound]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/229e6ee43d2a160a1592b83aad620d6027084aad (6.13-rc1)
+CVE-2024-56567 [ad7780: fix division by zero in ad7780_write_raw()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/c174b53e95adf2eece2afc56cd9798374919f99a (6.13-rc1)
+CVE-2024-56566 [mm/slub: Avoid list corruption when removing a slab from the full list]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/dbc16915279a548a204154368da23d402c141c81 (6.13-rc1)
+CVE-2024-56565 [f2fs: fix to drop all discards after creating snapshot on lvm device]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/bc8aeb04fd80cb8cfae3058445c84410fd0beb5e (6.13-rc1)
+CVE-2024-56564 [ceph: pass cred pointer to ceph_mds_auth_match()]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/23426309a4064b25a961e1c72961d8bfc7c8c990 (6.13-rc1)
+CVE-2024-56563 [ceph: fix cred leak in ceph_mds_check_access()]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c5cf420303256dcd6ff175643e9e9558543c2047 (6.13-rc1)
+CVE-2024-56562 [i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/3082990592f7c6d7510a9133afa46e31bbe26533 (6.13-rc1)
+CVE-2024-56561 [PCI: endpoint: Fix PCI domain ID release in pci_epc_destroy()]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/4acc902ed3743edd4ac2d3846604a99d17104359 (6.13-rc1)
+CVE-2024-56560 [slab: Fix too strict alignment check in create_cache()]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/9008fe8fad8255edfdbecea32d7eb0485d939d0d (6.13-rc1)
+CVE-2024-56559 [mm/vmalloc: combine all TLB flush operations of KASAN shadow virtual address into one operation]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/9e9e085effe9b7e342138fde3cf8577d22509932 (6.13-rc1)
+CVE-2024-56558 [nfsd: make sure exp active before svc_export_show]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/be8f982c369c965faffa198b46060f8853e0f1f0 (6.13-rc1)
+CVE-2024-56557 [iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/3a4187ec454e19903fd15f6e1825a4b84e59a4cd (6.13-rc1)
+CVE-2024-56556 [binder: fix node UAF in binder_add_freeze_work()]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/dc8aea47b928cc153b591b3558829ce42f685074 (6.13-rc1)
+CVE-2024-56555 [binder: fix OOB in binder_add_freeze_work()]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/011e69a1b23011c0db3af4b8293fdd4522cc97b0 (6.13-rc1)
+CVE-2024-56554 [binder: fix freeze UAF in binder_release_work()]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7e20434cbca814cb91a0a261ca0106815ef48e5f (6.13-rc1)
+CVE-2024-56553 [binder: fix memleak of proc->delivered_freeze]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1db76ec2b4b206ff943e292a0b55e68ff3443598 (6.13-rc1)
+CVE-2024-56552 [drm/xe/guc_submit: fix race around suspend_pending]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/87651f31ae4e6e6e7e6c7270b9b469405e747407 (6.13-rc1)
+CVE-2024-56551 [drm/amdgpu: fix usage slab after free]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/b61badd20b443eabe132314669bb51a263982e5c (6.13-rc1)
+CVE-2024-56550 [s390/stacktrace: Use break instead of return statement]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/588a9836a4ef7ec3bfcffda526dfa399637e6cfc (6.13-rc1)
+CVE-2024-56549 [cachefiles: Fix NULL pointer dereference in object->file]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/31ad74b20227ce6b40910ff78b1c604e42975cf1 (6.13-rc1)
+CVE-2024-56548 [hfsplus: don't query the device logical block size multiple times]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/1c82587cb57687de3f18ab4b98a8850c789bedcf (6.13-rc1)
+CVE-2024-56547 [rcu/nocb: Fix missed RCU barrier on deoffloading]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/2996980e20b7a54a1869df15b3445374b850b155 (6.13-rc1)
+CVE-2024-56546 [drivers: soc: xilinx: add the missing kfree in xlnx_add_cb_for_suspend()]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/44ed4f90a97ff6f339e50ac01db71544e0990efc (6.13-rc1)
+CVE-2024-56545 [HID: hyperv: streamline driver probe to avoid devres issues]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/66ef47faa90d838cda131fe1f7776456cc3b59f2 (6.13-rc1)
+CVE-2024-56544 [udmabuf: change folios array from kmalloc to kvmalloc]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/1c0844c6184e658064e14c4335885785ad3bf84b (6.13-rc1)
+CVE-2024-56543 [wifi: ath12k: Skip Rx TID cleanup for self peer]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1a0c640ce1cdcde3eb131a0c1e70ca1ed7cf27cb (6.13-rc1)
+CVE-2024-56542 [drm/amd/display: fix a memleak issue when driver is removed]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d4f36e5fd800de7db74c1c4e62baf24a091a5ff6 (6.13-rc1)
+CVE-2024-56541 [wifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup()]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/bdb281103373fd80eb5c91cede1e115ba270b4e9 (6.13-rc1)
+CVE-2024-56540 [accel/ivpu: Prevent recovery invocation during probe and resume]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/5eaa497411197c41b0813d61ba3fbd6267049082 (6.13-rc1)
+CVE-2024-56539 [wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan()]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/d241a139c2e9f8a479f25c75ebd5391e6a448500 (6.13-rc1)
+CVE-2024-56538 [drm: zynqmp_kms: Unplug DRM device before removal]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/2e07c88914fc5289c21820b1aa94f058feb38197 (6.13-rc1)
+CVE-2024-56537 [drm: xlnx: zynqmp_disp: layer may be null while releasing]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/223842c7702b52846b1c5aef8aca7474ec1fd29b (6.13-rc1)
+CVE-2024-56536 [wifi: cw1200: Fix potential NULL dereference]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/2b94751626a6d49bbe42a19cc1503bd391016bd5 (6.13-rc1)
+CVE-2024-56535 [wifi: rtw89: coex: check NULL return of kmalloc in btc_fw_set_monreg()]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/81df5ed446b448bdc327b7c7f0b50121fc1f4aa2 (6.13-rc1)
+CVE-2024-56534 [isofs: avoid memory leak in iocharset]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0b5bbeee4de616a268db77e2f40f19ab010a367b (6.13-rc1)
+CVE-2024-56533 [ALSA: usx2y: Use snd_card_free_when_closed() at disconnection]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/dafb28f02be407e07a6f679e922a626592b481b0 (6.13-rc1)
+CVE-2024-56532 [ALSA: us122l: Use snd_card_free_when_closed() at disconnection]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/b7df09bb348016943f56b09dcaafe221e3f73947 (6.13-rc1)
+CVE-2024-56531 [ALSA: caiaq: Use snd_card_free_when_closed() at disconnection]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/b04dcbb7f7b1908806b7dc22671cdbe78ff2b82c (6.13-rc1)
+CVE-2024-53239 [ALSA: 6fire: Release resources at card release]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/a0810c3d6dd2d29a9b92604d682eacd2902ce947 (6.13-rc1)
+CVE-2024-53238 [Bluetooth: btmtk: adjust the position to init iso data anchor]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/61c5a3def90ac729a538e5ca5ff7f461cff72776 (6.13-rc1)
+CVE-2024-53237 [Bluetooth: fix use-after-free in device_for_each_child()]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/27aabf27fd014ae037cc179c61b0bee7cff55b3d (6.13-rc1)
+CVE-2024-53236 [xsk: Free skb when TX metadata options are invalid]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0c0d0f42ffa6ac94cd79893b7ed419c15e1b45de (6.13-rc1)
+CVE-2024-53235 [erofs: fix file-backed mounts over FUSE]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3a23787ca8756920d65fda39f41353a4be1d1642 (6.13-rc1)
+CVE-2024-53234 [erofs: handle NONHEAD !delta[1] lclusters gracefully]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/0bc8061ffc733a0a246b8689b2d32a3e9204f43c (6.13-rc1)
+CVE-2024-53233 [unicode: Fix utf8_load() error path]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/156bb2c569cd869583c593d27a5bd69e7b2a4264 (6.13-rc1)
+CVE-2024-53232 [iommu/s390: Implement blocking domain]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ecda483339a5151e3ca30d6b82691ef6f1d17912 (6.13-rc1)
+CVE-2024-53231 [cpufreq: CPPC: Fix possible null-ptr-deref for cpufreq_cpu_get_raw()]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a78e7207564258db6e373e86294a85f9d646d35a (6.13-rc1)
+CVE-2024-53230 [cpufreq: CPPC: Fix possible null-ptr-deref for cppc_get_cpu_cost()]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1a1374bb8c5926674973d849feed500bc61ad535 (6.13-rc1)
+CVE-2024-53229 [RDMA/rxe: Fix the qp flush warnings in req]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ea4c990fa9e19ffef0648e40c566b94ba5ab31be (6.13-rc1)
+CVE-2024-53228 [riscv: kvm: Fix out-of-bounds array access]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/332fa4a802b16ccb727199da685294f85f9880cb (6.13-rc1)
+CVE-2024-53227 [scsi: bfa: Fix use-after-free in bfad_im_module_exit()]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/178b8f38932d635e90f5f0e9af1986c6f4a89271 (6.13-rc1)
+CVE-2024-53226 [RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg()]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/6b526d17eed850352d880b93b9bf20b93006bd92 (6.13-rc1)
+CVE-2024-53225 [iommu/tegra241-cmdqv: Fix alignment failure at max_n_shift]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a3799717b881aa0f4e722afb70e7b8ba84ae4f36 (6.13-rc1)
+CVE-2024-53224 [RDMA/mlx5: Move events notifier registration to be after device registration]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/ede132a5cf559f3ab35a4c28bac4f4a6c20334d8 (6.13-rc1)
+CVE-2024-53223 [clk: ralink: mtmips: fix clocks probe order in oldest ralink SoCs]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d34db686a3d74bd564bfce2ada15011c556269fc (6.13-rc1)
+CVE-2024-53222 [zram: fix NULL pointer in comp_algorithm_show()]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f364cdeb38938f9d03061682b8ff3779dd1730e5 (6.13-rc1)
+CVE-2024-53221 [f2fs: fix null-ptr-deref in f2fs_submit_page_bio()]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/b7d0a97b28083084ebdd8e5c6bccd12e6ec18faa (6.13-rc1)
+CVE-2024-53220 [f2fs: fix to account dirty data in __get_secs_required()]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/1acd73edbbfef2c3c5b43cba4006a7797eca7050 (6.13-rc1)
+CVE-2024-53219 [virtiofs: use pages instead of pointer for kernel direct IO]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/41748675c0bf252b3c5f600a95830f0936d366c1 (6.13-rc1)
+CVE-2024-53218 [f2fs: fix race in concurrent f2fs_stop_gc_thread]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7b0033dbc48340a1c1c3f12448ba17d6587ca092 (6.13-rc1)
+CVE-2024-53217 [NFSD: Prevent NULL dereference in nfsd4_process_cb_update()]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/1e02c641c3a43c88cecc08402000418e15578d38 (6.13-rc1)
+CVE-2024-53216 [nfsd: release svc_expkey/svc_export with rcu_work]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/f8c989a0c89a75d30f899a7cabdc14d72522bb8d (6.13-rc1)
+CVE-2024-53215 [svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init()]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ce89e742a4c12b20f09a43fec1b21db33f2166cd (6.13-rc1)
+CVE-2024-53214 [vfio/pci: Properly hide first-in-list PCIe extended capability]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/fe4bf8d0b6716a423b16495d55b35d3fe515905d (6.13-rc1)
+CVE-2024-53213 [net: usb: lan78xx: Fix double free issue with interrupt buffer allocation]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/03819abbeb11117dcbba40bfe322b88c0c88a6b6 (6.13-rc1)
+CVE-2024-53212 [netlink: fix false positive warning in extack during dumps]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3bf39fa849ab8ed52abb6715922e6102d3df9f97 (6.13-rc1)
+CVE-2024-53211 [net/l2tp: fix warning in l2tp_exit_net found by syzbot]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/5d066766c5f1252f98ff859265bcd1a5b52ac46c (6.13-rc1)
+CVE-2024-53210 [s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct()]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/ebaf81317e42aa990ad20b113cfe3a7b20d4e937 (6.13-rc1)
+CVE-2024-53209 [bnxt_en: Fix receive ring space parameters when XDP is active]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3051a77a09dfe3022aa012071346937fdf059033 (6.13-rc1)
+CVE-2024-53208 [Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0b882940665ca2849386ee459d4331aa2f8c4e7d (6.13-rc1)
+CVE-2024-53207 [Bluetooth: MGMT: Fix possible deadlocks]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a66dfaf18fd61bb75ef8cee83db46b2aadf153d0 (6.13-rc1)
+CVE-2024-53206 [tcp: Fix use-after-free of nreq in reqsk_timer_handler().]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c31e72d021db2714df03df6c42855a1db592716c (6.13-rc1)
+CVE-2024-53205 [phy: realtek: usb: fix NULL deref in rtk_usb2phy_probe]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/04e3e9188291a183b27306ddb833722c0d083d6a (6.13-rc1)
+CVE-2024-53204 [phy: realtek: usb: fix NULL deref in rtk_usb3phy_probe]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/bf373d2919d98f3d1fe1b19a0304f72fe74386d9 (6.13-rc1)
+CVE-2024-53203 [usb: typec: fix potential array underflow in ucsi_ccg_sync_control()]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/e56aac6e5a25630645607b6856d4b2a17b2311a5 (6.13-rc1)
+CVE-2024-53202 [firmware_loader: Fix possible resource leak in fw_log_firmware_info()]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/369a9c046c2fdfe037f05b43b84c386bdbccc103 (6.13-rc1)
+CVE-2024-53201 [drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/6a057072ddd127255350357dd880903e8fa23f36 (6.13-rc1)
+CVE-2024-53200 [drm/amd/display: Fix null check for pipe_ctx->plane_state in hwss_setup_dpp]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/2bc96c95070571c6c824e0d4c7783bee25a37876 (6.13-rc1)
+CVE-2024-53199 [ASoC: imx-audmix: Add NULL check in imx_audmix_probe]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e038f43edaf0083f6aa7c9415d86cf28dfd152f9 (6.13-rc1)
+CVE-2024-53198 [xen: Fix the issue of resource not being properly released in xenbus_dev_probe()]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/afc545da381ba0c651b2658966ac737032676f01 (6.13-rc1)
+CVE-2024-53197 [ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/b909df18ce2a998afef81d58bbd1a05dc0788c40 (6.13-rc1)
+CVE-2024-53196 [KVM: arm64: Don't retire aborted MMIO instruction]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/e735a5da64420a86be370b216c269b5dd8e830e2 (6.13-rc1)
+CVE-2024-53195 [KVM: arm64: Get rid of userspace_irqchip_in_use]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/38d7aacca09230fdb98a34194fec2af597e8e20d (6.13-rc1)
+CVE-2024-53194 [PCI: Fix use-after-free of slot->bus on hot remove]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/c7acef99642b763ba585f4a43af999fcdbcc3dc4 (6.13-rc1)
+CVE-2024-53193 [clk: clk-loongson2: Fix memory corruption bug in struct loongson2_clk_provider]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/6e4bf018bb040955da53dae9f8628ef8fcec2dbe (6.13-rc1)
+CVE-2024-53192 [clk: clk-loongson2: Fix potential buffer overflow in flexible-array member access]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/02fb4f0084331ef72c28d0c70fcb15d1bea369ec (6.13-rc1)
+CVE-2024-53191 [wifi: ath12k: fix warning when unbinding]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ca68ce0d9f4bcd032fd1334441175ae399642a06 (6.13-rc1)
+CVE-2024-53190 [wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/5c1b544563005a00591a3aa86ecff62ed4d11be3 (6.13-rc1)
+CVE-2024-53189 [wifi: nl80211: fix bounds checker error in nl80211_parse_sched_scan]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/9c46a3a5b394d6d123866aa44436fc2cd342eb0d (6.13-rc1)
+CVE-2024-53188 [wifi: ath12k: fix crash when unbinding]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1304446f67863385dc4c914b6e0194f6664ee764 (6.13-rc1)
+CVE-2024-53187 [io_uring: check for overflows in io_pin_pages]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/0c0a4eae26ac78379d0c1db053de168a8febc6c9 (6.13-rc1)
+CVE-2024-53186 [ksmbd: fix use-after-free in SMB request handling]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/9a8c5d89d327ff58e9b2517f8a6afb4181d32c6e (6.13-rc1)
+CVE-2024-53185 [smb: client: fix NULL ptr deref in crypto_aead_setkey()]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/4bdec0d1f658f7c98749bd2c5a486e6cfa8565d2 (6.13-rc1)
+CVE-2024-53184 [um: ubd: Do not use drvdata in release]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/5bee35e5389f450a7eea7318deb9073e9414d3b1 (6.13-rc1)
+CVE-2024-53183 [um: net: Do not use drvdata in release]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/d1db692a9be3b4bd3473b64fcae996afaffe8438 (6.13-rc1)
+CVE-2024-53182 [Revert "block, bfq: merge bfq_release_process_ref() into bfq_put_cooperator()"]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/cf5a60d971c7b59efb89927919404be655a9e35a (6.13-rc1)
+CVE-2024-53181 [um: vector: Do not use drvdata in release]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/51b39d741970742a5c41136241a9c48ac607cf82 (6.13-rc1)
+CVE-2024-53180 [ALSA: pcm: Add sanity NULL check for the default mmap fault handler]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/d2913a07d9037fe7aed4b7e680684163eaed6bc4 (6.13-rc1)
+CVE-2024-53179 [smb: client: fix use-after-free of signing key]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/343d7fe6df9e247671440a932b6a73af4fa86d95 (6.13-rc1)
+CVE-2024-53178 [smb: Don't leak cfid when reconnect races with open_cached_dir]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7afb86733685c64c604d32faf00fa4a1f22c2ab1 (6.13-rc1)
+CVE-2024-53177 [smb: prevent use-after-free due to open_cached_dir error paths]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/a9685b409a03b73d2980bbfa53eb47555802d0a9 (6.13-rc1)
+CVE-2024-53176 [smb: During unmount, ensure all cached dir instances drop their dentry]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3fa640d035e5ae526769615c35cb9ed4be6e3662 (6.13-rc1)
+CVE-2024-53175 [ipc: fix memleak if msg_init_ns failed in create_ipc_ns]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/bc8f5921cd69188627c08041276238de222ab466 (6.13-rc1)
+CVE-2024-53174 [SUNRPC: make sure cache entry active before cache_show]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/2862eee078a4d2d1f584e7f24fa50dddfa5f3471 (6.13-rc1)
+CVE-2024-53173 [NFSv4.0: Fix a use-after-free problem in the asynchronous open()]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/2fdb05dc0931250574f0cb0ebeb5ed8e20f4a889 (6.13-rc1)
+CVE-2024-53172 [ubi: fastmap: Fix duplicate slab cache names while attaching]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/bcddf52b7a17adcebc768d26f4e27cf79adb424c (6.13-rc1)
+CVE-2024-53171 [ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/4617fb8fc15effe8eda4dd898d4e33eb537a7140 (6.13-rc1)
+CVE-2024-53170 [block: fix uaf for flush rq while iterating tags]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3802f73bd80766d70f319658f334754164075bc3 (6.13-rc1)
+CVE-2024-53169 [nvme-fabrics: fix kernel crash while shutting down controller]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e9869c85c81168a1275f909d5972a3fc435304be (6.13-rc1)
+CVE-2024-53168 [sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/3f23f96528e8fcf8619895c4c916c52653892ec1 (6.13-rc1)
+CVE-2024-53167 [nfs/blocklayout: Don't attempt unregister for invalid block device]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3a4ce14d9a6b868e0787e4582420b721c04ee41e (6.13-rc1)
+CVE-2024-53166 [block, bfq: fix bfqq uaf in bfq_limit_depth()]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e8b8344de3980709080d86c157d24e7de07d70ad (6.13-rc1)
+CVE-2024-53165 [sh: intc: Fix use-after-free bug in register_intc_controller()]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/63e72e551942642c48456a4134975136cdcb9b3c (6.13-rc1)
+CVE-2022-49034 [sh: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/3c891f7c6a4e90bb1199497552f24b26e46383bc (6.13-rc1)
 CVE-2024-53164 [net: sched: fix ordering of qlen adjustment]
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/5eb7de8cd58e73851cd37ff8d0666517d9926948 (6.13-rc2)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d69762bf516d5ed5e2855462520531e08ab3c57a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d69762bf516d5ed5e2855462520531e08ab3c57a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241227/93a8b6dd/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list