[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Apr 16 15:37:44 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a2bf1fc6 by Salvatore Bonaccorso at 2025-04-16T16:37:21+02:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,488 @@
+CVE-2025-23138 [watch_queue: fix pipe accounting mismatch]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/f13abc1e8e1a3b7455511c4e122750127f6bc9b0 (6.15-rc1)
+CVE-2025-23137 [cpufreq/amd-pstate: Add missing NULL ptr check in amd_pstate_update]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/426db24d4db2e4f0d6720aeb7795eafcb9e82640 (6.15-rc1)
+CVE-2025-23136 [thermal: int340x: Add NULL check for adev]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/2542a3f70e563a9e70e7ded314286535a3321bdb (6.15-rc1)
+CVE-2025-23135 [RISC-V: KVM: Teardown riscv specific bits after kvm_exit]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/2d117e67f318303f6ab699a5511d1fac3f170545 (6.15-rc1)
+CVE-2025-23134 [ALSA: timer: Don't take register_mutex with copy_from/to_user()]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3424c8f53bc63c87712a7fc22dc13d0cc85fb0d6 (6.15-rc1)
+CVE-2025-23133 [wifi: ath11k: update channel list in reg notifier instead reg worker]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/933ab187e679e6fbdeea1835ae39efcc59c022d2 (6.15-rc1)
+CVE-2025-23132 [f2fs: quota: fix to avoid warning in dquot_writeback_dquots()]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/eb85c2410d6f581e957cd03a644ff6ddbe592af9 (6.15-rc1)
+CVE-2025-23131 [dlm: prevent NPD when writing a positive value to event_done]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/8e2bad543eca5c25cd02cbc63d72557934d45f13 (6.15-rc1)
+CVE-2025-23130 [f2fs: fix to avoid panic once fallocation fails for pinfile]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/48ea8b200414ac69ea96f4c231f5c7ef1fbeffef (6.15-rc1)
+CVE-2025-23129 [wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/68410c5bd381a81bcc92b808e7dc4e6b9ed25d11 (6.15-rc1)
+CVE-2025-22128 [wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b43b1e2c52db77c872bd60d30cdcc72c47df70c7 (6.15-rc1)
+CVE-2025-22127 [f2fs: fix potential deadloop in prepare_compress_overwrite()]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/3147ee567dd9004a49826ddeaf0a4b12865d4409 (6.15-rc1)
+CVE-2025-22126 [md: fix mddev uaf while iterating all_mddevs list]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8542870237c3a48ff049b6c5df5f50c8728284fa (6.15-rc1)
+CVE-2025-22125 [md/raid1,raid10: don't ignore IO flags]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/e879a0d9cb086c8e52ce6c04e5bfa63825a6213c (6.15-rc1)
+CVE-2025-22124 [md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6130825f34d41718c98a9b1504a79a23e379701e (6.15-rc1)
+CVE-2025-22123 [f2fs: fix to avoid accessing uninitialized curseg]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/986c50f6bca109c6cf362b4e2babcb85aba958f6 (6.15-rc1)
+CVE-2025-22122 [block: fix adding folio to bio]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/26064d3e2b4d9a14df1072980e558c636fb023ea (6.15-rc1)
+CVE-2025-22121 [ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/5701875f9609b000d91351eaa6bfd97fe2f157f4 (6.15-rc1)
+CVE-2025-22120 [ext4: goto right label 'out_mmap_sem' in ext4_setattr()]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7e91ae31e2d264155dfd102101afc2de7bd74a64 (6.15-rc1)
+CVE-2025-22119 [wifi: cfg80211: init wiphy_work before allocating rfkill fails]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/fc88dee89d7b63eeb17699393eb659aadf9d9b7c (6.15-rc1)
+CVE-2025-22118 [ice: validate queue quanta parameters to prevent OOB access]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e2f7d3f7331b92cb820da23e8c45133305da1e63 (6.15-rc1)
+CVE-2025-22117 [ice: fix using untrusted value of pkt_len in ice_vc_fdir_parse_raw()]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1388dd564183a5a18ec4a966748037736b5653c5 (6.15-rc1)
+CVE-2025-22116 [idpf: check error for register_netdev() on init]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/680811c67906191b237bbafe7dabbbad64649b39 (6.15-rc1)
+CVE-2025-22115 [btrfs: fix block group refcount race in btrfs_create_pending_block_groups()]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/2d8e5168d48a91e7a802d3003e72afb4304bebfa (6.15-rc1)
+CVE-2025-22114 [btrfs: don't clobber ret in btrfs_validate_super()]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9db9c7dd5b4e1d3205137a094805980082c37716 (6.15-rc1)
+CVE-2025-22113 [ext4: avoid journaling sb update on error if journal is destroying]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ce2f26e73783b4a7c46a86e3af5b5c8de0971790 (6.15-rc1)
+CVE-2025-22112 [eth: bnxt: fix out-of-range access of vnic_info array]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/919f9f497dbcee75d487400e8f9815b74a6a37df (6.15-rc1)
+CVE-2025-22111 [net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF.]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ed3ba9b6e280e14cc3148c1b226ba453f02fa76c (6.15-rc1)
+CVE-2025-22110 [netfilter: nfnetlink_queue: Initialize ctx to avoid memory allocation error]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/778b09d91baafb13408470c721d034d6515cfa5a (6.15-rc1)
+CVE-2025-22109 [ax25: Remove broken autobind]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/2f6efbabceb6b2914ee9bafb86d9a51feae9cce8 (6.15-rc1)
+CVE-2025-22108 [bnxt_en: Mask the bd_cnt field in the TX BD properly]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/107b25db61122d8f990987895c2912927b8b6e3f (6.15-rc1)
+CVE-2025-22107 [net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry()]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/5f2b28b79d2d1946ee36ad8b3dc0066f73c90481 (6.15-rc1)
+CVE-2025-22106 [vmxnet3: unregister xdp rxq info in the reset path]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/0dd765fae295832934bf28e45dd5a355e0891ed4 (6.15-rc1)
+CVE-2025-22105 [bonding: check xdp prog when set bond mode]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/094ee6017ea09c11d6af187935a949df32803ce0 (6.15-rc1)
+CVE-2025-22104 [ibmvnic: Use kernel helpers for hex dumps]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/d93a6caab5d7d9b5ce034d75b1e1e993338e3852 (6.15-rc1)
+CVE-2025-22103 [net: fix NULL pointer dereference in l3mdev_l3_rcv]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/0032c99e83b9ce6d5995d65900aa4b6ffb501cce (6.15-rc1)
+CVE-2025-22102 [Bluetooth: btnxpuart: Fix kernel panic during FW release]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1f77c05408c96bc0b58ae476a9cadc9e5b9cfd0f (6.15-rc1)
+CVE-2025-22101 [net: libwx: fix Tx L4 checksum]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c7d82913d5f9e97860772ee4051eaa66b56a6273 (6.15-rc1)
+CVE-2025-22100 [drm/panthor: Fix race condition when gathering fdinfo group samples]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/0590c94c3596d6c1a3d549ae611366f2ad4e1d8d (6.15-rc1)
+CVE-2025-22099 [drm: xlnx: zynqmp_dpsub: Add NULL check in zynqmp_audio_init]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d0660f9c588a1246a1a543c91a1e3cad910237da (6.15-rc1)
+CVE-2025-22098 [drm: zynqmp_dp: Fix a deadlock in zynqmp_dp_ignore_hpd_set()]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f887685ee0eb4ef716391355568181230338f6eb (6.15-rc1)
+CVE-2025-22097 [drm/vkms: Fix use after free and double free on init error]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ed15511a773df86205bda66c37193569575ae828 (6.15-rc1)
+CVE-2025-22096 [drm/msm/gem: Fix error code msm_parse_deps()]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/0b305b7cadce835505bd93183a599acb1f800a05 (6.15-rc1)
+CVE-2025-22095 [PCI: brcmstb: Fix error path after a call to regulator_bulk_get()]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3651ad5249c51cf7eee078e12612557040a6bdb4 (6.15-rc1)
+CVE-2025-22094 [powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu']
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ff99d5b6a246715f2257123cdf6c4a29cb33aa78 (6.15-rc1)
+CVE-2025-22093 [drm/amd/display: avoid NPD when ASIC does not support DMUB]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/42d9d7bed270247f134190ba0cb05bbd072f58c2 (6.15-rc1)
+CVE-2025-22092 [PCI: Fix NULL dereference in SR-IOV VF creation error path]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/04d50d953ab46d96b0b32d5ad955fceaa28622db (6.15-rc1)
+CVE-2025-22091 [RDMA/mlx5: Fix page_size variable overflow]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f0c2427412b43cdf1b7b0944749ea17ddb97d5a5 (6.15-rc1)
+CVE-2025-22090 [x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range()]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/dc84bc2aba85a1508f04a936f9f9a15f64ebfb31 (6.15-rc1)
+CVE-2025-22089 [RDMA/core: Don't expose hw_counters outside of init net namespace]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a1ecb30f90856b0be4168ad51b8875148e285c1f (6.15-rc1)
+CVE-2025-22088 [RDMA/erdma: Prevent use-after-free in erdma_accept_newconn()]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/83437689249e6a17b25e27712fbee292e42e7855 (6.15-rc1)
+CVE-2025-22087 [bpf: Fix array bounds error with may_goto]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6ebc5030e0c5a698f1dd9a6684cddf6ccaed64a0 (6.15-rc1)
+CVE-2025-22086 [RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/5ed3b0cb3f827072e93b4c5b6e2b8106fd7cccbd (6.15-rc1)
+CVE-2025-22085 [RDMA/core: Fix use-after-free when rename device name]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1d6a9e7449e2a0c1e2934eee7880ba8bd1e464cd (6.15-rc1)
+CVE-2025-22084 [w1: fix NULL pointer dereference in probe]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/0dd6770a72f138dabea9eae87f3da6ffa68f0d06 (6.15-rc1)
+CVE-2025-22083 [vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/5dd639a1646ef5fe8f4bf270fad47c5c3755b9b6 (6.15-rc1)
+CVE-2025-22082 [iio: backend: make sure to NULL terminate stack buffer]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/035b4989211dc1c8626e186d655ae8ca5141bb73 (6.15-rc1)
+CVE-2025-22081 [fs/ntfs3: Fix a couple integer overflows on 32bit systems]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5ad414f4df2294b28836b5b7b69787659d6aa708 (6.15-rc1)
+CVE-2025-22080 [fs/ntfs3: Prevent integer overflow in hdr_first_de()]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6bb81b94f7a9cba6bde9a905cef52a65317a8b04 (6.15-rc1)
+CVE-2025-22079 [ocfs2: validate l_tree_depth to avoid out-of-bounds access]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/a406aff8c05115119127c962cbbbbd202e1973ef (6.15-rc1)
+CVE-2025-22078 [staging: vchiq_arm: Fix possible NPR of keep-alive thread]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3db89bc6d973e2bcaa852f6409c98c228f39a926 (6.15-rc1)
+CVE-2025-22077 [smb: client: Fix netns refcount imbalance causing leaks and use-after-free]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/4e7f1644f2ac6d01dc584f6301c3b1d5aac4eaef (6.15-rc1)
+CVE-2025-22076 [exfat: fix missing shutdown check]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/47e35366bc6fa3cf189a8305bce63992495f3efa (6.15-rc1)
+CVE-2025-22075 [rtnetlink: Allocate vfinfo size for VF GUIDs when supported]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/23f00807619d15063d676218f36c5dfeda1eb420 (6.15-rc1)
+CVE-2025-22074 [ksmbd: fix r_count dec/increment mismatch]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ddb7ea36ba7129c2ed107e2186591128618864e1 (6.15-rc1)
+CVE-2025-22073 [spufs: fix a leak on spufs_new_file() failure]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/d1ca8698ca1332625d83ea0d753747be66f9906d (6.15-rc1)
+CVE-2025-22072 [spufs: fix gang directory lifetimes]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/c134deabf4784e155d360744d4a6a835b9de4dd4 (6.15-rc1)
+CVE-2025-22071 [spufs: fix a leak in spufs_create_context()]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/0f5cce3fc55b08ee4da3372baccf4bcd36a98396 (6.15-rc1)
+CVE-2025-22070 [fs/9p: fix NULL pointer dereference on mkdir]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3f61ac7c65bdb26accb52f9db66313597e759821 (6.15-rc1)
+CVE-2025-22069 [riscv: fgraph: Fix stack layout to match __arch_ftrace_regs argument of ftrace_return_to_handler]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/67a5ba8f742f247bc83e46dd2313c142b1383276 (6.15-rc1)
+CVE-2025-22068 [ublk: make sure ubq->canceling is set when queue is frozen]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8741d0737921ec1c03cf59aebf4d01400c2b461a (6.15-rc1)
+CVE-2025-22067 [spi: cadence: Fix out-of-bounds array access in cdns_mrvl_xspi_setup_clock()]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7ba0847fa1c22e7801cebfe5f7b75aee4fae317e (6.15-rc1)
+CVE-2025-22066 [ASoC: imx-card: Add NULL check in imx_card_probe()]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/93d34608fd162f725172e780b1c60cc93a920719 (6.15-rc1)
+CVE-2025-22065 [idpf: fix adapter NULL pointer dereference on reboot]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/4c9106f4906a85f6b13542d862e423bcdc118cc3 (6.15-rc1)
+CVE-2025-22064 [netfilter: nf_tables: don't unregister hook when table is dormant]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/688c15017d5cd5aac882400782e7213d40dc3556 (6.15-rc1)
+CVE-2025-22063 [netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/078aabd567de3d63d37d7673f714e309d369e6e2 (6.15-rc1)
+CVE-2025-22062 [sctp: add mutual exclusion in proc_sctp_do_udp_port()]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/10206302af856791fbcc27a33ed3c3eb09b2793d (6.15-rc1)
+CVE-2025-22061 [net: airoha: Fix qid report in airoha_tc_get_htb_get_leaf_queue()]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/57b290d97c6150774bf929117ca737a26d8fc33d (6.15-rc1)
+CVE-2025-22060 [net: mvpp2: Prevent parser TCAM memory corruption]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/96844075226b49af25a69a1d084b648ec2d9b08d (6.15-rc1)
+CVE-2025-22059 [udp: Fix multiple wraparounds of sk->sk_rmem_alloc.]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5a465a0da13ee9fbd7d3cd0b2893309b0fe4b7e3 (6.15-rc1)
+CVE-2025-22058 [udp: Fix memory accounting leak.]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/df207de9d9e7a4d92f8567e2c539d9c8c12fd99d (6.15-rc1)
+CVE-2025-22057 [net: decrease cached dst counters in dst_release]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/3a0a3ff6593d670af2451ec363ccb7b18aec0c0a (6.15-rc1)
+CVE-2025-22056 [netfilter: nft_tunnel: fix geneve_opt type confusion addition]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/1b755d8eb1ace3870789d48fbd94f386ad6e30be (6.15-rc1)
+CVE-2025-22055 [net: fix geneve_opt length integer overflow]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/b27055a08ad4b415dcf15b63034f9cb236f7fb40 (6.15-rc1)
+CVE-2025-22054 [arcnet: Add NULL check in com20020pci_probe()]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/fda8c491db2a90ff3e6fbbae58e495b4ddddeca3 (6.15-rc1)
+CVE-2025-22053 [net: ibmveth: make veth_pool_store stop hanging]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/053f3ff67d7feefc75797863f3d84b47ad47086f (6.15-rc1)
+CVE-2025-22052 [staging: gpib: Fix Oops after disconnect in ni_usb]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a239c6e91b665f1837cf57b97fe638ef1baf2e78 (6.15-rc1)
+CVE-2025-22051 [staging: gpib: Fix Oops after disconnect in agilent usb]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8491e73a5223acb0a4b4d78c3f8b96aa9c5e774d (6.15-rc1)
+CVE-2025-22050 [usbnet:fix NPE during rx_complete]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/51de3600093429e3b712e5f091d767babc5dd6df (6.15-rc1)
+CVE-2025-22049 [LoongArch: Increase ARCH_DMA_MINALIGN up to 16]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/4103cfe9dcb88010ae4911d3ff417457d1b6a720 (6.15-rc1)
+CVE-2025-22048 [LoongArch: BPF: Don't override subprog's return value]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/60f3caff1492e5b8616b9578c4bedb5c0a88ed14 (6.15-rc1)
+CVE-2025-22047 [x86/microcode/AMD: Fix __apply_microcode_amd()'s return value]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/31ab12df723543047c3fc19cb8f8c4498ec6267f (6.15-rc1)
+CVE-2025-22046 [uprobes/x86: Harden uretprobe syscall trampoline check]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/fa6192adc32f4fdfe5b74edd5b210e12afd6ecc0 (6.15-rc1)
+CVE-2025-22045 [x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/3ef938c3503563bfc2ac15083557f880d29c2e64 (6.15-rc1)
+CVE-2025-22044 [acpi: nfit: fix narrowing conversion in acpi_nfit_ctl]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/2ff0e408db36c21ed3fa5e3c1e0e687c82cf132f (6.15-rc1)
+CVE-2025-22043 [ksmbd: add bounds check for durable handle context]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/542027e123fc0bfd61dd59e21ae0ee4ef2101b29 (6.15-rc1)
+CVE-2025-22042 [ksmbd: add bounds check for create lease context]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/bab703ed8472aa9d109c5f8c1863921533363dae (6.15-rc1)
+CVE-2025-22041 [ksmbd: fix use-after-free in ksmbd_sessions_deregister()]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/15a9605f8d69dc85005b1a00c31a050b8625e1aa (6.15-rc1)
+CVE-2025-22040 [ksmbd: fix session use-after-free in multichannel connection]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/fa4cdb8cbca7d6cb6aa13e4d8d83d1103f6345db (6.15-rc1)
+CVE-2025-22039 [ksmbd: fix overflow in dacloffset bounds check]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/beff0bc9d69bc8e733f9bca28e2d3df5b3e10e42 (6.15-rc1)
+CVE-2025-22038 [ksmbd: validate zero num_subauth before sub_auth is accessed]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/bf21e29d78cd2c2371023953d9c82dfef82ebb36 (6.15-rc1)
+CVE-2025-22037 [ksmbd: fix null pointer dereference in alloc_preauth_hash()]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/c8b5b7c5da7d0c31c9b7190b4a7bba5281fc4780 (6.15-rc1)
+CVE-2025-22036 [exfat: fix random stack corruption after get_block]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1bb7ff4204b6d4927e982cd256286c09ed4fd8ca (6.15-rc1)
+CVE-2025-22035 [tracing: Fix use-after-free in print_graph_function_flags during tracer switching]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/7f81f27b1093e4895e87b74143c59c055c3b1906 (6.15-rc1)
+CVE-2025-22034 [mm/gup: reject FOLL_SPLIT_PMD with hugetlb VMAs]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8977752c8056a6a094a279004a49722da15bace3 (6.15-rc1)
+CVE-2025-22033 [arm64: Don't call NULL in do_compat_alignment_fixup()]
+ - linux <unfixed>
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c28f31deeacda307acfee2f18c0ad904e5123aac (6.15-rc1)
+CVE-2025-22032 [wifi: mt76: mt7921: fix kernel panic due to null pointer dereference]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/adc3fd2a2277b7cc0b61692463771bf9bd298036 (6.15-rc1)
+CVE-2025-22031 [PCI/bwctrl: Fix NULL pointer dereference on bus number exhaustion]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/667f053b05f00a007738cd7ed6fa1901de19dc7e (6.15-rc1)
+CVE-2025-22030 [mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead()]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c11bcbc0a517acf69282c8225059b2a8ac5fe628 (6.15-rc1)
+CVE-2025-22029 [exec: fix the racy usage of fs_struct->in_exec]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/af7bb0d2ca459f15cb5ca604dab5d9af103643f0 (6.15-rc1)
+CVE-2025-22028 [media: vimc: skip .s_stream() for stopped entities]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/36cef585e2a31e4ddf33a004b0584a7a572246de (6.15-rc1)
+CVE-2025-22027 [media: streamzap: fix race between device disconnection and urb callback]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/f656cfbc7a293a039d6a0c7100e1c846845148c1 (6.15-rc1)
+CVE-2025-22026 [nfsd: don't ignore the return code of svc_proc_register()]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/930b64ca0c511521f0abdd1d57ce52b2a6e3476b (6.15-rc1)
+CVE-2025-22025 [nfsd: put dl_stid if fail to queue dl_recall]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/230ca758453c63bd38e4d9f4a21db698f7abada8 (6.15-rc1)
+CVE-2025-22024 [nfsd: fix management of listener transports]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d093c90892607be505e801469d6674459e69ab89 (6.15-rc1)
+CVE-2024-58097 [wifi: ath11k: fix RCU stall while reaping monitor destination ring]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/16c6c35c03ea73054a1f6d3302a4ce4a331b427d (6.15-rc1)
+CVE-2024-58096 [wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/63b7af49496d0e32f7a748b6af3361ec138b1bd3 (6.15-rc1)
+CVE-2024-58095 [jfs: add check read-only before txBeginAnon() call]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/0176e69743ecc02961f2ae1ea42439cd2bf9ed58 (6.15-rc1)
+CVE-2024-58094 [jfs: add check read-only before truncation in jfs_truncate_nolock()]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/b5799dd77054c1ec49b0088b006c9908e256843b (6.15-rc1)
+CVE-2024-58093 [PCI/ASPM: Fix link state exit during switch upstream function removal]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/cbf937dcadfd571a434f8074d057b32cd14fbea5 (6.15-rc1)
+CVE-2023-53034 [ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/de203da734fae00e75be50220ba5391e7beecdf9 (6.15-rc1)
CVE-2025-22023 [usb: xhci: Don't skip on Stopped - Length Invalid]
- linux 6.12.22-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2bf1fc698f0fdda55bd4b022d460bd28552437c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2bf1fc698f0fdda55bd4b022d460bd28552437c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250416/44492b5d/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list