[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Apr 17 20:44:38 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d35ad00a by Salvatore Bonaccorso at 2025-04-17T21:44:10+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2021-47671 [can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path]
+	- linux 5.15.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d9447f768bc8c60623e4bb3ce65b8f4654d33a50 (5.16-rc1)
+CVE-2021-47670 [can: peak_usb: fix use after free bugs]
+	- linux 5.10.12-1
+	NOTE: https://git.kernel.org/linus/50aca891d7a554db0901b245167cd653d73aaa71 (5.11-rc5)
+CVE-2021-47669 [can: vxcan: vxcan_xmit: fix use after free bug]
+	- linux 5.10.12-1
+	NOTE: https://git.kernel.org/linus/75854cad5d80976f6ea0f0431f8cedd3bcc475cb (5.11-rc5)
+CVE-2021-47668 [can: dev: can_restart: fix use after free bug]
+	- linux 5.10.12-1
+	NOTE: https://git.kernel.org/linus/03f16c5075b22c8902d2af739969e878b0879c94 (5.11-rc5)
+CVE-2020-36789 [can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context]
+	- linux 5.9.9-1
+	NOTE: https://git.kernel.org/linus/2283f79b22684d2812e5c76fc2280aae00390365 (5.10-rc3)
 CVE-2025-43717 (In PEAR HTTP_Request2 before 2.7.0, multiple files in the tests direct ...)
 	NOT-FOR-US: PEAR HTTP_Request2
 CVE-2025-43715 (Nullsoft Scriptable Install System (NSIS) before 3.11 on Windows allow ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d35ad00a4a2149cb9b9261eb465ab7560e85e9a9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d35ad00a4a2149cb9b9261eb465ab7560e85e9a9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250417/72a77d49/attachment.htm>

More information about the debian-security-tracker-commits mailing list