[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Fri Apr 18 09:47:33 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
766c64f7 by Salvatore Bonaccorso at 2025-04-18T10:47:05+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,18 @@
 CVE-2025-42599 (Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-b ...)
 	TODO: check
 CVE-2025-40325 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
-	TODO: check
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3db4404435397a345431b45f57876a3df133f3b4 (6.15-rc1)
 CVE-2025-40114 (In the Linux kernel, the following vulnerability has been resolved:  i ...)
-	TODO: check
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ee735aa33db16c1fb5ebccbaf84ad38f5583f3cc (6.15-rc1)
 CVE-2025-40014 (In the Linux kernel, the following vulnerability has been resolved:  o ...)
-	TODO: check
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/76e51db43fe4aaaebcc5ddda67b0807f7c9bdecc (6.15-rc1)
 CVE-2025-3783 (A vulnerability classified as critical was found in SourceCodester Web ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-3598 (The Coupon Affiliates \u2013 Affiliate Plugin for WooCommerce plugin f ...)
@@ -19,19 +26,31 @@ CVE-2025-3246 (An improper neutralization of input vulnerability was identified
 CVE-2025-3124 (A missing authorization vulnerability was identified in GitHub Enterpr ...)
 	TODO: check
 CVE-2025-39989 (In the Linux kernel, the following vulnerability has been resolved:  x ...)
-	TODO: check
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1a15bb8303b6b104e78028b6c68f76a0d4562134 (6.15-rc1)
 CVE-2025-39930 (In the Linux kernel, the following vulnerability has been resolved:  A ...)
-	TODO: check
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/de74ec718e0788e1998eb7289ad07970e27cae27 (6.15-rc1)
 CVE-2025-39778 (In the Linux kernel, the following vulnerability has been resolved:  o ...)
-	TODO: check
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/107a23185d990e3df6638d9a84c835f963fe30a6 (6.15-rc1)
 CVE-2025-39755 (In the Linux kernel, the following vulnerability has been resolved:  s ...)
-	TODO: check
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c1baf6528bcfd6a86842093ff3f8ff8caf309c12 (6.15-rc1)
 CVE-2025-39735 (In the Linux kernel, the following vulnerability has been resolved:  j ...)
-	TODO: check
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/fdf480da5837c23b146c4743c18de97202fcab37 (6.15-rc1)
 CVE-2025-39728 (In the Linux kernel, the following vulnerability has been resolved:  c ...)
-	TODO: check
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/d19d7345a7bcdb083b65568a11b11adffe0687af (6.15-rc1)
 CVE-2025-39688 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d1bc15b147d35b4cb7ca99a9a7d79d41ca342c13 (6.15-rc1)
 CVE-2025-39471 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-39470 (Path Traversal: '.../...//' vulnerability in ThimPress Ivy School allo ...)
@@ -39,27 +58,49 @@ CVE-2025-39470 (Path Traversal: '.../...//' vulnerability in ThimPress Ivy Schoo
 CVE-2025-39469 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-38637 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/ce8fe975fd99b49c29c42e50f2441ba53112b2e8 (6.15-rc1)
 CVE-2025-38575 (In the Linux kernel, the following vulnerability has been resolved:  k ...)
-	TODO: check
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/6171063e9d046ffa46f51579b2ca4a43caef581a (6.15-rc1)
 CVE-2025-38479 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
-	TODO: check
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/fa70c4c3c580c239a0f9e83a14770ab026e8d820 (6.15-rc1)
 CVE-2025-38240 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
-	TODO: check
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/106a6de46cf4887d535018185ec528ce822d6d84 (6.15-rc1)
 CVE-2025-38152 (In the Linux kernel, the following vulnerability has been resolved:  r ...)
-	TODO: check
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/efdde3d73ab25cef4ff2d06783b0aad8b093c0e4 (6.15-rc1)
 CVE-2025-38104 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
-	TODO: check
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/dc0297f3198bd60108ccbd167ee5d9fa4af31ed0 (6.15-rc1)
 CVE-2025-38049 (In the Linux kernel, the following vulnerability has been resolved:  x ...)
-	TODO: check
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a121798ae669351ec0697c94f71c3a692b2a755b (6.15-rc1)
 CVE-2025-37925 (In the Linux kernel, the following vulnerability has been resolved:  j ...)
-	TODO: check
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/8c3f9a70d2d4dd6c640afe294b05c6a0a45434d9 (6.15-rc1)
 CVE-2025-37893 (In the Linux kernel, the following vulnerability has been resolved:  L ...)
-	TODO: check
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7e2586991e36663c9bc48c828b83eab180ad30a9 (6.15-rc1)
 CVE-2025-37860 (In the Linux kernel, the following vulnerability has been resolved:  s ...)
-	TODO: check
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/8241ecec1cdc6699ae197d52d58e76bddd995fa5 (6.15-rc1)
 CVE-2025-37785 (In the Linux kernel, the following vulnerability has been resolved:  e ...)
-	TODO: check
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/d5e206778e96e8667d3bde695ad372c296dc9353 (6.15-rc1)
 CVE-2025-2613 (The Login Manager \u2013 Design Login Page, View Login Activity, Limit ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-2162 (The MapPress Maps for WordPress plugin before 2.94.10 does not sanitis ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/766c64f7728a766c6a5a548caf203cf2bf8ff5fc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/766c64f7728a766c6a5a548caf203cf2bf8ff5fc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250418/8d407515/attachment.htm>
