[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Aug 16 13:59:17 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3a35b717 by Salvatore Bonaccorso at 2025-08-16T14:55:49+02:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2025-38552 [mptcp: plug races between subflow fail and subflow creation]
+ - linux <unfixed>
+ [trixie] - linux 6.12.41-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/def5b7b2643ebba696fc60ddf675dca13f073486 (6.16-rc7)
+CVE-2025-38551 [virtio-net: fix recursived rtnl_lock() during probe()]
+ - linux <unfixed>
+ [trixie] - linux 6.12.41-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/be5dcaed694e4255dc02dd0acfe036708c535def (6.16-rc7)
+CVE-2025-38550 [ipv6: mcast: Delay put pmc->idev in mld_del_delrec()]
+ - linux <unfixed>
+ [trixie] - linux 6.12.41-1
+ [bookworm] - linux 6.1.147-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ae3264a25a4635531264728859dbe9c659fad554 (6.16-rc7)
+CVE-2025-38549 [efivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths]
+ - linux <unfixed>
+ [trixie] - linux 6.12.41-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/64e135f1eaba0bbb0cdee859af3328c68d5b9789 (6.16-rc7)
+CVE-2025-38548 [hwmon: (corsair-cpro) Validate the size of the received input buffer]
+ - linux <unfixed>
+ [trixie] - linux 6.12.41-1
+ [bookworm] - linux 6.1.147-1
+ NOTE: https://git.kernel.org/linus/495a4f0dce9c8c4478c242209748f1ee9e4d5820 (6.16-rc7)
+CVE-2025-38547 [iio: adc: axp20x_adc: Add missing sentinel to AXP717 ADC channel maps]
+ - linux <unfixed>
+ [trixie] - linux 6.12.41-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3281ddcea6429f7bc1fdb39d407752dd1371aba9 (6.16-rc7)
CVE-2025-38546 [atm: clip: Fix memory leak of struct clip_vcc.]
- linux <unfixed>
[trixie] - linux 6.12.41-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a35b717a440473a69cd15246c16691b27235975
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a35b717a440473a69cd15246c16691b27235975
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250816/bd54a2d0/attachment.htm>
More information about the debian-security-tracker-commits
mailing list