[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Aug 16 21:12:27 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c51d22fb by security tracker role at 2025-08-16T20:12:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,267 +1,279 @@
-CVE-2023-4515 [ksmbd: validate command request size]
+CVE-2025-9092 (Uncontrolled Resource Consumption vulnerability in Legion of the Bounc ...)
+ TODO: check
+CVE-2025-8878 (The The Paid Membership Plugin, Ecommerce, User Registration Form, Log ...)
+ TODO: check
+CVE-2025-8719 (The Translate This gTranslate Shortcode plugin for WordPress is vulner ...)
+ TODO: check
+CVE-2025-8143 (The Soledad theme for WordPress is vulnerable to Stored Cross-Site Scr ...)
+ TODO: check
+CVE-2025-8142 (The Soledad theme for WordPress is vulnerable to Local File Inclusion ...)
+ TODO: check
+CVE-2025-8105 (The The Soledad theme for WordPress is vulnerable to arbitrary shortco ...)
+ TODO: check
+CVE-2023-4515 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/5aa4fda5aa9c2a5a7bac67b4a12b089ab81fee3c (6.5-rc6)
-CVE-2023-4130 [ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()]
+CVE-2023-4130 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/79ed288cef201f1f212dfb934bcaac75572fb8f6 (6.5-rc6)
-CVE-2023-32249 [ksmbd: not allow guest user on multichannel]
+CVE-2023-32249 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
NOTE: https://git.kernel.org/linus/3353ab2df5f68dab7da8d5ebb427a2d265a1f2b2 (6.4-rc1)
-CVE-2023-32246 [ksmbd: call rcu_barrier() in ksmbd_server_exit()]
+CVE-2023-32246 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
NOTE: https://git.kernel.org/linus/eb307d09fe15844fdaebeb8cc8c9b9e925430aa5 (6.4-rc1)
-CVE-2025-38552 [mptcp: plug races between subflow fail and subflow creation]
+CVE-2025-38552 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/def5b7b2643ebba696fc60ddf675dca13f073486 (6.16-rc7)
-CVE-2025-38551 [virtio-net: fix recursived rtnl_lock() during probe()]
+CVE-2025-38551 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/be5dcaed694e4255dc02dd0acfe036708c535def (6.16-rc7)
-CVE-2025-38550 [ipv6: mcast: Delay put pmc->idev in mld_del_delrec()]
+CVE-2025-38550 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ae3264a25a4635531264728859dbe9c659fad554 (6.16-rc7)
-CVE-2025-38549 [efivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths]
+CVE-2025-38549 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/64e135f1eaba0bbb0cdee859af3328c68d5b9789 (6.16-rc7)
-CVE-2025-38548 [hwmon: (corsair-cpro) Validate the size of the received input buffer]
+CVE-2025-38548 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
NOTE: https://git.kernel.org/linus/495a4f0dce9c8c4478c242209748f1ee9e4d5820 (6.16-rc7)
-CVE-2025-38547 [iio: adc: axp20x_adc: Add missing sentinel to AXP717 ADC channel maps]
+CVE-2025-38547 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3281ddcea6429f7bc1fdb39d407752dd1371aba9 (6.16-rc7)
-CVE-2025-38546 [atm: clip: Fix memory leak of struct clip_vcc.]
+CVE-2025-38546 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
NOTE: https://git.kernel.org/linus/62dba28275a9a3104d4e33595c7b3328d4032d8d (6.16-rc6)
-CVE-2025-38545 [net: ethernet: ti: am65-cpsw-nuss: Fix skb size by accounting for skb_shared_info]
+CVE-2025-38545 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/02c4d6c26f1f662da8885b299c224ca6628ad232 (6.16-rc6)
-CVE-2025-38544 [rxrpc: Fix bug due to prealloc collision]
+CVE-2025-38544 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
NOTE: https://git.kernel.org/linus/69e4186773c6445b258fb45b6e1df18df831ec45 (6.16-rc6)
-CVE-2025-38543 [drm/tegra: nvdec: Fix dma_alloc_coherent error check]
+CVE-2025-38543 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/44306a684cd1699b8562a54945ddc43e2abc9eab (6.16-rc6)
-CVE-2025-38542 [net: appletalk: Fix device refcount leak in atrtr_create()]
+CVE-2025-38542 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
NOTE: https://git.kernel.org/linus/711c80f7d8b163d3ecd463cd96f07230f488e750 (6.16-rc6)
-CVE-2025-38541 [wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init()]
+CVE-2025-38541 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/03ee8f73801a8f46d83dfc2bf73fb9ffa5a21602 (6.16-rc6)
-CVE-2025-38540 [HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras]
+CVE-2025-38540 (In the Linux kernel, the following vulnerability has been resolved: H ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
NOTE: https://git.kernel.org/linus/54bae4c17c11688339eb73a04fd24203bb6e7494 (6.16-rc4)
-CVE-2025-38539 [tracing: Add down_write(trace_event_sem) when adding trace event]
+CVE-2025-38539 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
NOTE: https://git.kernel.org/linus/b5e8acc14dcb314a9b61ff19dcd9fdd0d88f70df (6.16-rc7)
-CVE-2025-38538 [dmaengine: nbpfaxi: Fix memory corruption in probe()]
+CVE-2025-38538 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
NOTE: https://git.kernel.org/linus/188c6ba1dd925849c5d94885c8bbdeb0b3dcf510 (6.16-rc7)
-CVE-2025-38537 [net: phy: Don't register LEDs for genphy]
+CVE-2025-38537 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f0f2b992d8185a0366be951685e08643aae17d6d (6.16-rc7)
-CVE-2025-38536 [net: airoha: fix potential use-after-free in airoha_npu_get()]
+CVE-2025-38536 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3cd582e7d0787506990ef0180405eb6224fa90a6 (6.16-rc7)
-CVE-2025-38535 [phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode]
+CVE-2025-38535 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
NOTE: https://git.kernel.org/linus/cefc1caee9dd06c69e2d807edc5949b329f52b22 (6.16-rc7)
-CVE-2025-38534 [netfs: Fix copy-to-cache so that it performs collection with ceph+fscache]
+CVE-2025-38534 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4c238e30774e3022a505fa54311273add7570f13 (6.16-rc7)
-CVE-2025-38533 [net: libwx: fix the using of Rx buffer DMA]
+CVE-2025-38533 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/5fd77cc6bd9b368431a815a780e407b7781bcca0 (6.16-rc7)
-CVE-2025-38532 [net: libwx: properly reset Rx ring descriptor]
+CVE-2025-38532 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d992ed7e1b687ad7df0763d3e015a5358646210b (6.16-rc7)
-CVE-2025-38531 [iio: common: st_sensors: Fix use of uninitialize device structs]
+CVE-2025-38531 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
NOTE: https://git.kernel.org/linus/9f92e93e257b33e73622640a9205f8642ec16ddd (6.16-rc7)
-CVE-2025-38530 [comedi: pcl812: Fix bit shift out of bounds]
+CVE-2025-38530 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
NOTE: https://git.kernel.org/linus/b14b076ce593f72585412fc7fd3747e03a5e3632 (6.16-rc7)
-CVE-2025-38529 [comedi: aio_iiro_16: Fix bit shift out of bounds]
+CVE-2025-38529 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
NOTE: https://git.kernel.org/linus/66acb1586737a22dd7b78abc63213b1bcaa100e4 (6.16-rc7)
-CVE-2025-38528 [bpf: Reject %p% format string in bprintf-like helpers]
+CVE-2025-38528 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f8242745871f81a3ac37f9f51853d12854fd0b58 (6.16-rc7)
-CVE-2025-38527 [smb: client: fix use-after-free in cifs_oplock_break]
+CVE-2025-38527 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
NOTE: https://git.kernel.org/linus/705c79101ccf9edea5a00d761491a03ced314210 (6.16-rc7)
-CVE-2025-38526 [ice: add NULL check in eswitch lag check]
+CVE-2025-38526 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3ce58b01ada408b372f15b7c992ed0519840e3cf (6.16-rc7)
-CVE-2025-38525 [rxrpc: Fix irq-disabled in local_bh_enable()]
+CVE-2025-38525 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e4d2878369d590bf8455e3678a644e503172eafa (6.16-rc7)
-CVE-2025-38524 [rxrpc: Fix recv-recv race of completed call]
+CVE-2025-38524 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
NOTE: https://git.kernel.org/linus/962fb1f651c2cf2083e0c3ef53ba69e3b96d3fbc (6.16-rc7)
-CVE-2025-38523 [cifs: Fix the smbd_response slab to allow usercopy]
+CVE-2025-38523 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.12.37-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/43e7e284fc77b710d899569360ea46fa3374ae22 (6.16-rc4)
-CVE-2025-38522 [sched/ext: Prevent update_locked_rq() calls with NULL rq]
+CVE-2025-38522 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e14fd98c6d66cb76694b12c05768e4f9e8c95664 (6.16-rc7)
-CVE-2025-38521 [drm/imagination: Fix kernel crash when hard resetting the GPU]
+CVE-2025-38521 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d38376b3ee48d073c64e75e150510d7e6b4b04f7 (6.16-rc6)
-CVE-2025-38520 [drm/amdkfd: Don't call mmput from MMU notifier callback]
+CVE-2025-38520 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/cf234231fcbc7d391e2135b9518613218cc5347f (6.16-rc5)
-CVE-2025-38519 [mm/damon: fix divide by zero in damon_get_intervals_score()]
+CVE-2025-38519 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/bd225b9591442065beb876da72656f4a2d627d03 (6.16-rc6)
-CVE-2025-38518 [x86/CPU/AMD: Disable INVLPGB on Zen2]
+CVE-2025-38518 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a74bb5f202dabddfea96abc1328fcedae8aa140a (6.16-rc6)
-CVE-2025-38517 [lib/alloc_tag: do not acquire non-existent lock in alloc_tag_top_users()]
+CVE-2025-38517 (In the Linux kernel, the following vulnerability has been resolved: l ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/99af22cd34688cc0d535a1919e0bea4cbc6c1ea1 (6.16-rc6)
-CVE-2025-38516 [pinctrl: qcom: msm: mark certain pins as invalid for interrupts]
+CVE-2025-38516 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
NOTE: https://git.kernel.org/linus/93712205ce2f1fb047739494c0399a26ea4f0890 (6.16-rc6)
-CVE-2025-38515 [drm/sched: Increment job count before swapping tail spsc queue]
+CVE-2025-38515 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
NOTE: https://git.kernel.org/linus/8af39ec5cf2be522c8eb43a3d8005ed59e4daaee (6.16-rc5)
-CVE-2025-38514 [rxrpc: Fix oops due to non-existence of prealloc backlog struct]
+CVE-2025-38514 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
NOTE: https://git.kernel.org/linus/880a88f318cf1d2a0f4c0a7ff7b07e2062b434a4 (6.16-rc6)
-CVE-2025-38513 [wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev()]
+CVE-2025-38513 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
NOTE: https://git.kernel.org/linus/74b1ec9f5d627d2bdd5e5b6f3f81c23317657023 (6.16-rc6)
-CVE-2025-38512 [wifi: prevent A-MSDU attacks in mesh networks]
+CVE-2025-38512 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
NOTE: https://git.kernel.org/linus/737bb912ebbe4571195c56eba557c4d7315b26fb (6.16-rc6)
-CVE-2025-38511 [drm/xe/pf: Clear all LMTT pages on alloc]
+CVE-2025-38511 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/705a412a367f383430fa34bada387af2e52eb043 (6.16-rc6)
-CVE-2025-38510 [kasan: remove kasan_find_vm_area() to prevent possible deadlock]
+CVE-2025-38510 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6ee9b3d84775944fb8c8a447961cd01274ac671c (6.16-rc6)
-CVE-2025-38509 [wifi: mac80211: reject VHT opmode for unsupported channel widths]
+CVE-2025-38509 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/58fcb1b4287ce38850402bb2bb16d09bf77b91d9 (6.16-rc6)
-CVE-2025-38508 [x86/sev: Use TSC_FACTOR for Secure TSC frequency calculation]
+CVE-2025-38508 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/52e1a03e6cf61ae165f59f41c44394a653a0a788 (6.16-rc5)
-CVE-2025-38507 [HID: nintendo: avoid bluetooth suspend/resume stalls]
+CVE-2025-38507 (In the Linux kernel, the following vulnerability has been resolved: H ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
NOTE: https://git.kernel.org/linus/4a0381080397e77792a5168069f174d3e56175ff (6.16-rc4)
-CVE-2025-38506 [KVM: Allow CPU to reschedule while setting per-page memory attributes]
+CVE-2025-38506 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/47bb584237cc285e3a860b70c01f7bda9dcfb05b (6.16-rc6)
-CVE-2025-38505 [wifi: mwifiex: discard erroneous disassoc frames on STA interface]
+CVE-2025-38505 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3b602ddc0df723992721b0d286c90c9bdd755b34 (6.16-rc6)
-CVE-2025-38504 [io_uring/zcrx: fix pp destruction warnings]
+CVE-2025-38504 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/203817de269539c062724d97dfa5af3cdf77a3ec (6.16-rc6)
-CVE-2025-38503 [btrfs: fix assertion when building free space tree]
+CVE-2025-38503 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux <unfixed>
[trixie] - linux 6.12.41-1
[bookworm] - linux 6.1.147-1
NOTE: https://git.kernel.org/linus/1961d20f6fa8903266ed9bd77c691924c22c8f02 (6.16-rc4)
-CVE-2025-38502 [bpf: Fix oob access in cgroup local storage]
+CVE-2025-38502 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/abad3d0bad72a52137e0c350c59542d75ae4f513 (6.17-rc1)
CVE-2025-8959 (HashiCorp's go-getter library subdirectory download feature is vulnera ...)
@@ -193495,21 +193507,21 @@ CVE-2023-41423 (Cross Site Scripting vulnerability in WP Githuber MD plugin v.1.
NOT-FOR-US: WP Githuber MD plugin
CVE-2023-39073 (An issue in SNMP Web Pro v.1.1 allows a remote attacker to execute arb ...)
NOT-FOR-US: SNMP Web Pro
-CVE-2023-3867 [ksmbd: add missing compound request handing in some commands]
+CVE-2023-3867 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-981/
NOTE: https://git.kernel.org/linus/7b7d709ef7cf285309157fb94c33f625dd22c5e1 (6.5-rc1)
-CVE-2023-3866 [ksmbd: validate session id and tree id in the compound request]
+CVE-2023-3866 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.3.11-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-979/
NOTE: https://git.kernel.org/linus/5005bcb4219156f1bf7587b185080ec1da08518e (6.4)
-CVE-2023-3865 [ksmbd: fix out-of-bound read in smb2_write]
+CVE-2023-3865 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.3.11-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c51d22fbdb7d202d7442469eb3187171ba843112
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c51d22fbdb7d202d7442469eb3187171ba843112
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250816/33333f02/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list