[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Aug 22 18:26:35 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
23d76465 by Salvatore Bonaccorso at 2025-08-22T19:26:09+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,62 @@
+CVE-2025-38675 [xfrm: state: initialize state_ptrs earlier in xfrm_state_find]
+	- linux <unfixed>
+	[trixie] - linux 6.12.41-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/94d077c331730510d5611b438640a292097341f0 (6.16)
+CVE-2025-38674 [Revert "drm/prime: Use dma_buf from GEM object instance"]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/fb4ef4a52b79a22ad382bfe77332642d02aef773 (6.16)
+CVE-2025-38673 [Revert "drm/gem-framebuffer: Use dma_buf from GEM object instance"]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/2712ca878b688682ac2ce02aefc413fc76019cd9 (6.16)
+CVE-2025-38672 [Revert "drm/gem-dma: Use dma_buf from GEM object instance"]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1918e79be908b8a2c8757640289bc196c14d928a (6.16)
+CVE-2025-38671 [i2c: qup: jump out of the loop in case of timeout]
+	- linux <unfixed>
+	[trixie] - linux 6.12.41-1
+	NOTE: https://git.kernel.org/linus/a7982a14b3012527a9583d12525cd0dc9f8d8934 (6.16)
+CVE-2025-38670 [arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()]
+	- linux <unfixed>
+	[trixie] - linux 6.12.41-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d42e6c20de6192f8e4ab4cf10be8c694ef27e8cb (6.16)
+CVE-2025-38669 [Revert "drm/gem-shmem: Use dma_buf from GEM object instance"]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/6d496e9569983a0d7a05be6661126d0702cf94f7 (6.16)
+CVE-2025-38668 [regulator: core: fix NULL dereference on unbind due to stale coupling data]
+	- linux <unfixed>
+	[trixie] - linux 6.12.41-1
+	NOTE: https://git.kernel.org/linus/ca46946a482238b0cdea459fb82fc837fb36260e (6.16-rc5)
+CVE-2025-38667 [iio: fix potential out-of-bound write]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/16285a0931869baa618b1f5d304e1e9d090470a8 (6.16-rc7)
+CVE-2025-38666 [net: appletalk: Fix use-after-free in AARP proxy probe]
+	- linux <unfixed>
+	[trixie] - linux 6.12.41-1
+	NOTE: https://git.kernel.org/linus/6c4a92d07b0850342d3becf2e608f805e972467c (6.16)
+CVE-2025-38665 [can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode]
+	- linux <unfixed>
+	[trixie] - linux 6.12.41-1
+	NOTE: https://git.kernel.org/linus/c1f3f9797c1f44a762e6f5f72520b2e520537b52 (6.16)
+CVE-2025-38664 [ice: Fix a null pointer dereference in ice_copy_and_init_pkg()]
+	- linux <unfixed>
+	[trixie] - linux 6.12.41-1
+	NOTE: https://git.kernel.org/linus/4ff12d82dac119b4b99b5a78b5af3bf2474c0a36 (6.16)
+CVE-2025-38663 [nilfs2: reject invalid file types when reading inodes]
+	- linux <unfixed>
+	[trixie] - linux 6.12.41-1
+	NOTE: https://git.kernel.org/linus/4aead50caf67e01020c8be1945c3201e8a972a27 (6.16)
+CVE-2025-38662 [ASoC: mediatek: mt8365-dai-i2s: pass correct size to mt8365_dai_set_priv]
+	- linux <unfixed>
+	[trixie] - linux 6.12.41-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/6bea85979d05470e6416a2bb504a9bcd9178304c (6.16)
+CVE-2025-38661 [platform/x86: alienware-wmi-wmax: Fix `dmi_system_id` array]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/8346c6af27f1c1410eb314f4be5875fdf1579a10 (6.16)
 CVE-2025-38660 [[ceph] parse_longname(): strrchr() expects NUL-terminated string]
 	- linux <unfixed>
 	[bookworm] - linux <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23d76465b207aee1bc765e447ff95609fae54ede

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23d76465b207aee1bc765e447ff95609fae54ede
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250822/a92463a7/attachment.htm>

More information about the debian-security-tracker-commits mailing list