[Git][security-tracker-team/security-tracker][master] Correct assessment for CVE-2025-40779/isc-kea
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Aug 28 20:50:29 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cf971cd7 by Salvatore Bonaccorso at 2025-08-28T21:49:37+02:00
Correct assessment for CVE-2025-40779/isc-kea
Link: https://bugs.debian.org/1112247#10
Thanks: Paride Legovini
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14,9 +14,10 @@ CVE-2024-58240 [tls: separate no-async decryption request handling from async]
- linux 6.7.9-1
NOTE: https://git.kernel.org/linus/41532b785e9d79636b3815a64ddf6a096647d011 (6.8-rc7)
CVE-2025-40779 [Kea crash upon interaction between specific client options and subnet selection]
- - isc-kea <unfixed> (bug #1112247)
+ - isc-kea <not-affected> (Vulnerable code introduced later, bug #1112247)
NOTE: https://kb.isc.org/docs/cve-2025-40779
NOTE: Backport: https://gitlab.isc.org/isc-projects/kea/-/issues/4055
+ NOTE: Introduced with: https://gitlab.isc.org/isc-projects/kea/-/commit/8f1742a2d6509c7edf5d63ed1d4eec53f9e016b0 (Kea-2.7.1)
NOTE: https://gitlab.isc.org/isc-projects/kea/-/commit/0afd42b5dfb2e547b3c25023953892c1e578aba3 (Kea-3.1.1)
NOTE: https://gitlab.isc.org/isc-projects/kea/-/commit/b25d7e8a81273e4099bf6c7f639ed774de2f3d08 (Kea-3.0.1)
CVE-2025-9533 (A vulnerability has been found in TOTOLINK T10 4.1.8cu.5241_B20210927. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf971cd772706798f7fb8875d8b4299bfbc43710
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf971cd772706798f7fb8875d8b4299bfbc43710
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250828/c1c9028e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list