[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Dec 4 16:12:11 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2ad84833 by Salvatore Bonaccorso at 2025-12-04T17:11:41+01:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,10 @@
+CVE-2025-40215 [xfrm: delete x->tunnel as we delete x]
+ - linux 6.16.3-1
+ NOTE: https://git.kernel.org/linus/b441cf3f8c4b8576639d20c8eb4aa32917602ecd (6.16)
+CVE-2025-40214 [af_unix: Initialise scc_index in unix_add_edge().]
+ - linux 6.17.9-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/60e6489f8e3b086bd1130ad4450a2c112e863791 (6.18-rc6)
CVE-2025-66404 (MCP Server Kubernetes is an MCP Server that can connect to a Kubernete ...)
NOT-FOR-US: MCP Server Kubernetes
CVE-2025-66287 [Maliciously crafted web content may lead to a process crash.]
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ad848332053e9694f5b89afac6bb1bb06543217
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ad848332053e9694f5b89afac6bb1bb06543217
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251204/c92add4f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list