[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Dec 4 17:20:01 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
36fac7e0 by Salvatore Bonaccorso at 2025-12-04T18:19:08+01:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,132 @@
+CVE-2025-40245 [nios2: ensure that memblock.current_limit is set when setting pfn limits]
+ - linux 6.17.6-1
+ [trixie] - linux 6.12.57-1
+ [bookworm] - linux 6.1.158-1
+ NOTE: https://git.kernel.org/linus/a20b83cf45be2057f3d073506779e52c7fa17f94 (6.18-rc1)
+CVE-2025-40244 [hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent()]
+ - linux 6.17.6-1
+ [trixie] - linux 6.12.57-1
+ [bookworm] - linux 6.1.158-1
+ NOTE: https://git.kernel.org/linus/4840ceadef4290c56cc422f0fc697655f3cbf070 (6.18-rc1)
+CVE-2025-40243 [hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits()]
+ - linux 6.17.6-1
+ [trixie] - linux 6.12.57-1
+ [bookworm] - linux 6.1.158-1
+ NOTE: https://git.kernel.org/linus/2048ec5b98dbdfe0b929d2e42dc7a54c389c53dd (6.18-rc1)
+CVE-2025-40242 [gfs2: Fix unlikely race in gdlm_put_lock]
+ - linux 6.17.6-1
+ [trixie] - linux 6.12.57-1
+ NOTE: https://git.kernel.org/linus/28c4d9bc0708956c1a736a9e49fee71b65deee81 (6.18-rc1)
+CVE-2025-40241 [erofs: fix crafted invalid cases for encoded extents]
+ - linux 6.17.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a429b76114aaca3ef1aff4cd469dcf025431bd11 (6.18-rc3)
+CVE-2025-40240 [sctp: avoid NULL dereference when chunk data buffer is missing]
+ - linux 6.17.6-1
+ [trixie] - linux 6.12.57-1
+ [bookworm] - linux 6.1.158-1
+ NOTE: https://git.kernel.org/linus/441f0647f7673e0e64d4910ef61a5fb8f16bfb82 (6.18-rc3)
+CVE-2025-40239 [net: phy: micrel: always set shared->phydev for LAN8814]
+ - linux 6.17.6-1
+ [trixie] - linux 6.12.57-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/399d10934740ae8cdaa4e3245f7c5f6c332da844 (6.18-rc3)
+CVE-2025-40238 [net/mlx5: Fix IPsec cleanup over MPV device]
+ - linux 6.17.6-1
+ [trixie] - linux 6.12.57-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/664f76be38a18c61151d0ef248c7e2f3afb4f3c7 (6.18-rc3)
+CVE-2025-40237 [fs/notify: call exportfs_encode_fid with s_umount]
+ - linux 6.17.6-1
+ [trixie] - linux 6.12.57-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a7c4bb43bfdc2b9f06ee9d036028ed13a83df42a (6.18-rc3)
+CVE-2025-40236 [virtio-net: zero unused hash fields]
+ - linux 6.17.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b2284768c6b32aa224ca7d0ef0741beb434f03aa (6.18-rc3)
+CVE-2025-40235 [btrfs: directly free partially initialized fs_info in btrfs_check_leaked_roots()]
+ - linux 6.17.6-1
+ [trixie] - linux 6.12.57-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/17679ac6df6c4830ba711835aa8cf961be36cfa1 (6.18-rc3)
+CVE-2025-40234 [platform/x86: alienware-wmi-wmax: Fix NULL pointer dereference in sleep handlers]
+ - linux 6.17.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a49c4d48c3b60926e6a8cec217bf95aa65388ecc (6.18-rc3)
+CVE-2025-40233 [ocfs2: clear extent cache after moving/defragmenting extents]
+ - linux 6.17.6-1
+ [trixie] - linux 6.12.57-1
+ [bookworm] - linux 6.1.158-1
+ NOTE: https://git.kernel.org/linus/78a63493f8e352296dbc7cb7b3f4973105e8679e (6.18-rc3)
+CVE-2025-40232 [rv: Fully convert enabled_monitors to use list_head as iterator]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/103541e6a5854b08a25e4caa61e990af1009a52e (6.18-rc3)
+CVE-2025-40231 [vsock: fix lock inversion in vsock_assign_transport()]
+ - linux 6.17.6-1
+ [trixie] - linux 6.12.57-1
+ [bookworm] - linux 6.1.158-1
+ NOTE: https://git.kernel.org/linus/f7c877e7535260cc7a21484c994e8ce7e8cb6780 (6.18-rc3)
+CVE-2025-40230 [mm: prevent poison consumption when splitting THP]
+ - linux 6.17.6-1
+ [trixie] - linux 6.12.57-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/841a8bfcbad94bb1ba60f59ce34f75259074ae0d (6.18-rc3)
+CVE-2025-40229 [mm/damon/core: fix potential memory leak by cleaning ops_filter in damon_destroy_scheme]
+ - linux 6.17.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7071537159be845a5c4ed5fb7d3db25aa4bd04a3 (6.18-rc3)
+CVE-2025-40228 [mm/damon/sysfs: catch commit test ctx alloc failure]
+ - linux 6.17.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f0c5118ebb0eb7e4fd6f0d2ace3315ca141b317f (6.18-rc3)
+CVE-2025-40227 [mm/damon/sysfs: dealloc commit test ctx always]
+ - linux 6.17.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/139e7a572af0b45f558b5e502121a768dc328ba8 (6.18-rc3)
+CVE-2025-40226 [firmware: arm_scmi: Account for failed debug initialization]
+ - linux 6.17.6-1
+ [trixie] - linux 6.12.57-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/2290ab43b9d8eafb8046387f10a8dfa2b030ba46 (6.18-rc3)
+CVE-2025-40225 [drm/panthor: Fix kernel panic on partial unmap of a GPU VA region]
+ - linux 6.17.6-1
+ [trixie] - linux 6.12.57-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/4eabd0d8791eaf9a7b114ccbf56eb488aefe7b1f (6.18-rc3)
+CVE-2025-40224 [hwmon: (cgbc-hwmon) Add missing NULL check after devm_kzalloc()]
+ - linux 6.17.6-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a09a5aa8bf258ddc99a22c30f17fe304b96b5350 (6.18-rc3)
+CVE-2025-40223 [most: usb: Fix use-after-free in hdm_disconnect]
+ - linux 6.17.6-1
+ [trixie] - linux 6.12.57-1
+ [bookworm] - linux 6.1.158-1
+ NOTE: https://git.kernel.org/linus/4b1270902609ef0d935ed2faa2ea6d122bd148f5 (6.18-rc3)
+CVE-2025-40222 [tty: serial: sh-sci: fix RSCI FIFO overrun handling]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ef8fef45c74b5a0059488fda2df65fa133f7d7d0 (6.18-rc3)
CVE-2025-40221 [media: pci: mg4b: fix uninitialized iio scan data]
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36fac7e0e098d5921829133192c40547e750ed01
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36fac7e0e098d5921829133192c40547e750ed01
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251204/6fe99ad7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list