[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Dec 4 20:13:07 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
65f4ca2f by security tracker role at 2025-12-04T20:12:52+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,241 +1,359 @@
-CVE-2025-40266 [KVM: arm64: Check the untrusted offset in FF-A memory share]
+CVE-2025-9127 (A vulnerability exists in PX Enterprise whereby sensitive information ...)
+ TODO: check
+CVE-2025-8074 (Origin validation error vulnerability in BeeDrive in Synology BeeDrive ...)
+ TODO: check
+CVE-2025-66516 (Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2 ...)
+ TODO: check
+CVE-2025-66373 (Akamai Ghost on Akamai CDN edge servers before 2025-11-17 has a chunke ...)
+ TODO: check
+CVE-2025-65958 (Open WebUI is a self-hosted artificial intelligence platform designed ...)
+ TODO: check
+CVE-2025-65945 (auth0/node-jws is a JSON Web Signature implementation for Node.js. In ...)
+ TODO: check
+CVE-2025-65883 (A vulnerability has been identified in Genexis Platinum P4410 router ( ...)
+ TODO: check
+CVE-2025-65806 (The E-POINT CMS eagle.gsam-1169.1 file upload feature improperly handl ...)
+ TODO: check
+CVE-2025-65637 (A denial-of-service vulnerability exists in github.com/sirupsen/logrus ...)
+ TODO: check
+CVE-2025-65516 (A stored cross-site scripting (XSS) vulnerability was discovered in Se ...)
+ TODO: check
+CVE-2025-65346 (alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Direct ...)
+ TODO: check
+CVE-2025-63681 (open-webui v0.6.33 is vulnerable to Incorrect Access Control. The API ...)
+ TODO: check
+CVE-2025-63499 (Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting (XSS) via the ...)
+ TODO: check
+CVE-2025-63364 (Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway F ...)
+ TODO: check
+CVE-2025-63363 (A lack of Management Frame Protection in Waveshare RS232/485 TO WIFI E ...)
+ TODO: check
+CVE-2025-63362 (Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway F ...)
+ TODO: check
+CVE-2025-63361 (Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway F ...)
+ TODO: check
+CVE-2025-61148 (An Insecure Direct Object Reference (IDOR) vulnerability in the Eduplu ...)
+ TODO: check
+CVE-2025-59788 (Cross-site scripting (XSS) vulnerability in a reachable files_pdfviewe ...)
+ TODO: check
+CVE-2025-57213 (Incorrect access control in the component orderService.queryObject of ...)
+ TODO: check
+CVE-2025-57212 (Incorrect access control in the component ApiOrderService.java of plat ...)
+ TODO: check
+CVE-2025-57210 (Incorrect access control in the component ApiPayController.java of pla ...)
+ TODO: check
+CVE-2025-56427 (Directory Traversal vulnerability in ComposioHQ v.0.7.20 allows a remo ...)
+ TODO: check
+CVE-2025-54307 (An issue was discovered in the Thermo Fisher Torrent Suite Django appl ...)
+ TODO: check
+CVE-2025-54306 (An issue was discovered in the Thermo Fisher Torrent Suite Django appl ...)
+ TODO: check
+CVE-2025-54305 (An issue was discovered in the Thermo Fisher Torrent Suite Django appl ...)
+ TODO: check
+CVE-2025-54304 (An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS100 ...)
+ TODO: check
+CVE-2025-54303 (The Thermo Fisher Torrent Suite Django application 5.18.1 has weak def ...)
+ TODO: check
+CVE-2025-54160 (Improper limitation of a pathname to a restricted directory ('Path Tra ...)
+ TODO: check
+CVE-2025-54159 (Missing authorization vulnerability in BeeDrive in Synology BeeDrive f ...)
+ TODO: check
+CVE-2025-54158 (Missing authentication for critical function vulnerability in BeeDrive ...)
+ TODO: check
+CVE-2025-53963 (An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS100 ...)
+ TODO: check
+CVE-2025-41080 (A stored Cross-Site Scripting (XSS) vulnerability has been found in Se ...)
+ TODO: check
+CVE-2025-41079 (A stored Cross-Site Scripting (XSS) vulnerability has been found in Se ...)
+ TODO: check
+CVE-2025-2848 (A vulnerability in Synology Mail Server allows remote authenticated at ...)
+ TODO: check
+CVE-2025-29846 (A vulnerability in portenable cgi allows remote authenticated users to ...)
+ TODO: check
+CVE-2025-29845 (A vulnerability in VideoPlayer2 subtitle cgi allows remote authenticat ...)
+ TODO: check
+CVE-2025-29844 (A vulnerability in FileStation file cgi allows remote authenticated us ...)
+ TODO: check
+CVE-2025-29843 (A vulnerability in FileStation thumb cgi allows remote authenticated u ...)
+ TODO: check
+CVE-2025-29269 (ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command inje ...)
+ TODO: check
+CVE-2025-29268 (ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credential ...)
+ TODO: check
+CVE-2025-14024
+ REJECTED
+CVE-2025-14016 (A security vulnerability has been detected in macrozheng mall-swarm up ...)
+ TODO: check
+CVE-2025-14015 (A weakness has been identified in H3C Magic B0 up to 100R002. This imp ...)
+ TODO: check
+CVE-2025-14013 (A vulnerability was identified in JIZHICMS up to 2.5.5. The impacted e ...)
+ TODO: check
+CVE-2025-14012 (A vulnerability was determined in JIZHICMS up to 2.5.5. The affected e ...)
+ TODO: check
+CVE-2025-14011 (A vulnerability was found in JIZHICMS up to 2.5.5. Impacted is the fun ...)
+ TODO: check
+CVE-2025-14010 (A flaw was found in ansible-collection-community-general. This vulnera ...)
+ TODO: check
+CVE-2025-14008 (A flaw has been found in dayrui XunRuiCMS up to 4.7.1. This vulnerabil ...)
+ TODO: check
+CVE-2025-14007 (A vulnerability was detected in dayrui XunRuiCMS up to 4.7.1. This aff ...)
+ TODO: check
+CVE-2025-14006 (A security vulnerability has been detected in dayrui XunRuiCMS up to 4 ...)
+ TODO: check
+CVE-2025-14005 (A weakness has been identified in dayrui XunRuiCMS up to 4.7.1. Affect ...)
+ TODO: check
+CVE-2025-14004 (A security flaw has been discovered in dayrui XunRuiCMS up to 4.7.1. A ...)
+ TODO: check
+CVE-2025-13488 (Due to a regression introduced in version 3.83.0, a security header is ...)
+ TODO: check
+CVE-2025-12097 (There is a relative path traversal vulnerability in the NI System Web ...)
+ TODO: check
+CVE-2025-11222 (Central Dogma versions before 0.78.0 contain an Open Redirect vulnerab ...)
+ TODO: check
+CVE-2024-5401 (Improper control of dynamically-managed code resources vulnerability i ...)
+ TODO: check
+CVE-2024-45539 (Out-of-bounds write vulnerability in cgi components in Synology DiskSt ...)
+ TODO: check
+CVE-2024-45538 (Cross-Site Request Forgery (CSRF) vulnerability in WebAPI Framework in ...)
+ TODO: check
+CVE-2025-40266 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 6.17.10-1
NOTE: https://git.kernel.org/linus/103e17aac09cdd358133f9e00998b75d6c1f1518 (6.18-rc6)
-CVE-2025-40265 [vfat: fix missing sb_min_blocksize() return value checks]
+CVE-2025-40265 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux 6.17.10-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/63b5aa01da0f38cdbd97d021477258e511631497 (6.18-rc7)
-CVE-2025-40264 [be2net: pass wrb_params in case of OS2BMC]
+CVE-2025-40264 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.17.10-1
NOTE: https://git.kernel.org/linus/7d277a7a58578dd62fd546ddaef459ec24ccae36 (6.18-rc7)
-CVE-2025-40263 [Input: cros_ec_keyb - fix an invalid memory access]
+CVE-2025-40263 (In the Linux kernel, the following vulnerability has been resolved: I ...)
- linux 6.17.10-1
NOTE: https://git.kernel.org/linus/e08969c4d65ac31297fcb4d31d4808c789152f68 (6.18-rc7)
-CVE-2025-40262 [Input: imx_sc_key - fix memory corruption on unload]
+CVE-2025-40262 (In the Linux kernel, the following vulnerability has been resolved: I ...)
- linux 6.17.10-1
NOTE: https://git.kernel.org/linus/d83f1512758f4ef6fc5e83219fe7eeeb6b428ea4 (6.18-rc7)
-CVE-2025-40261 [nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl()]
+CVE-2025-40261 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.17.10-1
NOTE: https://git.kernel.org/linus/0a2c5495b6d1ecb0fa18ef6631450f391a888256 (6.18-rc7)
-CVE-2025-40260 [sched_ext: Fix scx_enable() crash on helper kthread creation failure]
+CVE-2025-40260 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.17.10-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7b6216baae751369195fa3c83d434d23bcda406a (6.18-rc7)
-CVE-2025-40259 [scsi: sg: Do not sleep in atomic context]
+CVE-2025-40259 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.17.10-1
NOTE: https://git.kernel.org/linus/90449f2d1e1f020835cba5417234636937dd657e (6.18-rc7)
-CVE-2025-40258 [mptcp: fix race condition in mptcp_schedule_work()]
+CVE-2025-40258 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.17.10-1
NOTE: https://git.kernel.org/linus/035bca3f017ee9dea3a5a756e77a6f7138cc6eea (6.18-rc7)
-CVE-2025-40257 [mptcp: fix a race in mptcp_pm_del_add_timer()]
+CVE-2025-40257 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.17.10-1
NOTE: https://git.kernel.org/linus/426358d9be7ce3518966422f87b96f1bad27295f (6.18-rc7)
-CVE-2025-40256 [xfrm: also call xfrm_state_delete_tunnel at destroy time for states that were never added]
+CVE-2025-40256 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.17.10-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/10deb69864840ccf96b00ac2ab3a2055c0c04721 (6.18-rc7)
-CVE-2025-40255 [net: core: prevent NULL deref in generic_hwtstamp_ioctl_lower()]
+CVE-2025-40255 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.17.10-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f796a8dec9beafcc0f6f0d3478ed685a15c5e062 (6.18-rc7)
-CVE-2025-40254 [net: openvswitch: remove never-working support for setting nsh fields]
+CVE-2025-40254 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.17.10-1
NOTE: https://git.kernel.org/linus/dfe28c4167a9259fc0c372d9f9473e1ac95cff67 (6.18-rc7)
-CVE-2025-40253 [s390/ctcm: Fix double-kfree]
+CVE-2025-40253 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.17.10-1
NOTE: https://git.kernel.org/linus/da02a1824884d6c84c5e5b5ac373b0c9e3288ec2 (6.18-rc7)
-CVE-2025-40252 [net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end()]
+CVE-2025-40252 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.17.10-1
NOTE: https://git.kernel.org/linus/896f1a2493b59beb2b5ccdf990503dbb16cb2256 (6.18-rc7)
-CVE-2025-40251 [devlink: rate: Unset parent pointer in devl_rate_nodes_destroy]
+CVE-2025-40251 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.17.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f94c1a114ac209977bdf5ca841b98424295ab1f0 (6.18-rc7)
-CVE-2025-40250 [net/mlx5: Clean up only new IRQ glue on request_irq() failure]
+CVE-2025-40250 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.17.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d47515af6cccd7484d8b0870376858c9848a18ec (6.18-rc7)
-CVE-2025-40249 [gpio: cdev: make sure the cdev fd is still active before emitting events]
+CVE-2025-40249 (In the Linux kernel, the following vulnerability has been resolved: g ...)
- linux 6.17.10-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d4cd0902c156b2ca60fdda8cd8b5bcb4b0e9ed64 (6.18-rc7)
-CVE-2025-40248 [vsock: Ignore signal/timeout on connect() if already established]
+CVE-2025-40248 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux 6.17.10-1
NOTE: https://git.kernel.org/linus/002541ef650b742a198e4be363881439bb9d86b4 (6.18-rc7)
-CVE-2025-40247 [drm/msm: Fix pgtable prealloc error path]
+CVE-2025-40247 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.17.10-1
NOTE: https://git.kernel.org/linus/830d68f2cb8ab6fb798bb9555016709a9e012af0 (6.18-rc4)
-CVE-2025-40246 [xfs: fix out of bounds memory read error in symlink repair]
+CVE-2025-40246 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.17.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/678e1cc2f482e0985a0613ab4a5bf89c497e5acc (6.18-rc7)
-CVE-2025-40245 [nios2: ensure that memblock.current_limit is set when setting pfn limits]
+CVE-2025-40245 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
[bookworm] - linux 6.1.158-1
NOTE: https://git.kernel.org/linus/a20b83cf45be2057f3d073506779e52c7fa17f94 (6.18-rc1)
-CVE-2025-40244 [hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent()]
+CVE-2025-40244 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
[bookworm] - linux 6.1.158-1
NOTE: https://git.kernel.org/linus/4840ceadef4290c56cc422f0fc697655f3cbf070 (6.18-rc1)
-CVE-2025-40243 [hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits()]
+CVE-2025-40243 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
[bookworm] - linux 6.1.158-1
NOTE: https://git.kernel.org/linus/2048ec5b98dbdfe0b929d2e42dc7a54c389c53dd (6.18-rc1)
-CVE-2025-40242 [gfs2: Fix unlikely race in gdlm_put_lock]
+CVE-2025-40242 (In the Linux kernel, the following vulnerability has been resolved: g ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
NOTE: https://git.kernel.org/linus/28c4d9bc0708956c1a736a9e49fee71b65deee81 (6.18-rc1)
-CVE-2025-40241 [erofs: fix crafted invalid cases for encoded extents]
+CVE-2025-40241 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.17.6-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a429b76114aaca3ef1aff4cd469dcf025431bd11 (6.18-rc3)
-CVE-2025-40240 [sctp: avoid NULL dereference when chunk data buffer is missing]
+CVE-2025-40240 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
[bookworm] - linux 6.1.158-1
NOTE: https://git.kernel.org/linus/441f0647f7673e0e64d4910ef61a5fb8f16bfb82 (6.18-rc3)
-CVE-2025-40239 [net: phy: micrel: always set shared->phydev for LAN8814]
+CVE-2025-40239 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/399d10934740ae8cdaa4e3245f7c5f6c332da844 (6.18-rc3)
-CVE-2025-40238 [net/mlx5: Fix IPsec cleanup over MPV device]
+CVE-2025-40238 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/664f76be38a18c61151d0ef248c7e2f3afb4f3c7 (6.18-rc3)
-CVE-2025-40237 [fs/notify: call exportfs_encode_fid with s_umount]
+CVE-2025-40237 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a7c4bb43bfdc2b9f06ee9d036028ed13a83df42a (6.18-rc3)
-CVE-2025-40236 [virtio-net: zero unused hash fields]
+CVE-2025-40236 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux 6.17.6-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b2284768c6b32aa224ca7d0ef0741beb434f03aa (6.18-rc3)
-CVE-2025-40235 [btrfs: directly free partially initialized fs_info in btrfs_check_leaked_roots()]
+CVE-2025-40235 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/17679ac6df6c4830ba711835aa8cf961be36cfa1 (6.18-rc3)
-CVE-2025-40234 [platform/x86: alienware-wmi-wmax: Fix NULL pointer dereference in sleep handlers]
+CVE-2025-40234 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.17.6-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a49c4d48c3b60926e6a8cec217bf95aa65388ecc (6.18-rc3)
-CVE-2025-40233 [ocfs2: clear extent cache after moving/defragmenting extents]
+CVE-2025-40233 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
[bookworm] - linux 6.1.158-1
NOTE: https://git.kernel.org/linus/78a63493f8e352296dbc7cb7b3f4973105e8679e (6.18-rc3)
-CVE-2025-40232 [rv: Fully convert enabled_monitors to use list_head as iterator]
+CVE-2025-40232 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/103541e6a5854b08a25e4caa61e990af1009a52e (6.18-rc3)
-CVE-2025-40231 [vsock: fix lock inversion in vsock_assign_transport()]
+CVE-2025-40231 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
[bookworm] - linux 6.1.158-1
NOTE: https://git.kernel.org/linus/f7c877e7535260cc7a21484c994e8ce7e8cb6780 (6.18-rc3)
-CVE-2025-40230 [mm: prevent poison consumption when splitting THP]
+CVE-2025-40230 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/841a8bfcbad94bb1ba60f59ce34f75259074ae0d (6.18-rc3)
-CVE-2025-40229 [mm/damon/core: fix potential memory leak by cleaning ops_filter in damon_destroy_scheme]
+CVE-2025-40229 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.17.6-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7071537159be845a5c4ed5fb7d3db25aa4bd04a3 (6.18-rc3)
-CVE-2025-40228 [mm/damon/sysfs: catch commit test ctx alloc failure]
+CVE-2025-40228 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.17.6-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f0c5118ebb0eb7e4fd6f0d2ace3315ca141b317f (6.18-rc3)
-CVE-2025-40227 [mm/damon/sysfs: dealloc commit test ctx always]
+CVE-2025-40227 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.17.6-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/139e7a572af0b45f558b5e502121a768dc328ba8 (6.18-rc3)
-CVE-2025-40226 [firmware: arm_scmi: Account for failed debug initialization]
+CVE-2025-40226 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2290ab43b9d8eafb8046387f10a8dfa2b030ba46 (6.18-rc3)
-CVE-2025-40225 [drm/panthor: Fix kernel panic on partial unmap of a GPU VA region]
+CVE-2025-40225 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4eabd0d8791eaf9a7b114ccbf56eb488aefe7b1f (6.18-rc3)
-CVE-2025-40224 [hwmon: (cgbc-hwmon) Add missing NULL check after devm_kzalloc()]
+CVE-2025-40224 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 6.17.6-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a09a5aa8bf258ddc99a22c30f17fe304b96b5350 (6.18-rc3)
-CVE-2025-40223 [most: usb: Fix use-after-free in hdm_disconnect]
+CVE-2025-40223 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
[bookworm] - linux 6.1.158-1
NOTE: https://git.kernel.org/linus/4b1270902609ef0d935ed2faa2ea6d122bd148f5 (6.18-rc3)
-CVE-2025-40222 [tty: serial: sh-sci: fix RSCI FIFO overrun handling]
+CVE-2025-40222 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ef8fef45c74b5a0059488fda2df65fa133f7d7d0 (6.18-rc3)
-CVE-2025-40221 [media: pci: mg4b: fix uninitialized iio scan data]
+CVE-2025-40221 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c0d3f6969bb4d72476cfe7ea9263831f1c283704 (6.18-rc1)
-CVE-2025-40220 [fuse: fix livelock in synchronous file put from fuseblk workers]
+CVE-2025-40220 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
[bookworm] - linux 6.1.158-1
NOTE: https://git.kernel.org/linus/26e5c67deb2e1f42a951f022fdf5b9f7eb747b01 (6.18-rc1)
-CVE-2025-40219 [PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV]
+CVE-2025-40219 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
[bookworm] - linux 6.1.158-1
NOTE: https://git.kernel.org/linus/05703271c3cdcc0f2a8cf6ebdc45892b8ca83520 (6.18-rc1)
-CVE-2025-40218 [mm/damon/vaddr: do not repeat pte_offset_map_lock() until success]
+CVE-2025-40218 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.17.6-1
[trixie] - linux 6.12.57-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b93af2cc8e036754c0d9970d9ddc47f43cc94b9f (6.18-rc1)
-CVE-2025-40217 [pidfs: validate extensible ioctls]
+CVE-2025-40217 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.17.6-1
NOTE: https://git.kernel.org/linus/3c17001b21b9f168c957ced9384abe969019b609 (6.18-rc1)
-CVE-2025-40216 [io_uring/rsrc: don't rely on user vaddr alignment]
+CVE-2025-40216 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.37-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -255,16 +373,16 @@ CVE-2025-58098 [Server Side Includes adds query string to #exec cmd=...]
CVE-2025-55753 [mod_md (ACME), unintended retry intervals]
- apache2 <unfixed>
NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2025-55753
-CVE-2025-40215 [xfrm: delete x->tunnel as we delete x]
+CVE-2025-40215 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.16.3-1
NOTE: https://git.kernel.org/linus/b441cf3f8c4b8576639d20c8eb4aa32917602ecd (6.16)
-CVE-2025-40214 [af_unix: Initialise scc_index in unix_add_edge().]
+CVE-2025-40214 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.17.9-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/60e6489f8e3b086bd1130ad4450a2c112e863791 (6.18-rc6)
CVE-2025-66404 (MCP Server Kubernetes is an MCP Server that can connect to a Kubernete ...)
NOT-FOR-US: MCP Server Kubernetes
-CVE-2025-66287 [Maliciously crafted web content may lead to a process crash.]
+CVE-2025-66287 (A flaw was found in WebKitGTK. Processing malicious web content can ca ...)
- webkit2gtk 2.50.3-1
- wpewebkit 2.50.3-1
[trixie] - wpewebkit <ignored> (wpewebkit not covered by security support in Trixie)
@@ -406,6 +524,7 @@ CVE-2025-20382 (In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.
CVE-2025-20381 (In Splunk MCP Server app versions below 0.2.4, a user with access to t ...)
NOT-FOR-US: Cisco
CVE-2025-13992 (Side-channel information leakage in Navigation and Loading in Google C ...)
+ {DSA-5971-1}
- chromium 139.0.7258.66-1
[trixie] - chromium 139.0.7258.127-1~deb13u1
CVE-2025-13949 (A vulnerability was identified in ProudMuBai GoFilm 1.0.0/1.0.1. Impac ...)
@@ -9750,7 +9869,7 @@ CVE-2025-62367 (Taiga is an open source project management platform. In versions
NOT-FOR-US: Taiga
CVE-2025-61235 (An issue was discovered in Dataphone A920 v2025.07.161103. A custom pa ...)
NOT-FOR-US: Dataphone A920
-CVE-2025-61155 (Hotta Studio GameDriverX64.sys 7.23.4.7, a signed kernel-mode anti-che ...)
+CVE-2025-61155 (The GameDriverX64.sys kernel-mode anti-cheat driver (v7.23.4.7 and ear ...)
NOT-FOR-US: Hotta Studio
CVE-2025-61128 (Stack-based buffer overflow vulnerability in WAVLINK QUANTUM D3G/WL-WN ...)
NOT-FOR-US: Wavlink
@@ -42754,7 +42873,8 @@ CVE-2025-36727 (Inclusion of Functionality from Untrusted Control Sphere vulnera
NOT-FOR-US: Simplehelp
CVE-2025-34139 (A vulnerability exists in SitecoreExperience Manager (XM),Experience P ...)
NOT-FOR-US: Sitecore
-CVE-2025-34138 (A vulnerability exists in SitecoreExperience Manager (XM),Experience P ...)
+CVE-2025-34138
+ REJECTED
NOT-FOR-US: Sitecore
CVE-2025-34136 (An SQL injection vulnerability exists in Commvault 11.32.0 - 11.32.93, ...)
NOT-FOR-US: Commvault
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65f4ca2f12b1f85f978c8b408f866b4ad5b9221c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65f4ca2f12b1f85f978c8b408f866b4ad5b9221c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251204/20481ed0/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list