[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Dec 9 08:12:23 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6e08824d by security tracker role at 2025-12-09T08:12:14+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,668 +1,794 @@
-CVE-2025-40344 [ASoC: Intel: avs: Disable periods-elapsed work when closing PCM]
+CVE-2025-67504 (WBCE CMS is a content management system. Versions 1.6.4 and below use ...)
+ TODO: check
+CVE-2025-67487 (Static Web Server (SWS) is a production-ready web server suitable for ...)
+ TODO: check
+CVE-2025-66649
+ REJECTED
+CVE-2025-66631 (CSLA .NET is a framework designed for the development of reusable, obj ...)
+ TODO: check
+CVE-2025-66627 (Wasmi is a WebAssembly interpreter focused on constrained and embedded ...)
+ TODO: check
+CVE-2025-66622 (matrix-sdk-base is the base component to build a Matrix client library ...)
+ TODO: check
+CVE-2025-66578 (xmlseclibs is a library written in PHP for working with XML Encryption ...)
+ TODO: check
+CVE-2025-66568 (The ruby-saml library implements the client side of an SAML authorizat ...)
+ TODO: check
+CVE-2025-66567 (The ruby-saml library is for implementing the client side of a SAML au ...)
+ TODO: check
+CVE-2025-66565 (Fiber Utils is a collection of common functions created for Fiber. In ...)
+ TODO: check
+CVE-2025-66508 (1Panel is an open-source, web-based control panel for Linux server man ...)
+ TODO: check
+CVE-2025-66507 (1Panel is an open-source, web-based control panel for Linux server man ...)
+ TODO: check
+CVE-2025-66491 (Traefik is an HTTP reverse proxy and load balancer. Versions 3.5.0 thr ...)
+ TODO: check
+CVE-2025-66490 (Traefik is an HTTP reverse proxy and load balancer. For versions prior ...)
+ TODO: check
+CVE-2025-66481 (DeepChat is an open-source AI chat platform that supports cloud models ...)
+ TODO: check
+CVE-2025-66470 (NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are s ...)
+ TODO: check
+CVE-2025-66469 (NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are v ...)
+ TODO: check
+CVE-2025-66204 (WBCE CMS is a content management system. Version 1.6.4 contains a brut ...)
+ TODO: check
+CVE-2025-66202 (Astro is a web framework. Versions 5.15.7 and below have a double URL ...)
+ TODO: check
+CVE-2025-65964 (n8n is an open source workflow automation platform. Versions 0.123.1 t ...)
+ TODO: check
+CVE-2025-65962 (Tuleap is a free and open source suite for management of software deve ...)
+ TODO: check
+CVE-2025-65229 (A stored cross-site scripting (XSS) vulnerability exists in the web in ...)
+ TODO: check
+CVE-2025-65228 (A stored cross-site scripting vulnerability exists in the web manageme ...)
+ TODO: check
+CVE-2025-64760 (Tuleap is a free and open source suite for management of software deve ...)
+ TODO: check
+CVE-2025-64650 (IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could d ...)
+ TODO: check
+CVE-2025-64499 (Tuleap is a free and open source suite for management of software deve ...)
+ TODO: check
+CVE-2025-64498 (Tuleap is an Open Source Suite for management of software development ...)
+ TODO: check
+CVE-2025-64497 (Tuleap is an Open Source Suite for management of software development ...)
+ TODO: check
+CVE-2025-42928 (Under certain conditions, a high privileged user could exploit a deser ...)
+ TODO: check
+CVE-2025-42904 (Due to an Information Disclosure vulnerability in Application Server A ...)
+ TODO: check
+CVE-2025-42896 (SAP BusinessObjects Business Intelligence Platform lets an unauthentic ...)
+ TODO: check
+CVE-2025-42891 (Due to a missing authorization check in SAP Enterprise Search for ABAP ...)
+ TODO: check
+CVE-2025-42880 (Due to missing input sanitation, SAP Solution Manager allows an authen ...)
+ TODO: check
+CVE-2025-42878 (SAP Web Dispatcher and ICM may expose internal testing interfaces that ...)
+ TODO: check
+CVE-2025-42877 (SAP Web Dispatcher, Internet Communication Manager (ICM), and SAP Cont ...)
+ TODO: check
+CVE-2025-42876 (Due to a Missing Authorization Check vulnerability in SAP S/4 HANA Pri ...)
+ TODO: check
+CVE-2025-42875 (The SAP Internet Communication Framework does not conduct any authenti ...)
+ TODO: check
+CVE-2025-42874 (SAP NetWeaver remote service for Xcelsius allows an attacker with netw ...)
+ TODO: check
+CVE-2025-42873 (SAPUI5 (and OpenUI5) packages use outdated 3rd party libraries with kn ...)
+ TODO: check
+CVE-2025-42872 (Due to a Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Ent ...)
+ TODO: check
+CVE-2025-36140 (IBM watsonx.data 2.2 through 2.2.1 could allow an authenticated user t ...)
+ TODO: check
+CVE-2025-36102 (IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 ...)
+ TODO: check
+CVE-2025-36017 (IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 ...)
+ TODO: check
+CVE-2025-36015 (IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 ...)
+ TODO: check
+CVE-2025-33111 (IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 ...)
+ TODO: check
+CVE-2025-14311 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2025-14310 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ...)
+ TODO: check
+CVE-2025-14309 (NULL Pointer Dereference vulnerability in ravynsoft ravynos.This issue ...)
+ TODO: check
+CVE-2025-14308 (An integer overflow vulnerability exists in the write method of the Bu ...)
+ TODO: check
+CVE-2025-14307 (An insecure temporary file creation vulnerability exists in the AutoEx ...)
+ TODO: check
+CVE-2025-14306 (A directory traversal vulnerability exists in the CacheCleaner compone ...)
+ TODO: check
+CVE-2025-14286 (A vulnerability was determined in Tenda AC9 15.03.05.14_multi. Affecte ...)
+ TODO: check
+CVE-2025-14285 (A vulnerability was found in code-projects Employee Profile Management ...)
+ TODO: check
+CVE-2025-14284 (Versions of the package @tiptap/extension-link before 2.10.4 are vulne ...)
+ TODO: check
+CVE-2025-14276 (A vulnerability was determined in Ilevia EVE X1 Server up to 4.6.5.0.e ...)
+ TODO: check
+CVE-2025-13604 (The Login Security, FireWall, Malware removal by CleanTalk plugin for ...)
+ TODO: check
+CVE-2025-13428 (A vulnerability exists in the SecOps SOAR server. The custom integrati ...)
+ TODO: check
+CVE-2025-13071 (The Custom Admin Menu WordPress plugin through 1.0.0 does not sanitise ...)
+ TODO: check
+CVE-2025-13070 (The CSV to SortTable WordPress plugin through 4.2 does not validate so ...)
+ TODO: check
+CVE-2025-13031 (The WPeMatico RSS Feed Fetcher WordPress plugin before 2.8.13 does not ...)
+ TODO: check
+CVE-2025-12832 (IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnera ...)
+ TODO: check
+CVE-2025-12635 (IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Applicatio ...)
+ TODO: check
+CVE-2025-40344 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.17.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/845f716dc5f354c719f6fda35048b6c2eca99331 (6.18-rc4)
-CVE-2025-40343 [nvmet-fc: avoid scheduling association deletion twice]
+CVE-2025-40343 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.17.8-1
NOTE: https://git.kernel.org/linus/f2537be4f8421f6495edfa0bc284d722f253841d (6.18-rc1)
-CVE-2025-40342 [nvme-fc: use lock accessing port_state and rport state]
+CVE-2025-40342 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.17.8-1
NOTE: https://git.kernel.org/linus/891cdbb162ccdb079cd5228ae43bdeebce8597ad (6.18-rc1)
-CVE-2025-40341 [futex: Don't leak robust_list pointer on exec race]
+CVE-2025-40341 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.17.8-1
NOTE: https://git.kernel.org/linus/6b54082c3ed4dc9821cdf0edb17302355cc5bb45 (6.18-rc1)
-CVE-2025-40340 [drm/xe: Fix oops in xe_gem_fault when running core_hotunplug test.]
+CVE-2025-40340 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.17.8-1
NOTE: https://git.kernel.org/linus/1cda3c755bb7770be07d75949bb0f45fb88651f6 (6.18-rc1)
-CVE-2025-40339 [drm/amdgpu: fix nullptr err of vm_handle_moved]
+CVE-2025-40339 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.17.8-1
NOTE: https://git.kernel.org/linus/859958a7faefe5b7742b7b8cdbc170713d4bf158 (6.18-rc1)
-CVE-2025-40338 [ASoC: Intel: avs: Do not share the name pointer between components]
+CVE-2025-40338 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.17.8-1
NOTE: https://git.kernel.org/linus/4dee5c1cc439b0d5ef87f741518268ad6a95b23d (6.18-rc1)
-CVE-2025-40337 [net: stmmac: Correctly handle Rx checksum offload errors]
+CVE-2025-40337 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.17.8-1
NOTE: https://git.kernel.org/linus/ee0aace5f844ef59335148875d05bec8764e71e8 (6.18-rc1)
-CVE-2025-40336 [drm/gpusvm: fix hmm_pfn_to_map_order() usage]
+CVE-2025-40336 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.17.8-1
NOTE: https://git.kernel.org/linus/c50729c68aaf93611c855752b00e49ce1fdd1558 (6.18-rc1)
-CVE-2025-40335 [drm/amdgpu: validate userq input args]
+CVE-2025-40335 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.17.8-1
NOTE: https://git.kernel.org/linus/219be4711a1ba788bc2a9fafc117139d133e5fea (6.18-rc1)
-CVE-2025-40334 [drm/amdgpu: validate userq buffer virtual address and size]
+CVE-2025-40334 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.17.8-1
NOTE: https://git.kernel.org/linus/9e46b8bb0539d7bc9a9e7b3072fa4f6082490392 (6.18-rc1)
-CVE-2025-40333 [f2fs: fix infinite loop in __insert_extent_tree()]
+CVE-2025-40333 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.17.8-1
NOTE: https://git.kernel.org/linus/23361bd54966b437e1ed3eb1a704572f4b279e58 (6.18-rc1)
-CVE-2025-40332 [drm/amdkfd: Fix mmap write lock not release]
+CVE-2025-40332 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.17.8-1
NOTE: https://git.kernel.org/linus/7574f30337e19045f03126b4c51f525b84e5049e (6.18-rc1)
-CVE-2025-40331 [sctp: Prevent TOCTOU out-of-bounds write]
+CVE-2025-40331 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.17.8-1
NOTE: https://git.kernel.org/linus/95aef86ab231f047bb8085c70666059b58f53c09 (6.18-rc5)
-CVE-2025-40330 [bnxt_en: Shutdown FW DMA in bnxt_shutdown()]
+CVE-2025-40330 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.17.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/bc7208ca805ae6062f353a4753467d913d963bc6 (6.18-rc5)
-CVE-2025-40329 [drm/sched: Fix deadlock in drm_sched_entity_kill_jobs_cb]
+CVE-2025-40329 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.17.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/487df8b698345dd5a91346335f05170ed5f29d4e (6.18-rc5)
-CVE-2025-40328 [smb: client: fix potential UAF in smb2_close_cached_fid()]
+CVE-2025-40328 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.17.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/734e99623c5b65bf2c03e35978a0b980ebc3c2f8 (6.18-rc5)
-CVE-2025-40327 [perf/core: Fix system hang caused by cpu-clock usage]
+CVE-2025-40327 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.17.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/eb3182ef0405ff2f6668fd3e5ff9883f60ce8801 (6.18-rc5)
-CVE-2013-10031
+CVE-2013-10031 (Plack-Middleware-Session versions before 0.17 may be vulnerable to HMA ...)
- libplack-middleware-session-perl 0.21-1
NOTE: https://lists.security.metacpan.org/cve-announce/msg/35012183/
NOTE: Fixed by: https://github.com/plack/Plack-Middleware-Session/commit/b7f0252269ba1bb812b5dc02303754fe94c808e4 (0.17)
-CVE-2023-53866 [ASoC: soc-compress: Reposition and add pcm_mutex]
+CVE-2023-53866 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/aa9ff6a4955fdba02b54fbc4386db876603703b7 (6.3-rc1)
-CVE-2023-53865 [btrfs: fix warning when putting transaction with qgroups enabled after abort]
+CVE-2023-53865 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/aa84ce8a78a1a5c10cdf9c7a5fb0c999fbc2c8d6 (6.5-rc3)
-CVE-2023-53864 [drm/mxsfb: Disable overlay plane in mxsfb_plane_overlay_atomic_disable()]
+CVE-2023-53864 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/aa656d48e871a1b062e1bbf9474d8b831c35074c (6.6-rc1)
-CVE-2023-53863 [netlink: do not hard code device address lenth in fdb dumps]
+CVE-2023-53863 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/aa5406950726e336c5c9585b09799a734b6e77bf (6.5-rc1)
-CVE-2023-53862 [hfs: fix missing hfs_bnode_get() in __hfs_bnode_create]
+CVE-2023-53862 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/a9dc087fd3c484fd1ed18c5efb290efaaf44ce03 (6.3-rc1)
-CVE-2023-53861 [ext4: correct grp validation in ext4_mb_good_group]
+CVE-2023-53861 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/a9ce5993a0f5c0887c8a1b4ffa3b8046fbcfdc93 (6.6-rc1)
-CVE-2023-53860 [dm: don't attempt to queue IO under RCU protection]
+CVE-2023-53860 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a9ce385344f916cd1c36a33905e564f5581beae9 (6.6-rc2)
-CVE-2023-53859 [s390/idle: mark arch_cpu_idle() noinstr]
+CVE-2023-53859 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/a9cbc1b471d291c865907542394f1c483b93a811 (6.3-rc1)
-CVE-2023-53858 [tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error]
+CVE-2023-53858 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/a9c09546e903f1068acfa38e1ee18bded7114b37 (6.5-rc1)
-CVE-2023-53857 [bpf: bpf_sk_storage: Fix invalid wait context lockdep report]
+CVE-2023-53857 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.5.6-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a96a44aba556c42b432929d37d60158aca21ad4c (6.6-rc1)
-CVE-2023-53856 [of: overlay: Call of_changeset_init() early]
+CVE-2023-53856 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
NOTE: https://git.kernel.org/linus/a9515ff4fb142b690a0d2b58782b15903b990dba (6.6-rc1)
-CVE-2023-53855 [net: dsa: ocelot: call dsa_tag_8021q_unregister() under rtnl_lock() on driver remove]
+CVE-2023-53855 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a94c16a2fda010866b8858a386a8bfbeba4f72c5 (6.5-rc6)
-CVE-2023-53854 [ASoC: mediatek: mt8186: Fix use-after-free in driver remove path]
+CVE-2023-53854 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a93d2afd3f77a7331271a0f25c6a11003db69b3c (6.4-rc3)
-CVE-2023-53853 [netlink: annotate accesses to nlk->cb_running]
+CVE-2023-53853 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/a939d14919b799e6fff8a9c80296ca229ba2f8a4 (6.4-rc2)
-CVE-2023-53852 [nvme-core: fix memory leak in dhchap_secret_store]
+CVE-2023-53852 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a836ca33c5b07d34dd5347af9f64d25651d12674 (6.5-rc1)
-CVE-2023-53851 [drm/msm/dp: Drop aux devices together with DP controller]
+CVE-2023-53851 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.4.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a7bfb2ad2184a1fba78be35209b6019aa8cc8d4d (6.5-rc1)
-CVE-2023-53850 [iavf: use internal state to free traffic IRQs]
+CVE-2023-53850 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/a77ed5c5b768e9649be240a2d864e5cd9c6a2015 (6.5-rc3)
-CVE-2023-53849 [drm/msm: fix workqueue leak on bind errors]
+CVE-2023-53849 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
NOTE: https://git.kernel.org/linus/a75b49db6529b2af049eafd938fae888451c3685 (6.4-rc1)
-CVE-2023-53848 [md/raid5-cache: fix a deadlock in r5l_exit_log()]
+CVE-2023-53848 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a705b11b358dee677aad80630e7608b2d5f56691 (6.6-rc1)
-CVE-2023-53847 [usb-storage: alauda: Fix uninit-value in alauda_check_media()]
+CVE-2023-53847 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/a6ff6e7a9dd69364547751db0f626a10a6d628d2 (6.5-rc6)
-CVE-2023-53846 [f2fs: fix to do sanity check on direct node in truncate_dnode()]
+CVE-2023-53846 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.4.11-1
NOTE: https://git.kernel.org/linus/a6ec83786ab9f13f25fb18166dee908845713a95 (6.5-rc1)
-CVE-2023-53845 [nilfs2: fix infinite loop in nilfs_mdt_get_block()]
+CVE-2023-53845 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/a6a491c048882e7e424d407d32cba0b52d9ef2bf (6.4-rc1)
-CVE-2023-53844 [drm/ttm: Don't leak a resource on swapout move error]
+CVE-2023-53844 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a590f03d8de7c4cb7ce4916dc7f2fd10711faabe (6.5-rc2)
-CVE-2023-53843 [net: openvswitch: reject negative ifindex]
+CVE-2023-53843 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a552bfa16bab4ce901ee721346a28c4e483f4066 (6.5-rc7)
-CVE-2023-53842 [ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove]
+CVE-2023-53842 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a5475829adcc600bc69ee9ff7c9e3e43fb4f8d30 (6.5-rc3)
-CVE-2023-53841 [devlink: report devlink_port_type_warn source device]
+CVE-2023-53841 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/a52305a81d6bb74b90b400dfa56455d37872fe4b (6.5-rc1)
-CVE-2023-53840 [usb: early: xhci-dbc: Fix a potential out-of-bound memory access]
+CVE-2023-53840 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/a4a97ab3db5c081eb6e7dba91306adefb461e0bd (6.3-rc1)
-CVE-2023-53839 [dccp: fix data-race around dp->dccps_mss_cache]
+CVE-2023-53839 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/a47e598fbd8617967e49d85c49c22f9fc642704c (6.5-rc6)
-CVE-2023-53838 [f2fs: synchronize atomic write aborts]
+CVE-2023-53838 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a46bebd502fe1a3bd1d22f64cedd93e7e7702693 (6.3-rc1)
-CVE-2023-53837 [drm/msm: fix NULL-deref on snapshot tear down]
+CVE-2023-53837 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a465353b9250802f87b97123e33a17f51277f0b1 (6.4-rc1)
-CVE-2023-53836 [bpf, sockmap: Fix skb refcnt race after locking changes]
+CVE-2023-53836 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a454d84ee20baf7bd7be90721b9821f73c7d23d9 (6.6-rc1)
CVE-2023-53835 [ext4: don't clear SB_RDONLY when remounting r/w until quota is re-enabled]
+ REJECTED
- linux 6.4.4-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/a44be64bbecb15a452496f60db6eacfee2b59c79 (6.4-rc2)
-CVE-2023-53834 [iio: adc: ina2xx: avoid NULL pointer dereference on OF device match]
+CVE-2023-53834 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/a41e19cc0d6b6a445a4133170b90271e4a2553dc (6.5-rc6)
-CVE-2023-53833 [drm/i915: Fix NULL ptr deref by checking new_crtc_state]
+CVE-2023-53833 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a41d985902c153c31c616fe183cf2ee331e95ecb (6.4-rc2)
-CVE-2023-53832 [md/raid10: fix null-ptr-deref in raid10_sync_request]
+CVE-2023-53832 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/a405c6f0229526160aa3f177f65e20c86fce84c5 (6.4-rc1)
-CVE-2023-53831 [net: read sk->sk_family once in sk_mc_loop()]
+CVE-2023-53831 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/a3e0fdf71bbe031de845e8e08ed7fba49f9c702c (6.6-rc1)
-CVE-2023-53830 [platform/x86: think-lmi: Fix memory leak when showing current settings]
+CVE-2023-53830 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a3c4c053014585dcf20f4df954791b74d8a8afcd (6.3-rc6)
-CVE-2023-53829 [f2fs: flush inode if atomic file is aborted]
+CVE-2023-53829 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
NOTE: https://git.kernel.org/linus/a3ab55746612247ce3dcaac6de66f5ffc055b9df (6.6-rc1)
-CVE-2023-53828 [Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_add_adv_monitor()]
+CVE-2023-53828 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a2bcd2b63271a93a695fabbfbf459c603d956d48 (6.6-rc1)
-CVE-2023-53827 [Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}]
+CVE-2023-53827 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/a2a9339e1c9deb7e1e079e12e27a0265aea8421a (6.3-rc7)
-CVE-2023-53826 [ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show()]
+CVE-2023-53826 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/a240bc5c43130c6aa50831d7caaa02a1d84e1bce (6.3-rc1)
-CVE-2023-53825 [kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg().]
+CVE-2023-53825 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/a22730b1b4bf437c6bbfdeff5feddf54be4aeada (6.6-rc2)
-CVE-2023-53824 [netlink: annotate lockless accesses to nlk->max_recvmsg_len]
+CVE-2023-53824 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.218-1
NOTE: https://git.kernel.org/linus/a1865f2e7d10dde00d35a2122b38d2e469ae67ed (6.3-rc6)
-CVE-2023-53823 [block/rq_qos: protect rq_qos apis with a new lock]
+CVE-2023-53823 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a13bd91be22318768d55470cbc0b0f4488ef9edf (6.5-rc1)
-CVE-2023-53822 [wifi: ath11k: Ignore frags from uninitialized peer in dp.]
+CVE-2023-53822 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
NOTE: https://git.kernel.org/linus/a06bfb3c9f69f303692cdae87bc0899d2ae8b2a6 (6.4-rc1)
-CVE-2023-53821 [ip6_vti: fix slab-use-after-free in decode_session6]
+CVE-2023-53821 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/9fd41f1ba638938c9a1195d09bc6fa3be2712f25 (6.5-rc7)
-CVE-2023-53820 [loop: loop_set_status_from_info() check before assignment]
+CVE-2023-53820 (In the Linux kernel, the following vulnerability has been resolved: l ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/9f6ad5d533d1c71e51bdd06a5712c4fbc8768dfa (6.3-rc1)
-CVE-2022-50679 [i40e: Fix DMA mappings leak]
+CVE-2022-50679 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.6-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/aae425efdfd1b1d8452260a3cb49344ebf20b1f5 (6.1-rc2)
-CVE-2022-50678 [wifi: brcmfmac: fix invalid address access when enabling SCAN log level]
+CVE-2022-50678 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/aa666b68e73fc06d83c070d96180b9010cf5a960 (6.1-rc1)
-CVE-2022-50677 [ipmi: fix use after free in _ipmi_destroy_user()]
+CVE-2022-50677 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/a92ce570c81dc0feaeb12a429b4bc65686d17967 (6.2-rc1)
-CVE-2022-50676 [net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks()]
+CVE-2022-50676 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/a91b750fd6629354460282bbf5146c01b05c4859 (6.1-rc1)
-CVE-2022-50675 [arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored]
+CVE-2022-50675 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.0.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a8e5e5146ad08d794c58252bab00b261045ef16d (6.1-rc1)
-CVE-2022-50674 [riscv: vdso: fix NULL deference in vdso_join_timens() when vfork]
+CVE-2022-50674 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.0.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a8616d2dc193b6becc36b5f3cfeaa9ac7a5762f9 (6.1-rc1)
-CVE-2022-50673 [ext4: fix use-after-free in ext4_orphan_cleanup]
+CVE-2022-50673 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/a71248b1accb2b42e4980afef4fa4a27fa0e36f5 (6.2-rc1)
-CVE-2022-50672 [mailbox: zynq-ipi: fix error handling while device_register() fails]
+CVE-2022-50672 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/a6792a0cdef0b1c2d77920246283a72537e60e94 (6.2-rc1)
-CVE-2022-50671 [RDMA/rxe: Fix "kernel NULL pointer dereference" error]
+CVE-2022-50671 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/a625ca30eff806395175ebad3ac1399014bdb280 (6.1-rc1)
-CVE-2022-50670 [mmc: omap_hsmmc: fix return value check of mmc_add_host()]
+CVE-2022-50670 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/a525cad241c339ca00bf7ebf03c5180f2a9b767c (6.2-rc1)
-CVE-2022-50669 [misc: ocxl: fix possible name leak in ocxl_file_register_afu()]
+CVE-2022-50669 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/a4cb1004aeed2ab893a058fad00a5b41a12c4691 (6.2-rc1)
-CVE-2022-50668 [ext4: fix deadlock due to mbcache entry corruption]
+CVE-2022-50668 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/a44e84a9b7764c72896f7241a0ec9ac7e7ef38dd (6.2-rc1)
-CVE-2022-50667 [drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl()]
+CVE-2022-50667 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a40c7f61d12fbd1e785e59140b9efd57127c0c33 (6.1-rc1)
-CVE-2022-50666 [RDMA/siw: Fix QP destroy to wait for all references dropped.]
+CVE-2022-50666 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.0.3-1
NOTE: https://git.kernel.org/linus/a3c278807a459e6f50afee6971cabe74cccfb490 (6.1-rc1)
-CVE-2022-50665 [wifi: ath11k: fix failed to find the peer with peer_id 0 when disconnected]
+CVE-2022-50665 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.0.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a20ed60bb357776301c2dad7b4a4f0db97e143e9 (6.1-rc1)
-CVE-2022-50664 [media: dvb-frontends: fix leak of memory fw]
+CVE-2022-50664 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/a15fe8d9f1bf460a804bcf18a890bfd2cf0d5caa (6.2-rc1)
-CVE-2022-50663 [net: stmmac: fix possible memory leak in stmmac_dvr_probe()]
+CVE-2022-50663 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a137f3f27f9290933fe7e40e6dc8a445781c31a2 (6.2-rc1)
-CVE-2022-50662 [RDMA/hns: fix memory leak in hns_roce_alloc_mr()]
+CVE-2022-50662 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/a115aa00b18f7b8982b8f458149632caf64a862a (6.2-rc1)
-CVE-2022-50661 [seccomp: Move copy_seccomp() to no failure path.]
+CVE-2022-50661 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/a1140cb215fa13dcec06d12ba0c3ee105633b7c4 (6.2-rc1)
-CVE-2022-50660 [wifi: ipw2200: fix memory leak in ipw_wdev_init()]
+CVE-2022-50660 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/9fe21dc626117fb44a8eb393713a86a620128ce3 (6.3-rc1)
-CVE-2022-50659 [hwrng: geode - Fix PCI device refcount leak]
+CVE-2022-50659 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/9f6ec8dc574efb7f4f3d7ee9cd59ae307e78f445 (6.2-rc1)
-CVE-2022-50658 [cpufreq: qcom: fix memory leak in error path]
+CVE-2022-50658 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.6-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/9f42cf54403a42cb092636804d2628d8ecf71e75 (6.1-rc2)
-CVE-2022-50657 [riscv: mm: add missing memcpy in kasan_init]
+CVE-2022-50657 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.0.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9f2ac64d6ca60db99132e08628ac2899f956a0ec (6.1-rc3)
-CVE-2023-53819 [amdgpu: validate offset_in_bo of drm_amdgpu_gem_va]
+CVE-2023-53819 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/9f0bcf49e9895cb005d78b33a5eebfa11711b425 (6.5-rc1)
-CVE-2023-53818 [ARM: zynq: Fix refcount leak in zynq_early_slcr_init]
+CVE-2023-53818 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/9eedb910a3be0005b88c696a8552c0d4c9937cd4 (6.3-rc1)
-CVE-2023-53817 [crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui()]
+CVE-2023-53817 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/9e47a758b70167c9301d2b44d2569f86c7796f2d (6.6-rc1)
-CVE-2023-53816 [drm/amdkfd: fix potential kgd_mem UAFs]
+CVE-2023-53816 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.25-1
NOTE: https://git.kernel.org/linus/9da050b0d9e04439d225a2ec3044af70cdfb3933 (6.3-rc3)
-CVE-2023-53815 [posix-timers: Prevent RT livelock in itimer_delete()]
+CVE-2023-53815 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/9d9e522010eb5685d8b53e8a24320653d9d4cbbf (6.5-rc1)
-CVE-2023-53814 [PCI: Fix dropping valid root bus resources with .end = zero]
+CVE-2023-53814 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9d8ba74a181b1c81def21168795ed96cbe6f05ed (6.3-rc1)
-CVE-2023-53813 [ext4: fix rbtree traversal bug in ext4_mb_use_preallocated]
+CVE-2023-53813 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.4.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9d3de7ee192a6a253f475197fe4d2e2af10a731f (6.5-rc3)
-CVE-2023-53812 [media: mediatek: vcodec: fix decoder disable pm crash]
+CVE-2023-53812 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9d2f13fb47dcab6d094f34ecfd6a879a409722b3 (6.4-rc1)
-CVE-2023-53811 [RDMA/irdma: Cap MSIX used to online CPUs + 1]
+CVE-2023-53811 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9cd9842c46996ef62173c36619c746f57416bcb0 (6.3-rc1)
-CVE-2023-53810 [blk-mq: release crypto keyslot before reporting I/O complete]
+CVE-2023-53810 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/9cd1e566676bbcb8a126acd921e4e194e6339603 (6.4-rc1)
-CVE-2023-53809 [l2tp: Avoid possible recursive deadlock in l2tp_tunnel_register()]
+CVE-2023-53809 (In the Linux kernel, the following vulnerability has been resolved: l ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/9ca5e7ecab064f1f47da07f7c1ddf40e4bc0e5ac (6.3-rc1)
-CVE-2023-53808 [wifi: mwifiex: fix memory leak in mwifiex_histogram_read()]
+CVE-2023-53808 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/9c8fd72a5c2a031cbc680a2990107ecd958ffcdb (6.6-rc1)
-CVE-2023-53807 [clk: clocking-wizard: Fix Oops in clk_wzrd_register_divider()]
+CVE-2023-53807 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9c632a6396505a019ea6d12b5ab45e659a542a93 (6.5-rc1)
-CVE-2023-53806 [drm/amd/display: populate subvp cmd info only for the top pipe]
+CVE-2023-53806 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
NOTE: https://git.kernel.org/linus/9bb10b7aaec3b6278f9cc410c17dcaa129bbbbf0 (6.4-rc1)
CVE-2023-53805 [tty: n_gsm: fix UAF in gsm_cleanup_mux]
+ REJECTED
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/9b9c8195f3f0d74a826077fc1c01b9ee74907239 (6.5-rc4)
-CVE-2023-53804 [nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode()]
+CVE-2023-53804 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/9b5a04ac3ad9898c4745cba46ea26de74ba56a8e (6.4-rc3)
-CVE-2023-53803 [scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()]
+CVE-2023-53803 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/9b4f5028e493cb353a5c8f5c45073eeea0303abd (6.3-rc1)
-CVE-2023-53802 [wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback function]
+CVE-2023-53802 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/9b25e3985477ac3f02eca5fc1e0cc6850a3f7e69 (6.3-rc1)
-CVE-2023-53801 [iommu/sprd: Release dma buffer to avoid memory leak]
+CVE-2023-53801 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.82-1
NOTE: https://git.kernel.org/linus/9afea57384d4ae7b2034593eac7fa76c7122762a (6.4-rc1)
-CVE-2023-53800 [ubi: Fix use-after-free when volume resizing failed]
+CVE-2023-53800 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/9af31d6ec1a4be4caab2550096c6bd2ba8fba472 (6.3-rc1)
-CVE-2023-53799 [crypto: api - Use work queue in crypto_destroy_instance]
+CVE-2023-53799 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/9ae4577bc077a7e32c3c7d442c95bc76865c0f17 (6.6-rc1)
-CVE-2023-53798 [ethtool: Fix uninitialized number of lanes]
+CVE-2023-53798 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9ad685dbfe7e856bbf17a7177b64676d324d6ed7 (6.4-rc1)
-CVE-2023-53797 [HID: wacom: Use ktime_t rather than int when dealing with timestamps]
+CVE-2023-53797 (In the Linux kernel, the following vulnerability has been resolved: H ...)
- linux 6.3.11-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/9a6c0e28e215535b2938c61ded54603b4e5814c5 (6.5-rc1)
-CVE-2023-53796 [f2fs: fix information leak in f2fs_move_inline_dirents()]
+CVE-2023-53796 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/9a5571cff4ffcfc24847df9fd545cc5799ac0ee5 (6.3-rc1)
-CVE-2023-53795 [iommufd: IOMMUFD_DESTROY should not increase the refcount]
+CVE-2023-53795 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.4.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/99f98a7c0d6985d5507c8130a981972e4b7b3bdc (6.5-rc4)
-CVE-2023-53794 [cifs: fix session state check in reconnect to avoid use-after-free issue]
+CVE-2023-53794 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/99f280700b4cc02d5f141b8d15f8e9fad0418f65 (6.5-rc1)
-CVE-2023-53793 [perf tool x86: Fix perf_env memory leak]
+CVE-2023-53793 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/99d4850062a84564f36923764bb93935ef2ed108 (6.5-rc1)
-CVE-2023-53792 [nvme-core: fix memory leak in dhchap_ctrl_secret]
+CVE-2023-53792 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/99c2dcc8ffc24e210a3aa05c204d92f3ef460b05 (6.5-rc1)
-CVE-2023-53791 [md: fix warning for holder mismatch from export_rdev()]
+CVE-2023-53791 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.5.6-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/99892147f028d711f9d40fefad4f33632593864c (6.6-rc2)
-CVE-2023-53790 [bpf: Zeroing allocated object from slab in bpf memory allocator]
+CVE-2023-53790 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/997849c4b969034e225153f41026657def66d286 (6.3-rc1)
-CVE-2023-53789 [iommu/amd: Improve page fault error reporting]
+CVE-2023-53789 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/996d120b4de2b0d6b592bd9fbbe6e244b81ab3cc (6.3-rc1)
-CVE-2023-53788 [ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()]
+CVE-2023-53788 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/98e5eb110095ec77cb6d775051d181edbf9cd3cf (6.3-rc3)
-CVE-2023-53787 [regulator: da9063: fix null pointer deref with partial DT config]
+CVE-2023-53787 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.4.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/98e2dd5f7a8be5cb2501a897e96910393a49f0ff (6.5-rc3)
-CVE-2023-53786 [dm flakey: fix a crash with invalid table line]
+CVE-2023-53786 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/98dba02d9a93eec11bffbb93c7c51624290702d2 (6.4-rc1)
-CVE-2023-53785 [mt76: mt7921: don't assume adequate headroom for SDIO headers]
+CVE-2023-53785 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
NOTE: https://git.kernel.org/linus/98c4d0abf5c478db1ad126ff0c187dbb84c0803c (6.6-rc1)
-CVE-2023-53784 [drm: bridge: dw_hdmi: fix connector access for scdc]
+CVE-2023-53784 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.4.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/98703e4e061fb8715c7613cd227e32cdfd136b23 (6.5-rc2)
-CVE-2023-53783 [blk-iocost: fix divide by 0 error in calc_lcoefs()]
+CVE-2023-53783 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/984af1e66b4126cf145153661cc24c213e2ec231 (6.3-rc1)
-CVE-2023-53782 [dccp: Fix out of bounds access in DCCP error handler]
+CVE-2023-53782 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/977ad86c2a1bcaf58f01ab98df5cc145083c489c (6.6-rc1)
-CVE-2023-53781 [smc: Fix use-after-free in tcp_write_timer_handler().]
+CVE-2023-53781 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.3.7-1
NOTE: https://git.kernel.org/linus/9744d2bf19762703704ecba885b7ac282c02eacf (6.3-rc7)
-CVE-2023-53780 [drm/amd/display: fix FCLK pstate change underflow]
+CVE-2023-53780 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/972243f973eb0821084e5833d5f7f4ed025f42da (6.3-rc1)
-CVE-2023-53779 [mfd: dln2: Fix memory leak in dln2_probe()]
+CVE-2023-53779 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/96da8f148396329ba769246cb8ceaa35f1ddfc48 (6.4-rc1)
-CVE-2023-53778 [accel/qaic: Clean up integer overflow checking in map_user_pages()]
+CVE-2023-53778 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.4.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/96d3c1cadedb6ae2e8965e19cd12caa244afbd9c (6.5-rc7)
-CVE-2023-53777 [erofs: kill hooked chains to avoid loops on deduplicated compressed images]
+CVE-2023-53777 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/967c28b23f6c89bb8eef6a046ea88afe0d7c1029 (6.5-rc1)
-CVE-2022-50656 [nfc: pn533: Clear nfc_target before being used]
+CVE-2022-50656 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/9f28157778ede0d4f183f7ab3b46995bb400abbe (6.2-rc1)
-CVE-2022-50655 [ppp: associate skb with a device at tx]
+CVE-2022-50655 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/9f225444467b98579cf28d94f4ad053460dfdb84 (6.2-rc1)
-CVE-2022-50654 [bpf: Fix panic due to wrong pageattr of im->image]
+CVE-2022-50654 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9ed1d9aeef5842ecacb660fce933613b58af1e00 (6.2-rc3)
-CVE-2022-50653 [mmc: atmel-mci: fix return value check of mmc_add_host()]
+CVE-2022-50653 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/9e6e8c43726673ca2abcaac87640b9215fd72f4c (6.2-rc1)
-CVE-2022-50652 [uio: uio_dmem_genirq: Fix missing unlock in irq configuration]
+CVE-2022-50652 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/9de255c461d1b3f0242b3ad1450c3323a3e00b34 (6.2-rc1)
-CVE-2022-50651 [ethtool: eeprom: fix null-deref on genl_info in dump]
+CVE-2022-50651 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.0.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9d9effca9d7d7cf6341182a7c5cabcbd6fa28063 (6.1-rc3)
-CVE-2022-50650 [bpf: Fix reference state management for synchronous callbacks]
+CVE-2022-50650 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9d9d00ac29d0ef7ce426964de46fa6b380357d0a (6.1-rc1)
-CVE-2022-50649 [power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type()]
+CVE-2022-50649 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/9d47e01b9d807808224347935562f7043a358054 (6.1-rc1)
-CVE-2022-50648 [ftrace: Fix recursive locking direct_mutex in ftrace_modify_direct_caller]
+CVE-2022-50648 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.0.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9d2ce78ddcee159eb6a97449e9c68b6d60b9cec4 (6.1-rc1)
-CVE-2022-50647 [RISC-V: Make port I/O string accessors actually work]
+CVE-2022-50647 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/9cc205e3c17d5716da7ebb7fa0c985555e95d009 (6.1-rc1)
-CVE-2022-50646 [scsi: hpsa: Fix possible memory leak in hpsa_init_one()]
+CVE-2022-50646 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/9c9ff300e0de07475796495d86f449340d454a0c (6.2-rc1)
-CVE-2022-50645 [EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper()]
+CVE-2022-50645 (In the Linux kernel, the following vulnerability has been resolved: E ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/9c8921555907f4d723f01ed2d859b66f2d14f08e (6.2-rc1)
-CVE-2022-50644 [clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe]
+CVE-2022-50644 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/9c59a01caba26ec06fefd6ca1f22d5fd1de57d63 (6.1-rc1)
-CVE-2022-50643 [cifs: Fix xid leak in cifs_copy_file_range()]
+CVE-2022-50643 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.6-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/9a97df404a402fe1174d2d1119f87ff2a0ca2fe9 (6.1-rc2)
-CVE-2022-50642 [platform/chrome: cros_ec_typec: zero out stale pointers]
+CVE-2022-50642 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/9a8aadcf0b459c1257b9477fd6402e1d5952ae07 (6.2-rc1)
-CVE-2022-50641 [HSI: omap_ssi: Fix refcount leak in ssi_probe]
+CVE-2022-50641 (In the Linux kernel, the following vulnerability has been resolved: H ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/9a2ea132df860177b33c9fd421b26c4e9a0a9396 (6.1-rc1)
-CVE-2022-50640 [mmc: core: Fix kernel panic when remove non-standard SDIO card]
+CVE-2022-50640 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.7-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/9972e6b404884adae9eec7463e30d9b3c9a70b18 (6.1-rc3)
-CVE-2022-50639 [io-wq: Fix memory leak in worker creation]
+CVE-2022-50639 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.5-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/996d3efeb091c503afd3ee6b5e20eabf446fd955 (6.1-rc2)
-CVE-2022-50638 [ext4: fix bug_on in __es_tree_search caused by bad boot loader inode]
+CVE-2022-50638 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/991ed014de0840c5dc405b679168924afb2952ac (6.2-rc1)
-CVE-2022-50637 [cpufreq: qcom-hw: Fix memory leak in qcom_cpufreq_hw_read_lut()]
+CVE-2022-50637 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/9901c21bcaf2f01fe5078f750d624f4ddfa8f81b (6.2-rc1)
-CVE-2022-50636 [PCI: Fix pci_device_is_present() for VFs by checking PF]
+CVE-2022-50636 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/98b04dd0b4577894520493d96bc4623387767445 (6.2-rc1)
-CVE-2022-50635 [powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe()]
+CVE-2022-50635 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.0.3-1
NOTE: https://git.kernel.org/linus/97f88a3d723162781d6cbfdc7b9617eefab55b19 (6.1-rc1)
-CVE-2022-50634 [power: supply: cw2015: Fix potential null-ptr-deref in cw_bat_probe()]
+CVE-2022-50634 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/97f2b4ddb0aa700d673691a7d5e44d226d22bab7 (6.2-rc1)
-CVE-2022-50633 [usb: dwc3: qcom: Fix memory leak in dwc3_qcom_interconnect_init]
+CVE-2022-50633 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/97a48da1619ba6bd42a0e5da0a03aa490a9496b1 (6.2-rc1)
-CVE-2022-50632 [drivers: perf: marvell_cn10k: Fix hotplug callback leak in tad_pmu_init()]
+CVE-2022-50632 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/973ae93d80d9d262f695eb485a1902b74c4b9098 (6.2-rc1)
-CVE-2022-50631 [RISC-V: kexec: Fix memory leak of fdt buffer]
+CVE-2022-50631 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/96df59b1ae23f5c11698c3c2159aeb2ecd4944a4 (6.2-rc1)
-CVE-2025-62408 [Use after free due to connection being cleaned up after error]
+CVE-2025-62408 (c-ares is an asynchronous resolver library. Versions 1.32.3 through 1. ...)
- c-ares 1.34.6-1
[bookworm] - c-ares <not-affected> (Vulnerable code introduced later)
[bullseye] - c-ares <not-affected> (Vulnerable code introduced later)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e08824d461379d0166e09bbb5824d4fa8124039
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e08824d461379d0166e09bbb5824d4fa8124039
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251209/e312ebc8/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list