[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Dec 23 14:15:03 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
871dd26d by Salvatore Bonaccorso at 2025-12-23T15:14:33+01:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,26 @@
+CVE-2025-68343 [can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header]
+ - linux 6.17.11-1
+ NOTE: https://git.kernel.org/linus/6fe9f3279f7d2518439a7962c5870c6e9ecbadcf (6.18)
+CVE-2025-68342 [can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing data]
+ - linux 6.17.11-1
+ NOTE: https://git.kernel.org/linus/395d988f93861101ec89d0dd9e3b876ae9392a5b (6.18)
+CVE-2025-68341 [veth: reduce XDP no_direct return section to fix race]
+ - linux 6.17.11-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a14602fcae17a3f1cb8a8521bedf31728f9e7e39 (6.18)
+CVE-2025-68340 [team: Move team device type change at the end of team_port_add]
+ - linux 6.17.11-1
+ NOTE: https://git.kernel.org/linus/0ae9cfc454ea5ead5f3ddbdfe2e70270d8e2c8ef (6.18)
+CVE-2025-68339 [atm/fore200e: Fix possible data race in fore200e_open()]
+ - linux 6.17.11-1
+ [bullseye] - linux 5.10.247-1
+ NOTE: https://git.kernel.org/linus/82fca3d8a4a34667f01ec2351a607135249c9cff (6.18)
+CVE-2025-68338 [net: dsa: microchip: Don't free uninitialized ksz_irq]
+ - linux 6.17.11-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/25b62cc5b22c45face094ae3e8717258e46d1d19 (6.18)
CVE-2025-68655
REJECTED
CVE-2025-68654
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/871dd26d572d9fbaaad1feb1ec639f1de95ffe2e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/871dd26d572d9fbaaad1feb1ec639f1de95ffe2e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251223/4ce7e698/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list