[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Dec 30 12:34:20 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1122c74b by Salvatore Bonaccorso at 2025-12-30T13:33:50+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,250 @@
+CVE-2023-54243 [netfilter: ebtables: fix table blob use-after-free]
+	- linux 6.1.20-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/e58a171d35e32e6e8c37cfe0e8a94406732a331f (6.3-rc1)
+CVE-2023-54241 [MIPS: KVM: Fix NULL pointer dereference]
+	- linux 6.4.11-1
+	[bookworm] - linux 6.1.52-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e4de2057698636c0ee709e545d19b169d2069fa3 (6.5-rc1)
+CVE-2023-54240 [net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all()]
+	- linux 6.5.6-1
+	[bookworm] - linux 6.1.55-1
+	[bullseye] - linux 5.10.197-1
+	NOTE: https://git.kernel.org/linus/e4c79810755f66c9a933ca810da2724133b1165a (6.6-rc2)
+CVE-2023-54239 [iommufd: Check for uptr overflow]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e4395701330fc4aee530905039516fe770b81417 (6.3-rc6)
+CVE-2023-54238 [mlx5: fix skb leak while fifo resync and push]
+	- linux 6.1.20-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e435941b1da1a0be4ff8a7ae425774c76a5ac514 (6.3-rc1)
+CVE-2023-54236 [net/net_failover: fix txq exceeding warning]
+	- linux 6.1.25-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/e3cbdcb0fbb61045ef3ce0e072927cc41737f787 (6.3-rc5)
+CVE-2023-54235 [PCI/DOE: Fix destroy_work_on_stack() race]
+	- linux 6.5.3-1
+	[bookworm] - linux 6.1.55-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e3a3a097eaebaf234a482b4d2f9f18fe989208c1 (6.6-rc1)
+CVE-2023-54234 [scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization]
+	- linux 6.1.20-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e39ea831ebad4ab15c4748cb62a397a8abcca36e (6.3-rc1)
+CVE-2023-54232 [m68k: Only force 030 bus error if PC not in exception table]
+	- linux 6.1.25-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/e36a82bebbf7da814530d5a179bef9df5934b717 (6.3-rc2)
+CVE-2023-54231 [net: libwx: fix memory leak in wx_setup_rx_resources]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e315e7b83a22043bffee450437d7089ef373cbf6 (6.4-rc1)
+CVE-2023-54230 [amba: bus: fix refcount leak]
+	- linux 6.5.3-1
+	[bookworm] - linux 6.1.55-1
+	[bullseye] - linux 5.10.197-1
+	NOTE: https://git.kernel.org/linus/e312cbdc11305568554a9e18a2ea5c2492c183f3 (6.6-rc1)
+CVE-2023-54229 [wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range]
+	- linux 6.4.11-1
+	[bookworm] - linux 6.1.52-1
+	[bullseye] - linux 5.10.191-1
+	NOTE: https://git.kernel.org/linus/e2ceb1de2f83aafd8003f0b72dfd4b7441e97d14 (6.5-rc1)
+CVE-2023-54228 [regulator: raa215300: Fix resource leak in case of error]
+	- linux 6.5.6-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e21ac64e669e960688e79bf5babeed63132dac8a (6.6-rc1)
+CVE-2023-54226 [af_unix: Fix data races around sk->sk_shutdown.]
+	- linux 6.3.7-1
+	[bookworm] - linux 6.1.37-1
+	[bullseye] - linux 5.10.191-1
+	NOTE: https://git.kernel.org/linus/e1d09c2c2f5793474556b60f83900e088d0d366d (6.4-rc2)
+CVE-2023-54225 [net: ipa: only reset hashed tables when supported]
+	- linux 6.4.11-1
+	[bookworm] - linux 6.1.52-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e11ec2b868af2b351c6c1e2e50eb711cc5423a10 (6.5-rc4)
+CVE-2023-54224 [btrfs: fix lockdep splat and potential deadlock after failure running delayed items]
+	- linux 6.5.6-1
+	[bookworm] - linux 6.1.55-1
+	[bullseye] - linux 5.10.197-1
+	NOTE: https://git.kernel.org/linus/e110f8911ddb93e6f55da14ccbbe705397b30d0b (6.6-rc2)
+CVE-2023-54223 [net/mlx5e: xsk: Fix invalid buffer access for legacy rq]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e0f52298fee449fec37e3e3c32df60008b509b16 (6.5-rc5)
+CVE-2023-54222 [hte: tegra-194: Fix off by one in tegra_hte_map_to_line_id()]
+	- linux 6.3.7-1
+	[bookworm] - linux 6.1.37-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e078180d66848a6a890daf0a3ce28dc43cc66790 (6.4-rc1)
+CVE-2023-54221 [clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe]
+	- linux 6.4.4-1
+	[bookworm] - linux 6.1.52-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e02ba11b457647050cb16e7cad16cec3c252fade (6.5-rc1)
+CVE-2023-54220 [serial: 8250: Fix oops for port->pm on uart_change_pm()]
+	- linux 6.4.13-1
+	[bookworm] - linux 6.1.52-1
+	[bullseye] - linux 5.10.197-1
+	NOTE: https://git.kernel.org/linus/dfe2aeb226fd5e19b0ee795f4f6ed8bc494c1534 (6.5-rc7)
+CVE-2023-54219 [Revert "IB/isert: Fix incorrect release of isert connection"]
+	- linux 6.5.3-1
+	[bookworm] - linux 6.1.55-1
+	[bullseye] - linux 5.10.197-1
+	NOTE: https://git.kernel.org/linus/dfe261107c080709459c32695847eec96238852b (6.6-rc1)
+CVE-2023-54218 [net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().]
+	- linux 6.3.7-1
+	[bookworm] - linux 6.1.37-1
+	[bullseye] - linux 5.10.191-1
+	NOTE: https://git.kernel.org/linus/dfd9248c071a3710c24365897459538551cb7167 (6.4-rc2)
+CVE-2023-54217 [Revert "drm/msm: Add missing check and destroy for alloc_ordered_workqueue"]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/dfa70344d1b5f5ff08525a8c872c8dd5e82fc5d9 (6.4-rc1)
+CVE-2023-54216 [net/mlx5e: TC, Fix using eswitch mapping in nic mode]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/dfa1e46d6093831b9d49f0f350227a1d13644a2f (6.4-rc4)
+CVE-2023-54215 [virtio-vdpa: Fix cpumask memory leak in virtio_vdpa_find_vqs()]
+	- linux 6.4.13-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/df9557046440b0a62250fee3169a8f6a139f55a6 (6.5-rc7)
+CVE-2023-54214 [Bluetooth: L2CAP: Fix potential user-after-free]
+	- linux 6.1.20-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/df5703348813235874d851934e957c3723d71644 (6.3-rc1)
+CVE-2023-54213 [USB: sisusbvga: Add endpoint checks]
+	- linux 6.3.7-1
+	[bookworm] - linux 6.1.37-1
+	[bullseye] - linux 5.10.191-1
+	NOTE: https://git.kernel.org/linus/df05a9b05e466a46725564528b277d0c570d0104 (6.4-rc1)
+CVE-2023-54211 [tracing: Fix warning in trace_buffered_event_disable()]
+	- linux 6.4.11-1
+	[bookworm] - linux 6.1.52-1
+	[bullseye] - linux 5.10.191-1
+	NOTE: https://git.kernel.org/linus/dea499781a1150d285c62b26659f62fb00824fce (6.5-rc4)
+CVE-2023-54210 [Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_remove_adv_monitor()]
+	- linux 6.4.11-1
+	[bookworm] - linux 6.1.52-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/de6dfcefd107667ce2dbedf4d9337f5ed557a4a1 (6.5-rc3)
+CVE-2023-54209 [block: fix blktrace debugfs entries leakage]
+	- linux 6.4.4-1
+	[bookworm] - linux 6.1.52-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/dd7de3704af9989b780693d51eaea49a665bd9c2 (6.5-rc1)
+CVE-2023-54208 [media: ov5675: Fix memleak in ov5675_init_controls()]
+	- linux 6.1.20-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/dd74ed6c213003533e3abf4c204374ef01d86978 (6.3-rc1)
+CVE-2023-54206 [net/sched: flower: fix filter idr initialization]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/dd4f6bbfa646f258e5bcdfac57a5c413d687f588 (6.4-rc1)
+CVE-2023-54205 [pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain]
+	- linux 6.1.20-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/dcef18c8ac40aa85bb339f64c1dd31dd458b06fb (6.3-rc1)
+CVE-2023-54204 [mmc: sunplus: fix return value check of mmc_add_host()]
+	- linux 6.4.13-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/dce6d8f985fa1ef5c2af47f4f86ea65511b78656 (6.5-rc7)
+CVE-2022-50847 [drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe]
+	- linux 6.1.4-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e577d4b13064c337b83fe7edecb3f34e87144821 (6.2-rc1)
+CVE-2022-50846 [mmc: via-sdmmc: fix return value check of mmc_add_host()]
+	- linux 6.1.4-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/e4e46fb61e3bb4628170810d3f2b996b709b90d9 (6.2-rc1)
+CVE-2022-50845 [ext4: fix inode leak in ext4_xattr_inode_create() on an error path]
+	- linux 6.1.4-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/e4db04f7d3dbbe16680e0ded27ea2a65b10f766a (6.2-rc1)
+CVE-2022-50844 [drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback]
+	- linux 6.1.4-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/e4d0ef752081e7aa6ffb7ccac11c499c732a2e05 (6.2-rc1)
+CVE-2022-50843 [dm clone: Fix UAF in clone_dtr()]
+	- linux 6.1.4-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/e4b5957c6f749a501c464f92792f1c8e26b61a94 (6.2-rc1)
+CVE-2022-50842 [drm/virtio: Check whether transferred 2D BO is shmem]
+	- linux 6.0.3-1
+	[bullseye] - linux 5.10.158-1
+	NOTE: https://git.kernel.org/linus/e473216b42aa1fd9fc6b94b608b42c210c655908 (6.1-rc1)
+CVE-2022-50840 [scsi: snic: Fix possible UAF in snic_tgt_create()]
+	- linux 6.1.4-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/e118df492320176af94deec000ae034cc92be754 (6.2-rc1)
+CVE-2022-50839 [jbd2: fix potential buffer head reference count leak]
+	- linux 6.0.3-1
+	[bullseye] - linux 5.10.158-1
+	NOTE: https://git.kernel.org/linus/e0d5fc7a6d80ac2406c7dfc6bb625201d0250a8a (6.1-rc1)
+CVE-2022-50838 [net: stream: purge sk_error_queue in sk_stream_kill_queues()]
+	- linux 6.1.4-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/e0c8bccd40fc1c19e1d246c39bcf79e357e1ada3 (6.2-rc1)
+CVE-2022-50837 [net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path]
+	- linux 6.1.4-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e095493091e850d5292ad01d8fbf5cde1d89ac53 (6.2-rc1)
+CVE-2022-50836 [remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev()]
+	- linux 6.1.4-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/e01ce676aaef3b13d02343d7e70f9637d93a3367 (6.2-rc1)
+CVE-2022-50835 [jbd2: add miss release buffer head in fc_do_one_pass()]
+	- linux 6.0.3-1
+	[bullseye] - linux 5.10.158-1
+	NOTE: https://git.kernel.org/linus/dfff66f30f66b9524b661f311bbed8ff3d2ca49f (6.1-rc1)
+CVE-2022-50834 [nfc: Fix potential resource leaks]
+	- linux 6.1.7-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/df49908f3c52d211aea5e2a14a93bbe67a2cb3af (6.2-rc3)
+CVE-2022-50833 [Bluetooth: use hdev->workqueue when queuing hdev->{cmd,ncmd}_timer works]
+	- linux 6.0.2-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/deee93d13d385103205879a8a0915036ecd83261 (6.1-rc1)
+CVE-2022-50832 [wifi: wilc1000: fix potential memory leak in wilc_mac_xmit()]
+	- linux 6.1.20-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/deb962ec9e1c9a81babd3d37542ad4bd6ac3396e (6.3-rc1)
+CVE-2022-50830 [auxdisplay: hd44780: Fix potential memory leak in hd44780_remove()]
+	- linux 6.1.20-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ddf75a86aba2cfb7ec4497e8692b60c8c8fe0ee7 (6.3-rc1)
+CVE-2022-50829 [wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()]
+	- linux 6.1.4-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/dd95f2239fc846795fc926787c3ae0ca701c9840 (6.2-rc1)
+CVE-2022-50828 [clk: zynqmp: Fix stack-out-of-bounds in strncpy`]
+	- linux 6.0.3-1
+	[bullseye] - linux 5.10.158-1
+	NOTE: https://git.kernel.org/linus/dd80fb2dbf1cd8751efbe4e53e54056f56a9b115 (6.1-rc1)
+CVE-2023-54242 [block, bfq: Fix division by zero error on zero wsum]
+	- linux 6.3.7-1
+	[bookworm] - linux 6.1.37-1
+	NOTE: https://git.kernel.org/linus/e53413f8deedf738a6782cc14cc00bd5852ccf18 (6.4-rc1)
+CVE-2023-54237 [net/smc: fix potential panic dues to unprotected smc_llc_srv_add_link()]
+	- linux 6.1.20-1
+	NOTE: https://git.kernel.org/linus/e40b801b3603a8f90b46acbacdea3505c27f01c0 (6.3-rc1)
+CVE-2023-54233 [ASoC: SOF: avoid a NULL dereference with unsupported widgets]
+	- linux 6.3.7-1
+	NOTE: https://git.kernel.org/linus/e3720f92e0237921da537e47a0b24e27899203f8 (6.3-rc6)
+CVE-2023-54227 [blk-mq: fix tags leak when shrink nr_hw_queues]
+	- linux 6.5.6-1
+	NOTE: https://git.kernel.org/linus/e1dd7bc93029024af5688253b0c05181d6e01f8e (6.6-rc1)
+CVE-2023-54212 [ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF]
+	- linux <unfixed>
+	[bullseye] - linux 5.10.178-1
+CVE-2023-54207 [HID: uclogic: Correct devm device reference for hidinput input_dev name]
+	- linux 6.5.3-1
+	[bookworm] - linux 6.1.55-1
+	NOTE: https://git.kernel.org/linus/dd613a4e45f8d35f49a63a2064e5308fa5619e29 (6.6-rc1)
+CVE-2022-50841 [fs/ntfs3: Add overflow check for attribute size]
+	- linux 6.1.4-1
+	NOTE: https://git.kernel.org/linus/e19c6277652efba203af4ecd8eed4bd30a0054c9 (6.2-rc1)
+CVE-2022-50831 [wifi: mac80211: fix MBSSID parsing use-after-free]
+	- linux <unfixed>
 CVE-2023-54203 [ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr]
 	- linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/dc8289f912387c3bcfbc5d2db29c8947fa207c11 (6.3-rc6)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1122c74b5b9eaea88fc6c1c2eab7ecc8520ce40a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1122c74b5b9eaea88fc6c1c2eab7ecc8520ce40a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251230/3b55ab47/attachment.htm>

More information about the debian-security-tracker-commits mailing list