[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Dec 30 12:38:11 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f414e596 by Salvatore Bonaccorso at 2025-12-30T13:37:42+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,258 @@
+CVE-2023-54279 [MIPS: fw: Allow firmware to pass a empty env]
+	- linux 6.3.7-1
+	[bookworm] - linux 6.1.37-1
+	[bullseye] - linux 5.10.191-1
+	NOTE: https://git.kernel.org/linus/ee1809ed7bc456a72dc8410b475b73021a3a68d5 (6.4-rc1)
+CVE-2023-54278 [s390/vmem: split pages when debug pagealloc is enabled]
+	- linux 6.4.11-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/edc1e4b6e26536868ef819a735e04a5b32c10589 (6.5-rc5)
+CVE-2023-54277 [fbdev: udlfb: Fix endpoint check]
+	- linux 6.3.7-1
+	[bookworm] - linux 6.1.37-1
+	[bullseye] - linux 5.10.191-1
+	NOTE: https://git.kernel.org/linus/ed9de4ed39875706607fb08118a58344ae6c5f42 (6.4-rc3)
+CVE-2023-54276 [nfsd: move init of percpu reply_cache_stats counters back to nfsd_init_net]
+	- linux 6.4.4-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ed9ab7346e908496816cffdecd46932035f66e2e (6.5-rc1)
+CVE-2023-54275 [wifi: ath11k: Fix memory leak in ath11k_peer_rx_frag_setup]
+	- linux 6.1.20-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/ed3f83b3459a67a3ab9d806490ac304b567b1c2d (6.3-rc1)
+CVE-2023-54274 [RDMA/srpt: Add a check for valid 'mad_agent' pointer]
+	- linux 6.3.7-1
+	[bookworm] - linux 6.1.37-1
+	[bullseye] - linux 5.10.191-1
+	NOTE: https://git.kernel.org/linus/eca5cd9474cd26d62f9756f536e2e656d3f62f3a (6.4-rc1)
+CVE-2023-54273 [xfrm: Fix leak of dev tracker]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ec8f32ad9a65a8cbb465b69e154aaec9d2fe45c4 (6.4-rc3)
+CVE-2023-54270 [media: usb: siano: Fix use after free bugs caused by do_submit_urb]
+	- linux 6.1.20-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/ebad8e731c1c06adf04621d6fd327b860c0861b5 (6.3-rc1)
+CVE-2023-54269 [SUNRPC: double free xprt_ctxt while still in use]
+	- linux 6.3.7-1
+	[bookworm] - linux 6.1.37-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/eb8d3a2c809abd73ab0a060fe971d6b9019aa3c1 (6.4-rc3)
+CVE-2023-54268 [debugobjects: Don't wake up kswapd from fill_pool()]
+	- linux 6.3.7-1
+	[bookworm] - linux 6.1.37-1
+	[bullseye] - linux 5.10.191-1
+	NOTE: https://git.kernel.org/linus/eb799279fb1f9c63c520fe8c1c41cb9154252db6 (6.4-rc4)
+CVE-2023-54267 [powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT]
+	- linux 6.5.3-1
+	[bookworm] - linux 6.1.55-1
+	[bullseye] - linux 5.10.197-1
+	NOTE: https://git.kernel.org/linus/eac030b22ea12cdfcbb2e941c21c03964403c63f (6.6-rc1)
+CVE-2023-54266 [media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()]
+	- linux 6.5.3-1
+	[bookworm] - linux 6.1.55-1
+	[bullseye] - linux 5.10.197-1
+	NOTE: https://git.kernel.org/linus/ea9ef6c2e001c5dc94bee35ebd1c8a98621cf7b8 (6.6-rc1)
+CVE-2023-54265 [ipv6: Fix an uninit variable access bug in __ip6_make_skb()]
+	- linux 6.1.25-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/ea30388baebcce37fd594d425a65037ca35e59e8 (6.3-rc6)
+CVE-2023-54264 [fs/sysv: Null check to prevent null-ptr-deref bug]
+	- linux 6.4.11-1
+	[bookworm] - linux 6.1.52-1
+	[bullseye] - linux 5.10.191-1
+	NOTE: https://git.kernel.org/linus/ea2b62f305893992156a798f665847e0663c9f41 (6.5-rc1)
+CVE-2023-54262 [net/mlx5e: Don't clone flow post action attributes second time]
+	- linux 6.3.7-1
+	[bookworm] - linux 6.1.37-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e9fce818fe003b6c527f25517b9ac08eb4661b5d (6.4-rc1)
+CVE-2023-54260 [cifs: Fix lost destroy smbd connection when MR allocate failed]
+	- linux 6.1.20-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/e9d3401d95d62a9531082cd2453ed42f2740e3fd (6.3-rc1)
+CVE-2023-54258 [cifs: fix potential oops in cifs_oplock_break]
+	- linux 6.4.13-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e8f5f849ffce24490eb9449e98312b66c0dba76f (6.5-rc7)
+CVE-2023-54257 [net: macb: fix a memory corruption in extended buffer descriptor mode]
+	- linux 6.1.25-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/e8b74453555872851bdd7ea43a7c0ec39659834f (6.3-rc7)
+CVE-2023-54256 [usb: dwc3: don't reset device side if dwc3 was configured as host-only]
+	- linux 6.4.11-1
+	[bookworm] - linux 6.1.52-1
+	[bullseye] - linux 5.10.191-1
+	NOTE: https://git.kernel.org/linus/e835c0a4e23c38531dcee5ef77e8d1cf462658c7 (6.5-rc4)
+CVE-2023-54255 [sh: dma: Fix DMA channel offset calculation]
+	- linux 6.4.4-1
+	[bookworm] - linux 6.1.52-1
+	[bullseye] - linux 5.10.191-1
+	NOTE: https://git.kernel.org/linus/e82e47584847129a20b8c9f4a1dcde09374fb0e0 (6.5-rc1)
+CVE-2023-54254 [drm/ttm: Don't leak a resource on eviction error]
+	- linux 6.4.11-1
+	[bookworm] - linux 6.1.52-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e8188c461ee015ba0b9ab2fc82dbd5ebca5a5532 (6.5-rc2)
+CVE-2023-54252 [platform/x86: think-lmi: Fix memory leaks when parsing ThinkStation WMI strings]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e7d796fccdc8d17c2d21817ebe4c7bf5bbfe5433 (6.3-rc6)
+CVE-2023-54249 [bus: mhi: ep: Only send -ENOTCONN status if client driver is available]
+	- linux 6.1.20-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e6cebcc27519dcf1652e604c73b9fd4f416987c0 (6.3-rc1)
+CVE-2023-54248 [fs/ntfs3: Add check for kmemdup]
+	- linux 6.3.7-1
+	[bookworm] - linux 6.1.37-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e6c3cef24cb0d045f99d5cb039b344874e3cfd74 (6.4-rc1)
+CVE-2023-54246 [rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to _idle()]
+	- linux 6.5.6-1
+	[bookworm] - linux 6.1.55-1
+	[bullseye] - linux 5.10.197-1
+	NOTE: https://git.kernel.org/linus/e60c122a1614b4f65b29a7bef9d83b9fd30e937a (6.6-rc1)
+CVE-2023-54244 [ACPI: EC: Fix oops when removing custom query handlers]
+	- linux 6.3.7-1
+	[bookworm] - linux 6.1.37-1
+	[bullseye] - linux 5.10.191-1
+	NOTE: https://git.kernel.org/linus/e5b492c6bb900fcf9722e05f4a10924410e170c1 (6.4-rc1)
+CVE-2022-50873 [vdpa/vp_vdpa: fix kfree a wrong pointer in vp_vdpa_remove]
+	- linux 6.1.7-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ed843d6ed7310a27cf7c8ee0a82a482eed0cb4a6 (6.2-rc3)
+CVE-2022-50872 [ARM: OMAP2+: Fix memory leak in realtime_counter_init()]
+	- linux 6.1.20-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/ed8167cbf65c2b6ff6faeb0f96ded4d6d581e1ac (6.3-rc1)
+CVE-2022-50870 [powerpc/rtas: avoid device tree lookups in rtas_os_term()]
+	- linux 6.1.4-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/ed2213bfb192ab51f09f12e9b49b5d482c6493f3 (6.2-rc1)
+CVE-2022-50868 [hwrng: amd - Fix PCI device refcount leak]
+	- linux 6.1.4-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/ecadb5b0111ea19fc7c240bb25d424a94471eb7d (6.2-rc1)
+CVE-2022-50867 [drm/msm/a6xx: Replace kcalloc() with kvzalloc()]
+	- linux 6.0.7-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ec8f1813bf8d0737898f99a8c1c69df0cde0d7dd (6.1-rc3)
+CVE-2022-50866 [ASoC: pxa: fix null-pointer dereference in filter()]
+	- linux 6.1.4-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/ec7bf231aaa1bdbcb69d23bc50c753c80fb22429 (6.2-rc1)
+CVE-2022-50865 [tcp: fix a signed-integer-overflow bug in tcp_add_backlog()]
+	- linux 6.0.7-1
+	[bullseye] - linux 5.10.158-1
+	NOTE: https://git.kernel.org/linus/ec791d8149ff60c40ad2074af3b92a39c916a03f (6.1-rc3)
+CVE-2022-50864 [nilfs2: fix shift-out-of-bounds due to too large exponent of block size]
+	- linux 6.1.4-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/ebeccaaef67a4895d2496ab8d9c2fb8d89201211 (6.2-rc1)
+CVE-2022-50862 [bpf: prevent decl_tag from being referenced in func_proto]
+	- linux 6.0.7-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ea68376c8bed5cd156900852aada20c3a0874d17 (6.1-rc3)
+CVE-2022-50861 [NFSD: Finish converting the NFSv2 GETACL result encoder]
+	- linux 6.1.4-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ea5021e911d3479346a75ac9b7d9dcd751b0fb99 (6.2-rc1)
+CVE-2022-50860 [apparmor: Fix memleak in alloc_ns()]
+	- linux 6.1.4-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/e9e6fa49dbab6d84c676666f3fe7d360497fd65b (6.2-rc1)
+CVE-2022-50859 [cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message]
+	- linux 6.0.3-1
+	[bullseye] - linux 5.10.158-1
+	NOTE: https://git.kernel.org/linus/e98ecc6e94f4e6d21c06660b0f336df02836694f (6.1-rc1)
+CVE-2022-50858 [mmc: alcor: fix return value check of mmc_add_host()]
+	- linux 6.1.4-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/e93d1468f429475a753d6baa79b853b7ee5ef8c0 (6.2-rc1)
+CVE-2022-50857 [rapidio: rio: fix possible name leak in rio_register_mport()]
+	- linux 6.1.4-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/e92a216d16bde65d21a3227e0fb2aa0794576525 (6.2-rc1)
+CVE-2022-50856 [cifs: Fix xid leak in cifs_ses_add_channel()]
+	- linux 6.0.6-1
+	[bullseye] - linux 5.10.158-1
+	NOTE: https://git.kernel.org/linus/e909d054bdea75ef1ec48c18c5936affdaecbb2c (6.1-rc2)
+CVE-2022-50855 [bpf: prevent leak of lsm program after failed attach]
+	- linux 6.1.4-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e89f3edffb860a0f54a9ed16deadb7a4a1fa3862 (6.2-rc1)
+CVE-2022-50854 [nfc: virtual_ncidev: Fix memory leak in virtual_nci_send()]
+	- linux 6.0.7-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e840d8f4a1b323973052a1af5ad4edafcde8ae3d (6.1-rc3)
+CVE-2022-50853 [NFSv4: Fix a credential leak in _nfs4_discover_trunking()]
+	- linux 6.1.4-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e83458fce080dc23c25353a1af90bfecf79c7369 (6.2-rc1)
+CVE-2022-50852 [wifi: mt76: mt7921: fix use after free in mt7921_acpi_read()]
+	- linux 6.0.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e7de4b4979bd8d313ec837931dde936653ca82ea (6.1-rc1)
+CVE-2022-50850 [scsi: ipr: Fix WARNING in ipr_init()]
+	- linux 6.1.4-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/e6f108bffc3708ddcff72324f7d40dfcd0204894 (6.2-rc1)
+CVE-2022-50849 [pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP]
+	- linux 6.1.4-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/e6b842741b4f39007215fd7e545cb55aa3d358a2 (6.2-rc1)
+CVE-2022-50848 [drivers: dio: fix possible memory leak in dio_init()]
+	- linux 6.1.4-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/e63e99397b2613d50a5f4f02ed07307e67a190f1 (6.2-rc1)
+CVE-2023-54272 [fs/ntfs3: Fix a possible null-pointer dereference in ni_clear()]
+	- linux 6.3.7-1
+	[bookworm] - linux 6.1.82-1
+	NOTE: https://git.kernel.org/linus/ec275bf9693d19cc0fdce8436f4c425ced86f6e7 (6.4-rc1)
+CVE-2023-54271 [blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init]
+	- linux 6.5.3-1
+	NOTE: https://git.kernel.org/linus/ec14a87ee1999b19d8b7ed0fa95fea80644624ae (6.6-rc1)
+CVE-2023-54263 [drm/nouveau/kms/nv50-: init hpd_irq_lock for PIOR DP]
+	- linux 6.4.11-1
+	NOTE: https://git.kernel.org/linus/ea293f823a8805735d9e00124df81a8f448ed1ae (6.5-rc3)
+CVE-2023-54261 [drm/amdkfd: Add missing gfx11 MQD manager callbacks]
+	- linux 6.5.6-1
+	NOTE: https://git.kernel.org/linus/e9dca969b2426702a73719ab9207e43c6d80b581 (6.6-rc1)
+CVE-2023-54259 [soundwire: bus: Fix unbalanced pm_runtime_put() causing usage count underflow]
+	- linux 6.3.7-1
+	[bookworm] - linux 6.1.37-1
+	NOTE: https://git.kernel.org/linus/e9537962519e88969f5f69cd0571eb4f6984403c (6.4-rc1)
+CVE-2023-54253 [btrfs: set page extent mapped after read_folio in relocate_one_page]
+	- linux 6.5.6-1
+	[bookworm] - linux 6.1.55-1
+	NOTE: https://git.kernel.org/linus/e7f1326cc24e22b38afc3acd328480a1183f9e79 (6.6-rc1)
+CVE-2023-54251 [net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX.]
+	- linux 6.4.11-1
+	[bookworm] - linux 6.1.52-1
+	NOTE: https://git.kernel.org/linus/e739718444f7bf2fa3d70d101761ad83056ca628 (6.5-rc5)
+CVE-2023-54250 [ksmbd: avoid out of bounds access in decode_preauth_ctxt()]
+	- linux 6.1.25-1
+	NOTE: https://git.kernel.org/linus/e7067a446264a7514fa1cfaa4052cdb6803bc6a2 (6.3-rc7)
+CVE-2023-54247 [bpf: Silence a warning in btf_type_id_size()]
+	- linux 6.4.11-1
+	[bookworm] - linux 6.1.112-1
+	NOTE: https://git.kernel.org/linus/e6c2f594ed961273479505b42040782820190305 (6.5-rc1)
+CVE-2023-54245 [ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds]
+	- linux 6.1.25-1
+	NOTE: https://git.kernel.org/linus/e5e7e398f6bb7918dab0612eb6991f7bae95520d (6.3-rc3)
+CVE-2022-50871 [wifi: ath11k: Fix qmi_msg_handler data structure initialization]
+	- linux 6.1.4-1
+	NOTE: https://git.kernel.org/linus/ed3725e15a154ebebf44e0c34806c57525483f92 (6.2-rc1)
+CVE-2022-50869 [fs/ntfs3: Fix slab-out-of-bounds in r_page]
+	- linux 6.1.4-1
+	NOTE: https://git.kernel.org/linus/ecfbd57cf9c5ca225184ae266ce44ae473792132 (6.2-rc1)
+CVE-2022-50863 [wifi: rtw89: free unused skb to prevent memory leak]
+	- linux 6.0.3-1
+	NOTE: https://git.kernel.org/linus/eae672f386049146058b9e5d3d33e9e4af9dca1d (6.1-rc1)
+CVE-2022-50851 [vhost_vdpa: fix the crash in unmap a large memory]
+	- linux 6.1.7-1
+	NOTE: https://git.kernel.org/linus/e794070af224ade46db368271896b2685ff4f96b (6.2-rc3)
 CVE-2023-54243 [netfilter: ebtables: fix table blob use-after-free]
 	- linux 6.1.20-1
 	[bullseye] - linux 5.10.178-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f414e5960146f440c6e81250aec8c3932f6c97a1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f414e5960146f440c6e81250aec8c3932f6c97a1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251230/723563a4/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list