[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Dec 30 20:13:23 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
de063624 by security tracker role at 2025-12-30T20:13:14+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,282 @@
-CVE-2025-67746
+CVE-2025-69261 (WasmEdge is a WebAssembly runtime. Prior to version 0.16.0-alpha.3, a ...)
+ TODO: check
+CVE-2025-69257 (theshit is a command-line utility that automatically detects and fixes ...)
+ TODO: check
+CVE-2025-69256 (The Serverless Framework is a framework for using AWS Lambda and other ...)
+ TODO: check
+CVE-2025-69210 (FacturaScripts is open-source enterprise resource planning and account ...)
+ TODO: check
+CVE-2025-69204 (ImageMagick is free and open-source software used for editing and mani ...)
+ TODO: check
+CVE-2025-69093 (Missing Authorization vulnerability in wpdesk ShopMagic shopmagic-for- ...)
+ TODO: check
+CVE-2025-69092 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-69091 (Missing Authorization vulnerability in Kraft Plugins Demo Importer Plu ...)
+ TODO: check
+CVE-2025-69089 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-69088 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-69034 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-69033 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-69032 (Authorization Bypass Through User-Controlled Key vulnerability in Mika ...)
+ TODO: check
+CVE-2025-69031 (Missing Authorization vulnerability in Skywarrior Arcane arcane allows ...)
+ TODO: check
+CVE-2025-69030 (Authorization Bypass Through User-Controlled Key vulnerability in Mika ...)
+ TODO: check
+CVE-2025-69029 (Authorization Bypass Through User-Controlled Key vulnerability in Sele ...)
+ TODO: check
+CVE-2025-69028 (Missing Authorization vulnerability in BoldGrid weForms weforms allows ...)
+ TODO: check
+CVE-2025-69027 (Missing Authorization vulnerability in tychesoftwares Product Delivery ...)
+ TODO: check
+CVE-2025-69026 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
+ TODO: check
+CVE-2025-69025 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
+ TODO: check
+CVE-2025-69024 (Missing Authorization vulnerability in bizswoop BizPrint print-google- ...)
+ TODO: check
+CVE-2025-69023 (Missing Authorization vulnerability in Marketing Fire Discussion Board ...)
+ TODO: check
+CVE-2025-69022 (Missing Authorization vulnerability in Weblizar - WordPress Themes &am ...)
+ TODO: check
+CVE-2025-69021 (Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Popup box a ...)
+ TODO: check
+CVE-2025-69020 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-69019 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-69018 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-69017 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-69016 (Missing Authorization vulnerability in averta Shortcodes and extra fea ...)
+ TODO: check
+CVE-2025-69015 (Missing Authorization vulnerability in Automattic Crowdsignal Forms cr ...)
+ TODO: check
+CVE-2025-69014 (Server-Side Request Forgery (SSRF) vulnerability in Youzify Youzify yo ...)
+ TODO: check
+CVE-2025-69013 (Missing Authorization vulnerability in jetmonsters Stratum stratum all ...)
+ TODO: check
+CVE-2025-69012 (Missing Authorization vulnerability in Stephen Harris Event Organiser ...)
+ TODO: check
+CVE-2025-69010 (Missing Authorization vulnerability in themebeez Themebeez Toolkit the ...)
+ TODO: check
+CVE-2025-69009 (Missing Authorization vulnerability in kamleshyadav Medicalequipment m ...)
+ TODO: check
+CVE-2025-69008 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-69007 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-69006 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-68998 (Cross-Site Request Forgery (CSRF) vulnerability in Heateor Support Hea ...)
+ TODO: check
+CVE-2025-68997 (Authorization Bypass Through User-Controlled Key vulnerability in Adva ...)
+ TODO: check
+CVE-2025-68996 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-68995 (Missing Authorization vulnerability in Gal Dubinski My Sticky Elements ...)
+ TODO: check
+CVE-2025-68994 (Missing Authorization vulnerability in XforWooCommerce Product Loops f ...)
+ TODO: check
+CVE-2025-68993 (Missing Authorization vulnerability in XforWooCommerce Share, Print an ...)
+ TODO: check
+CVE-2025-68992 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-68991 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-68990 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-68989 (Insertion of Sensitive Information Into Sent Data vulnerability in Ren ...)
+ TODO: check
+CVE-2025-68988 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
+ TODO: check
+CVE-2025-68987 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-68985 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-68984 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-68983 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-68982 (Missing Authorization vulnerability in designthemes DesignThemes LMS A ...)
+ TODO: check
+CVE-2025-68981 (Missing Authorization vulnerability in designthemes HomeFix Elementor ...)
+ TODO: check
+CVE-2025-68980 (Missing Authorization vulnerability in designthemes WeDesignTech Portf ...)
+ TODO: check
+CVE-2025-68979 (Authorization Bypass Through User-Controlled Key vulnerability in Simp ...)
+ TODO: check
+CVE-2025-68978 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-68977 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-68976 (Missing Authorization vulnerability in Eagle-Themes Eagle Booking eagl ...)
+ TODO: check
+CVE-2025-68975 (Authorization Bypass Through User-Controlled Key vulnerability in Eagl ...)
+ TODO: check
+CVE-2025-68974 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-68950 (ImageMagick is free and open-source software used for editing and mani ...)
+ TODO: check
+CVE-2025-68926 (RustFS is a distributed object storage system built in Rust. In versio ...)
+ TODO: check
+CVE-2025-68618 (ImageMagick is free and open-source software used for editing and mani ...)
+ TODO: check
+CVE-2025-66848 (JD Cloud NAS routers AX1800 (4.3.1.r4308 and earlier), AX3000 (4.3.1.r ...)
+ TODO: check
+CVE-2025-66835 (TrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi ...)
+ TODO: check
+CVE-2025-66834 (A CSV Formula Injection vulnerability in TrueConf Server v5.5.2.10813 ...)
+ TODO: check
+CVE-2025-66824 (A Stored Cross-Site Scripting (XSS) vulnerability exists in the Meetin ...)
+ TODO: check
+CVE-2025-66823 (An HTML Injection vulnerability in TrueConf server 5.5.2.10813 in the ...)
+ TODO: check
+CVE-2025-66103 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-66094 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-66080 (Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice ...)
+ TODO: check
+CVE-2025-65925 (An issue was discovered in Zeroheight (SaaS) prior to 2025-06-13. A le ...)
+ TODO: check
+CVE-2025-65411 (A NULL pointer dereference in the src/path.c component of GNU Unrtf v0 ...)
+ TODO: check
+CVE-2025-65409 (A divide-by-zero in the encryption/decryption routines of GNU Recutils ...)
+ TODO: check
+CVE-2025-64528 (Discourse is an open source discussion platform. Prior to versions 3.5 ...)
+ TODO: check
+CVE-2025-64190 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-63027 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-62746 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-62128 (Missing Authorization vulnerability in SiteLock SiteLock Security allo ...)
+ TODO: check
+CVE-2025-62112 (Cross-Site Request Forgery (CSRF) vulnerability in Merv Barrett Import ...)
+ TODO: check
+CVE-2025-61557 (nixseparatedebuginfod before v0.4.1 is vulnerable to Directory Travers ...)
+ TODO: check
+CVE-2025-59129 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-56332 (Authentication Bypass in fosrl/pangolin v1.6.2 and before allows attac ...)
+ TODO: check
+CVE-2025-52835 (Cross-Site Request Forgery (CSRF) vulnerability in ConoHa by GMO WING ...)
+ TODO: check
+CVE-2025-50343 (An issue was discovered in matio 1.5.28. A heap-based memory corruptio ...)
+ TODO: check
+CVE-2025-15359 (DVP-12SE11T - Out-of-bound memory write Vulnerability)
+ TODO: check
+CVE-2025-15358 (DVP-12SE11T - Denial of Service Vulnerability)
+ TODO: check
+CVE-2025-15353 (A vulnerability was detected in itsourcecode Society Management System ...)
+ TODO: check
+CVE-2025-15264 (A vulnerability was determined in FeehiCMS up to 2.1.1. Impacted is an ...)
+ TODO: check
+CVE-2025-15263 (A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affec ...)
+ TODO: check
+CVE-2025-15262 (A security flaw has been discovered in BiggiDroid Simple PHP CMS 1.0. ...)
+ TODO: check
+CVE-2025-15258 (A weakness has been identified in Edimax BR-6208AC 1.02/1.03. Affected ...)
+ TODO: check
+CVE-2025-15257 (A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03. Aff ...)
+ TODO: check
+CVE-2025-15256 (A vulnerability was identified in Edimax BR-6208AC 1.02/1.03. Affected ...)
+ TODO: check
+CVE-2025-15255 (A vulnerability was determined in Tenda W6-S 1.0.0.4(510). This impact ...)
+ TODO: check
+CVE-2025-15254 (A vulnerability was found in Tenda W6-S 1.0.0.4(510). This affects the ...)
+ TODO: check
+CVE-2025-15253 (A vulnerability has been found in Tenda M3 1.0.0.13(4903). The impacte ...)
+ TODO: check
+CVE-2025-15252 (A flaw has been found in Tenda M3 1.0.0.13(4903). The affected element ...)
+ TODO: check
+CVE-2025-15251 (A vulnerability was detected in beecue FastBee up to 2.1. Impacted is ...)
+ TODO: check
+CVE-2025-15250 (A security vulnerability has been detected in 08CMS Novel System up to ...)
+ TODO: check
+CVE-2025-15249 (A weakness has been identified in zhujunliang3 work_platform up to 6bc ...)
+ TODO: check
+CVE-2025-15248 (A security flaw has been discovered in sunhailin12315 product-review \ ...)
+ TODO: check
+CVE-2025-15247 (A vulnerability was identified in gmg137 snap7-rs up to 153d3e8c16decd ...)
+ TODO: check
+CVE-2025-15246 (A vulnerability was determined in aizuda snail-job up to 1.7.0 on macO ...)
+ TODO: check
+CVE-2025-15245 (A vulnerability was found in D-Link DCS-850L 1.02.09. Affected is the ...)
+ TODO: check
+CVE-2025-15244 (A vulnerability has been found in PHPEMS up to 11.0. This impacts an u ...)
+ TODO: check
+CVE-2025-15243 (A flaw has been found in code-projects Simple Stock System 1.0. This a ...)
+ TODO: check
+CVE-2025-15242 (A vulnerability was detected in PHPEMS up to 11.0. The impacted elemen ...)
+ TODO: check
+CVE-2025-15241 (A security vulnerability has been detected in CloudPanel Community Edi ...)
+ TODO: check
+CVE-2025-15234 (A weakness has been identified in Tenda M3 1.0.0.13(4903). Impacted is ...)
+ TODO: check
+CVE-2025-15103 (DVP-12SE11T - Authentication Bypass via Partial Password Disclosure)
+ TODO: check
+CVE-2025-15102 (DVP-12SE11T - Password Protection Bypass)
+ TODO: check
+CVE-2025-14509 (The Lucky Wheel for WooCommerce \u2013 Spin a Sale plugin for WordPres ...)
+ TODO: check
+CVE-2025-14426 (The Strong Testimonials plugin for WordPress is vulnerable to unauthor ...)
+ TODO: check
+CVE-2024-58247
+ REJECTED
+CVE-2024-58246
+ REJECTED
+CVE-2024-58245
+ REJECTED
+CVE-2024-58244
+ REJECTED
+CVE-2024-58243
+ REJECTED
+CVE-2024-58242
+ REJECTED
+CVE-2022-50613
+ REJECTED
+CVE-2022-50612
+ REJECTED
+CVE-2022-50611
+ REJECTED
+CVE-2022-50610
+ REJECTED
+CVE-2022-50609
+ REJECTED
+CVE-2022-50608
+ REJECTED
+CVE-2022-50607
+ REJECTED
+CVE-2022-50606
+ REJECTED
+CVE-2022-50605
+ REJECTED
+CVE-2022-50604
+ REJECTED
+CVE-2022-50603
+ REJECTED
+CVE-2022-50602
+ REJECTED
+CVE-2022-50601
+ REJECTED
+CVE-2022-50600
+ REJECTED
+CVE-2022-50599
+ REJECTED
+CVE-2022-50598
+ REJECTED
+CVE-2022-50597
+ REJECTED
+CVE-2025-67746 (Composer is a dependency manager for PHP. In versions on the 2.x branc ...)
- composer 2.9.3-1
[trixie] - composer <no-dsa> (Minor issue)
[bookworm] - composer <no-dsa> (Minor issue)
@@ -6,1037 +284,1037 @@ CVE-2025-67746
NOTE: https://github.com/composer/composer/security/advisories/GHSA-59pp-r3rg-353g
NOTE: Fixed by: https://github.com/composer/composer/commit/5db1876a76fdef76d3c4f8a27995c434c7a43e71 (2.9.3)
NOTE: Fixed by: https://github.com/composer/composer/commit/1d40a95c9d39a6b7f80d404ab30336c586da9917 (2.2.26)
-CVE-2023-54326 [misc: pci_endpoint_test: Free IRQs before removing the device]
+CVE-2023-54326 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/f61b7634a3249d12b9daa36ffbdb9965b6f24c6c (6.5-rc1)
-CVE-2023-54325 [crypto: qat - fix out-of-bounds read]
+CVE-2023-54325 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f6044cc3030e139f60c281386f28bda6e3049d66 (6.3-rc1)
-CVE-2023-54323 [cxl/pmem: Fix nvdimm registration races]
+CVE-2023-54323 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f57aec443c24d2e8e1f3b5b4856aea12ddda4254 (6.3-rc1)
-CVE-2023-54319 [pinctrl: at91-pio4: check return value of devm_kasprintf()]
+CVE-2023-54319 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/f6fd5d4ff8ca0b24cee1af4130bcb1fa96b61aa0 (6.5-rc1)
-CVE-2023-54318 [net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add]
+CVE-2023-54318 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/f5146e3ef0a9eea405874b36178c19a4863b8989 (6.6-rc2)
-CVE-2023-54317 [dm flakey: don't corrupt the zero page]
+CVE-2023-54317 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f50714b57aecb6b3dc81d578e295f86d9c73f078 (6.3-rc1)
-CVE-2023-54316 [refscale: Fix uninitalized use of wait_queue_head_t]
+CVE-2023-54316 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/f5063e8948dad7f31adb007284a5d5038ae31bb8 (6.6-rc1)
-CVE-2023-54315 [powerpc/powernv/sriov: perform null check on iov before dereferencing iov]
+CVE-2023-54315 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/f4f913c980bc6abe0ccfe88fe3909c125afe4a2d (6.5-rc1)
-CVE-2023-54314 [media: af9005: Fix null-ptr-deref in af9005_i2c_xfer]
+CVE-2023-54314 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/f4ee84f27625ce1fdf41e8483fa0561a1b837d10 (6.6-rc1)
-CVE-2023-54313 [ovl: fix null pointer dereference in ovl_get_acl_rcu()]
+CVE-2023-54313 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f4e19e595cc2e76a8a58413eb19d3d9c51328b53 (6.5-rc1)
-CVE-2023-54312 [samples/bpf: Fix buffer overflow in tcp_basertt]
+CVE-2023-54312 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/f4dea9689c5fea3d07170c2cb0703e216f1a0922 (6.5-rc1)
-CVE-2023-54311 [ext4: fix deadlock when converting an inline directory in nojournal mode]
+CVE-2023-54311 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/f4ce24f54d9cca4f09a395f3eecce20d6bec4663 (6.4-rc2)
-CVE-2023-54310 [scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition]
+CVE-2023-54310 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/f486893288f3e9b171b836f43853a6426515d800 (6.4-rc1)
-CVE-2023-54309 [tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation]
+CVE-2023-54309 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/f4032d615f90970d6c3ac1d9c0bce3351eb4445c (6.5-rc3)
-CVE-2023-54308 [ALSA: ymfpci: Create card with device-managed snd_devm_card_new()]
+CVE-2023-54308 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.1.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f33fc1576757741479452255132d6e3aaf558ffe (6.3-rc5)
-CVE-2023-54307 [ptp_qoriq: fix memory leak in probe()]
+CVE-2023-54307 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f33642224e38d7e0d59336e10e7b4e370b1c4506 (6.3-rc5)
-CVE-2023-54306 [net: tls: avoid hanging tasks on the tx_lock]
+CVE-2023-54306 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f3221361dc85d4de22586ce8441ec2c67b454f5d (6.3-rc2)
-CVE-2023-54305 [ext4: refuse to create ea block when umounted]
+CVE-2023-54305 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f31173c19901a96bb2ebf6bcfec8a08df7095c91 (6.3-rc1)
-CVE-2023-54304 [firmware: meson_sm: fix to avoid potential NULL pointer dereference]
+CVE-2023-54304 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/f2ed165619c16577c02b703a114a1f6b52026df4 (6.6-rc1)
-CVE-2023-54303 [bpf: Disable preemption in bpf_perf_event_output]
+CVE-2023-54303 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f2c67a3e60d1071b65848efaa8c3b66c363dd025 (6.5-rc5)
-CVE-2023-54302 [RDMA/irdma: Fix data race on CQP completion stats]
+CVE-2023-54302 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f2c3037811381f9149243828c7eb9a1631df9f9c (6.5-rc4)
-CVE-2023-54301 [serial: 8250_bcm7271: fix leak in `brcmuart_probe`]
+CVE-2023-54301 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f264f2f6f4788dc031cef60a0cf2881902736709 (6.4-rc3)
-CVE-2023-54300 [wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx]
+CVE-2023-54300 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/f24292e827088bba8de7158501ac25a59b064953 (6.5-rc1)
-CVE-2023-54299 [usb: typec: bus: verify partner exists in typec_altmode_attention]
+CVE-2023-54299 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/f23643306430f86e2f413ee2b986e0773e79da31 (6.6-rc1)
-CVE-2023-54298 [thermal: intel: quark_dts: fix error pointer dereference]
+CVE-2023-54298 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f1b930e740811d416de4d2074da48b6633a672c8 (6.3-rc1)
-CVE-2023-54297 [btrfs: zoned: fix memory leak after finding block group with super blocks]
+CVE-2023-54297 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f1a07c2b4e2c473ec322b8b9ece071b8c88a3512 (6.5-rc3)
-CVE-2023-54296 [KVM: SVM: Get source vCPUs from source VM for SEV-ES intrahost migration]
+CVE-2023-54296 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f1187ef24eb8f36e8ad8106d22615ceddeea6097 (6.6-rc1)
-CVE-2023-54295 [mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type]
+CVE-2023-54295 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f0f0cfdc3a024e21161714f2e05f0df3b84d42ad (6.3-rc1)
-CVE-2023-54294 [md/raid10: fix memleak of md thread]
+CVE-2023-54294 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/f0ddb83da3cbbf8a1f9087a642c448ff52ee9abd (6.4-rc1)
-CVE-2023-54293 [bcache: fixup btree_cache_wait list damage]
+CVE-2023-54293 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/f0854489fc07d2456f7cc71a63f4faf9c716ffbe (6.5-rc1)
-CVE-2023-54292 [RDMA/irdma: Fix data race on CQP request done]
+CVE-2023-54292 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f0842bb3d38863777e3454da5653d80b5fde6321 (6.5-rc4)
-CVE-2023-54291 [vduse: fix NULL pointer dereference]
+CVE-2023-54291 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f06cf1e1a503169280467d12d2ec89bf2c30ace7 (6.5-rc1)
CVE-2023-54290
REJECTED
-CVE-2023-54289 [scsi: qedf: Fix NULL dereference in error handling]
+CVE-2023-54289 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/f025312b089474a54e4859f3453771314d9e3d4f (6.5-rc1)
-CVE-2023-54288 [wifi: mac80211: fortify the spinlock against deadlock by interrupt]
+CVE-2023-54288 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ef6e1997da63ad0ac3fe33153fec9524c9ae56c9 (6.4-rc3)
-CVE-2023-54286 [wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace]
+CVE-2023-54286 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/ef16799640865f937719f0771c93be5dca18adc6 (6.4-rc1)
-CVE-2023-54284 [media: av7110: prevent underflow in write_ts_to_decoder()]
+CVE-2023-54284 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.216-1
NOTE: https://git.kernel.org/linus/eed9496a0501357aa326ddd6b71408189ed872eb (6.4-rc1)
-CVE-2023-54283 [bpf: Address KCSAN report on bpf_lru_list]
+CVE-2023-54283 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/ee9fd0ac3017c4313be91a220a9ac4c99dde7ad4 (6.5-rc1)
-CVE-2023-54282 [media: tuners: qt1010: replace BUG_ON with a regular error]
+CVE-2023-54282 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/ee630b29ea44d1851bb6c903f400956604834463 (6.6-rc1)
-CVE-2023-54281 [btrfs: release path before inode lookup during the ino lookup ioctl]
+CVE-2023-54281 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/ee34a82e890a7babb5585daf1a6dd7d4d1cf142a (6.6-rc2)
-CVE-2022-50889 [dm integrity: Fix UAF in dm_integrity_dtr()]
+CVE-2022-50889 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f50cb2cbabd6c4a60add93d72451728f86e4791c (6.2-rc1)
-CVE-2022-50888 [remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5_wcss_init_mmio()]
+CVE-2022-50888 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f360e2b275efbb745ba0af8b47d9ef44221be586 (6.2-rc1)
-CVE-2022-50887 [regulator: core: fix unbalanced of node refcount in regulator_dev_lookup()]
+CVE-2022-50887 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f2b41b748c19962b82709d9f23c6b2b0ce9d2f91 (6.2-rc1)
-CVE-2022-50886 [mmc: toshsd: fix return value check of mmc_add_host()]
+CVE-2022-50886 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f670744a316ea983113a65313dcd387b5a992444 (6.2-rc1)
-CVE-2022-50885 [RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed]
+CVE-2022-50885 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f67376d801499f4fa0838c18c1efcad8840e550d (6.2-rc1)
-CVE-2022-50884 [drm: Prevent drm_copy_field() to attempt copying a NULL pointer]
+CVE-2022-50884 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/f6ee30407e883042482ad4ad30da5eaba47872ee (6.1-rc1)
-CVE-2022-50883 [bpf: Prevent decl_tag from being referenced in func_proto arg]
+CVE-2022-50883 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f17472d4599697d701aa239b4c475a506bccfd19 (6.2-rc1)
-CVE-2022-50882 [media: uvcvideo: Fix memory leak in uvc_gpio_parse]
+CVE-2022-50882 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f0f078457f18f10696888f8d0e6aba9deb9cde92 (6.1-rc1)
-CVE-2022-50881 [wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect()]
+CVE-2022-50881 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f099c5c9e2ba08a379bd354a82e05ef839ae29ac (6.3-rc1)
-CVE-2022-50880 [wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state()]
+CVE-2022-50880 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/f020d9570a04df0762a2ac5c50cf1d8c511c9164 (6.1-rc1)
-CVE-2022-50879 [objtool: Fix SEGFAULT]
+CVE-2022-50879 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/efb11fdb3e1a9f694fa12b70b21e69e55ec59c36 (6.2-rc1)
-CVE-2022-50878 [gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611_connector_init()]
+CVE-2022-50878 (In the Linux kernel, the following vulnerability has been resolved: g ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/ef8886f321c5dab8124b9153d25afa2a71d05323 (6.1-rc1)
-CVE-2022-50877 [net: broadcom: bcm4908_enet: update TX stats after actual transmission]
+CVE-2022-50877 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ef3556ee16c68735ec69bd08df41d1cd83b14ad3 (6.1-rc3)
-CVE-2022-50876 [usb: musb: Fix musb_gadget.c rxstate overflow bug]
+CVE-2022-50876 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/eea4c860c3b366369eff0489d94ee4f0571d467d (6.1-rc1)
-CVE-2022-50875 [of: overlay: fix null pointer dereferencing in find_dup_cset_node_entry() and find_dup_cset_prop()]
+CVE-2022-50875 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/ee9d7a0e754568180a2f8ebc4aad226278a9116f (6.2-rc1)
-CVE-2022-50874 [RDMA/erdma: Fix refcount leak in erdma_mmap]
+CVE-2022-50874 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ee84146c05ad2316b9a7222d0ec4413e0bf30eeb (6.3-rc1)
-CVE-2023-54324 [dm: fix a race condition in retrieve_deps]
+CVE-2023-54324 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.64-1
NOTE: https://git.kernel.org/linus/f6007dce0cd35d634d9be91ef3515a6385dcee16 (6.6-rc2)
-CVE-2023-54322 [arm64: set __exception_irq_entry with __irq_entry as a default]
+CVE-2023-54322 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.4.11-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/f6794950f0e5ba37e3bbedda4d6ab0aad7395dd3 (6.5-rc1)
-CVE-2023-54321 [driver core: fix potential null-ptr-deref in device_add()]
+CVE-2023-54321 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/f6837f34a34973ef6600c08195ed300e24e97317 (6.3-rc1)
-CVE-2023-54320 [platform/x86/amd: pmc: Fix memory leak in amd_pmc_stb_debugfs_open_v2()]
+CVE-2023-54320 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.3.7-1
NOTE: https://git.kernel.org/linus/f6e7ac4c35a28aef0be93b32c533ae678ad0b9e7 (6.4-rc1)
-CVE-2023-54287 [tty: serial: imx: disable Ageing Timer interrupt request irq]
+CVE-2023-54287 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/ef25e16ea9674b713a68c3bda821556ce9901254 (6.3-rc1)
-CVE-2023-54285 [iomap: Fix possible overflow condition in iomap_write_delalloc_scan]
+CVE-2023-54285 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.5.6-1
NOTE: https://git.kernel.org/linus/eee2d2e6ea5550118170dbd5bb1316ceb38455fb (6.6-rc1)
-CVE-2023-54280 [cifs: fix potential race when tree connecting ipc]
+CVE-2023-54280 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.3.7-1
NOTE: https://git.kernel.org/linus/ee20d7c6100752eaf2409d783f4f1449c29ea33d (6.4-rc1)
-CVE-2023-54279 [MIPS: fw: Allow firmware to pass a empty env]
+CVE-2023-54279 (In the Linux kernel, the following vulnerability has been resolved: M ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/ee1809ed7bc456a72dc8410b475b73021a3a68d5 (6.4-rc1)
-CVE-2023-54278 [s390/vmem: split pages when debug pagealloc is enabled]
+CVE-2023-54278 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.4.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/edc1e4b6e26536868ef819a735e04a5b32c10589 (6.5-rc5)
-CVE-2023-54277 [fbdev: udlfb: Fix endpoint check]
+CVE-2023-54277 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/ed9de4ed39875706607fb08118a58344ae6c5f42 (6.4-rc3)
-CVE-2023-54276 [nfsd: move init of percpu reply_cache_stats counters back to nfsd_init_net]
+CVE-2023-54276 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.4-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ed9ab7346e908496816cffdecd46932035f66e2e (6.5-rc1)
-CVE-2023-54275 [wifi: ath11k: Fix memory leak in ath11k_peer_rx_frag_setup]
+CVE-2023-54275 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/ed3f83b3459a67a3ab9d806490ac304b567b1c2d (6.3-rc1)
-CVE-2023-54274 [RDMA/srpt: Add a check for valid 'mad_agent' pointer]
+CVE-2023-54274 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/eca5cd9474cd26d62f9756f536e2e656d3f62f3a (6.4-rc1)
-CVE-2023-54273 [xfrm: Fix leak of dev tracker]
+CVE-2023-54273 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ec8f32ad9a65a8cbb465b69e154aaec9d2fe45c4 (6.4-rc3)
-CVE-2023-54270 [media: usb: siano: Fix use after free bugs caused by do_submit_urb]
+CVE-2023-54270 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/ebad8e731c1c06adf04621d6fd327b860c0861b5 (6.3-rc1)
-CVE-2023-54269 [SUNRPC: double free xprt_ctxt while still in use]
+CVE-2023-54269 (In the Linux kernel, the following vulnerability has been resolved: S ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/eb8d3a2c809abd73ab0a060fe971d6b9019aa3c1 (6.4-rc3)
-CVE-2023-54268 [debugobjects: Don't wake up kswapd from fill_pool()]
+CVE-2023-54268 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/eb799279fb1f9c63c520fe8c1c41cb9154252db6 (6.4-rc4)
-CVE-2023-54267 [powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT]
+CVE-2023-54267 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/eac030b22ea12cdfcbb2e941c21c03964403c63f (6.6-rc1)
-CVE-2023-54266 [media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()]
+CVE-2023-54266 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/ea9ef6c2e001c5dc94bee35ebd1c8a98621cf7b8 (6.6-rc1)
-CVE-2023-54265 [ipv6: Fix an uninit variable access bug in __ip6_make_skb()]
+CVE-2023-54265 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/ea30388baebcce37fd594d425a65037ca35e59e8 (6.3-rc6)
-CVE-2023-54264 [fs/sysv: Null check to prevent null-ptr-deref bug]
+CVE-2023-54264 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/ea2b62f305893992156a798f665847e0663c9f41 (6.5-rc1)
-CVE-2023-54262 [net/mlx5e: Don't clone flow post action attributes second time]
+CVE-2023-54262 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e9fce818fe003b6c527f25517b9ac08eb4661b5d (6.4-rc1)
-CVE-2023-54260 [cifs: Fix lost destroy smbd connection when MR allocate failed]
+CVE-2023-54260 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e9d3401d95d62a9531082cd2453ed42f2740e3fd (6.3-rc1)
-CVE-2023-54258 [cifs: fix potential oops in cifs_oplock_break]
+CVE-2023-54258 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.4.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e8f5f849ffce24490eb9449e98312b66c0dba76f (6.5-rc7)
-CVE-2023-54257 [net: macb: fix a memory corruption in extended buffer descriptor mode]
+CVE-2023-54257 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e8b74453555872851bdd7ea43a7c0ec39659834f (6.3-rc7)
CVE-2023-54256
REJECTED
-CVE-2023-54255 [sh: dma: Fix DMA channel offset calculation]
+CVE-2023-54255 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/e82e47584847129a20b8c9f4a1dcde09374fb0e0 (6.5-rc1)
-CVE-2023-54254 [drm/ttm: Don't leak a resource on eviction error]
+CVE-2023-54254 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e8188c461ee015ba0b9ab2fc82dbd5ebca5a5532 (6.5-rc2)
-CVE-2023-54252 [platform/x86: think-lmi: Fix memory leaks when parsing ThinkStation WMI strings]
+CVE-2023-54252 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e7d796fccdc8d17c2d21817ebe4c7bf5bbfe5433 (6.3-rc6)
-CVE-2023-54249 [bus: mhi: ep: Only send -ENOTCONN status if client driver is available]
+CVE-2023-54249 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e6cebcc27519dcf1652e604c73b9fd4f416987c0 (6.3-rc1)
-CVE-2023-54248 [fs/ntfs3: Add check for kmemdup]
+CVE-2023-54248 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e6c3cef24cb0d045f99d5cb039b344874e3cfd74 (6.4-rc1)
-CVE-2023-54246 [rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to _idle()]
+CVE-2023-54246 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/e60c122a1614b4f65b29a7bef9d83b9fd30e937a (6.6-rc1)
-CVE-2023-54244 [ACPI: EC: Fix oops when removing custom query handlers]
+CVE-2023-54244 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/e5b492c6bb900fcf9722e05f4a10924410e170c1 (6.4-rc1)
-CVE-2022-50873 [vdpa/vp_vdpa: fix kfree a wrong pointer in vp_vdpa_remove]
+CVE-2022-50873 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux 6.1.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ed843d6ed7310a27cf7c8ee0a82a482eed0cb4a6 (6.2-rc3)
-CVE-2022-50872 [ARM: OMAP2+: Fix memory leak in realtime_counter_init()]
+CVE-2022-50872 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/ed8167cbf65c2b6ff6faeb0f96ded4d6d581e1ac (6.3-rc1)
-CVE-2022-50870 [powerpc/rtas: avoid device tree lookups in rtas_os_term()]
+CVE-2022-50870 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/ed2213bfb192ab51f09f12e9b49b5d482c6493f3 (6.2-rc1)
-CVE-2022-50868 [hwrng: amd - Fix PCI device refcount leak]
+CVE-2022-50868 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/ecadb5b0111ea19fc7c240bb25d424a94471eb7d (6.2-rc1)
-CVE-2022-50867 [drm/msm/a6xx: Replace kcalloc() with kvzalloc()]
+CVE-2022-50867 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ec8f1813bf8d0737898f99a8c1c69df0cde0d7dd (6.1-rc3)
-CVE-2022-50866 [ASoC: pxa: fix null-pointer dereference in filter()]
+CVE-2022-50866 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/ec7bf231aaa1bdbcb69d23bc50c753c80fb22429 (6.2-rc1)
-CVE-2022-50865 [tcp: fix a signed-integer-overflow bug in tcp_add_backlog()]
+CVE-2022-50865 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.0.7-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/ec791d8149ff60c40ad2074af3b92a39c916a03f (6.1-rc3)
-CVE-2022-50864 [nilfs2: fix shift-out-of-bounds due to too large exponent of block size]
+CVE-2022-50864 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/ebeccaaef67a4895d2496ab8d9c2fb8d89201211 (6.2-rc1)
-CVE-2022-50862 [bpf: prevent decl_tag from being referenced in func_proto]
+CVE-2022-50862 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ea68376c8bed5cd156900852aada20c3a0874d17 (6.1-rc3)
-CVE-2022-50861 [NFSD: Finish converting the NFSv2 GETACL result encoder]
+CVE-2022-50861 (In the Linux kernel, the following vulnerability has been resolved: N ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ea5021e911d3479346a75ac9b7d9dcd751b0fb99 (6.2-rc1)
-CVE-2022-50860 [apparmor: Fix memleak in alloc_ns()]
+CVE-2022-50860 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e9e6fa49dbab6d84c676666f3fe7d360497fd65b (6.2-rc1)
-CVE-2022-50859 [cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message]
+CVE-2022-50859 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/e98ecc6e94f4e6d21c06660b0f336df02836694f (6.1-rc1)
-CVE-2022-50858 [mmc: alcor: fix return value check of mmc_add_host()]
+CVE-2022-50858 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e93d1468f429475a753d6baa79b853b7ee5ef8c0 (6.2-rc1)
-CVE-2022-50857 [rapidio: rio: fix possible name leak in rio_register_mport()]
+CVE-2022-50857 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e92a216d16bde65d21a3227e0fb2aa0794576525 (6.2-rc1)
-CVE-2022-50856 [cifs: Fix xid leak in cifs_ses_add_channel()]
+CVE-2022-50856 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.6-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/e909d054bdea75ef1ec48c18c5936affdaecbb2c (6.1-rc2)
-CVE-2022-50855 [bpf: prevent leak of lsm program after failed attach]
+CVE-2022-50855 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e89f3edffb860a0f54a9ed16deadb7a4a1fa3862 (6.2-rc1)
-CVE-2022-50854 [nfc: virtual_ncidev: Fix memory leak in virtual_nci_send()]
+CVE-2022-50854 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e840d8f4a1b323973052a1af5ad4edafcde8ae3d (6.1-rc3)
-CVE-2022-50853 [NFSv4: Fix a credential leak in _nfs4_discover_trunking()]
+CVE-2022-50853 (In the Linux kernel, the following vulnerability has been resolved: N ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e83458fce080dc23c25353a1af90bfecf79c7369 (6.2-rc1)
-CVE-2022-50852 [wifi: mt76: mt7921: fix use after free in mt7921_acpi_read()]
+CVE-2022-50852 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.0.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e7de4b4979bd8d313ec837931dde936653ca82ea (6.1-rc1)
-CVE-2022-50850 [scsi: ipr: Fix WARNING in ipr_init()]
+CVE-2022-50850 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e6f108bffc3708ddcff72324f7d40dfcd0204894 (6.2-rc1)
-CVE-2022-50849 [pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP]
+CVE-2022-50849 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e6b842741b4f39007215fd7e545cb55aa3d358a2 (6.2-rc1)
-CVE-2022-50848 [drivers: dio: fix possible memory leak in dio_init()]
+CVE-2022-50848 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e63e99397b2613d50a5f4f02ed07307e67a190f1 (6.2-rc1)
-CVE-2023-54272 [fs/ntfs3: Fix a possible null-pointer dereference in ni_clear()]
+CVE-2023-54272 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.82-1
NOTE: https://git.kernel.org/linus/ec275bf9693d19cc0fdce8436f4c425ced86f6e7 (6.4-rc1)
-CVE-2023-54271 [blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init]
+CVE-2023-54271 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.5.3-1
NOTE: https://git.kernel.org/linus/ec14a87ee1999b19d8b7ed0fa95fea80644624ae (6.6-rc1)
-CVE-2023-54263 [drm/nouveau/kms/nv50-: init hpd_irq_lock for PIOR DP]
+CVE-2023-54263 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.4.11-1
NOTE: https://git.kernel.org/linus/ea293f823a8805735d9e00124df81a8f448ed1ae (6.5-rc3)
-CVE-2023-54261 [drm/amdkfd: Add missing gfx11 MQD manager callbacks]
+CVE-2023-54261 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.5.6-1
NOTE: https://git.kernel.org/linus/e9dca969b2426702a73719ab9207e43c6d80b581 (6.6-rc1)
-CVE-2023-54259 [soundwire: bus: Fix unbalanced pm_runtime_put() causing usage count underflow]
+CVE-2023-54259 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
NOTE: https://git.kernel.org/linus/e9537962519e88969f5f69cd0571eb4f6984403c (6.4-rc1)
-CVE-2023-54253 [btrfs: set page extent mapped after read_folio in relocate_one_page]
+CVE-2023-54253 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
NOTE: https://git.kernel.org/linus/e7f1326cc24e22b38afc3acd328480a1183f9e79 (6.6-rc1)
-CVE-2023-54251 [net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX.]
+CVE-2023-54251 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/e739718444f7bf2fa3d70d101761ad83056ca628 (6.5-rc5)
-CVE-2023-54250 [ksmbd: avoid out of bounds access in decode_preauth_ctxt()]
+CVE-2023-54250 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.1.25-1
NOTE: https://git.kernel.org/linus/e7067a446264a7514fa1cfaa4052cdb6803bc6a2 (6.3-rc7)
-CVE-2023-54247 [bpf: Silence a warning in btf_type_id_size()]
+CVE-2023-54247 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.112-1
NOTE: https://git.kernel.org/linus/e6c2f594ed961273479505b42040782820190305 (6.5-rc1)
-CVE-2023-54245 [ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds]
+CVE-2023-54245 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.1.25-1
NOTE: https://git.kernel.org/linus/e5e7e398f6bb7918dab0612eb6991f7bae95520d (6.3-rc3)
-CVE-2022-50871 [wifi: ath11k: Fix qmi_msg_handler data structure initialization]
+CVE-2022-50871 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/ed3725e15a154ebebf44e0c34806c57525483f92 (6.2-rc1)
-CVE-2022-50869 [fs/ntfs3: Fix slab-out-of-bounds in r_page]
+CVE-2022-50869 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/ecfbd57cf9c5ca225184ae266ce44ae473792132 (6.2-rc1)
-CVE-2022-50863 [wifi: rtw89: free unused skb to prevent memory leak]
+CVE-2022-50863 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.0.3-1
NOTE: https://git.kernel.org/linus/eae672f386049146058b9e5d3d33e9e4af9dca1d (6.1-rc1)
-CVE-2022-50851 [vhost_vdpa: fix the crash in unmap a large memory]
+CVE-2022-50851 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux 6.1.7-1
NOTE: https://git.kernel.org/linus/e794070af224ade46db368271896b2685ff4f96b (6.2-rc3)
-CVE-2023-54243 [netfilter: ebtables: fix table blob use-after-free]
+CVE-2023-54243 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e58a171d35e32e6e8c37cfe0e8a94406732a331f (6.3-rc1)
-CVE-2023-54241 [MIPS: KVM: Fix NULL pointer dereference]
+CVE-2023-54241 (In the Linux kernel, the following vulnerability has been resolved: M ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e4de2057698636c0ee709e545d19b169d2069fa3 (6.5-rc1)
-CVE-2023-54240 [net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all()]
+CVE-2023-54240 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/e4c79810755f66c9a933ca810da2724133b1165a (6.6-rc2)
-CVE-2023-54239 [iommufd: Check for uptr overflow]
+CVE-2023-54239 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e4395701330fc4aee530905039516fe770b81417 (6.3-rc6)
-CVE-2023-54238 [mlx5: fix skb leak while fifo resync and push]
+CVE-2023-54238 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e435941b1da1a0be4ff8a7ae425774c76a5ac514 (6.3-rc1)
-CVE-2023-54236 [net/net_failover: fix txq exceeding warning]
+CVE-2023-54236 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e3cbdcb0fbb61045ef3ce0e072927cc41737f787 (6.3-rc5)
-CVE-2023-54235 [PCI/DOE: Fix destroy_work_on_stack() race]
+CVE-2023-54235 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e3a3a097eaebaf234a482b4d2f9f18fe989208c1 (6.6-rc1)
-CVE-2023-54234 [scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization]
+CVE-2023-54234 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e39ea831ebad4ab15c4748cb62a397a8abcca36e (6.3-rc1)
-CVE-2023-54232 [m68k: Only force 030 bus error if PC not in exception table]
+CVE-2023-54232 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e36a82bebbf7da814530d5a179bef9df5934b717 (6.3-rc2)
-CVE-2023-54231 [net: libwx: fix memory leak in wx_setup_rx_resources]
+CVE-2023-54231 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e315e7b83a22043bffee450437d7089ef373cbf6 (6.4-rc1)
-CVE-2023-54230 [amba: bus: fix refcount leak]
+CVE-2023-54230 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/e312cbdc11305568554a9e18a2ea5c2492c183f3 (6.6-rc1)
-CVE-2023-54229 [wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range]
+CVE-2023-54229 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/e2ceb1de2f83aafd8003f0b72dfd4b7441e97d14 (6.5-rc1)
-CVE-2023-54228 [regulator: raa215300: Fix resource leak in case of error]
+CVE-2023-54228 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.5.6-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e21ac64e669e960688e79bf5babeed63132dac8a (6.6-rc1)
-CVE-2023-54226 [af_unix: Fix data races around sk->sk_shutdown.]
+CVE-2023-54226 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/e1d09c2c2f5793474556b60f83900e088d0d366d (6.4-rc2)
-CVE-2023-54225 [net: ipa: only reset hashed tables when supported]
+CVE-2023-54225 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e11ec2b868af2b351c6c1e2e50eb711cc5423a10 (6.5-rc4)
-CVE-2023-54224 [btrfs: fix lockdep splat and potential deadlock after failure running delayed items]
+CVE-2023-54224 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/e110f8911ddb93e6f55da14ccbbe705397b30d0b (6.6-rc2)
-CVE-2023-54223 [net/mlx5e: xsk: Fix invalid buffer access for legacy rq]
+CVE-2023-54223 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e0f52298fee449fec37e3e3c32df60008b509b16 (6.5-rc5)
-CVE-2023-54222 [hte: tegra-194: Fix off by one in tegra_hte_map_to_line_id()]
+CVE-2023-54222 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e078180d66848a6a890daf0a3ce28dc43cc66790 (6.4-rc1)
-CVE-2023-54221 [clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe]
+CVE-2023-54221 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e02ba11b457647050cb16e7cad16cec3c252fade (6.5-rc1)
-CVE-2023-54220 [serial: 8250: Fix oops for port->pm on uart_change_pm()]
+CVE-2023-54220 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/dfe2aeb226fd5e19b0ee795f4f6ed8bc494c1534 (6.5-rc7)
-CVE-2023-54219 [Revert "IB/isert: Fix incorrect release of isert connection"]
+CVE-2023-54219 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/dfe261107c080709459c32695847eec96238852b (6.6-rc1)
-CVE-2023-54218 [net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().]
+CVE-2023-54218 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/dfd9248c071a3710c24365897459538551cb7167 (6.4-rc2)
-CVE-2023-54217 [Revert "drm/msm: Add missing check and destroy for alloc_ordered_workqueue"]
+CVE-2023-54217 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dfa70344d1b5f5ff08525a8c872c8dd5e82fc5d9 (6.4-rc1)
-CVE-2023-54216 [net/mlx5e: TC, Fix using eswitch mapping in nic mode]
+CVE-2023-54216 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dfa1e46d6093831b9d49f0f350227a1d13644a2f (6.4-rc4)
-CVE-2023-54215 [virtio-vdpa: Fix cpumask memory leak in virtio_vdpa_find_vqs()]
+CVE-2023-54215 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux 6.4.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/df9557046440b0a62250fee3169a8f6a139f55a6 (6.5-rc7)
-CVE-2023-54214 [Bluetooth: L2CAP: Fix potential user-after-free]
+CVE-2023-54214 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/df5703348813235874d851934e957c3723d71644 (6.3-rc1)
-CVE-2023-54213 [USB: sisusbvga: Add endpoint checks]
+CVE-2023-54213 (In the Linux kernel, the following vulnerability has been resolved: U ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/df05a9b05e466a46725564528b277d0c570d0104 (6.4-rc1)
-CVE-2023-54211 [tracing: Fix warning in trace_buffered_event_disable()]
+CVE-2023-54211 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/dea499781a1150d285c62b26659f62fb00824fce (6.5-rc4)
-CVE-2023-54210 [Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_remove_adv_monitor()]
+CVE-2023-54210 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/de6dfcefd107667ce2dbedf4d9337f5ed557a4a1 (6.5-rc3)
-CVE-2023-54209 [block: fix blktrace debugfs entries leakage]
+CVE-2023-54209 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dd7de3704af9989b780693d51eaea49a665bd9c2 (6.5-rc1)
-CVE-2023-54208 [media: ov5675: Fix memleak in ov5675_init_controls()]
+CVE-2023-54208 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/dd74ed6c213003533e3abf4c204374ef01d86978 (6.3-rc1)
-CVE-2023-54206 [net/sched: flower: fix filter idr initialization]
+CVE-2023-54206 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dd4f6bbfa646f258e5bcdfac57a5c413d687f588 (6.4-rc1)
-CVE-2023-54205 [pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain]
+CVE-2023-54205 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/dcef18c8ac40aa85bb339f64c1dd31dd458b06fb (6.3-rc1)
-CVE-2023-54204 [mmc: sunplus: fix return value check of mmc_add_host()]
+CVE-2023-54204 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.4.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dce6d8f985fa1ef5c2af47f4f86ea65511b78656 (6.5-rc7)
-CVE-2022-50847 [drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe]
+CVE-2022-50847 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e577d4b13064c337b83fe7edecb3f34e87144821 (6.2-rc1)
-CVE-2022-50846 [mmc: via-sdmmc: fix return value check of mmc_add_host()]
+CVE-2022-50846 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e4e46fb61e3bb4628170810d3f2b996b709b90d9 (6.2-rc1)
-CVE-2022-50845 [ext4: fix inode leak in ext4_xattr_inode_create() on an error path]
+CVE-2022-50845 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e4db04f7d3dbbe16680e0ded27ea2a65b10f766a (6.2-rc1)
-CVE-2022-50844 [drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback]
+CVE-2022-50844 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e4d0ef752081e7aa6ffb7ccac11c499c732a2e05 (6.2-rc1)
-CVE-2022-50843 [dm clone: Fix UAF in clone_dtr()]
+CVE-2022-50843 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e4b5957c6f749a501c464f92792f1c8e26b61a94 (6.2-rc1)
-CVE-2022-50842 [drm/virtio: Check whether transferred 2D BO is shmem]
+CVE-2022-50842 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/e473216b42aa1fd9fc6b94b608b42c210c655908 (6.1-rc1)
-CVE-2022-50840 [scsi: snic: Fix possible UAF in snic_tgt_create()]
+CVE-2022-50840 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e118df492320176af94deec000ae034cc92be754 (6.2-rc1)
-CVE-2022-50839 [jbd2: fix potential buffer head reference count leak]
+CVE-2022-50839 (In the Linux kernel, the following vulnerability has been resolved: j ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/e0d5fc7a6d80ac2406c7dfc6bb625201d0250a8a (6.1-rc1)
-CVE-2022-50838 [net: stream: purge sk_error_queue in sk_stream_kill_queues()]
+CVE-2022-50838 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e0c8bccd40fc1c19e1d246c39bcf79e357e1ada3 (6.2-rc1)
-CVE-2022-50837 [net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path]
+CVE-2022-50837 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e095493091e850d5292ad01d8fbf5cde1d89ac53 (6.2-rc1)
-CVE-2022-50836 [remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev()]
+CVE-2022-50836 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e01ce676aaef3b13d02343d7e70f9637d93a3367 (6.2-rc1)
-CVE-2022-50835 [jbd2: add miss release buffer head in fc_do_one_pass()]
+CVE-2022-50835 (In the Linux kernel, the following vulnerability has been resolved: j ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/dfff66f30f66b9524b661f311bbed8ff3d2ca49f (6.1-rc1)
-CVE-2022-50834 [nfc: Fix potential resource leaks]
+CVE-2022-50834 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.7-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/df49908f3c52d211aea5e2a14a93bbe67a2cb3af (6.2-rc3)
-CVE-2022-50833 [Bluetooth: use hdev->workqueue when queuing hdev->{cmd,ncmd}_timer works]
+CVE-2022-50833 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.0.2-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/deee93d13d385103205879a8a0915036ecd83261 (6.1-rc1)
-CVE-2022-50832 [wifi: wilc1000: fix potential memory leak in wilc_mac_xmit()]
+CVE-2022-50832 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/deb962ec9e1c9a81babd3d37542ad4bd6ac3396e (6.3-rc1)
-CVE-2022-50830 [auxdisplay: hd44780: Fix potential memory leak in hd44780_remove()]
+CVE-2022-50830 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ddf75a86aba2cfb7ec4497e8692b60c8c8fe0ee7 (6.3-rc1)
-CVE-2022-50829 [wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()]
+CVE-2022-50829 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/dd95f2239fc846795fc926787c3ae0ca701c9840 (6.2-rc1)
-CVE-2022-50828 [clk: zynqmp: Fix stack-out-of-bounds in strncpy`]
+CVE-2022-50828 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/dd80fb2dbf1cd8751efbe4e53e54056f56a9b115 (6.1-rc1)
-CVE-2023-54242 [block, bfq: Fix division by zero error on zero wsum]
+CVE-2023-54242 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
NOTE: https://git.kernel.org/linus/e53413f8deedf738a6782cc14cc00bd5852ccf18 (6.4-rc1)
-CVE-2023-54237 [net/smc: fix potential panic dues to unprotected smc_llc_srv_add_link()]
+CVE-2023-54237 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/e40b801b3603a8f90b46acbacdea3505c27f01c0 (6.3-rc1)
-CVE-2023-54233 [ASoC: SOF: avoid a NULL dereference with unsupported widgets]
+CVE-2023-54233 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.3.7-1
NOTE: https://git.kernel.org/linus/e3720f92e0237921da537e47a0b24e27899203f8 (6.3-rc6)
-CVE-2023-54227 [blk-mq: fix tags leak when shrink nr_hw_queues]
+CVE-2023-54227 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.5.6-1
NOTE: https://git.kernel.org/linus/e1dd7bc93029024af5688253b0c05181d6e01f8e (6.6-rc1)
CVE-2023-54212
REJECTED
-CVE-2023-54207 [HID: uclogic: Correct devm device reference for hidinput input_dev name]
+CVE-2023-54207 (In the Linux kernel, the following vulnerability has been resolved: H ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
NOTE: https://git.kernel.org/linus/dd613a4e45f8d35f49a63a2064e5308fa5619e29 (6.6-rc1)
-CVE-2022-50841 [fs/ntfs3: Add overflow check for attribute size]
+CVE-2022-50841 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/e19c6277652efba203af4ecd8eed4bd30a0054c9 (6.2-rc1)
CVE-2022-50831
REJECTED
-CVE-2023-54203 [ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr]
+CVE-2023-54203 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dc8289f912387c3bcfbc5d2db29c8947fa207c11 (6.3-rc6)
-CVE-2023-54200 [netfilter: nf_tables: always release netdev hooks from notifier]
+CVE-2023-54200 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dc1c9fd4a8bbe1e06add9053010b652449bfe411 (6.4-rc2)
-CVE-2023-54199 [drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup()]
+CVE-2023-54199 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/dbeedbcb268d055d8895aceca427f897e12c2b50 (6.3-rc1)
-CVE-2023-54198 [tty: fix out-of-bounds access in tty_driver_lookup_tty()]
+CVE-2023-54198 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/db4df8e9d79e7d37732c1a1b560958e8dadfefa1 (6.3-rc1)
-CVE-2023-54197 [Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work"]
+CVE-2023-54197 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/db2bf510bd5d57f064d9e1db395ed86a08320c54 (6.4-rc1)
-CVE-2023-54195 [rxrpc: Fix timeout of a call that hasn't yet been granted a channel]
+CVE-2023-54195 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/db099c625b13a74d462521a46d98a8ce5b53af5d (6.4-rc1)
-CVE-2023-54194 [exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree]
+CVE-2023-54194 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/daf60d6cca26e50d65dac374db92e58de745ad26 (6.5-rc5)
-CVE-2023-54193 [net/sched: cls_api: remove block_cb from driver_list before freeing]
+CVE-2023-54193 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/da94a7781fc3c92e7df7832bc2746f4d39bc624e (6.4-rc1)
-CVE-2023-54192 [f2fs: fix null pointer panic in tracepoint in __replace_atomic_write_block]
+CVE-2023-54192 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/da6ea0b050fa720302b56fbb59307e7c7531a342 (6.4-rc1)
-CVE-2023-54191 [wifi: mt76: mt7996: fix memory leak in mt7996_mcu_exit]
+CVE-2023-54191 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/da5b4d93e141b52c5a71d0c41a042d1bcaf70d2e (6.3-rc1)
-CVE-2023-54190 [leds: led-core: Fix refcount leak in of_led_get()]
+CVE-2023-54190 (In the Linux kernel, the following vulnerability has been resolved: l ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/da1afe8e6099980fe1e2fd7436dca284af9d3f29 (6.3-rc1)
-CVE-2023-54189 [pstore/ram: Add check for kstrdup]
+CVE-2023-54189 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/d97038d5ec2062733c1e016caf9baaf68cf64ea1 (6.5-rc1)
-CVE-2023-54188 [dmaengine: apple-admac: Fix 'current_tx' not getting freed]
+CVE-2023-54188 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d9503be5a100c553731c0e8a82c7b4201e8a970c (6.3-rc7)
-CVE-2023-54187 [f2fs: fix potential corruption when moving a directory]
+CVE-2023-54187 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/d94772154e524b329a168678836745d2773a6e02 (6.4-rc1)
-CVE-2023-54186 [usb: typec: altmodes/displayport: fix pin_assignment_show]
+CVE-2023-54186 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/d8f28269dd4bf9b55c3fb376ae31512730a96fce (6.4-rc3)
-CVE-2023-54184 [scsi: target: iscsit: Free cmds before session free]
+CVE-2023-54184 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/d8990b5a4d065f38f35d69bcd627ec5a7f8330ca (6.4-rc1)
-CVE-2023-54183 [media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link()]
+CVE-2023-54183 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/d7b13edd4cb4bfa335b6008ab867ac28582d3e5c (6.6-rc1)
-CVE-2023-54179 [scsi: qla2xxx: Array index may go out of bound]
+CVE-2023-54179 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/d721b591b95cf3f290f8a7cbe90aa2ee0368388d (6.5-rc1)
-CVE-2023-54178 [of: unittest: fix null pointer dereferencing in of_unittest_find_node_by_name()]
+CVE-2023-54178 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/d6ce4f0ea19c32f10867ed93d8386924326ab474 (6.6-rc1)
-CVE-2023-54177 [quota: fix warning in dqgrab()]
+CVE-2023-54177 (In the Linux kernel, the following vulnerability has been resolved: q ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/d6a95db3c7ad160bc16b89e36449705309b52bcb (6.5-rc1)
-CVE-2023-54176 [mptcp: stricter state check in mptcp_worker]
+CVE-2023-54176 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d6a0443733434408f2cbd4c53fea6910599bab9e (6.3-rc7)
-CVE-2023-54175 [i2c: xiic: xiic_xfer(): Fix runtime PM leak on error path]
+CVE-2023-54175 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d663d93bb47e7ab45602b227701022d8aa16040a (6.4-rc1)
-CVE-2023-54174 [vfio: Fix NULL pointer dereference caused by uninitialized group->iommufd]
+CVE-2023-54174 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d649c34cb916b015fdcb487e51409fcc5caeca8d (6.3-rc1)
-CVE-2023-54173 [bpf: Disable preemption in bpf_event_output]
+CVE-2023-54173 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/d62cc390c2e99ae267ffe4b8d7e2e08b6c758c32 (6.5-rc5)
-CVE-2023-54171 [tracing: Fix memory leak of iter->temp when reading trace_pipe]
+CVE-2023-54171 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/d5a821896360cc8b93a15bd888fabc858c038dc0 (6.5-rc2)
-CVE-2023-54170 [keys: Fix linking a duplicate key to a keyring's assoc_array]
+CVE-2023-54170 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/d55901522f96082a43b9842d34867363c0cdbac5 (6.5-rc3)
-CVE-2023-54169 [net/mlx5e: fix memory leak in mlx5e_ptp_open]
+CVE-2023-54169 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d543b649ffe58a0cb4b6948b3305069c5980a1fa (6.5-rc2)
-CVE-2023-54168 [RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()]
+CVE-2023-54168 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/d50b3c73f1ac20dabc53dc6e9d64ce9c79a331eb (6.4-rc1)
-CVE-2023-54167 [m68k: mm: Move initrd phys_to_virt handling after paging_init()]
+CVE-2023-54167 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d4b97925e87eb133e400fe4a482d750c74ce392f (6.3-rc2)
-CVE-2023-54166 [igc: Fix Kernel Panic during ndo_tx_timeout callback]
+CVE-2023-54166 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d4a7ce642100765119a872d4aba1bf63e3a22c8a (6.5-rc4)
-CVE-2023-54165 [zsmalloc: move LRU update from zs_map_object() to zs_malloc()]
+CVE-2023-54165 (In the Linux kernel, the following vulnerability has been resolved: z ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d461aac924b937bcb4fd0ca1242b3ef6868ecddd (6.4-rc3)
-CVE-2023-54164 [Bluetooth: ISO: fix iso_conn related locking and validity issues]
+CVE-2023-54164 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d40ae85ee62e3666f45bc61864b22121346f88ef (6.5-rc3)
-CVE-2022-50827 [scsi: lpfc: Fix memory leak in lpfc_create_port()]
+CVE-2022-50827 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.0.6-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dc8e483f684a24cc06e1d5fa958b54db58855093 (6.1-rc2)
-CVE-2022-50826 [ipu3-imgu: Fix NULL pointer dereference in imgu_subdev_set_selection()]
+CVE-2022-50826 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dc608edf7d45ba0c2ad14c06eccd66474fec7847 (6.2-rc1)
-CVE-2022-50825 [usb: typec: wusb3801: fix fwnode refcount leak in wusb3801_probe()]
+CVE-2022-50825 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dc18a4c7b3bd447cef2395deeb1f6ac16dfaca0e (6.2-rc1)
-CVE-2022-50824 [tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak]
+CVE-2022-50824 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/db9622f762104459ff87ecdf885cc42c18053fd9 (6.2-rc1)
-CVE-2022-50823 [clk: tegra: Fix refcount leak in tegra114_clock_init]
+CVE-2022-50823 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/db16a80c76ea395766913082b1e3f939dde29b2c (6.1-rc1)
-CVE-2022-50821 [SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails]
+CVE-2022-50821 (In the Linux kernel, the following vulnerability has been resolved: S ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/da522b5fe1a5f8b7c20a0023e87b52a150e53bf5 (6.2-rc1)
-CVE-2022-50820 [perf/arm_dmc620: Fix hotplug callback leak in dmc620_pmu_init()]
+CVE-2022-50820 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d9f564c966e63925aac4ba273a9319d7fb6f4b4e (6.2-rc1)
-CVE-2022-50819 [udmabuf: Set ubuf->sg = NULL if the creation of sg table fails]
+CVE-2022-50819 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/d9c04a1b7a15b5e74b2977461d9511e497f05d8f (6.1-rc1)
-CVE-2022-50818 [scsi: pm8001: Fix running_req for internal abort commands]
+CVE-2022-50818 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.0.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d8c22c4697c11ed28062afe3c2b377025be11a23 (6.1-rc1)
-CVE-2022-50817 [net: hsr: avoid possible NULL deref in skb_clone()]
+CVE-2022-50817 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.6-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/d8b57135fd9ffe9a5b445350a686442a531c5339 (6.1-rc2)
-CVE-2022-50816 [ipv6: ensure sane device mtu in tunnels]
+CVE-2022-50816 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.7-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/d89d7ff01235f218dad37de84457717f699dee79 (6.1-rc3)
-CVE-2022-50814 [crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr]
+CVE-2022-50814 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/d74f9340097a881869c4c22ca376654cc2516ecc (6.1-rc1)
-CVE-2022-50813 [drivers: mcb: fix resource leak in mcb_probe()]
+CVE-2022-50813 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/d7237462561fcd224fa687c56ccb68629f50fc0d (6.2-rc1)
-CVE-2022-50811 [erofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails]
+CVE-2022-50811 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d5d188b8f8b38d3d71dd05993874b4fc9284ce95 (6.2-rc1)
-CVE-2022-50810 [rapidio: devices: fix missing put_device in mport_cdev_open]
+CVE-2022-50810 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/d5b6e6eba3af11cb2a2791fa36a2524990fcde1a (6.2-rc1)
-CVE-2022-50809 [xhci: dbc: Fix memory leak in xhci_alloc_dbc()]
+CVE-2022-50809 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.0.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d591b32e519603524a35b172156db71df9116902 (6.1-rc1)
-CVE-2023-54202 [drm/i915: fix race condition UAF in i915_perf_add_config_ioctl]
+CVE-2023-54202 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.25-1
NOTE: https://git.kernel.org/linus/dc30c011469165d57af9adac5baff7d767d20e5c (6.3-rc6)
-CVE-2023-54201 [RDMA/efa: Fix wrong resources deallocation order]
+CVE-2023-54201 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
NOTE: https://git.kernel.org/linus/dc202c57e9a1423aed528e4b8dc949509cd32191 (6.6-rc1)
-CVE-2023-54196 [fs/ntfs3: Fix NULL pointer dereference in 'ni_write_inode']
+CVE-2023-54196 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.82-1
NOTE: https://git.kernel.org/linus/db2a3cc6a3481076da6344cc62a80a4e2525f36f (6.4-rc1)
-CVE-2023-54185 [btrfs: remove BUG_ON()'s in add_new_free_space()]
+CVE-2023-54185 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/d8ccbd21918fd7fa6ce3226cffc22c444228e8ad (6.5-rc4)
-CVE-2023-54182 [f2fs: fix to check readonly condition correctly]
+CVE-2023-54182 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
NOTE: https://git.kernel.org/linus/d78dfefcde9d311284434560d69c0478c55a657e (6.4-rc1)
-CVE-2023-54181 [bpf: Fix issue in verifying allow_ptr_leaks]
+CVE-2023-54181 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
NOTE: https://git.kernel.org/linus/d75e30dddf73449bc2d10bb8e2f1a2c446bc67a2 (6.6-rc1)
-CVE-2023-54180 [btrfs: handle case when repair happens with dev-replace]
+CVE-2023-54180 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.7-1
NOTE: https://git.kernel.org/linus/d73a27b86fc722c28a26ec64002e3a7dc86d1c07 (6.2-rc3)
-CVE-2023-54172 [x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction]
+CVE-2023-54172 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/d5ace2a776442d80674eff9ed42e737f7dd95056 (6.5-rc5)
-CVE-2022-50822 [RDMA/restrack: Release MR restrack when delete]
+CVE-2022-50822 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/dac153f2802db1ad46207283cb9b2aae3d707a45 (6.2-rc1)
-CVE-2022-50815 [ext2: Add sanity checks for group and filesystem size]
+CVE-2022-50815 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.0.3-1
NOTE: https://git.kernel.org/linus/d766f2d1e3e3bd44024a7f971ffcf8b8fbb7c5d2 (6.1-rc1)
-CVE-2022-50812 [security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6]
+CVE-2022-50812 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/d6a9fb87e9d18f3394a9845546bbe868efdccfd2 (6.2-rc1)
-CVE-2023-54162 [ksmbd: fix possible memory leak in smb2_lock()]
+CVE-2023-54162 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d3ca9f7aeba793d74361d88a8800b2f205c9236b (6.3-rc1)
-CVE-2022-50786 [media: s5p-mfc: Clear workbit to handle error condition]
+CVE-2022-50786 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/d3f3c2fe54e30b0636496d842ffbb5ad3a547f9b (6.2-rc1)
-CVE-2022-50784 [wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone]
+CVE-2022-50784 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d3df49dda431f7ae4132a9a0ac25a5134c04e812 (6.2-rc1)
-CVE-2022-50785 [fsi: occ: Prevent use after free]
+CVE-2022-50785 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.0.3-1
NOTE: https://git.kernel.org/linus/d3e1e24604031b0d83b6c2d38f54eeea265cfcc0 (6.1-rc1)
CVE-2025-69235 (Whale browser before 4.35.351.12 allows an attacker to bypass the Same ...)
@@ -1231,7 +1509,7 @@ CVE-2025-60458 (UxPlay 1.72 contains a double free vulnerability in its RTSP req
NOTE: https://github.com/0pepsi/CVE-2025-60458
NOTE: https://github.com/FDH2/UxPlay/issues/486
NOTE: https://github.com/FDH2/UxPlay/issues/441
-CVE-2025-57462 (Reflected Cross site scripting (xss) in machsol machpanel 8.0.32 allow ...)
+CVE-2025-57462 (Stored cross-site scripting (xss) in machsol machpanel 8.0.32 allows a ...)
NOT-FOR-US: machsol machpanel
CVE-2025-57460 (File upload vulnerability in machsol machpanel 8.0.32 allows attacker ...)
NOT-FOR-US: machsol machpanel
@@ -7994,13 +8272,15 @@ CVE-2025-66589 (In AzeoTech DAQFactory release 20.7 (Build 2555), an Out-of-boun
NOT-FOR-US: AzeoTech DAQFactory
CVE-2025-66588 (In AzeoTech DAQFactory release 20.7 (Build 2555), an Access of Uniniti ...)
NOT-FOR-US: AzeoTech DAQFactory
-CVE-2025-66587 (In AzeoTech DAQFactory release 20.7 (Build 2555), the affected applica ...)
+CVE-2025-66587
+ REJECTED
NOT-FOR-US: AzeoTech DAQFactory
CVE-2025-66586 (In AzeoTech DAQFactory release 20.7 (Build 2555), an Access of Resourc ...)
NOT-FOR-US: AzeoTech DAQFactory
CVE-2025-66585 (In AzeoTech DAQFactory release 20.7 (Build 2555), a Use After Free vul ...)
NOT-FOR-US: AzeoTech DAQFactory
-CVE-2025-66584 (In AzeoTech DAQFactory release 20.7 (Build 2555), a Stack-Based Buffer ...)
+CVE-2025-66584
+ REJECTED
NOT-FOR-US: AzeoTech DAQFactory
CVE-2025-66492 (Masa CMS is an open source Enterprise Content Management platform. Ver ...)
NOT-FOR-US: Masa CMS
@@ -8616,7 +8896,7 @@ CVE-2025-67897 (In Sequoia before 2.1.0, aes_key_unwrap panics if passed a ciphe
[bullseye] - rust-sequoia-openpgp <ignored> (Minor issue)
NOTE: Fixed by: https://gitlab.com/sequoia-pgp/sequoia/-/commit/b59886e5e7bdf7169ed330f309a6633d131776e5 (openpgp/v2.1.0)
CVE-2025-67484
- {DSA-6085-1}
+ {DSA-6085-1 DLA-4428-1}
- mediawiki 1:1.43.6+dfsg-1
NOTE: https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/FOY6VXTBCCHIGYGSTQBPN3UFCL6CAX6Y/
NOTE: https://phabricator.wikimedia.org/T401987
@@ -8634,7 +8914,7 @@ CVE-2025-67483
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1217337 (master)
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1217299 (REL1_43)
CVE-2025-67482
- {DSA-6085-1}
+ {DSA-6085-1 DLA-4428-1}
- mediawiki 1:1.43.6+dfsg-1
NOTE: https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/FOY6VXTBCCHIGYGSTQBPN3UFCL6CAX6Y/
NOTE: http://phabricator.wikimedia.org/T408135
@@ -8642,7 +8922,7 @@ CVE-2025-67482
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Scribunto/+/1217293 (REL1_43)
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Scribunto/+/1217289 (REL1_39)
CVE-2025-67481
- {DSA-6085-1}
+ {DSA-6085-1 DLA-4428-1}
- mediawiki 1:1.43.6+dfsg-1
NOTE: https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/FOY6VXTBCCHIGYGSTQBPN3UFCL6CAX6Y/
NOTE: https://phabricator.wikimedia.org/T251032
@@ -8650,7 +8930,7 @@ CVE-2025-67481
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1217300 (REL1_43)
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1217287 (REL1_39)
CVE-2025-67480
- {DSA-6085-1}
+ {DSA-6085-1 DLA-4428-1}
- mediawiki 1:1.43.6+dfsg-1
NOTE: https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/FOY6VXTBCCHIGYGSTQBPN3UFCL6CAX6Y/
NOTE: https://phabricator.wikimedia.org/T401053
@@ -8658,7 +8938,7 @@ CVE-2025-67480
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1217298 (REL1_43)
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1217286 (REL1_39)
CVE-2025-67479
- {DSA-6085-1}
+ {DSA-6085-1 DLA-4428-1}
- mediawiki 1:1.43.6+dfsg-1
NOTE: https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/FOY6VXTBCCHIGYGSTQBPN3UFCL6CAX6Y/
NOTE: https://phabricator.wikimedia.org/T407131
@@ -8666,7 +8946,7 @@ CVE-2025-67479
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1217297 (REL1_43)
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1217285 (REL1_39)
CVE-2025-67478
- {DSA-6085-1}
+ {DSA-6085-1 DLA-4428-1}
- mediawiki 1:1.43.6+dfsg-1
NOTE: https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/FOY6VXTBCCHIGYGSTQBPN3UFCL6CAX6Y/
NOTE: https://phabricator.wikimedia.org/T385403
@@ -8688,7 +8968,7 @@ CVE-2025-67476
NOTE: https://phabricator.wikimedia.org/T405859
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1217333 (master)
CVE-2025-67475
- {DSA-6085-1}
+ {DSA-6085-1 DLA-4428-1}
- mediawiki 1:1.43.6+dfsg-1
NOTE: https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/FOY6VXTBCCHIGYGSTQBPN3UFCL6CAX6Y/
NOTE: https://phabricator.wikimedia.org/T406664
@@ -327721,7 +328001,7 @@ CVE-2022-2402 (The vulnerability in the driver dlpfde.sys enables a user logged
CVE-2022-2401 (Unrestricted information disclosure of all users in Mattermost version ...)
- mattermost-server <itp> (bug #823556)
CVE-2022-2400 (External Control of File Name or Path in GitHub repository dompdf/domp ...)
- {DLA-3495-1}
+ {DLA-4427-1 DLA-3495-1}
- php-dompdf 2.0.2+dfsg-1 (bug #1015874)
NOTE: https://huntr.dev/bounties/a6da5e5e-86be-499a-a3c3-2950f749202a
NOTE: https://github.com/dompdf/dompdf/commit/99aeec1efec9213e87098d42eb09439e7ee0bb6a
@@ -385998,7 +386278,7 @@ CVE-2021-41771 (ImportedSymbols in debug/macho (for Open or OpenFat) in Go befor
CVE-2021-41770 (Ping Identity PingFederate before 10.3.1 mishandles pre-parsing valida ...)
NOT-FOR-US: Ping Identity PingFederate
CVE-2021-3838 (DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due ...)
- {DLA-3495-2 DLA-3495-1}
+ {DLA-4427-1 DLA-3495-2 DLA-3495-1}
- php-dompdf 2.0.2+dfsg-1
NOTE: https://github.com/dompdf/dompdf/issues/2564
NOTE: https://huntr.dev/bounties/0bdddc12-ff67-4815-ab9f-6011a974f48e
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de063624504bf41883e38f99ae9cb368d96ade95
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de063624504bf41883e38f99ae9cb368d96ade95
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251230/8e917c20/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list