[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Feb 5 10:56:13 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0b6d008b by Salvatore Bonaccorso at 2025-02-05T11:55:41+01:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,13 @@
+CVE-2023-52925 [netfilter: nf_tables: don't fail inserts if duplicate has expired]
+ - linux 6.4.13-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7845914f45f066497ac75b30c50dbc735e84e884 (6.5-rc7)
+CVE-2023-52924 [netfilter: nf_tables: don't skip expired elements during walk]
+ - linux 6.4.11-1
+ [bookworm] - linux 6.1.64-1
+ [bullseye] - linux 5.10.205-1
+ NOTE: https://git.kernel.org/linus/24138933b97b055d486e8064b4a1721702442a9b (6.5-rc6)
CVE-2025-0167 [netrc and default credential leak]
- curl <unfixed>
[bullseye] - curl <not-affected> (Vulnerable code introduced later)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b6d008b729345297367a16c537cad137177791a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b6d008b729345297367a16c537cad137177791a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250205/2bf583fa/attachment.htm>
More information about the debian-security-tracker-commits
mailing list