[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Thu Feb 27 20:24:04 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
62d6a053 by Salvatore Bonaccorso at 2025-02-27T21:23:39+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -44,52 +44,108 @@ CVE-2025-21822 (In the Linux kernel, the following vulnerability has been resolv
 	TODO: check
 CVE-2025-21821 (In the Linux kernel, the following vulnerability has been resolved:  f ...)
 	TODO: check
-CVE-2025-21820 (In the Linux kernel, the following vulnerability has been resolved:  t ...)
-	TODO: check
-CVE-2025-21819 (In the Linux kernel, the following vulnerability has been resolved:  R ...)
-	TODO: check
-CVE-2025-21818 (In the Linux kernel, the following vulnerability has been resolved:  x ...)
-	TODO: check
-CVE-2025-21817 (In the Linux kernel, the following vulnerability has been resolved:  b ...)
-	TODO: check
-CVE-2025-21816 (In the Linux kernel, the following vulnerability has been resolved:  h ...)
-	TODO: check
-CVE-2025-21815 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
-	TODO: check
-CVE-2025-21814 (In the Linux kernel, the following vulnerability has been resolved:  p ...)
-	TODO: check
-CVE-2025-21813 (In the Linux kernel, the following vulnerability has been resolved:  t ...)
-	TODO: check
-CVE-2025-21812 (In the Linux kernel, the following vulnerability has been resolved:  a ...)
-	TODO: check
-CVE-2025-21811 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
-CVE-2025-21810 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
-	TODO: check
-CVE-2025-21809 (In the Linux kernel, the following vulnerability has been resolved:  r ...)
-	TODO: check
-CVE-2025-21808 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
-CVE-2025-21807 (In the Linux kernel, the following vulnerability has been resolved:  b ...)
-	TODO: check
-CVE-2025-21806 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
-CVE-2025-21805 (In the Linux kernel, the following vulnerability has been resolved:  R ...)
-	TODO: check
-CVE-2025-21804 (In the Linux kernel, the following vulnerability has been resolved:  P ...)
-	TODO: check
-CVE-2025-21803 (In the Linux kernel, the following vulnerability has been resolved:  L ...)
-	TODO: check
-CVE-2025-21802 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
-CVE-2025-21801 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
-CVE-2025-21800 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
-CVE-2025-21799 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
-CVE-2025-21798 (In the Linux kernel, the following vulnerability has been resolved:  f ...)
-	TODO: check
+CVE-2025-21820 [tty: xilinx_uartps: split sysrq handling]
+	- linux 6.12.15-1
+	NOTE: https://git.kernel.org/linus/b06f388994500297bb91be60ffaf6825ecfd2afe (6.14-rc1)
+CVE-2025-21819 [Revert "drm/amd/display: Use HW lock mgr for PSR1"]
+	- linux 6.12.15-1
+	NOTE: https://git.kernel.org/linus/f245b400a223a71d6d5f4c72a2cb9b573a7fc2b6 (6.14-rc2)
+CVE-2025-21818 [x86/xen: fix xen_hypercall_hvm() to not clobber %rbx]
+	- linux 6.12.15-1
+	NOTE: https://git.kernel.org/linus/98a5cfd2320966f40fe049a9855f8787f0126825 (6.14-rc2)
+CVE-2025-21817 [block: mark GFP_NOIO around sysfs ->store()]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/7c0be4ead1f8f5f8be0803f347de0de81e3b8e1c (6.14-rc1)
+CVE-2025-21816 [hrtimers: Force migrate away hrtimers queued after CPUHP_AP_HRTIMERS_DYING]
+	- linux 6.12.15-1
+	NOTE: https://git.kernel.org/linus/53dac345395c0d2493cbc2f4c85fe38aef5b63f5 (6.14-rc2)
+CVE-2025-21815 [mm/compaction: fix UBSAN shift-out-of-bounds warning]
+	- linux 6.12.15-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d1366e74342e75555af2648a2964deb2d5c92200 (6.14-rc1)
+CVE-2025-21814 [ptp: Ensure info->enable callback is always set]
+	- linux 6.12.15-1
+	NOTE: https://git.kernel.org/linus/fd53aa40e65f518453115b6f56183b0c201db26b (6.14-rc1)
+CVE-2025-21813 [timers/migration: Fix off-by-one root mis-connection]
+	- linux 6.12.15-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/868c9037df626b3c245ee26a290a03ae1f9f58d3 (6.14-rc2)
+CVE-2025-21812 [ax25: rcu protect dev->ax25_ptr]
+	- linux 6.12.13-1
+	NOTE: https://git.kernel.org/linus/95fc45d1dea8e1253f8ec58abc5befb71553d666 (6.14-rc1)
+CVE-2025-21811 [nilfs2: protect access to buffers with no active references]
+	- linux 6.12.13-1
+	NOTE: https://git.kernel.org/linus/367a9bffabe08c04f6d725032cce3d891b2b9e1a (6.14-rc1)
+CVE-2025-21810 [driver core: class: Fix wild pointer dereferences in API class_dev_iter_next()]
+	- linux 6.12.13-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e128f82f7006991c99a58114f70ef61e937b1ac1 (6.14-rc1)
+CVE-2025-21809 [rxrpc, afs: Fix peer hash locking vs RCU callback]
+	- linux 6.12.13-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/79d458c13056559d49b5e41fbc4b6890e68cf65b (6.14-rc1)
+CVE-2025-21808 [net: xdp: Disallow attaching device-bound programs in generic mode]
+	- linux 6.12.13-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3595599fa8360bb3c7afa7ee50c810b4a64106ea (6.14-rc1)
+CVE-2025-21807 [block: fix queue freeze vs limits lock order in sysfs store methods]
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c99f66e4084a62a2cc401c4704a84328aeddc9ec (6.14-rc1)
+CVE-2025-21806 [net: let net.core.dev_weight always be non-zero]
+	- linux 6.12.13-1
+	NOTE: https://git.kernel.org/linus/d1f9f79fa2af8e3b45cffdeef66e05833480148a (6.14-rc1)
+CVE-2025-21805 [RDMA/rtrs: Add missing deinit() call]
+	- linux 6.12.13-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/81468c4058a62e84e475433b83b3edc613294f5e (6.14-rc1)
+CVE-2025-21804 [PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()]
+	- linux 6.12.13-1
+	NOTE: https://git.kernel.org/linus/2d2da5a4c1b4509f6f7e5a8db015cd420144beb4 (6.14-rc1)
+CVE-2025-21803 [LoongArch: Fix warnings during S3 suspend]
+	- linux 6.12.13-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/26c0a2d93af55d30a46d5f45d3e9c42cde730168 (6.14-rc1)
+CVE-2025-21802 [net: hns3: fix oops when unload drivers paralleling]
+	- linux 6.12.13-1
+	NOTE: https://git.kernel.org/linus/92e5995773774a3e70257e9c95ea03518268bea5 (6.14-rc1)
+CVE-2025-21801 [net: ravb: Fix missing rtnl lock in suspend/resume path]
+	- linux 6.12.13-1
+	NOTE: https://git.kernel.org/linus/2c2ebb2b49573e5f8726112ad06b1dffc3c9ea03 (6.14-rc1)
+CVE-2025-21800 [net/mlx5: HWS, fix definer's HWS_SET32 macro for negative offset]
+	- linux 6.12.13-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/be482f1d10da781db9445d2753c1e3f1fd82babf (6.14-rc1)
+CVE-2025-21799 [net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns()]
+	- linux 6.12.13-1
+	NOTE: https://git.kernel.org/linus/4395a44acb15850e492dd1de9ec4b6479d96bc80 (6.14-rc1)
+CVE-2025-21798 [firewire: test: Fix potential null dereference in firewire kunit test]
+	- linux 6.12.13-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/352fafe97784e81a10a7c74bd508f71a19b53c2a (6.14-rc1)
+CVE-2024-58042 [rhashtable: Fix potential deadlock by moving schedule_work outside lock]
+	- linux 6.12.13-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e1d3422c95f003eba241c176adfe593c33e8a8f6 (6.14-rc1)
+CVE-2024-58034 [memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code()]
+	- linux 6.12.13-1
+	NOTE: https://git.kernel.org/linus/b9784e5cde1f9fb83661a70e580e381ae1264d12 (6.14-rc1)
+CVE-2024-58022 [mailbox: th1520: Fix a NULL vs IS_ERR() bug]
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d0f98e14c010bcf27898b635a54c1994ac4110a8 (6.14-rc1)
 CVE-2025-1756 (mongosh may be susceptible to local privilege escalation under certain ...)
 	TODO: check
 CVE-2025-1755 (MongoDB Compass may be susceptible to local privilege escalation under ...)
@@ -130,12 +186,6 @@ CVE-2024-9334 (Use of Hard-coded Credentials, Storage of Sensitive Data in a Mec
 	TODO: check
 CVE-2024-9285 (A vulnerability was found in Tu Yafeng Via Browser up to 5.9.0 on Andr ...)
 	TODO: check
-CVE-2024-58042 (In the Linux kernel, the following vulnerability has been resolved:  r ...)
-	TODO: check
-CVE-2024-58034 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
-	TODO: check
-CVE-2024-58022 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
-	TODO: check
 CVE-2024-56812 (IBM EntireX 11.1 could allow a local user to obtain sensitive informat ...)
 	TODO: check
 CVE-2024-56811 (IBM EntireX 11.1 could allow a local user to obtain sensitive informat ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62d6a053b491f27b5facec9d4129bd073b2f8417

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62d6a053b491f27b5facec9d4129bd073b2f8417
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250227/7786c6c8/attachment.htm>
