[Git][security-tracker-team/security-tracker][master] Merge Linux updates from kernel-sec

Wed Jan 8 19:17:29 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
629d494a by Salvatore Bonaccorso at 2025-01-08T20:17:20+01:00
Merge Linux updates from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,76 @@
+CVE-2024-56787 [soc: imx8m: Probe the SoC driver as platform driver]
+	- linux 6.12.5-1
+	[bookworm] - linux 6.1.123-1
+	NOTE: https://git.kernel.org/linus/9cc832d37799dbea950c4c8a34721b02b8b5a8ff (6.13-rc1)
+CVE-2024-56786 [bpf: put bpf_link's program when link is safe to be deallocated]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/f44ec8733a8469143fde1984b5e6931b2e2f6f3f (6.13-rc1)
+CVE-2024-56785 [MIPS: Loongson64: DTS: Really fix PCIe port nodes for ls7a]
+	- linux 6.12.5-1
+	[bookworm] - linux 6.1.123-1
+	NOTE: https://git.kernel.org/linus/4fbd66d8254cedfd1218393f39d83b6c07a01917 (6.13-rc1)
+CVE-2024-56784 [drm/amd/display: Adding array index check to prevent memory corruption]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/2c437d9a0b496168e1a1defd17b531f0a526dbe9 (6.13-rc1)
+CVE-2024-56783 [netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level]
+	- linux 6.12.5-1
+	[bookworm] - linux 6.1.123-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b7529880cb961d515642ce63f9d7570869bbbdc3 (6.13-rc2)
+CVE-2024-56782 [ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration()]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/4a49194f587a62d972b602e3e1a2c3cfe6567966 (6.13-rc1)
+CVE-2024-56781 [powerpc/prom_init: Fixup missing powermac #size-cells]
+	- linux 6.12.5-1
+	[bookworm] - linux 6.1.123-1
+	NOTE: https://git.kernel.org/linus/cf89c9434af122f28a3552e6f9cc5158c33ce50a (6.13-rc1)
+CVE-2024-56780 [quota: flush quota_release_work upon quota writeback]
+	- linux 6.12.5-1
+	[bookworm] - linux 6.1.123-1
+	NOTE: https://git.kernel.org/linus/ac6f420291b3fee1113f21d612fa88b628afab5b (6.13-rc2)
+CVE-2024-56779 [nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur]
+	- linux 6.12.5-1
+	[bookworm] - linux 6.1.123-1
+	NOTE: https://git.kernel.org/linus/98100e88dd8865999dc6379a3356cd799795fe7b (6.13-rc1)
+CVE-2024-56778 [drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check]
+	- linux 6.12.5-1
+	[bookworm] - linux 6.1.123-1
+	NOTE: https://git.kernel.org/linus/c1ab40a1fdfee732c7e6ff2fb8253760293e47e8 (6.13-rc1)
+CVE-2024-56777 [drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check]
+	- linux 6.12.5-1
+	[bookworm] - linux 6.1.123-1
+	NOTE: https://git.kernel.org/linus/e965e771b069421c233d674c3c8cd8c7f7245f42 (6.13-rc1)
+CVE-2024-56776 [drm/sti: avoid potential dereference of error pointers]
+	- linux 6.12.5-1
+	[bookworm] - linux 6.1.123-1
+	NOTE: https://git.kernel.org/linus/831214f77037de02afc287eae93ce97f218d8c04 (6.13-rc1)
+CVE-2024-56775 [drm/amd/display: Fix handling of plane refcount]
+	- linux 6.12.5-1
+	NOTE: https://git.kernel.org/linus/27227a234c1487cb7a684615f0749c455218833a (6.13-rc1)
+CVE-2024-56774 [btrfs: add a sanity check for btrfs root in btrfs_search_slot()]
+	- linux 6.12.5-1
+	[bookworm] - linux 6.1.123-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3ed51857a50f530ac7a1482e069dfbd1298558d4 (6.13-rc2)
+CVE-2024-56773 [kunit: Fix potential null dereference in kunit_device_driver_test()]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/435c20eed572a95709b1536ff78832836b2f91b1 (6.13-rc1)
+CVE-2024-56772 [kunit: string-stream: Fix a UAF bug in kunit_init_suite()]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/39e21403c978862846fa68b7f6d06f9cca235194 (6.13-rc1)
+CVE-2024-56771 [mtd: spinand: winbond: Fix 512GW, 01GW, 01JW and 02JW ECC information]
+	- linux 6.12.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/fee9b240916df82a8b07aef0fdfe96785417a164 (6.13-rc1)
+CVE-2024-56770 [net/sched: netem: account for backlog updates from child qdisc]
+	- linux 6.12.6-1
+	[bookworm] - linux 6.1.123-1
+	NOTE: https://git.kernel.org/linus/f8d4bc455047cf3903cd6f85f49978987dbb3027 (6.13-rc3)
 CVE-2024-54676
 	NOT-FOR-US: Apache OpenMeetings
 CVE-2025-22215 (VMware Aria Automation contains a server-side request forgery (SSRF) v ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/629d494a29aed4badf3aec0c57b3f91c9c1d51f3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/629d494a29aed4badf3aec0c57b3f91c9c1d51f3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250108/7ce0b819/attachment.htm>
