[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jan 15 21:08:50 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
60cfcb20 by Salvatore Bonaccorso at 2025-01-15T22:08:25+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -107,9 +107,14 @@ CVE-2025-22317 (Improper Neutralization of Input During Web Page Generation ('Cr
 CVE-2025-22146 (Sentry is a developer-first error tracking and performance monitoring  ...)
 	TODO: check
 CVE-2025-21630 (In the Linux kernel, the following vulnerability has been resolved:  i ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c6e60a0a68b7e6b3c7e33863a16e8e88ba9eee6f (6.13-rc6)
 CVE-2025-21629 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	NOTE: https://git.kernel.org/linus/68e068cabd2c6c533ef934c2e5151609cf6ecc6d (6.13-rc6)
 CVE-2025-21088 (Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0 ...)
 	TODO: check
 CVE-2025-21083 (Mattermost Mobile Apps versions <=2.22.0 fail to properly validate pos ...)
@@ -149,61 +154,114 @@ CVE-2024-7085 (Improper Neutralization of Input During Web Page Generation (XSS
 CVE-2024-5198 (OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged loca ...)
 	TODO: check
 CVE-2024-57903 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	NOTE: https://git.kernel.org/linus/5b0af621c3f6ef9261cf6067812f2fd9943acb4b (6.13-rc6)
 CVE-2024-57902 (In the Linux kernel, the following vulnerability has been resolved:  a ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	NOTE: https://git.kernel.org/linus/77ee7a6d16b6ec07b5c3ae2b6b60a24c1afbed09 (6.13-rc6)
 CVE-2024-57901 (In the Linux kernel, the following vulnerability has been resolved:  a ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	NOTE: https://git.kernel.org/linus/f91a5b8089389eb408501af2762f168c3aaa7b79 (6.13-rc6)
 CVE-2024-57900 (In the Linux kernel, the following vulnerability has been resolved:  i ...)
-	TODO: check
+	- linux 6.12.9-1
+	NOTE: https://git.kernel.org/linus/260466b576bca0081a7d4acecc8e93687aa22d0e (6.13-rc6)
 CVE-2024-57899 (In the Linux kernel, the following vulnerability has been resolved:  w ...)
-	TODO: check
+	- linux 6.12.9-1
+	NOTE: https://git.kernel.org/linus/49dba1ded8dd5a6a12748631403240b2ab245c34 (6.13-rc3)
 CVE-2024-57898 (In the Linux kernel, the following vulnerability has been resolved:  w ...)
-	TODO: check
+	- linux 6.12.9-1
+	NOTE: https://git.kernel.org/linus/b5c32ff6a3a38c74facdd1fe34c0d709a55527fd (6.13-rc3)
 CVE-2024-57897 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	NOTE: https://git.kernel.org/linus/5c3de6b02d38eb9386edf50490e050bb44398e40 (6.13-rc3)
 CVE-2024-57896 (In the Linux kernel, the following vulnerability has been resolved:  b ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	NOTE: https://git.kernel.org/linus/f10bef73fb355e3fc85e63a50386798be68ff486 (6.13-rc3)
 CVE-2024-57895 (In the Linux kernel, the following vulnerability has been resolved:  k ...)
-	TODO: check
+	- linux 6.12.9-1
+	NOTE: https://git.kernel.org/linus/21e46a79bbe6c4e1aa73b3ed998130f2ff07b128 (6.13-rc3)
 CVE-2024-57894 (In the Linux kernel, the following vulnerability has been resolved:  B ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	NOTE: https://git.kernel.org/linus/4d94f05558271654670d18c26c912da0c1c15549 (6.13-rc3)
 CVE-2024-57893 (In the Linux kernel, the following vulnerability has been resolved:  A ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	NOTE: https://git.kernel.org/linus/0179488ca992d79908b8e26b9213f1554fc5bacc (6.13-rc6)
 CVE-2024-57892 (In the Linux kernel, the following vulnerability has been resolved:  o ...)
-	TODO: check
+	- linux 6.12.9-1
+	NOTE: https://git.kernel.org/linus/5f3fd772d152229d94602bca243fbb658068a597 (6.13-rc6)
 CVE-2024-57891 (In the Linux kernel, the following vulnerability has been resolved:  s ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/18b2093f4598d8ee67a8153badc93f0fa7686b8a (6.13-rc6)
 CVE-2024-57890 (In the Linux kernel, the following vulnerability has been resolved:  R ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	NOTE: https://git.kernel.org/linus/d0257e089d1bbd35c69b6c97ff73e3690ab149a9 (6.13-rc6)
 CVE-2024-57889 (In the Linux kernel, the following vulnerability has been resolved:  p ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	NOTE: https://git.kernel.org/linus/a37eecb705f33726f1fb7cd2a67e514a15dfe693 (6.13-rc6)
 CVE-2024-57888 (In the Linux kernel, the following vulnerability has been resolved:  w ...)
-	TODO: check
+	- linux 6.12.9-1
+	NOTE: https://git.kernel.org/linus/de35994ecd2dd6148ab5a6c5050a1670a04dec77 (6.13-rc6)
 CVE-2024-57887 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
-	TODO: check
+	- linux 6.12.9-1
+	NOTE: https://git.kernel.org/linus/81adbd3ff21c1182e06aa02c6be0bfd9ea02d8e8 (6.13-rc6)
 CVE-2024-57886 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/8debfc5b1aa569d3d2ac836af2553da037611c61 (6.13-rc6)
 CVE-2024-57885 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/cddc76b165161a02ff14c4d84d0f5266d9d32b9e (6.13-rc6)
 CVE-2024-57884 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	NOTE: https://git.kernel.org/linus/6aaced5abd32e2a57cd94fd64f824514d0361da8 (6.13-rc6)
 CVE-2024-57883 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
-	TODO: check
+	- linux 6.12.9-1
+	NOTE: https://git.kernel.org/linus/59d9094df3d79443937add8700b2ef1a866b1081 (6.13-rc6)
 CVE-2024-57882 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/cbb26f7d8451fe56ccac802c6db48d16240feebd (6.13-rc6)
 CVE-2024-57857 (In the Linux kernel, the following vulnerability has been resolved:  R ...)
-	TODO: check
+	- linux 6.12.9-1
+	NOTE: https://git.kernel.org/linus/16b87037b48889d21854c8e97aec8a1baf2642b3 (6.13-rc6)
 CVE-2024-57844 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/fe39b222a4139354d32ff9d46b88757f63f71d63 (6.13-rc6)
 CVE-2024-57841 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/4f4aa4aa28142d53f8b06585c478476cfe325cfc (6.13-rc6)
 CVE-2024-57802 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	NOTE: https://git.kernel.org/linus/a4fd163aed2edd967a244499754dec991d8b4c7d (6.13-rc6)
 CVE-2024-57801 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/5a03b368562a7ff5f5f1f63b5adf8309cbdbd5be (6.13-rc6)
 CVE-2024-57795 (In the Linux kernel, the following vulnerability has been resolved:  R ...)
-	TODO: check
+	- linux 6.12.9-1
+	NOTE: https://git.kernel.org/linus/2ac5415022d16d63d912a39a06f32f1f51140261 (6.13-rc6)
 CVE-2024-57025 (TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an O ...)
 	TODO: check
 CVE-2024-57024 (TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an O ...)
@@ -243,9 +301,14 @@ CVE-2024-54535 (A path handling issue was addressed with improved logic. This is
 CVE-2024-54470 (A logic issue was addressed with improved checks. This issue is fixed  ...)
 	TODO: check
 CVE-2024-54031 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	NOTE: https://git.kernel.org/linus/542ed8145e6f9392e3d0a86a0e9027d2ffd183e4 (6.13-rc6)
 CVE-2024-53681 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/4db3d750ac7e894278ef1cb1c53cc7d883060496 (6.13-rc6)
 CVE-2024-52783 (Insecure permissions in the XNetSocketClient component of XINJE XDPPro ...)
 	TODO: check
 CVE-2024-52005 (Git is a source code management tool. When cloning from a server (or f ...)
@@ -269,9 +332,14 @@ CVE-2024-40839 (This issue was addressed through improved state management. This
 CVE-2024-40771 (The issue was addressed with improved memory handling. This issue is f ...)
 	TODO: check
 CVE-2024-39282 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/4f619d518db9cd1a933c3a095a5f95d0c1584ae8 (6.13-rc6)
 CVE-2024-36476 (In the Linux kernel, the following vulnerability has been resolved:  R ...)
-	TODO: check
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	NOTE: https://git.kernel.org/linus/fb514b31395946022f13a08e06a435f53cf9e8b3 (6.13-rc6)
 CVE-2024-35280 (A improper neutralization of input during web page generation ('cross- ...)
 	TODO: check
 CVE-2024-27856 (The issue was addressed with improved checks. This issue is fixed in m ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60cfcb20b870693d61eab79429b84b6754bc7f28

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60cfcb20b870693d61eab79429b84b6754bc7f28
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250115/98a7b4aa/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list