[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jan 20 15:57:00 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
db6db224 by Salvatore Bonaccorso at 2025-01-20T16:56:33+01:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,12 @@
+CVE-2023-52923 [netfilter: nf_tables: adapt set backend to use GC transaction API]
+ - linux 6.4.11-1
+ [bookworm] - linux 6.1.64-1
+ [bullseye] - linux 5.10.205-1
+ NOTE: https://git.kernel.org/linus/f6c383b8c31a93752a52697f8430a71dcbc46adf (6.5-rc6)
+CVE-2025-21655 [io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period]
+ - linux 6.12.10-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c9a40292a44e78f71258b8522655bffaf5753bdb (6.13-rc7)
CVE-2025-0590 (Improper permission settings for mobile applications (com.transsion.ca ...)
NOT-FOR-US: com.transsion.carlcare mobile application
CVE-2025-0586 (The a+HRD from aEnrich Technology has an Insecure Deserialization vuln ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db6db224e14126c21a3dbe7d2c1834fec532bddb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db6db224e14126c21a3dbe7d2c1834fec532bddb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250120/bb20d7ac/attachment.htm>
More information about the debian-security-tracker-commits
mailing list