[Git][security-tracker-team/security-tracker][master] Add new Linux CVEs from kernel-sec

Tue Jan 21 13:43:09 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
38e2b45c by Salvatore Bonaccorso at 2025-01-21T14:42:43+01:00
Add new Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,115 @@
+CVE-2025-21664 [dm thin: make get_first_thin use rcu-safe list first function]
+	- linux 6.12.10-1
+	NOTE: https://git.kernel.org/linus/80f130bfad1dab93b95683fc39b87235682b8f72 (6.13-rc7)
+CVE-2025-21663 [net: stmmac: dwmac-tegra: Read iommu stream id from device tree]
+	- linux 6.12.10-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/426046e2d62dd19533808661e912b8e8a9eaec16 (6.13-rc7)
+CVE-2025-21662 [net/mlx5: Fix variable not being completed when function returns]
+	- linux 6.12.10-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0e2909c6bec9048f49d0c8e16887c63b50b14647 (6.13-rc7)
+CVE-2025-21661 [gpio: virtuser: fix missing lookup table cleanups]
+	- linux 6.12.10-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a619cba8c69c434258ff4101d463322cd63e1bdc (6.13-rc7)
+CVE-2025-21660 [ksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked]
+	- linux 6.12.10-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/2ac538e40278a2c0c051cca81bcaafc547d61372 (6.13-rc7)
+CVE-2025-21659 [netdev: prevent accessing NAPI instances from another namespace]
+	- linux 6.12.10-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d1cacd74776895f6435941f86a1130e58f6dd226 (6.13-rc7)
+CVE-2025-21658 [btrfs: avoid NULL pointer dereference if no valid extent tree]
+	- linux 6.12.10-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/6aecd91a5c5b68939cf4169e32bc49f3cd2dd329 (6.13-rc7)
+CVE-2025-21657 [sched_ext: Replace rq_lock() to raw_spin_rq_lock() in scx_ops_bypass()]
+	- linux 6.12.10-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/6268d5bc10354fc2ab8d44a0cd3b042d49a0417e (6.13-rc7)
+CVE-2025-21656 [hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur]
+	- linux 6.12.10-1
+	NOTE: https://git.kernel.org/linus/82163d63ae7a4c36142cd252388737205bb7e4b9 (6.13-rc7)
+CVE-2024-57946 [virtio-blk: don't keep queue frozen during system suspend]
+	- linux 6.12.8-1
+	[bookworm] - linux 6.1.123-1
+	NOTE: https://git.kernel.org/linus/7678abee0867e6b7fb89aa40f6e9f575f755fb37 (6.13-rc2)
+CVE-2024-57945 [riscv: mm: Fix the out of bound issue of vmemmap address]
+	- linux 6.12.10-1
+	NOTE: https://git.kernel.org/linus/f754f27e98f88428aaf6be6e00f5cbce97f62d4b (6.13-rc7)
+CVE-2024-57944 [iio: adc: ti-ads1298: Add NULL check in ads1298_init]
+	- linux 6.12.10-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/bcb394bb28e55312cace75362b8e489eb0e02a30 (6.13-rc7)
+CVE-2024-57943 [exfat: fix the new buffer was not zeroed before writing]
+	- linux 6.12.10-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/98e2fb26d1a9eafe79f46d15d54e68e014d81d8c (6.13-rc7)
+CVE-2024-57942 [netfs: Fix ceph copy to cache on write-begin]
+	- linux 6.12.10-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/38cf8e945721ffe708fa675507465da7f4f2a9f7 (6.13-rc7)
+CVE-2024-57941 [netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled]
+	- linux 6.12.10-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d0327c824338cdccad058723a31d038ecd553409 (6.13-rc7)
+CVE-2024-57940 [exfat: fix the infinite loop in exfat_readdir()]
+	- linux 6.12.10-1
+	NOTE: https://git.kernel.org/linus/fee873761bd978d077d8c55334b4966ac4cb7b59 (6.13-rc7)
+CVE-2024-57939 [riscv: Fix sleeping in invalid context in die()]
+	- linux 6.12.10-1
+	NOTE: https://git.kernel.org/linus/6a97f4118ac07cfdc316433f385dbdc12af5025e (6.13-rc7)
+CVE-2024-57938 [net/sctp: Prevent autoclose integer overflow in sctp_association_init()]
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	NOTE: https://git.kernel.org/linus/4e86729d1ff329815a6e8a920cb554a1d4cb5b8d (6.13-rc6)
+CVE-2024-57937 [mm: reinstate ability to map write-sealed memfd mappings read-only]
+	- linux 6.12.9-1
+	NOTE: https://git.kernel.org/linus/8ec396d05d1b737c87311fb7311f753b02c2a6b1 (6.13-rc6)
+CVE-2024-57936 [RDMA/bnxt_re: Fix max SGEs for the Work Request]
+	- linux 6.12.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/79d330fbdffd8cee06d8bdf38d82cb62d8363a27 (6.13-rc6)
+CVE-2024-57935 [RDMA/hns: Fix accessing invalid dip_ctx during destroying QP]
+	- linux 6.12.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0572eccf239ce4bd89bd531767ec5ab20e249290 (6.13-rc6)
+CVE-2024-57934 [fgraph: Add READ_ONCE() when accessing fgraph_array[]]
+	- linux 6.12.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d65474033740ded0a4fe9a097fce72328655b41d (6.13-rc6)
+CVE-2024-57933 [gve: guard XSK operations on the existence of queues]
+	- linux 6.12.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/40338d7987d810fcaa95c500b1068a52b08eec9b (6.13-rc6)
+CVE-2024-57932 [gve: guard XDP xmit NDO on existence of xdp queues]
+	- linux 6.12.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ff7c2dea9dd1a436fc79d6273adffdcc4a7ffea3 (6.13-rc6)
+CVE-2024-57931 [selinux: ignore unknown extended permissions]
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	NOTE: https://git.kernel.org/linus/900f83cf376bdaf798b6f5dcb2eae0c822e908b6 (6.13-rc4)
+CVE-2024-57930 [tracing: Have process_string() also allow arrays]
+	- linux 6.12.9-1
+	[bookworm] - linux 6.1.124-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/afc6717628f959941d7b33728570568b4af1c4b8 (6.13-rc6)
 CVE-2022-4975
 	NOT-FOR-US: Red Hat Advanced Cluster Security
 CVE-2025-24014 [segmentation fault in win_line()]



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38e2b45cbe4e90bad746d2dcbff56c72f18c8c83

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38e2b45cbe4e90bad746d2dcbff56c72f18c8c83
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250121/b853e3a3/attachment-0001.htm>
