[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jul 3 21:12:21 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
09feb8e5 by security tracker role at 2025-07-03T20:12:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,276 +1,398 @@
-CVE-2025-38173 [crypto: marvell/cesa - Handle zero-length skcipher requests]
+CVE-2025-6587 (System environment variables are recorded in Docker Desktop diagnostic ...)
+ TODO: check
+CVE-2025-6563 (A cross-site scripting vulnerability is present in the hotspot of Mikr ...)
+ TODO: check
+CVE-2025-6074 (Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB ...)
+ TODO: check
+CVE-2025-6073 (Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 ...)
+ TODO: check
+CVE-2025-6072 (Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 ...)
+ TODO: check
+CVE-2025-6071 (Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB ...)
+ TODO: check
+CVE-2025-5961 (The Migration, Backup, Staging \u2013 WPvivid Backup & Migration plugi ...)
+ TODO: check
+CVE-2025-53502 (Improper Input Validation vulnerability in Wikimedia Foundation Mediaw ...)
+ TODO: check
+CVE-2025-53501 (Improper Access Control vulnerability in Wikimedia Foundation Mediawik ...)
+ TODO: check
+CVE-2025-53500 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2025-53490 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2025-53489 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2025-53370 (Citizen is a MediaWiki skin that makes extensions part of the cohesive ...)
+ TODO: check
+CVE-2025-53369 (Short Description is a MediaWiki extension that provides local short d ...)
+ TODO: check
+CVE-2025-53368 (Citizen is a MediaWiki skin that makes extensions part of the cohesive ...)
+ TODO: check
+CVE-2025-50263 (Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the f ...)
+ TODO: check
+CVE-2025-50262 (Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the f ...)
+ TODO: check
+CVE-2025-50260 (Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the f ...)
+ TODO: check
+CVE-2025-50258 (Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the S ...)
+ TODO: check
+CVE-2025-49846 (wire-ios is an iOS client for the Wire secure messaging application. F ...)
+ TODO: check
+CVE-2025-49618 (In Plesk Obsidian 18.0.69, unauthenticated requests to /login_up.php c ...)
+ TODO: check
+CVE-2025-49595 (n8n is a workflow automation platform. Prior to version 1.99.0, there ...)
+ TODO: check
+CVE-2025-49032 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-48939 (tarteaucitron.js is a compliant and accessible cookie banner. Prior to ...)
+ TODO: check
+CVE-2025-45938 (Akeles Out of Office Assistant for Jira 4.0.1 is vulberable to Cross S ...)
+ TODO: check
+CVE-2025-45809 (BerriAI litellm v1.65.4 was discovered to contain a SQL injection vuln ...)
+ TODO: check
+CVE-2025-43713 (ASNA Assist and ASNA Registrar before 2025-03-31 allow deserialization ...)
+ TODO: check
+CVE-2025-40723 (Stored Cross-Site Scripting (XSS) vulnerability in versions prior to F ...)
+ TODO: check
+CVE-2025-40722 (Stored Cross-Site Scripting (XSS) vulnerability in versions prior to F ...)
+ TODO: check
+CVE-2025-3702 (Missing Authorization vulnerability in Melapress Melapress File Monito ...)
+ TODO: check
+CVE-2025-34089 (An unauthenticated remote code execution vulnerability exists in Remot ...)
+ TODO: check
+CVE-2025-34088 (An authenticated remote code execution vulnerability exists in Pandora ...)
+ TODO: check
+CVE-2025-34087 (An authenticated command injection vulnerability exists in Pi-hole ver ...)
+ TODO: check
+CVE-2025-34086 (Bolt CMS versions 3.7.0 and earlier contain a chain of vulnerabilities ...)
+ TODO: check
+CVE-2025-34082 (A command injection vulnerability exists in IGEL OS versions prior to ...)
+ TODO: check
+CVE-2025-34061 (A backdoor in PHPStudy versions 2016 through 2018 allows unauthenticat ...)
+ TODO: check
+CVE-2025-2932 (The JKDEVKIT plugin for WordPress is vulnerable to arbitrary file dele ...)
+ TODO: check
+CVE-2025-2540 (Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scr ...)
+ TODO: check
+CVE-2025-2537 (Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scr ...)
+ TODO: check
+CVE-2025-27461 (During startup, the device automatically logs in the EPC2 Windows user ...)
+ TODO: check
+CVE-2025-27460 (The hard drives of the device are not encrypted using a full volume en ...)
+ TODO: check
+CVE-2025-27459 (The VNC application stores its passwords encrypted within the registry ...)
+ TODO: check
+CVE-2025-27458 (The VNC authentication mechanism bases on a challenge-response system ...)
+ TODO: check
+CVE-2025-27457 (All communication between the VNC server and client(s) is unencrypted. ...)
+ TODO: check
+CVE-2025-27456 (The SMB server's login mechanism does not implement sufficient measure ...)
+ TODO: check
+CVE-2025-27455 (The web application is vulnerable to clickjacking attacks. The site ca ...)
+ TODO: check
+CVE-2025-27454 (The application is vulnerable to cross-site request forgery. An attack ...)
+ TODO: check
+CVE-2025-27453 (The HttpOnly flag is set to false on the PHPSESSION cookie. Therefore, ...)
+ TODO: check
+CVE-2025-27452 (The configuration of the Apache httpd webserver which serves the MEAC3 ...)
+ TODO: check
+CVE-2025-27451 (For failed login attempts, the application returns different error mes ...)
+ TODO: check
+CVE-2025-27450 (The Secure attribute is missing on multiple cookies provided by the ME ...)
+ TODO: check
+CVE-2025-27449 (The MEAC300-FNADE4 does not implement sufficient measures to prevent m ...)
+ TODO: check
+CVE-2025-27448 (The web application is susceptible to cross-site-scripting attacks. An ...)
+ TODO: check
+CVE-2025-27447 (The web application is susceptible to cross-site-scripting attacks. An ...)
+ TODO: check
+CVE-2025-23968 (Unrestricted Upload of File with Dangerous Type vulnerability in WPCen ...)
+ TODO: check
+CVE-2025-1711 (Multiple services of the DUT as well as different scopes of the same s ...)
+ TODO: check
+CVE-2025-1710 (The maxView Storage Manager does not implement sufficient measures to ...)
+ TODO: check
+CVE-2025-1709 (Several credentials for the local PostgreSQL database are stored in pl ...)
+ TODO: check
+CVE-2025-1708 (The application is vulnerable to SQL injection attacks. An attacker is ...)
+ TODO: check
+CVE-2025-0885 (Incorrect Authorization vulnerability in OpenText\u2122 GroupWise allo ...)
+ TODO: check
+CVE-2024-5647 (Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scr ...)
+ TODO: check
+CVE-2025-38173 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/8a4e047c6cc07676f637608a9dd675349b5de0a7 (6.16-rc1)
-CVE-2025-38172 [erofs: avoid using multiple devices with different type]
+CVE-2025-38172 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.12.35-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9748f2f54f66743ac77275c34886a9f890e18409 (6.16-rc1)
-CVE-2025-38171 [power: supply: max77705: Fix workqueue error handling in probe]
+CVE-2025-38171 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/11741b8e382d34b13277497ab91123d8b0b5c2db (6.16-rc1)
-CVE-2025-38170 [arm64/fpsimd: Discard stale CPU state when handling SME traps]
+CVE-2025-38170 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.12.35-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d3eaab3c70905c5467e5c4ea403053d67505adeb (6.16-rc1)
-CVE-2025-38169 [arm64/fpsimd: Avoid clobbering kernel FPSIMD state with SMSTOP]
+CVE-2025-38169 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.12.35-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/01098d893fa8a6edb2b56e178b798e3e6b674f02 (6.16-rc1)
-CVE-2025-38168 [perf: arm-ni: Unregister PMUs on probe failure]
+CVE-2025-38168 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.12.35-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7f57afde6a44d9e044885e1125034edd4fda02e8 (6.16-rc1)
-CVE-2025-38167 [fs/ntfs3: handle hdr_first_de() return value]
+CVE-2025-38167 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.12.35-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/af5cab0e5b6f8edb0be51a9f47f3f620e0b4fd70 (6.16-rc1)
-CVE-2025-38166 [bpf: fix ktls panic with sockmap]
+CVE-2025-38166 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/54a3ecaeeeae8176da8badbd7d72af1017032c39 (6.16-rc1)
-CVE-2025-38165 [bpf, sockmap: Fix panic when calling skb_linearize]
+CVE-2025-38165 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.12.35-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/5ca2e29f6834c64c0e5a9ccf1278c21fb49b827e (6.16-rc1)
-CVE-2025-38164 [f2fs: zone: fix to avoid inconsistence in between SIT and SSA]
+CVE-2025-38164 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.12.35-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/773704c1ef96a8b70d0d186ab725f50548de82c4 (6.16-rc1)
-CVE-2025-38163 [f2fs: fix to do sanity check on sbi->total_valid_block_count]
+CVE-2025-38163 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/05872a167c2cab80ef186ef23cc34a6776a1a30c (6.16-rc1)
-CVE-2025-38162 [netfilter: nft_set_pipapo: prevent overflow in lookup table allocation]
+CVE-2025-38162 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/4c5c6aa9967dbe55bd017bb509885928d0f31206 (6.16-rc1)
-CVE-2025-38161 [RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction]
+CVE-2025-38161 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/5d2ea5aebbb2f3ebde4403f9c55b2b057e5dd2d6 (6.16-rc1)
-CVE-2025-38160 [clk: bcm: rpi: Add NULL check in raspberrypi_clk_register()]
+CVE-2025-38160 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/73c46d9a93d071ca69858dea3f569111b03e549e (6.16-rc1)
-CVE-2025-38159 [wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds]
+CVE-2025-38159 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/4c2c372de2e108319236203cce6de44d70ae15cd (6.16-rc1)
-CVE-2025-38158 [hisi_acc_vfio_pci: fix XQE dma address error]
+CVE-2025-38158 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 6.12.35-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/8bb7170c5a055ea17c6857c256ee73c10ff872eb (6.16-rc1)
-CVE-2025-38157 [wifi: ath9k_htc: Abort software beacon handling if disabled]
+CVE-2025-38157 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/ac4e317a95a1092b5da5b9918b7118759342641c (6.16-rc1)
-CVE-2025-38156 [wifi: mt76: mt7996: Fix null-ptr-deref in mt7996_mmio_wed_init()]
+CVE-2025-38156 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.12.35-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/8f30e2b059757d8711a823e4c9c023db62a1d171 (6.16-rc1)
-CVE-2025-38155 [wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init()]
+CVE-2025-38155 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.12.35-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/efb95439c1477bbc955cacd0179c35e7861b437c (6.16-rc1)
-CVE-2025-38154 [bpf, sockmap: Avoid using sk_socket after free when sending]
+CVE-2025-38154 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.12.35-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/8259eb0e06d8f64c700f5fbdb28a5c18e10de291 (6.16-rc1)
-CVE-2025-38153 [net: usb: aqc111: fix error handling of usbnet read calls]
+CVE-2025-38153 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/405b0d610745fb5e84fc2961d9b960abb9f3d107 (6.16-rc1)
-CVE-2025-38151 [RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work]
+CVE-2025-38151 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.12.35-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/92a251c3df8ea1991cd9fe00f1ab0cfce18d7711 (6.16-rc1)
-CVE-2025-38150 [af_packet: move notifier's packet_dev_mc out of rcu critical section]
+CVE-2025-38150 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d8d85ef0a631df9127f202e6371bb33a0b589952 (6.16-rc1)
-CVE-2025-38149 [net: phy: clear phydev->devlink when the link is deleted]
+CVE-2025-38149 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.35-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0795b05a59b1371b18ffbf09d385296b12e9f5d5 (6.16-rc1)
-CVE-2025-38148 [net: phy: mscc: Fix memory leak when using one step timestamping]
+CVE-2025-38148 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/846992645b25ec4253167e3f931e4597eb84af56 (6.16-rc1)
-CVE-2025-38147 [calipso: Don't call calipso functions for AF_INET sk.]
+CVE-2025-38147 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/6e9f2df1c550ead7cecb3e450af1105735020c92 (6.16-rc1)
-CVE-2025-38146 [net: openvswitch: Fix the dead loop of MPLS parse]
+CVE-2025-38146 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/0bdc924bfb319fb10d1113cbf091fc26fb7b1f99 (6.16-rc1)
-CVE-2025-38145 [soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop()]
+CVE-2025-38145 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/f1706e0e1a74b095cbc60375b9b1e6205f5f4c98 (6.16-rc1)
-CVE-2025-38144 [watchdog: lenovo_se30_wdt: Fix possible devm_ioremap() NULL pointer dereference in lenovo_se30_wdt_probe()]
+CVE-2025-38144 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a4e2401438a26131ecff9be6a3a1d4cbfea66f9a (6.16-rc1)
-CVE-2025-38143 [backlight: pm8941: Add NULL check in wled_configure()]
+CVE-2025-38143 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/e12d3e1624a02706cdd3628bbf5668827214fa33 (6.16-rc1)
-CVE-2025-38142 [hwmon: (asus-ec-sensors) check sensor index in read_string()]
+CVE-2025-38142 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 6.12.35-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/25be318324563c63cbd9cb53186203a08d2f83a1 (6.16-rc1)
-CVE-2025-38141 [dm: fix dm_blk_report_zones]
+CVE-2025-38141 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.35-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/37f53a2c60d03743e0eacf7a0c01c279776fef4e (6.16-rc1)
-CVE-2025-38140 [dm: limit swapping tables for devices with zone write plugs]
+CVE-2025-38140 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/121218bef4c1df165181f5cd8fc3a2246bac817e (6.16-rc1)
-CVE-2025-38139 [netfs: Fix oops in write-retry from mis-resetting the subreq iterator]
+CVE-2025-38139 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4481f7f2b3df123ec77e828c849138f75cff2bf2 (6.16-rc1)
-CVE-2025-38138 [dmaengine: ti: Add NULL check in udma_probe()]
+CVE-2025-38138 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/fd447415e74bccd7362f760d4ea727f8e1ebfe91 (6.16-rc1)
-CVE-2025-38137 [PCI/pwrctrl: Cancel outstanding rescan work when unregistering]
+CVE-2025-38137 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/8b926f237743f020518162c62b93cb7107a2b5eb (6.16-rc1)
-CVE-2025-38136 [usb: renesas_usbhs: Reorder clock handling and power management in probe]
+CVE-2025-38136 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/ffb34a60ce86656ba12d46e91f1ccc71dd221251 (6.16-rc1)
-CVE-2025-38135 [serial: Fix potential null-ptr-deref in mlb_usio_probe()]
+CVE-2025-38135 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/86bcae88c9209e334b2f8c252f4cc66beb261886 (6.16-rc1)
-CVE-2025-38134 [usb: acpi: Prevent null pointer dereference in usb_acpi_add_usb4_devlink()]
+CVE-2025-38134 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.12.35-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/73fb0ec9436ae87bcae067ce35d6cdd72bade86c (6.16-rc1)
-CVE-2025-38133 [iio: adc: ad4851: fix ad4858 chan pointer handling]
+CVE-2025-38133 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/499a8cee812588905cc940837e69918c1649a19e (6.16-rc1)
-CVE-2025-38132 [coresight: holding cscfg_csdev_lock while removing cscfg from csdev]
+CVE-2025-38132 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/53b9e2659719b04f5ba7593f2af0f2335f75e94a (6.16-rc1)
-CVE-2025-38131 [coresight: prevent deactivate active config while enabling the config]
+CVE-2025-38131 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.12.35-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/408c97c4a5e0b634dcd15bf8b8808b382e888164 (6.16-rc1)
-CVE-2025-38130 [drm/connector: only call HDMI audio helper plugged cb if non-null]
+CVE-2025-38130 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/be9b3f9a54101c19226c25ba7163d291183777a0 (6.16-rc1)
-CVE-2025-38129 [page_pool: Fix use-after-free in page_pool_recycle_in_ring]
+CVE-2025-38129 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/271683bb2cf32e5126c592b5d5e6a756fa374fd9 (6.16-rc1)
-CVE-2025-38128 [Bluetooth: MGMT: reject malformed HCI_CMD_SYNC commands]
+CVE-2025-38128 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/03f1700b9b4d4f2fed3165370f3c23db76553178 (6.16-rc1)
-CVE-2025-38127 [ice: fix Tx scheduler error handling in XDP callback]
+CVE-2025-38127 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/0153f36041b8e52019ebfa8629c13bf8f9b0a951 (6.16-rc1)
-CVE-2025-38126 [net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping]
+CVE-2025-38126 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/030ce919e114a111e83b7976ecb3597cefd33f26 (6.16-rc1)
-CVE-2025-38125 [net: stmmac: make sure that ptp_rate is not 0 before configuring EST]
+CVE-2025-38125 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/cbefe2ffa7784525ec5d008ba87c7add19ec631a (6.16-rc1)
-CVE-2025-38124 [net: fix udp gso skb_segment after pull from frag_list]
+CVE-2025-38124 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.35-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3382a1ed7f778db841063f5d7e317ac55f9e7f72 (6.16-rc1)
-CVE-2025-38123 [net: wwan: t7xx: Fix napi rx poll issue]
+CVE-2025-38123 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.35-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/905fe0845bb27e4eed2ca27ea06e6c4847f1b2b1 (6.16-rc1)
-CVE-2025-38122 [gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO]
+CVE-2025-38122 (In the Linux kernel, the following vulnerability has been resolved: g ...)
- linux 6.12.35-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/12c331b29c7397ac3b03584e12902990693bc248 (6.16-rc1)
-CVE-2025-38121 [wifi: iwlwifi: mld: avoid panic on init failure]
+CVE-2025-38121 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/960c7e6d388034d219dafffa6da0a5c2ccd5ff30 (6.16-rc1)
-CVE-2025-38120 [netfilter: nf_set_pipapo_avx2: fix initial map fill]
+CVE-2025-38120 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.35-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ea77c397bff8b6d59f6d83dae1425b08f465e8b5 (6.16-rc1)
-CVE-2025-38119 [scsi: core: ufs: Fix a hang in the error handler]
+CVE-2025-38119 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/8a3514d348de87a9d5e2ac00fbac4faae0b97996 (6.16-rc2)
-CVE-2025-38118 [Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete]
+CVE-2025-38118 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.12.35-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e6ed54e86aae9e4f7286ce8d5c73780f91b48d1c (6.16-rc2)
-CVE-2025-38117 [Bluetooth: MGMT: Protect mgmt_pending list with its own lock]
+CVE-2025-38117 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/6fe26f694c824b8a4dbf50c635bee1302e3f099c (6.16-rc2)
-CVE-2025-38116 [wifi: ath12k: fix uaf in ath12k_core_init()]
+CVE-2025-38116 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f3fe49dbddd73f0155a8935af47cb63693069dbe (6.16-rc2)
-CVE-2025-38115 [net_sched: sch_sfq: fix a potential crash on gso_skb handling]
+CVE-2025-38115 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/82ffbe7776d0ac084031f114167712269bf3d832 (6.16-rc2)
-CVE-2025-38114 [e1000: Move cancel_work_sync to avoid deadlock]
+CVE-2025-38114 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b4a8085ceefb7bbb12c2b71c55e71fc946c6929f (6.16-rc2)
-CVE-2025-38113 [ACPI: CPPC: Fix NULL pointer dereference when nosmp is used]
+CVE-2025-38113 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.12.35-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/15eece6c5b05e5f9db0711978c3e3b7f1a2cfe12 (6.16-rc2)
-CVE-2025-38112 [net: Fix TOCTOU issue in sk_is_readable()]
+CVE-2025-38112 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/2660a544fdc0940bba15f70508a46cf9a6491230 (6.16-rc2)
-CVE-2025-38111 [net/mdiobus: Fix potential out-of-bounds read/write access]
+CVE-2025-38111 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/0e629694126ca388916f059453a1c36adde219c4 (6.16-rc2)
-CVE-2025-38110 [net/mdiobus: Fix potential out-of-bounds clause 45 read/write access]
+CVE-2025-38110 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.35-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/260388f79e94fb3026c419a208ece8358bb7b555 (6.16-rc2)
-CVE-2025-38109 [net/mlx5: Fix ECVF vports unload on shutdown flow]
+CVE-2025-38109 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.35-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/687560d8a9a2d654829ad0da1ec24242f1de711d (6.16-rc2)
-CVE-2025-38108 [net_sched: red: fix a race in __red_change()]
+CVE-2025-38108 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/85a3e0ede38450ea3053b8c45d28cf55208409b8 (6.16-rc2)
-CVE-2025-38107 [net_sched: ets: fix a race in ets_qdisc_change()]
+CVE-2025-38107 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/d92adacdd8c2960be856e0b82acc5b7c5395fddb (6.16-rc2)
-CVE-2025-38106 [io_uring: fix use-after-free of sq->thread in __io_uring_show_fdinfo()]
+CVE-2025-38106 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.35-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ac0b8b327a5677dc6fecdf353d808161525b1ff0 (6.16-rc2)
-CVE-2025-38105 [ALSA: usb-audio: Kill timer properly at removal]
+CVE-2025-38105 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/0718a78f6a9f04b88d0dc9616cc216b31c5f3cf1 (6.16-rc1)
-CVE-2025-38103 [HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()]
+CVE-2025-38103 (In the Linux kernel, the following vulnerability has been resolved: H ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/fe7f7ac8e0c708446ff017453add769ffc15deed (6.16-rc1)
-CVE-2025-38102 [VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify]
+CVE-2025-38102 (In the Linux kernel, the following vulnerability has been resolved: V ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/1bd6406fb5f36c2bb1e96e27d4c3e9f4d09edde4 (6.16-rc1)
-CVE-2025-38101 [ring-buffer: Fix buffer locking in ring_buffer_subbuf_order_set()]
+CVE-2025-38101 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.12.35-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/40ee2afafc1d9fe3aa44a6fbe440d78a5c96a72e (6.16-rc1)
-CVE-2025-38100 [x86/iopl: Cure TIF_IO_BITMAP inconsistencies]
+CVE-2025-38100 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/8b68e978718f14fdcb080c2a7791c52a0d09bc6d (6.16-rc1)
-CVE-2025-38099 [Bluetooth: Disable SCO support if READ_VOICE_SETTING is unsupported/broken]
+CVE-2025-38099 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.12.32-1
NOTE: https://git.kernel.org/linus/14d17c78a4b1660c443bae9d38c814edea506f62 (6.15-rc1)
-CVE-2025-38098 [drm/amd/display: Don't treat wb connector as physical in create_validate_stream_for_sink]
+CVE-2025-38098 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.32-1
NOTE: https://git.kernel.org/linus/cbf4890c6f28fb1ad733e14613fbd33c2004bced (6.15-rc1)
-CVE-2025-38097 [espintcp: remove encap socket caching to avoid reference leak]
+CVE-2025-38097 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.12.32-1
NOTE: https://git.kernel.org/linus/028363685bd0b7a19b4a820f82dd905b1dc83999 (6.15)
-CVE-2025-38096 [wifi: iwlwifi: don't warn when if there is a FW error]
+CVE-2025-38096 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.12.32-1
NOTE: https://git.kernel.org/linus/c7f50d0433a016d43681592836a3d484817bfb34 (6.15-rc1)
CVE-2025-5944 (The Element Pack Addons for Elementor plugin for WordPress is vulnerab ...)
@@ -440,7 +562,8 @@ CVE-2025-6927
NOTE: https://phabricator.wikimedia.org/T397595
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165118 (master)
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165119 (master)
-CVE-2025-6926
+CVE-2025-6926 (Improper Authentication vulnerability in Wikimedia Foundation Mediawik ...)
+ {DSA-5957-1}
- mediawiki 1:1.43.3+dfsg-1
NOTE: https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/TT45WDZ7MDTXXBEFLBMLAJI532O2PN2U/
NOTE: https://phabricator.wikimedia.org/T389010
@@ -448,6 +571,7 @@ CVE-2025-6926
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165117 (master)
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165090 (REL1_39)
CVE-2025-6597
+ {DSA-5957-1}
- mediawiki 1:1.43.3+dfsg-1
NOTE: https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/TT45WDZ7MDTXXBEFLBMLAJI532O2PN2U/
NOTE: https://phabricator.wikimedia.org/T389009
@@ -461,18 +585,21 @@ CVE-2025-6596
NOTE: https://phabricator.wikimedia.org/T396685
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/skins/Vector/+/1165107 (master)
CVE-2025-6595
+ {DSA-5957-1}
- mediawiki 1:1.43.3+dfsg-1
NOTE: https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/TT45WDZ7MDTXXBEFLBMLAJI532O2PN2U/
NOTE: https://phabricator.wikimedia.org/T394863
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/extensions/MultimediaViewer/+/1165106 (master)
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/extensions/MultimediaViewer/+/1165144 (REL1_39)
CVE-2025-6594
+ {DSA-5957-1}
- mediawiki 1:1.43.3+dfsg-1
NOTE: https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/TT45WDZ7MDTXXBEFLBMLAJI532O2PN2U/
NOTE: https://phabricator.wikimedia.org/T395063
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165115 (master)
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165087 (REL1_39)
CVE-2025-6593
+ {DSA-5957-1}
- mediawiki 1:1.43.3+dfsg-1
NOTE: https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/TT45WDZ7MDTXXBEFLBMLAJI532O2PN2U/
NOTE: https://phabricator.wikimedia.org/T396230
@@ -486,12 +613,14 @@ CVE-2025-6592
NOTE: https://phabricator.wikimedia.org/T391218
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1143146 (master)
CVE-2025-6591
+ {DSA-5957-1}
- mediawiki 1:1.43.3+dfsg-1
NOTE: https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/TT45WDZ7MDTXXBEFLBMLAJI532O2PN2U/
NOTE: https://phabricator.wikimedia.org/T392276
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165113 (master)
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165085 (REL1_39)
CVE-2025-6590
+ {DSA-5957-1}
- mediawiki 1:1.43.3+dfsg-1
NOTE: https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/TT45WDZ7MDTXXBEFLBMLAJI532O2PN2U/
NOTE: https://phabricator.wikimedia.org/T392746
@@ -2550,7 +2679,8 @@ CVE-2025-6510 (A vulnerability was found in Netgear EX6100 1.0.2.28_1.1.138. It
NOT-FOR-US: Netgear
CVE-2025-6509 (A vulnerability was found in seaswalker spring-analysis up to 4379cce8 ...)
NOT-FOR-US: seaswalker spring-analysis
-CVE-2025-52969 (ClickHouse 25.7.1.557 allows low-privileged users to execute shell com ...)
+CVE-2025-52969
+ REJECTED
- clickhouse <removed> (unimportant)
NOTE: Not considered a security issue by upstream
NOTE: https://github.com/skraft9/clickhouse-security-research
@@ -7517,7 +7647,7 @@ CVE-2025-47608 (Improper Neutralization of Special Elements used in an SQL Comma
NOT-FOR-US: WordPress plugin
CVE-2025-47598 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-47561 (Incorrect Privilege Assignment vulnerability in RomanCode MapSVG allow ...)
+CVE-2025-47561 (Incorrect Privilege Assignment vulnerability in PT Norther Lights Prod ...)
NOT-FOR-US: WordPress plugin
CVE-2025-47527 (Missing Authorization vulnerability in Icegram Icegram Collect \u2013 ...)
NOT-FOR-US: WordPress plugin or theme
@@ -11181,7 +11311,7 @@ CVE-2025-47575 (Improper Neutralization of Special Elements used in an SQL Comma
NOT-FOR-US: WordPress plugin or theme
CVE-2025-47568 (Deserialization of Untrusted Data vulnerability in ZoomIt ZoomSounds a ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-47558 (Missing Authorization vulnerability in RomanCode MapSVG allows Accessi ...)
+CVE-2025-47558 (Missing Authorization vulnerability in PT Norther Lights Production Ma ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-47541 (Insertion of Sensitive Information Into Sent Data vulnerability in WPF ...)
NOT-FOR-US: WordPress plugin
@@ -13483,7 +13613,7 @@ CVE-2025-47563 (Missing Authorization vulnerability in villatheme CURCY allows A
NOT-FOR-US: WordPress plugin or theme
CVE-2025-47562 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-47560 (Missing Authorization vulnerability in RomanCode MapSVG allows Exploit ...)
+CVE-2025-47560 (Missing Authorization vulnerability in PT Norther Lights Production Ma ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-47557 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
@@ -25242,6 +25372,7 @@ CVE-2025-32074 (Improper Encoding or Escaping of Output vulnerability in The Wik
CVE-2025-32073 (Improper Input Validation vulnerability in The Wikimedia Foundation Me ...)
NOT-FOR-US: HTMLTags MediaWiki extension
CVE-2025-32072 (Improper Encoding or Escaping of Output vulnerability in The Wikimedia ...)
+ {DSA-5957-1}
- mediawiki 1:1.43.1+dfsg-2
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1120134
NOTE: https://phabricator.wikimedia.org/T386175
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09feb8e52742e26686c7938372b6c2acc0da43a1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09feb8e52742e26686c7938372b6c2acc0da43a1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250703/60842117/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list