[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jul 4 16:09:44 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3546a16e by Salvatore Bonaccorso at 2025-07-04T17:09:18+02:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,12 @@
+CVE-2025-38176 [binder: fix use-after-free in binderfs_evict_inode()]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8c0a559825281764061a127632e5ad273f0466ad (6.16-rc1)
+CVE-2025-38175 [binder: fix yet another UAF in binder_devices]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9857af0fcff385c75433f2162c30c62eb912ef6d (6.16-rc1)
+CVE-2025-38174 [thunderbolt: Do not double dequeue a configuration request]
+ - linux 6.12.33-1
+ NOTE: https://git.kernel.org/linus/0f73628e9da1ee39daf5f188190cdbaee5e0c98c (6.16-rc1)
CVE-2025-7053 (A vulnerability was found in Cockpit up to 2.11.3. It has been rated a ...)
NOT-FOR-US: Cockpit Content Platform (different from src:cockpit)
CVE-2025-7046 (The Portfolio for Elementor & Image Gallery | PowerFolio plugin for Wo ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3546a16e2ece512fc6883db9835b6bdacce2553a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3546a16e2ece512fc6883db9835b6bdacce2553a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250704/126e14fe/attachment.htm>
More information about the debian-security-tracker-commits
mailing list